Lotusphere 2012 IBM Collaboration Solutions Development Lab Lab #6 Deliver Real-time Collaboration and Social Software by Integrating IBM WebSphere Portal with IBM Connections, IBM Sametime and iNotes 1
Lotusphere 2012
IBM Collaboration Solutions Development Lab
Lab #6
Deliver Real-time Collaboration and Social Software by Integrating
IBM WebSphere Portal with
IBM Connections, IBM Sametime and iNotes
1
Introduction:
In this lab we have installed the following software:
IBM WebSphere Portal 7.0.0.1IBM Connections 3.0.1IBM Sametime 8.5.1.1Lotus Domino 8.5.1
All are installed and configured with Lotus Domino LDAP
In this lab, you will learn how to:1) integrate across the environment, Portal, Connections, Sametime and iNotes
Objective:
In this lab, you will learn how to integrate the Lotus products.
This lab is broken out into 13 Exercises. It's designed where you can pick and chose theexercise you want to focus on. If you are most interested in Blogs integration into Portal,complete exercise 5. If you want to know more about the new STProxy integration withPortal, go to exercise 12. Each exercise should take between 10 – 20 min to complete andshould give you a good idea of how to set it up back in your labs, and give you a quickoverview of some of the features.
Exercises 1 and 2 are detailed steps and hints and tricks for single sign on across theenvironment. In your test environment you would need to complete this before setting upintegration. In our lab, however, you do not have to do these. SSO works, but I provided thesteps for you to follow if you want to learn more about SSO.
Exercise 3 is the 1 pre-req exercise in this lab. If you want to integrate portal withconnections (detailed in exercise 4 – 9) then you need to complete the common steps exercise(3) prior to setting up and testing the portlets.
Exercise 4, 5, 6, 7, 8 and 9 are the connections 3.0.1 portlets. Complete step 3, then pickand chose the portlets you are most interested in.
Exercise 10 details how to integrate the connections business card into portal, replacing theout of the box person card in portal with the rich content about users in Connections.
Exercise 11 provides steps on integrating iNotes with WebSphere Portal
Exercise 12 details the new integration for Portal with STProxy. The new ajax based client foradding awareness and chat to your web based experience.
Finally, exercise 13 explains how to integrate Connections with STProxy
2
Table of ContentsExercise 1: SSO Between Portal and Connections.................................................................................4Exercise 2: SSO between Portal and Domino.......................................................................................11Exercise 3: Connections Portlets – Common Steps..............................................................................24Exercise 4: Activities Portlet.................................................................................................................32Exercise 5: Blogs Portlet.......................................................................................................................38Exercise 6: Bookmark portlet................................................................................................................43Exercise 7: Profiles portlet....................................................................................................................46Exercise 8: Wikis Portlet.......................................................................................................................48Exercise 9: Tags portlet.........................................................................................................................53Exercise 10: Connections business card...............................................................................................58Exercise 11: iNotes portlet....................................................................................................................62Exercise 12: Portal STProxy integration...............................................................................................66Exercise 13: Connections awareness and Chat with STProxy..............................................................81
3
Exercise 1: SSO Between Portal and Connections
1. Configure SSO across the environment.Many of the portlet we will use allow you to specify a name/password in the configuration and SSO isnot a requirement, but typically setting up SSO is the preferred method of authentication between thedifferent servers. In this lab we will configure SSO between Portal, Connections, Quickr and iNotes.No matter the integration you decide to configure, make sure to set up SSO first.
1.1 Configure SSO between Portal and ConnectionsYou can configure the portlets where users enter their name and password to authenticate with theConnections server, but usually the experience is better if you configure Single Sign On, so we will walkthrough the steps of that now, and give you a few tips of things to watch for.
We will export the sso key file from Portal and import it into Connections.
1.2 Export Key file from Portal
__1. Access the Portal was admin console (https://portal.ibm.com:10032/ibm/console) - sign in asthe admin (localadmin : password)
__2. Choose Security > Global Security
__3. Open Web and SIP security > Single sign-on (SSO)
4
__4. Set the Domain name to the domain you will use to access portal and connections (ibm.comin our env)If you need both an LtpaToken and LtpaToken2 cookie generated, select InteroperabilityMode. For the Connections and Sametime portlets, LtpaToken2 will work well, but you willneed LtpaToken for the Quickr Domino portlets, so we will go ahead and select it now aswell:
__5. Click OK and Save the changes
__6. Now, back on the Global Security, click LTPA
__7. Click Key Set Groups
5
__8. Make sure Automatically Generate Keys is set to false (In WAS 6.1 it will be set to true bydefault, in 7.0, it will be set to false by default
__9. Click on LTPA
6
__10. Here you can update the token timeout (we’ll leave at the default of 120 minutes.Enter a password, (I used password) and a file location where to save the file (c:\portalltpa.txt) and click Export keys.
VERY IMPORTANT: NEVER click Generate keys. If you do, you would need to restartportal, then come back and click Export keys.
__11. You should see the following message
__12. Logout of the Integrated Solutions Console
The key is now exported, for the domain name update, you would need to restart Portal for it to takeeffect. That is not necessary during this lab. Now we need to import the key file into Connections andtest SSO.
1.3 Import the key file into IBM Connections
__13. Access the Connections was admin console (https://connections.ibm.com:9043/ibm/console)- sign in as the admin (localadmin : password)
7
__14. Choose Security > Global Security
__15. Open Web and SIP security > Single sign-on (SSO)
__16. Set the Domain name to the domain you will use to access portal and connections (ibm.comin our env)If you need both an LtpaToken and LtpaToken2 cookie generated, select InteroperabilityMode. For the Connections and Sametime portlets, LtpaToken2 will work well, but you willneed LtpaToken for the Quickr Domino portlets, so we will go ahead and select it now aswell:
__17. Click OK and Save the changes
__18. Now, back on the Global Security, click LTPA
__19. Click Key Set Groups
8
__20. Make sure Automatically Generate Keys is set to false (In WAS 6.1 it will be set to true bydefault, in 7.0, it will be set to false by default
__21. Click on LTPA
__22. Here you can update the token timeout to the same timeout we have set in Portal (120minutes)Enter the password used when exporting the key from from Portal, (I used password) and thefile location where you copied the file from the portal server onto the Connections server(c:\portalltpa.txt) and click Import keys.
