Accompanying Guide for SPVC

IBM Software Services for Lotus

distribution for not

SPVC; for

Installation and Administration of IBM WebSphere Portal 7.0 on Windows guide Student Guide ERC 3.0

Course Code WPL81

Accompanying Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Trademarks

IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. These and other IBM trademarked terms are marked on their first occurrence in this information with the appropriate symbol ( or ), indicating US registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at http://www.ibm.com/legal/copytrade.shtml

The following terms are trademarks of the International Business Machines Corporation in the United States, other countries, or both: AIX® iSeries® Redbooks® distribution DB2® Lotus® System x® DB2 Universal Database™ PartnerWorld® Tivoli® developerWorks® Passport Advantage® WebSphere® Domino® PowerPC® z/OS®for IBM® Rational® zSeries The following terms are trademarks of other companies: not Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.

Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.

Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. SPVC; UNIX is a registered trademark of The Open Groupfor in the United States and other countries. Linux is a trademark of Linus Torvalds in the United States, other countries, or both.

Other company, product, or service names may be trademarks or service marks of others.

guide

June 2011, ERC 3.0

The information contained in this document has not been submitted to any formal IBM test and is distributed on an “as is” basis without any warranty either express or implied. The use of this information or the implementation of any of these techniques is a customer responsibility and depends on the customer’s ability to evaluate and integrate them into the customer’s operational environment. While each item may have been reviewed by IBM for accuracy in a specific situation, there is no guarantee that the same or similar results will result elsewhere. Customers attempting to adapt these techniques to their own environments do so at their own risk.

© Copyright International Business Machines Corporation 2011. All rights reserved. This document Accompanyingmay not be reproduced in whole or in part without the prior written permission of IBM. Note to U.S. Government Users — Documentation related to restricted rights — Use, duplication or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract with IBM Corp. ii © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Contents

Contents

Trademarks ...... ii

Course description...... xv

Course agenda ...... xvii

Lesson 1. Introduction...... 1 Objectives...... distribution ...... 1 Topic A: WebSphere Portal software stack and architecture ...... 2 View of the stack ...... 2 Topic B: WebSphere Portal and the WebSphere Applicatioforn Server...... 8

Lesson 2. Page management ...... 11 Objectives...... not...... 11 Topic A: Navigating and managing WebSphere Portal 7.0 ...... 12 Administrative interface ...... 12 Pages and page hierarchy ...... 12 Topic B: Creating pages and page management...... 14 Designing the page hierarchy ...... 14 WebSphere Portal nodes . . . . SPVC;...... 15 Page layout ...... 22 Portlets and pages . . . . for...... 24 Page Builder...... 27

Lab 2: Exploring portal page hierarchy and portal commands ...... 29 Objectives...... 29 Task 1: Startingguide and stopping WebSphere Portal ...... 30 Checking the server status of WebSphere Portal and WebSphere Portal Application Server ...... 30 Task 2: Signing up as a new user to the portal ...... 32 Task 3: Exploring the portal Administration area as an administrator . . . . . 34 Task 4: Creating a new portal page and placing a portal on it ...... 35 Customizing the Reminder portlet ...... 38 Stopping the WebSphere_Portal instance ...... 40 Task 5: Backing up the WebSphere Portal configuration...... 41

Lesson 3. Deploying portlets ...... 43 Objectives...... 43 Topic A: Portlet deployment ...... 44 AccompanyingStand-alone environment...... 45 Clustered environment ...... 45

© Copyright IBM Corp. 2011. All rights reserved. iii Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic B: Page hierarchy and portlets ...... 51 Exporting and importing the page hierarchy ...... 51

Lab 3: Deploying a portlet ...... 55 Objectives...... 55 Task 1: Verifying that WebSphere Portal is started and logging in ...... 56 Verifying that WebSphere Portal is started ...... 56 Logging in to WebSphere Portal ...... 56 Task 2: Deploying a portlet...... 57

