6.3 Configuring the WebSphere Environment

6.3.1 Configuring a Connection Pool

To configure a connection pool for use with WebSphere, you need to create a JDBC Provider and a data source. This section provides instructions for creating the provider and the data source.

To create a JDBC Provider:

  1. Expand Resources on the left side of the Integrated Solutions Console page:

  2. Expand JDBC:

  3. Click JDBC providers:

  4. Expand Scope:

  5. Select Node=yourservername, Server=server1.

  6. Click the New button.

  7. Select the Database Type (for example, DB2).

  8. Click Next.

  9. Enter the JDBC classpath information.

  10. Click Next.

  11. Click Finish.

  12. Click the Save link.

To create a data source:

  1. Expand Resources on the left side of the page.

  2. Expand JDBC.

  3. Click Data sources.

  4. Expand Scope.

  5. Select Node=yourservername, Server=server1.

  6. Click the New button.

  7. Enter the DataSource name and JNDI name (for example, IDMUADataSource for both).

  8. Click Next.

  9. Click Select an existing JDBC provider.

  10. Select the JDBC Provider you created above.

  11. Click Next.

  12. Enter the database information required for the DataSource (databasename, server name, port, username, and password).

  13. Click Next.

  14. Enter Security Alias information or leave defaults.

  15. Click Next.

  16. Click Finish.

  17. Click Save.

  18. Select your new DataSource by clicking the checkbox to the left of the name.

  19. Click the Test Connection button, and make sure it returns Success.

6.3.2 Adding User Application Configuration Files and JVM System Properties

The following steps are required for a successful WebSphere installation:

  1. Copy the sys-configuration-xmldata.xml file from the User Application install directory to a directory on the machine hosting the WebSphere server, for example /UserAppConfigFiles.

    The User Application install directory is the directory in which you installed the User Application.

  2. Set the path to the sys-configuration-xmldata.xml file in the JVM system properties. Log in to the WebSphere admin console as an admin user to do this.

  3. From the left panel, go to Servers > Application Servers.

  4. Click the server name in the server list, for example server1.

  5. In the list of settings on the right, go to Java and Process Management under Server Infrastructure.

  6. Expand the link and select Process Definition.

  7. Under the list of Additional Properties, select Java Virtual Machine.

  8. Select Custom Properties under the Additional Properties heading for the JVM page.

  9. Click New to add a new JVM system property.

    1. For the Name, specify extend.local.config.dir.

    2. For the Value, specify the name of the install folder (directory) that you specified during installation.

      The installer wrote the sys-configuration-xmldata.xml file to this folder.

    3. For the Description, specify a description for the property, for example path to sys-configuration-xmldata.xml.

    4. Click OK to save the property.

  10. Click New to add another new JVM system property.

    1. For the Name, specify idmuserapp.logging.config.dir

    2. For the Value, specify the name of the install folder (directory) that you specified during installation.

    3. For the Description, specify a description for the property, for example path to idmuserapp_logging.xml.

    4. Click OK to save the property.

      The idmuserapp-logging.xml file does not exist until you persist the changes through User Application > Administration > Application Configuration > Logging.

You also need to configure a shared library for the User Application on WebSphere. The shared library defines the class loading behavior that is needed to make the application run properly.

To configure the shared library:

  1. Create the Shared Library for the User Application:

    1. Click on Environment in the left-navigation menu.

    2. Click Shared Libraries.

    3. Click the New button.

    4. Enter a name (such as IDMUA Classloader).

    5. Enter the list of required JAR files into the Classpath field:

      • antlr.jar

      • log4j.jar

      • commons-logging.jar

        NOTE:You need to download this JAR file from the Apache site.

      • xalan.jar

      • xercesImpl.jar

      • xsltc.jar

      • serializer.jar

      • jaxb-impl.jar

      • IDMselector.jar

    6. Click OK.

    7. Click the Save link.

  2. Add the Shared Library to IDMProv:

    1. Click Applications on the left.

    2. Click WebSphere Enterprise Applications.

    3. Click on the name IDMProv_war.

    4. At the bottom of the page under References, click Shared library references.

    5. Click the checkbox next to IDMProv (not IDMProv_war).

    6. Click the Reference shared libraries button.

    7. Click the name of the Shared Library (IDMUA Classpath) in the Available box. Then click the right-pointing arrow so it moves to the Selected box.

    8. Click OK to go back to the prior page.

    9. Click OK again.

    10. Click Save to persist the changes to the server configuration.

    11. Restart the server if all other configuration steps have been performed.

Note that the class loading change should be made at the application level, not the module level. WebSphere creates an EAR for the deployed WAR, and makes the WAR a module within the EAR:

6.3.3 Importing the eDirectory Trusted Root to the WebSphere Keystore

  1. Copy the eDirectory trusted root certificates to the machine hosting the WebSphere server.

    The User Application installation procedure exports the certificates to the directory in which you install the User Application.

  2. Import the certificates into the WebSphere keystore. You can do this by using the WebSphere administrator’s console (Importing Certificates with the WebSphere Administrator’s Console) or through the command line (Importing Certificates with the Command Line).

Importing Certificates with the WebSphere Administrator’s Console

  1. Log in to the WebSphere administration console as an admin user.

  2. From the left panel, go to Security > SSL Certificate and Key Management.

  3. In the list of settings on the right, go to Key stores and certificates under Related Items.

  4. Select NodeDefaultTrustStore (or the trust store you are using).

  5. Under Additional Properties on the right, select Signer Certificates.

  6. Click Add.

  7. Type the Alias name and full path to the certificate file.

  8. Change the Data type in the drop-down list to Binary DER data.

  9. Click OK. You should now see the certificate in the list of signer certificates.

  10. Click Save link at the top of the screen.

Importing Certificates with the Command Line

From the command line on the machine hosting the WebSphere server, run the keytool to import the certificate into the WebSphere keystore.

NOTE:You need to use the WebSphere keytool or this does not work. Also, be sure the store type is PKCS12.

The WebSphere keytool is found at /IBM/WebSphere/AppServer/java/bin.

The following is a sample keytool command:

keytool -import -trustcacerts -file servercert.der -alias myserveralias -keystore trust.p12 -storetype PKCS12

If you have more than one trust.p12 file on your system, you might need to specify the full path to the file.

6.3.4 Passing the preferIPv4Stack Property to the JVM

The User Application uses JGroups for the caching implementation. In some configurations, JGroups requires that the preferIPv4Stack property be set to true in order to ensure that the mcast_addr binding is successful. Without this option, the following error may be observed, and caching will not work properly:

[10/1/09 16:11:22:147 EDT] 0000000d UDP           W org.jgroups.util.Util
createMulticastSocket could not bind to /228.8.8.8 (IPv4 address); make sure
your mcast_addr is of the same type as the IP stack (IPv4 or IPv6).

The parameter java.net.preferIPv4Stack=true is a system property that can be set in the same manner as other system properties such as extend.local.config.dir. For instructions on setting system properties, see Section 6.3.2, Adding User Application Configuration Files and JVM System Properties.

6.3.5 Additional Configuration for WebSphere 7.0

If you are using WebSphere 7.0 with Version 4.0.1 of the RBPM, you need to be aware that several JAR files (such as commons-digester.jar) have been upgraded to the latest available versions in this release of RBPM. Therefore, you may encounter version conflicts with JAR files that have shipped with WebSphere if you do not configure your environment properly.

To ensure that you are using the right JAR files, you need to configure your WebSphere server to load classes from the IDMProv.war first. For the IDMProv.war file, you need to select the Classes loaded with local class loader first (parent last) option for IDMProv.war.