__23. And Save the new keys
9
__24. Logout of the Integrated Solutions Console
At this point you would need to restart Connections for the change to take effect, but that is notnecessary during this lab.
1.4 Test Single Sign On between Portal and Connections
__25. Open a browser to WebSphere Portal (http://portal.ibm.com/wps/myportal)
__26. Sign in as cprice : password
__27. Once signed in, change the url to IBM Connections (http://connections.ibm.com/profiles)
__28. You should be signed in as Charlie
__29. Single Sign on is working between Portal and Connections.
Summary:
In this lab, you learned the basic steps to configure SSO between Portal and Connections
10
Exercise 2: SSO between Portal and Domino
2 Configure SSO across the environment.Many of the portlet we will use allow you to specify a name/password in the configuration and SSO isnot a requirement, but typically setting up SSO is the preferred method of authentication between thedifferent servers. In this lab we will configure SSO between Portal, Connections, Quickr and iNotes.No matter the integration you decide to configure, make sure to set up SSO first.
2.12.1 Configure SSO between Portal and STProxy, ST Community andiNotes
We will export the sso key file from Portal and import it into Domino.
2.22.2 Export Key file from Portal
__1. Access the Portal was admin console (https://portal.ibm.com:10032/ibm/console) - sign in asthe admin (localadmin : password)
__2. Choose Security > Global Security
__3. Open Web and SIP security > Single sign-on (SSO)
11
__4. Set the Domain name to the domain you will use to access portal and connections (ibm.comin our env)If you need both an LtpaToken and LtpaToken2 cookie generated, select InteroperabilityMode. For the Connections and Sametime portlets, LtpaToken2 will work well, but you willneed LtpaToken for the Quickr Domino portlets, so we will go ahead and select it now aswell:
__5. Click OK and Save the changes
__6. Now, back on the Global Security, click LTPA
__7. Click Key Set Groups
12
__8. Make sure Automatically Generate Keys is set to false (In WAS 6.1 it will be set to true bydefault, in 7.0, it will be set to false by default
__9. Click on LTPA
13
__10. Here you can update the token timeout (we’ll leave at the default of 120 minutes.Enter a password, (I used password) and a file location where to save the file (c:\portalltpa.txt) and click Export keys.
VERY IMPORTANT: NEVER click Generate keys. If you do, you would need to restartportal, then come back and click Export keys.
__11. You should see the following message
__12. Logout of the Integrated Solutions Console
The key is now exported, for the domain name update, you would need to restart Portal for it to takeeffect. That is not necessary during this lab. Now we need to import the key file into Domino and testSSO.
2.32.3 Import the SSO token into DominoYou will take the same token exported, then imported into Connections and import it into Domino forSSO to work to iNotes, Sametime Community and STProxy.
14
__13. Open the Notes Client
__14. Click on File – Open – Lotus Notes Application
__15. Under Look in: select the domino server (stcomm/ibm)select ibm’s Directoryand click Open
__16. The sametime install creates an LtpaToken document created by the server id file. We needto remove this document and recreate a new one with the admin id so you can update andchange the settings in the document.
15
__17. Open Configuration - Web - Web Configurations and delete the Web SSO Configuration forLtpaToken document
__18. Now we will recreate the document and import the token from Portal -- Open Configuration –Servers – All Server Documents
16
__19. Click Web – Create Web SSO Configuration
__20. Leave Configuration Name: LtpaTokenOrganization should be blankDNS Domain is the domain of the url you use to access Domino, Portal and Connections(ibm.com)
make sure to add the iNotes and ST community server to the list of Domino Server names(stcomm/ibm)Update the Expiration (minutes): to the value used in Portal (120)
17
__21. Click on Keys… -- Import WebSphere LTPA Keys
__22. type in the location of the exported key file from Portal (C:\portalltpa.txt) and click OK
__23. Enter the password and click OK
__24. You should see the following message
__25. Under WebSphere Information select the button to change the Token Format:
18
__26. Select LtpaToken and LtpaToken2 to use both tokens, the same as generated byWebSphere, and click OK
__27. Save and close the document
Now the key file has been imported into domino, you need to tell the iNotes and ST community serverto use this document for creating and decrypting LtpaTokens passed in from the browser.
__28. Back in Configuration – Servers – All Server Documents, double click on the Domino serverdocument (stcomm/ibm)
__29. Go to Internet Protocols… -- Domino Web Engine, Click Edit
19
__30. Set Session authentication: Multiple Servers (SSO)Web SSO Configuration: LtpaToken
__31. Save and Close the server document
__32. Restart the http task for the change to take effect by entering the following commands on thedomino console.
20
2.1 Test Single Sign On between Portal and ST Community
__33. Open a browser to WebSphere Portal (http://portal.ibm.com/wps/myportal)
__34. Sign in as cprice : password
__35. Once signed in, change the url to st community server(http://stcomm.ibm.com:81/stcenter.nsf)
22
__36. You should see your name at the top left corner
2.2 Test Single Sign On between Portal and STProxy
__37. Open a browser to WebSphere Portal (http://portal.ibm.com/wps/myportal)
__38. Sign in as cprice : password
__39. Once signed in, change the url to stproxy web client url(http://stproxy.ibm.com:9081/stwebclient/popup.jsp)
__40. You should see youself logged into the stproxy web client
2.3 Test Single Sign On between Portal and iNotes
__41. Open a browser to WebSphere Portal (http://portal.ibm.com/wps/myportal)
__42. Sign in as cprice : password
Once signed in, change the url to your mail file: (http://inotes.ibm.com:81/mail/cprice.nsf)
You should see your mail file
Summary:
In this lab, you learned the basic steps to configure SSO between Portal and Domino
23
Exercise 3: Connections Portlets – Common Steps
3 Common steps for all Connections Portlets
3.13.1 Install and add the Portlets to a pageThe portlets are available at the following url (on Greenhouse):
https://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument&documentId=D5A8480B41C18F66852577E300006B78
You will simply install the snor.pf.portlets.war file in the Web Module page in Portal Administration. Wehave already completed these steps for you to save time.