Lesson 4. WebSphere Portal security management ...... 63 Objectives...... distribution ...... 63 Topic A: Overview of role-based security...... 64 Privileges ...... 64 Traversal ...... for ...... 66 Topic B: Defining the portal resource security mechanism ...... 67 Defining the portal resource security mechanism ...... 67 Exploring the resources and roles ...... not...... 67 Topic C: Blocking propagation and role inheritance...... 67 Blocking propagation ...... 68 Blocking inheritance ...... 69 Topic D: Access control settings ...... 70 Initial access control settings ...... 70 Initial portlet access control settingsSPVC; ...... 71 Initial page access control settings ...... 71 Topic E: Granting privilegesfor ...... 72 Granting privileges to a portlet ...... 72 Granting different privileges on a single portlet ...... 75 Topic F: Creating anonymous pages ...... 76 Analyzing role interactions on pages and Portlets ...... 76 Topic G: Traversalguide ...... 77 The need for traversal ...... 77 Traversal scenario ...... 78 Configuring traversal ...... 78 Topic H: Securing your portal page hierarchy ...... 79 Setting resource permissions...... 79

Lab 4: Implementing security and creating a Developer Administration page...... 81 Objectives...... 81 Task 1: Verifying that WebSphere Portal is started and logging in ...... 83 Verifying that WebSphere Portal is started ...... 83 Logging in to WebSphere Portal ...... 83 AccompanyingTask 2: Importing the Human Resources page hierarchy ...... 84 Task 3: Viewing the initial security permissions ...... 85 iv © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Contents

Task 4: Setting and verifying page permissions...... 88 Task 5: Allowing customization ...... 92 Task 6: Setting and verifying portlet permissions...... 96 Task 7: Configuring traversal permissions ...... 100 Task 8: Creating an Administration page for developers ...... 102

Lesson 5. Wikis and blogs...... 109 Objectives...... 109 Topic A: Page Builder theme and a wiki or blog...... 110 Overview of the Page Builder theme ...... 110 Wikis...... 110 Blogs ...... distribution ...... 110 Topic B: Adding a wiki or blog to a page ...... 111 Adding a wiki to a page ...... for ...... 111 Adding a blog to a page ...... 112 Topic C: Deleting wiki or blog content ...... 113 The difference between deleting and purgingnot ...... 113 Deleting wiki or blog content ...... 113 Topic D: Purging wiki or blog content...... 115 Purging a wiki or blog...... 115 Topic E: Assigning access to the wiki or blog ...... 115 Wiki and blog roles...... 116 Configuring access control to wikisSPVC; or blogs ...... 117 Lab 5: Setting up a blog and a wiki...... 119 Objectives...... for...... 120 Task 1: Adding Web Content Management authoring to a base installation ...... 121 Task 2: Adding a blog...... 122 Task 3: Adding a wiki ...... 124 Task 4: Assigningguide users rights ...... 127

Lesson 6. Tagging and rating ...... 133 Objectives...... 133 Topic A: Tag clouds ...... 134 Topic B: Public, private, personal, and community tags...... 134 Topic C: Statistics...... 136 Tagging and rating statics ...... 136 Sharing tagging and rating data with portlets...... 137

Lab 6: Enabling and configuring tagging and rating ...... 139 Objectives...... 140 Task 1: Enabling or disabling tagging and rating for portal users...... 141 AccompanyingTask 2: Enabling and adding words to the blacklist ...... 144 Task 3: Working with whitelist filters...... 150

© Copyright IBM Corp. 2011. All rights reserved. v Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Lesson 7. Attribute-based administration ...... 151 Objectives...... 151 Topic A: Personalization rules ...... 152 Rules ...... 152 Exploring campaigns ...... 152 Topic B: Administering the portal using attribute-based techniques...... 152 Access control and visibility rules...... 153 Policies...... 153 Error condition behavior ...... 153 Topic C: Defining attribute-based administration ...... 153 Examining visibility rules ...... 155 Exploring interactions between security and rules ...... distribution ...... 155 Handling errors...... 156 Topic D: Creating and managing visibility rules ...... for ...... 158 Applying visibility rules to pages and portlets...... 159 Lab 7: Creating rules ...... not...... 161 Objectives...... 161 Task 1: Verifying that WebSphere Portal is started and logging in ...... 163 Verifying that WebSphere Portal is started ...... 163 Logging in to WebSphere Portal ...... 163 Task 2: Validating the ability to apply rules to a portlet ...... 163 Task 3: Working with visibility rulesSPVC; ...... 167 Creating a visibility rule ...... 168 Applying the new rule to a portlet...... 171 Creating and applying a forvisibility rule to a page...... 174