Next you add the portlets to a page. Again, we have already created an added the portlets to 6 pageson our lab:
They are set up under Applications > IBM Connections> Activities/Blogs/Bookmarks/TagCloud/Profiles/Wikis pages.
All you have to do is configure the portlets to work with your Lotus Connections Installation (don’t worrythat is plenty for this lab time)
3.23.2 Add Connections SSL certificates into Portal trust store.The Connections portlets must communicate to Connections over SSL. Therefore, you need to add thepublic key used to encrypt html in Connections into the trust store used by WebSphere Portal.
3.33.3 Access and Import SSL key files into Portal
__1. Access the Portal was admin console (https://portal.ibm.com:10032/ibm/console) - sign in asthe admin (localadmin : password)
__2. Choose Security > SSL certificate and key management.
24
__3. Choose Key stores and certificates under Related Items on the right hand side.
__4. Select NodeDefaultTrustStore.
__5. Choose Signer certificates, and click Retrieve from port.
25
__6. Enterhost: connections.ibm.comport: 443Alias: lc ssl keys (this can be any value you want)and click Retrieve signer information
__7. Click OK
26
__8. Then click Save
__9. At this point you would need to restart the Portal server for the certificates to be picked up,but that won’t be necessary for our lab
__10. Go ahead logout and close out of the WAS admin console.
Now we have configured portal to connect to the Connections server over SSL.
3.43.4 Configuring portlets to use common directory services
__11. OpenC:\IBM\WPSWAS\wp_profile\installedApps\integrate\PA_WPF.ear\snor.pf.portlets.war\WEB-INF\lcaccelerator\waltz in windows explorer
__12. Copy the 4 files (directory.services.xml, directory.services.xsd, sonata.services.xml andsonata.services.xsd) to C:\IBM\WPSWAS\wp_profile\config\cells\integrate (NOTE: overwritethe existing files)
__13. Open directory.services.xml in notepad fromC:\IBM\WPSWAS\wp_profile\config\cells\integrate
__14. Update the following line:<propertyname="com.ibm.connections.directory.services.waltz.profiles.integration.service.url">https://profiles.ibm.com/profiles/</property>
to
<propertyname="com.ibm.connections.directory.services.waltz.profiles.integration.service.url">http://connections.ibm.com:9080/profiles/dsx/</property>
27
__15. and update this line:<propertyname="com.ibm.connections.directory.services.waltz.communities.integration.service.url">https://communities.ibm.com/communities/</property>
to
<propertyname="com.ibm.connections.directory.services.waltz.communities.integration.service.url">http://connections.ibm.com:9080/communities/dsx/</property>
__16. and update this line:
<propertyname="com.ibm.connections.directory.services.waltz.profiles.integration.service.auth">DSX-Admin</property>
to
<propertyname="com.ibm.connections.directory.services.waltz.profiles.integration.service.auth">None</property>
__17. Save and close the file
__18. Open the file to make sure no mistakes were made in IE, it’s a bit easier to read the xml likethis
__19. At this point you would need to restart the Portal server for the config files to be read, but thatis not necessary in our lab.
28
3.53.5 Configuring the Portal AJAX proxy to support authentication
__20. New for 3.0.1: The Connections Portlets now use the Portal AJAX Proxy as the mechanismfor forwarding security headers and cookies with each REST service call to authenticate therequest with the Connections server. You can configure the AJAX Proxy to forward LTPAtoken as well as the appropriate headers for an environment behind a TAM or SiteMindersecurity proxy. The following instructions outline the steps to enable the default setting toforward the LTPA.
__21. Open the following file from the directory where the Portal server is installed
C:\IBM\WPSWAS\wp_profile\config\cells\integrate\applications\AJAX ProxyConfiguration.ear\deployments\AJAX Proxy Configuration\wp.proxy.config.war\WEB-INF\proxy-config.xml
__22. Add a new policy to the proxy-config.xml file by adding the following lines.
Note: We have already created a working proxy-config.xml called proxy-config.xml.workingwith the updated settings. Simply rename the proxy-config.xml to proxy-config.xml.old andproxy-config.xml.working to proxy-config.xml
Where:
CONNECTIONS_SERVER_BASE_URL is the base url for your connections server. Forexample: https://connections.example.com.
SOCKET_TIMEOUT_VALUE is the maximum wait time for open requests. We recommendsetting this to 45000.
MAX_PER_HOST is the maximum number of connections per host. We recommend settingthis to 50.
29
MAX_TOTAL_CONNECTIONS is the maximum number of connections allowed. Werecommend setting this to 500.
__23. Open up a DOS command line by going to Start>Run> and typing CMD.
__24. Navigate to the Config Engine directory:
C:\IBM\WPSWAS\wp_profile\ConfigEngine
__25. Run the ConfigEngine task to set the new proxy configuration: (this has already been donefor you in this lab)
C:\IBM\WPSWAS\wp_profile\ConfigEngine>
ConfigEngine.bat checkin-wp-proxy-config-DProxyConfigFileName=”C:\IBM\WPSWAS\wp_profile\config\cells\integrate\applications\AJAX ProxyConfiguration.ear\deployments\AJAX Proxy Configuration\wp.proxy.config.war\WEB-INF\proxy-config.xml” -DWasUserId=localadmin -DWasPassword=password
30
__26. Restart the Portal Server. (This has already been done for you and no restart is needed)
At this point the portlet wide settings are complete, and we can begin to configure the individualportlets. If there are specific ones you want to see, I would recommend skipping to those sections.
Summary:
In this lab, you learned the common steps necessary for integration between Portal andConnections used by all portlets.
31
Exercise 4: Activities Portlet
4 Configure the Activities portletLet’s walk through the 5 steps for the Activities portlet
4.14.1 Configure the Service URL
__1. Open a browser to Portal (http://portal.ibm.com/wps/myportal) and sign in as the portaladministrator localadmin : password
__2. Go to where we have the Activities portlet deployed (Applications – Connections – Activities)
__3. In the Activities portlet title bar click, click the down arrow button and chose Configure
__4. Set the:
Service URL to https://connections.ibm.com/activities
Profile URL to https://connections.ibm.com/profiles
Communities URL to https://connections.ibm.com/communities
and click OK
32
NOTE: This must be an SSL url to connections.
__5. Now go ahead and logout as the localadmin user and login using one of our user accounts:cprice : password
__6. Go to Applications -- Connections -- Activities
At this point you should see the Activities portlets working.
4.24.2 Using the Activities PortletsJust like in the native IBM Connections UI, in the Activities portlet, you can add a to do, an entry, or asection to an existing Activity. You can create new Activites from here, as well as edit existingActivities. In this lab we will do three things in the Activities portlet:
Create a new ActivityCreate a new Activity entry and a to do’sCheck off the to do’s we have completed
33
4.1.1.1 Create a new Activity
__1. Click on “Start an Activity”
__2. Fill in the Title, Activity Goal, Tags, and the Due date for that Activity – click Save. UnderMembers search for Greg and click the + to add him to the activity.
__3. You have now created a new Activity that also resides on the Connections server.
34
4.1.1.2 Create a new Activity entry and a to do
__4. Let’s now create a new Activity entry. Click on New Entry and create a Lab EnvironmentDetails entry.
__5. Fill out the Title, Content, and Tags sections and click Save
__6. You can now see our new entry in the Activities Portlet
__7. Lets now create a to do entry.
__8. Click Add a to do item and provide the To Do, Assigned To, Due Date, Description, Tagand click Save
35
__9. Create two to do’s:
Import the SSL certificates into Portal
Download and Install the portlets.
__10.
__11. That to do is now part of this activity:
36
4.1.1.3 Mark off our completed To Do’s.
__12. Click on the Activity we created earlier, Integrate Portal with Connections, Mail and Quickr
__13. Check off the two to do’s which we have already completed, that you entered earlier
__14. Now you should be a bit more familiar with the functionality of the Activities portlet.
Summary:
In this lab, you learned the basic steps to configure and use the activities portlet.
37
Exercise 5: Blogs Portlet
5 Configure the Blogs PortletConfiguring the blogs Portlet takes just a few steps:
Configure the Service URLEnd users add their name / password (with SSO configured this is not needed)
5.15.1 Configure the Service URL
__1. Open a browser to Portal (http://portal.ibm.com/wps/myportal) and sign in as the portaladministrator localadmin : password
__2. Go to where we have the Blogs Portlet deployed (Applications – Connections – Blogs)
__3. In the Blogs Portlet title bar click, click the down arrow button and chose Configure
__4. Set the:
Service URL: https://connections.ibm.com/blogs
Profiles URL: https://connections.ibm.com/profiles
Homepage Handle: home
and click OK
38
NOTE: This must be an SSL url to connections.
__5. NOTE: the homepage handle is the homepage we set on blogs as part of the post installconfiguration when installing and setting up Connections. This can be anything you want, itjust needs to match the configuration on blogs.
__6. Now go ahead and logout as the localadmin user and login using one of our user accounts:cprice : password
__7. Go to Applications - Connections - Blogs
At this point you should see the Blogs Portlet working
39
5.25.2 Using the Blogs PortletIn the blogs portlet you get a summary of the latest blog entries, you can look at specific blogs, andenter entries into an existing blog. In this lab we will enter an entry into a blog I created earlier.
5.35.3 Adding a new entry to an existing blog:
__8. Click on the My Blogs Drop Down
__9. Click on the Blog we created earlier (Practically Integrated)
__10. Click on New Entry
40
__12. Your entry is added to the blog
Now you should be a bit more familiar with the Blogs
Summary:
In this lab, you learned the basic steps to configure and use the blogs portlet.
42
Exercise 6: Bookmark portlet
6 Configure the Bookmark PortletJust as with the Activities and Blogs portlet, there are a few steps to configure the Bookmarks Portlet
Configure the Service URLEnd users add their name / password (with SSO configured this is not needed)
6.16.1 Configure the Service URL
__1. Open a browser to Portal (http://portal.ibm.com/wps/myportal) and sign in as the portaladministrator localadmin : password
__2. Go to where we have the Bookmarks Portlet deployed (Applications – CollaborationConnections – Bookmarks)
__3. In the Bookmarks Summary portlet title bar click, click the down arrow button and choseConfigure
__4. Set the: Service URL to https://connections.ibm.com/dogear
Profiles URL to https://connections.ibm.com/profiles
and click OK
43
__5. NOTE: This must be an SSL url to connections.
__6. Now go ahead and logout as the localadmin user and login using one of our user accounts:cprice : password
__7. Go to Applications - Connections - Bookmarks
At this point you should see the Bookmarks Portlet working
44
6.26.2 Using the Bookmarks Portlet
6.2.1.1 Creating a bookmark from Portal
__8. Go to the Bookmark Portlet
__9. Click on My Bookmarks
__10. Click on Create Bookmark and provide the Title, Description, Link and Tags for your bookmarkand click Save. (you can use any url you want)
Click Save, and the bookmark is saved to the server as a public bookmark.
Summary:
In this lab, you learned the basic steps to do xyz.
45
Exercise 7: Profiles portlet
7 Configure the Profiles Portlet__1. Open a browser to Portal (http://portal.ibm.com:10039/wps/myportal) and sign in as the portal
administrator localadmin : password
__2. Go to where we have the Profiles Portlet deployed (Applications – Collaboration – IBMConnections – Profiles)
__3. In the Profiles portlet title bar click, click the down arrow button and chose Configure
__4. Set the:Profiles URL to https://connections.ibm.com/profiles and click OKNOTE: This must be an SSL url to connections.
__5. Now go ahead and logout as the localadmin user and login using one of our user accounts:cprice : password
__6. Go to Applications - Connections - Profiles
46
You should now see the Profiles Portlet now working
Summary:
In this lab, you learned the basic steps to configure and use the profiles portlet.
47
Exercise 8: Wikis Portlet
8 Configure the Wikis Portlet__1. Open a browser to Portal (http://portal.ibm.com/wps/myportal) and sign in as the portal
administrator localadmin : password
__2. Go to where we have the Wikis Portlet deployed (Applications – Connections – Wikis)
__3. In the My Wikis portlet title bar click, click the down arrow button and chose Configure
__4. Set the:
Profiles URL to https://connections.ibm.com/profiles
Wikis URL to: https://connections.ibm.com/wikis
48
And click OK
NOTE: This must be an SSL url to connections.
__5. Now go ahead and logout as the localadmin user and login using one of our user accounts:cprice : password
__6. Go to Applications - Connections - Wikis
__7. You should now see the portlet working:
49
8.18.1 Using the Wikis Portlet
8.1.1.1 Creating a wiki entry from Portal
__8. Go to the Wikis portlet, click on the wiki I created earlier
__9. This will take you to the welcome page, you can click drop down next to Welcome to seemore pages in the wiki:
__10. Let's create a new page in the wiki
50
__13. Click Save and you will be taken to the new page created in your wiki:
Summary:
In this lab, you learned the basic steps to configure and use the wikis portlet.
52
Exercise 9: Tags portlet
9 Configure Tags and Wiring.__1. Now that we have configured all of our Portlets, let’s configure the Tags Portlet wiring with the
some of the portlets.
__2. As an overview, there are two modes of operation with regards to the interaction between thetag cloud and the other Connections portlets: one-way and two-way communication mode.
In one-way communication mode, the tag cloud portlet sends a wire to the otherConnections portlets to update their view according to a selected tag (this is what we willbe setting up in this lab)
In two-way communication mode, the other Connections portlets can also send a wire tothe tag cloud portlet to update its view as well according to the view being displayed.
__3. Open a browser to Portal (http://portal.ibm.com/wps/myportal) and sign in as the portaladministrator localadmin : passw0rd
__4. Go to where we have the Tag Cloud Portlet is deployed (Applications – Connections – TagCloud)
__5. Click on the configure drop down on the portlet and set the following URL’s (as seen in thescreenshot)
53
__6. Note: This must be an SSL url to Connections
__7. At this point the portlet would show tags from the connections server for a user inconnections. Now we need to wire the tags portlet with the other connections portlets on thepage. Follow these steps to add wires so the portlets can exchange data.
__8. Go to Administration>Manage Pages>Content Root>Applications>Connections
54
__9. Click on Edit Page Layout (pencil icon) for the Tag Cloud page:
__10. Click on the Wires tab:
__11. Go to Edit Page Layout and setup the wiring with the following settings:
Source Portlet – tags
Target Page – Tags Cloud
Target Portlet – Profiles
Receiving – selected Tag
Wire type - public
__12. Click the “+” and you are now done with setting up the wiring between tags and profilesportlets., repeat step 11 for bookmarks and blogs
__13. Click Done once complete
__14. Now, you might be asking – what does the wiring do?
55
__15. Now go ahead and logout as the localadmin user and login using one of our user accounts:cprice : password
__16. Go to the “Tags” Page
__1. Click on the tag “connections” as an example – you will notice if will bring up any profile, blogor bookmark that has been tagged “connections”. In this case its Charlie Greg’s and Karen's profile,along with a bookmark. As you can see, no blogs currently are tagged connections.
56
Summary:
In this lab, you learned the basic steps for configuring the Tags portlet and wiring it to otherconnections portlets on the same page.
57
Exercise 10: Connections business card
10 Configure Connections Business Cardintegration
10.110.1 Ensure that ibm-primaryEmail is mapped to the mail attribute
__1. open C:\IBM\WPSWAS\wp_profile\ConfigEngine\properties\wkplc.properties
__2. Search for federated.ldap.attributes.mapping.ldapName and set it to federated.ldap.attributes.mapping.ldapName=mail
__3. Just below this, setfederated.ldap.attributes.mapping.portalName=ibm-primaryEmail
__4. Save and close the file
__5. Open a command prompt
__6. change dir to C:\IBM\WPSWAS\wp_profile\ConfigEngine
__7. Run ConfigEngine.bat wp-update-federated-ldap-attribute-config
__8. This should build successfully:
58
10.210.2 Create the business card url provider
__9. Access the Portal was admin console (https://portal.ibm.com:10032/ibm/console) - sign in asthe admin (localadmin : password)
__10. Choose Resources – URL – URL providers
__11. Select Default URL Provider at the Node level
__12. Under Additional Properties, select URLs
__13. Click New
59
__14. Enter….Name: CONNECTIONS_PEOPLE_CARDJNDI name: CONNECTIONS_PEOPLE_CARDSpecification: http://connections.ibm.comCategory: CATEGORY_CONNECTIONS_PEOPLE_CARD
__15. Click Ok and Save the changes
__16. Log out of the Integrated Solutions Console
__17. At this point you would need to restart the Portal server and delete all temp internet files onthe client for the change to take effect, but that will not be necessary in our lab.
__18. Open a browser, and sign into portal as our test user (charlie : password)
__19. Go to the bookmarks portlet
60
__20. Hover over a name and click ‘Click here to view business card’
Summary:
In this lab, you learned the basic steps to configure the connections business card in Portal.
61
Exercise 11: iNotes portlet
11 Configure Portal Integration with iNotes mail
Out of the box we have the DWA portlet, which you can configure to auto-detect your mail file anddisplay specific components that you want your end users to see in portal. This method uses ldap callsto the domino ldap to determine the users mailserver and mail file. This approach involves updating aproperties file on portal (csenvironment.properties) and setting the internet hostname in the serverdocument on the domino ldap directory. These options require you to restart the portal server and ldapservice, which takes longer than I want to spend on this topic. If you want to use this approach, let meknow and I can walk you through the steps on the test system.
Another option to autodetect the mail file is to use the redirect database. In the next section we willcover the redirect database.
11.111.1 Configuring the iNotes portlet to use the iNotes redirect database
__1. Open a browser to Portal (http://portal.ibm.com/wps/myportal) and sign in as the portaladministrator localadmin : password
__2. Go to Administration – Portlets
62
__3. Search for ‘domino’, and click the Configure icon next to Domino Web Access portlet
__4. Click on the Edit Value icon for the DWARedirectDB parameter
__5. and set it to http://inotes.ibm.com:81/redirect.nsf (the full url to the redirect database) andclick OK
__6. Back in Manage portlets – click OK
Now configure the portlet to use the redirect database parameter instead of the default of autodetectusing ldap searches.
63
__7. As the admin, click on Applications – Messaging – Mail
__8. Click on the Display Menu link at the top right of the iNotes portlet, and select Edit SharedSettings
__9. Set height to 600, and select Let the DWA Redirector find my mail databasethen click Save
__10. You will see the login screen because the portal admin in our lab does not have a mail file:
__11. Log out of portal, and log back in as a test user: cprice : password
64
__12. click on Applications – Messaging – Mail
__13. You should now see Charlie’s mail file:
Summary:
In this lab, you learned the basic steps to configure the iNotes portlet with the redirectdatabase.
65
Exercise 12: Portal STProxy integration
12 Configure Portal Awareness and Chat with STProxy
12.112.1How it works…When configuring Awareness and Chat with an STProxy server, you need the following 3 servers:
Portal 7.0.0.1IBM HTTP Server (optional)STProxy 8.5.1.1ST Community server 8.5.1.1 or higher
In our lab we also configure an IBM HTTP server in front of Portal. Once everything is configured, theflow of traffic from the browser to Portal and STProxy will all go through a single URL. The reason forthis to prevent cross side scripting errors not allowed by the browser when running the javascript andajax calls. The POST and CONNECT calls made by the STProxy api to log the user in and get statusupdates are not allowed by the browser to go to a different url than the one you are currently accessing.In our case this URL is the HTTP server in front of the Portal server, so later in the lab we will configurethe IBM HTTP Server to proxy requests for STProxy. If you do not have an HTTP server you canconfigure the AJAXProxy server in Portal to proxy these requests. The main thing is whatever you useto access Portal (IHS, Edge caching proxy, Tivoli Access Manager, Portal direct, etc.) must beconfigured to proxy the requests to the STProxy server as well, as shown in the diagram below:
66
IBM HTTP Server
WebSphere Portal
Sametime Proxy Server
Sametime Community Server
LDAP Directory
You can also allow the browser direct access to the STProxy server (as shown in the dotted line above)but it’s not necessary for the portlet to work.
67
12.212.2 Install STProxy hotfix for portal integrationThere are a number of steps you need to take before integrating Portal and STProxy
1. Portal must be on version 7.0.0.12. STProxy must be on version 8.5.1.13. an STProxy hotfix must be applied to the 8.5.1.1 system. This hotfix is a new ear that you need toupdate in WebSphere Application Server, and new jar files that are copied into the STProxy deployedapp. For this lab we have done this and synced it with the node, so we will skip these steps. Details ofthis can be found here: https://www-304.ibm.com/support/docview.wss?rs=899&uid=swg21474355
To save time, each of these steps has been completed in the lab, you can move the install and configpiece of the STProxy integration:
12.312.3 Install the Sametime Proxy Server upgrade
Now that we have the correct versions, hotfixes and fixed the portal theme, we are ready to install thenew upgraded functionality of using STProxy for awareness and chat.
First you need to download the “IBM Lotus Sametime Proxy Server upgrade for WebSphere Portal 7”,which you can find here: https://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument&documentId=250F9656BEC11B2D8525781700435181
And run a few ConfigEngine batch files to install the new portlet into your portal server.
I have downloaded the update zip file from the portlet catalog, and unzipped it to c:\stproxy. Now let’srun the commands to install the portlet.
NOTE: The 2 commands we will run are saved for you, so you can copy and paste them into thecommand prompt…
__1. open a command prompt and change directory toC:\IBMWPS\WebSphere\wp_profile\ConfigEngine
68
__2. run the following command (you can copy this command out of the stproxycommands.txt fileon the desktop)
ConfigEngine.bat -install -installPackage C:/stproxy/SametimeProxyServerUpgrade.zip-offeringRoot ./config/work -installPath C:/IBMWPS/WebSphere/PortalServer-expandBinaries true
__3. Once this completes, run the next command in stproxycommands.txt
ConfigEngine.bat deploy-apps -DconfigExtensionList=-applySametimeProxyServerUpgrade
__4. These commands update the portal theme to work with stproxy and install the new SametimeWeb 2.0 contacts portlet. We will look at this once all the configuration is complete
12.412.4Configure SSO between Portal and Sametime.For awareness and chat to work in Portal, you must configure SSO between Portal and the Community
69
server. It’s not necessary to configure SSO on the WAS based STProxy server, as that server does notactually authenticate the user, instead it will forward the credentials passed in to the community serverto authenticate and login the user.
This can take 15 minutes todo, so there is another part of the lab where you can do this part if youwant, in this lab you can skip it.
12.512.5Fix theme to show business card in portlet
__5. in Windows exploerer go to the following folder:C:/IBMWPS/WebSphere/PortalServer/theme/wp.mashup.cc.theme/installedApps/wp.mashup.cc.theme.ear/PageBuilder2.war/themes/html/PageBuilder2
__6. Double click on config.jsp to open it in wordpad (to quickly make the changes below, simplydelete config.jsp and rename config.jsp.working to config.jsp
__7. Search for var stproxyConfig
__8. under plugins remove the following 2 lines:
lnmpAddContact : false lnmpAddSubgroup : false
Once done, the lines will look like the following:
var stproxyConfig = {server: "${sametimeProxyUrl}",isConnectClient: false,disableXDomain: true,isPortalAjaxProxy: ${isPortalAjaxProxy},plugins: {
lnmpChat : false,lnmpCall : false,lnmpMeetingInvite : false,lnmpSendAnnouncement : false,lnmpBizCard : false,lnmpAddToContacts : false,lnmpAddToContacts : false,
} }
70
12.612.6Configure WAS setting (cc.sametime.proxy.url) for browser tocommunicate with STProxy server
__9. Open a browser to the WAS admin console for Portal:(https://portal.ibm.com:10032/ibm/console) and login (localadmin : password)
__10. Click Resources -> Resource Environment -> Resource Environment Providers.
__11. In the list, locate the WP CommonComponentConfigService and open this entry by clicking it.(it will be on the 2nd page)
__12. Click Custom properties.
71
__13. Click New and enter the following settings:
Name: cc.sametime.proxy.urlValue: /stproxy
NOTE: the value can be anything you want, it just needs to start with a slash. The valueused here is used as the context root when configuring the IHS server to proxy requests forSTProxy.
__14. Click OK
__15. Click Save
__16. log out of the Integrated Solution Console
Normally you would need to restart Portal for the change to take effect, but that is not necessary in ourlab.
12.712.7Configure Portal HTTP server to communicate with STProxy server
Now that the Portal server is configured with the proxy rule for communication with STProxy, we needto configure the HTTP Server to communicate with the STProxy server.
NOTE: If you want to skip these steps, you can simply delete httpd.conf and renamehttpd.conf.working to httpd.conf in C:\IBMWPS\HTTPServer\conf, then restart the HTTP server service.
__17. Open C:\IBMWPS\HTTPServer\conf\httpd.conf
72
__18. Search for proxy and uncomment the following 2 lines:LoadModule proxy_module modules/mod_proxy.soLoadModule proxy_http_module modules/mod_proxy_http.so
__19. At the bottom of the file, just above:
LoadModule was_ap22_module"C:\IBMWPS\HTTPServer\Plugins\bin\mod_was_ap22_http.dll"
WebSpherePluginConfig"C:\IBMWPS\WebSphere\wp_profile\config\cells\wpsst\nodes\wpsst\servers\webserver1\plugin-cfg.xml"
Add the following lines: (NOTE: you can copy and paste these lines out ofstproxycommands.txt on the desktop
<IfModule mod_proxy.c> ProxyPass /stproxy http://stproxy.ibm.com:9080 connectiontimeout=2 ProxyPassReverse /stproxy http://stproxy.ibm.com:9080 ProxyPassReverseCookieDomain http://stproxy.ibm.com:9080 ibm.com ProxyPassReverseCookiePath / /stproxy</IfModule>
__20. Notice the ProxyPass /stproxy and ProxyPassReverseCookiePath / /stproxy – If you usedsomething else for the context root in the cc.sametime.proxy.url WAS variable, you wouldenter that here.
__21. Save and close the file
__22. Restart IBM HTTP Server for the change to take effect
__a. Open the services link
__b. Scroll down to IBM HTTP Server 7.0, right click and chose Restart
73
__c. Once the Server is restarted it is ready to proxy the requests to the STProxy server
12.812.8Change JSESSIONID cookie name in STProxy server
This is the most missed step in configuring Portal with STProxy, so after today if any of you guys callinto support and haven’t completed this step. . . I’m going to be very upset ☺. Because we use thesame url to access STProxy as we do to Portal, we need to configure a different session id on theSTProxy server, so the jsessionid cookies don’t get overwritten by each server.
__23. Open a browser to the WAS admin console for STProxy(https://stproxy.ibm.com:8601/ibm/console) and login as the administrator (localadmin :password)
__24. Expand Servers in the navigation pane, and then select Server Types -> WebSphereapplication servers.
__25. Click on STProxyServer
__26. Expand Web Container Settings under Container Settings, and then select Web container.
74
__29. Change the Cookie name field to STJSESSIONID.
__30. Click OK, click Save, and then logout of the Integrated Solutions Console.
At this step, you would need to restart the STProxy server for the change to take effect, but it’s notnecessary in our lab.
12.912.9Test the new portlet.
That’s it, now we are ready to test the new portlet…
__31. Open a browser to portal (http://portal.ibm.com/wps/myportal) and login as our test user(cprice : password)
__32. Go to Applications – STProxy
76
__33. The updated contact list should appear
__34. Let’s add a user to the buddy list
__35. Under Type to find name, enter Greg, and click Search directory for Greg
__36. Hover over Charlie Price and click Click for Person Card
77
__39. You should see the user added to the portlet
__40. Now, let’s start a chat window just so you can see some of the new features of chat inSTProxy
__41. Double click on the green icon next to Greg’s name
79
__42. Notice you have a few rich text options, not as many as the full connect client, but much morethan what was available in stlinks
Summary:
In this lab, you learned the basic steps to configure portal chat and awareness with STProxy.
80
Exercise 13: Connections awareness and Chat with STProxy
13 Configure Connections Awareness and Chat with STProxy
13.113.1How it works…When configuring Awareness and Chat with an STProxy server, you need the following 3 servers:
Connections 7.0.0.1IBM HTTP ServerSTProxy 8.5.1.1ST Community server 8.5.1.1 or higherSTProxy hotfix WHOS-8MAJ6R
In our lab we also configure an IBM HTTP server in front of Connections. Once everything isconfigured, the flow of traffic from the browser to Connections and STProxy will all go through a singleURL. The reason for this to prevent cross side scripting errors not allowed by the browser whenrunning the javascript and ajax calls. The POST and CONNECT calls made by the STProxy api to logthe user in and get status updates are not allowed by the browser to go to a different url than the oneyou are currently accessing. In our case this URL is the HTTP server in front of the Connectionsserver, so later in the lab we will configure the IBM HTTP Server to proxy requests for STProxy. If youdo not have an HTTP server you can configure the AJAXProxy server in Connections to proxy theserequests. The main thing is whatever you use to access Connections (IHS, Edge caching proxy, TivoliAccess Manager, Connections direct, etc.) must be configured to proxy the requests to the STProxyserver as well, as shown in the diagram below:
81
IBM HTTP Server
WebSphere Portal
Sametime Proxy Server
Sametime Community Server
LDAP Directory
You can also allow the browser direct access to the STProxy server (as shown in the dotted line above)but it’s not necessary for the portlet to work.
82
13.213.2 Install STProxy hotfix for Connections integrationThere are a number of steps you need to take before integrating Connections and STProxy
1. Connections must be on version 3.0.12. STProxy must be on version 8.5.1.13. an STProxy hotfix (WHOS-8MAJ6R) must be applied to the 8.5.1.1 system. This hotfix is a new earthat you need to update in WebSphere Application Server, and new jar files that are copied into theSTProxy deployed app. For this lab we have done this and synced it with the node, so we will skipthese steps.
To save time, each of these steps has been completed in the lab, you can move the install and configpiece of the STProxy integration:
13.313.3Configure SSO between Connections and Sametime.For awareness and chat to work in Connections, you must configure SSO between Connections andthe Community server. It’s not necessary to configure SSO on the WAS based STProxy server, as thatserver does not actually authenticate the user, instead it will forward the credentials passed in to thecommunity server to authenticate and login the user.
This can take 15 minutes todo, so there is another part of the lab where you can do this part if youwant, in this lab you can skip it.
13.413.4Configure Connections HTTP server to communicate with STProxyserver
Now that the Connections server is configured with the proxy rule for communication with STProxy, weneed to configure the HTTP Server to communicate with the STProxy server.
NOTE: If you want to skip these steps, you can simply delete httpd.conf and renamehttpd.conf.working to httpd.conf in C:\IBMWPS\HTTPServer\conf, then restart the HTTP server service.
__1. Open C:\IBM\HTTPServer\conf\httpd.conf
__2. Search for proxy and uncomment the following 2 lines:LoadModule proxy_module modules/mod_proxy.soLoadModule proxy_http_module modules/mod_proxy_http.so
83
__3. At the bottom of the file, just above:
LoadModule was_ap22_module"C:\IBMWPS\HTTPServer\Plugins\bin\mod_was_ap22_http.dll"
WebSpherePluginConfig"C:\IBMWPS\WebSphere\wp_profile\config\cells\wpsst\nodes\wpsst\servers\webserver1\plugin-cfg.xml"
Add the following lines: (NOTE: you can copy and paste these lines out ofIC_stproxycommands.txt on the desktop
<IfModule mod_proxy.c> ProxyPass /stwebclient http://stproxy.ibm.com:9083/stwebclient ProxyPass /stwebapi http://stproxy.ibm.com:9083/stwebapi ProxyPass /stbaseapihttp://stproxy.ibm.com:9083/stbaseapi ProxyPassReverse /stwebclient http://stproxy.ibm.com:9083/stwebclient ProxyPassReverse /stwebapi http://stproxy.ibm.com:9083/stwebapi ProxyPassReverse /stbaseapi http://stproxy.ibm.com:9083/stbaseapi ProxyPassReverseCookieDomain http://stproxy.ibm.com:9083 ibm.com ProxyPassReverseCookiePath / /</IfModule>
__4. Save and close the file
__5. Restart IBM HTTP Server for the change to take effect
__a. Open the services link
__b. Scroll down to IBM HTTP Server 7.0, right click and chose Restart
__c. Once the Server is restarted it is ready to proxy the requests to the STProxy server
84
13.513.5Update Connections config file to enable STProxy
__6. Open a command prompt to the Connections DMGR directory(c:\IBMLC\WebSphere\AppServer\profiles\Dmgr01\bin)
__7. Run the following command:
wsadmin -lang jython -user localadmin -password password -port 8879
__8. At the wsadmin prompt run the following commands:
execfile("connectionsConfig.py")LCConfigService.checkOutUIextensionsConfig("c:/temp","vm64Cell01")
__9. Leave the wsadmin prompt and window open
85
__10. Open uiextensions-config.xml file from the temp directory in notepad, scroll down near thebottom of the file and look for the following lines:
NOTE: instead of editing the file manually, you can simply delete c:\temp\uiextensions-config.xml and rename c:\temp\uiextensions-config.xml_working to uiextensions-config.xml
<extension name="global.pageRendering"jsCallback="lconn.profiles.sametime.sametimeProxyInit" enabled="false"/>
<extension name="lc.IMAwareness"jsCallback="lconn.profiles.sametime.sametimeProxyAddLiveName" invokeDelay="2000"enabled="false" id="stProxy">
<params><param name="isConnectClient" value="true" /><param name="lconnProxySvcUrl" value="admin_replace"/><param name="lconnProxySvcUrlSSL" value="admin_replace"/>
</params></extension>
update this section by setting enabled="true" and setting the lconnProxySvcUrl to thehostname of the HTTP Server used to access Connectoins:
<extension name="global.pageRendering"jsCallback="lconn.profiles.sametime.sametimeProxyInit" enabled="true"/>
<extension name="lc.IMAwareness"jsCallback="lconn.profiles.sametime.sametimeProxyAddLiveName" invokeDelay="2000"enabled="true" id="stProxy">
<params><param name="isConnectClient" value="true" /><param name="lconnProxySvcUrl"
value="http://connections.demos.ibm.com"/><param name="lconnProxySvcUrlSSL"
value="https://connections.demos.ibm.com"/></params>
</extension>
__11. Save and close uiextensions-config.xml
86
__12. Back in the wsadmin command window, enter the following command:
LCConfigService.checkInUIextensionsConfig("c:/temp","vm64Cell01")
__13. Type exit to exit out of the wsadmin console
At this step, you would need to restart the Connections server for the change to take effect, but it’s notnecessary in our lab.
13.613.6Test awareness and chat.
That’s it, now we are ready to test awareness…
__14. Open a browser to Connections (http://connections.ibm.com/profiles) and login as our testuser (cprice : password)
__15. At the bottom right corner of the browser, you should see where you are logged intosametime
__16. If you search the directory for Charlie
87
__17. Hover over the name, and click to show the business card
__18. You will also see that you can see the users status in the business card, and have the abilityto chat from here as well:
Summary:
In this lab, you learned the basic steps to chat and awareness in Connections using STProxy.
88
© IBM Corporation 2011. All Rights Reserved.
The information contained in this publication is provided for informational purposes only. Whileefforts were made to verify the completeness and accuracy of the information contained in thispublication, it is provided AS IS without warranty of any kind, express or implied. In addition,this information is based on IBM’s current product plans and strategy, which are subject tochange by IBM without notice. IBM shall not be responsible for any damages arising out of theuse of, or otherwise related to, this publication or any other materials. Nothing contained inthis publication is intended to, nor shall have the effect of, creating any warranties orrepresentations from IBM or its suppliers or licensors, or altering the terms and conditions ofthe applicable license agreement governing the use of IBM software.
References in this presentation to IBM products, programs, or services do not imply that theywill be available in all countries in which IBM operates. Product release dates and/orcapabilities referenced in this presentation may change at any time at IBM’s sole discretionbased on market opportunities or other factors, and are not intended to be a commitment tofuture product or feature availability in any way. Nothing contained in these materials isintended to, nor shall have the effect of, stating or implying that any activities undertaken byyou will result in any specific sales, revenue growth or other results.
IBM, the IBM logo, Lotus, Lotus Notes, Notes, Domino, WebSphere and Lotusphere aretrademarks of International Business Machines Corporation in the United States, othercountries, or both.
89