Lesson 8. Virtual portals and realms ...... 177 Objectives...... 177 Topic A: Virtual portals and multiple realms ...... 178 Defining virtualguide portals ...... 178 Defining realms ...... 180 Virtual portals with multiple realms...... 182 Topic B: VMM realm configuration files ...... 182 Topic C: Creating a realm ...... 183 Topic D: Creating a virtual portal ...... 184 Using the Virtual Portal Manager portlet ...... 184 Using the ConfigEngine create-virtual-portal task ...... 185 Topic E: Scoped and non-scoped resources ...... 186 Defining scoped resources...... 186 Defining non-scoped resources ...... 187 Topic F: Virtual portal provisioning script ...... 188

AccompanyingLab 8: Configuring realms and virtual portals...... 191 Objectives...... 191 vi © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Contents

Task 1: Creating a new user realm ...... 193 Task 2: Creating a virtual portal ...... 193

Lesson 9. IBM Syndicated Feed Portlet ...... 197 Objectives...... 197 Topic A: IBM Syndicated Feed Portlet ...... 198 Proxy for the portlet ...... 198 Configuration options for administrators ...... 199 Management implications ...... 200 Topic B: Feeds ...... 201 SSL feeds...... 201 Client-side aggregation ...... distribution ...... 202 Cookies and feeds ...... 203 Portlet proxies ...... for ...... 204 Lab 9: Working with the IBM Syndicated Feed Portlet ...... 205 Objectives...... 205 Task 1: Adding and configuring a syndicated pornottlet ...... 206

Lesson 10. Mashup integration...... 211 Objectives...... 211 Topic A: Defining mashups and iWidgets...... 212 Mashups...... 212 iWidgets ...... SPVC;...... 212 WebSphere Portal and iWidgets ...... 213 Adding an iWidget to a pagefor ...... 215 Topic B: Integrating mashups...... 216 Enabling the Mashups tab ...... 216 Adding a new widget ...... 217 Lab 10: Installingguide and configuring an iWidget...... 219 Objectives...... 219 Considerations ...... 220 Task 1: Enabling mashup integration ...... 221 Task 2: Adding an iWidget ...... 221 Task 3: Getting started with customizing iWidget attributes...... 224

Lesson 11. WebSphere Portal search...... 227 Objectives...... 227 Topic A: Comparing search options ...... 228 Search collections ...... 229 Topic B: Working with WebSphere Portal search...... 232 Search scope ...... 232 AccompanyingSearch links ...... 235 External Search Results portlet ...... 237

© Copyright IBM Corp. 2011. All rights reserved. vii Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Lab 11: Using external search engines ...... 241 Objectives...... 241 Task 1: Configuring external search scopes ...... 242 Task 2: Configuring the External Search Results portlet ...... 244 Updating the Ajax proxy ...... 244 Configuring the External Search Result portlet ...... 249

Lesson 12. Other administrative portlets...... 253 Objectives...... 253 Topic A: Portal clients...... 254 Existing client support ...... 254 Adding support for new clients ...... distribution ...... 255 Topic B: Web clippings...... 255 Defining web clippings ...... for ...... 255 Using the Web Clipping Editor to import content ...... 256 Topic C: URL mapping ...... 258 Defining URL mappings ...... not...... 258 Creating a URL mapping ...... 259 Topic D: Custom names...... 261 Defining custom names ...... 261 Creating custom names ...... 262

Lab 12: Performing miscellaneous administration tasks ...... 265 Objectives...... SPVC;...... 265 Task 1: Using web clippings to import content ...... 266 Creating a new page . . for...... 270 Task 2: Creating a URL mapping ...... 270 Task 3: Creating custom names...... 274

Lesson 13. WebSphere Portal usage analysis...... 277 Objectives. . . . guide...... 277 Topic A: Monitoring portal usage ...... 278 Data points available on the server side ...... 278 Enabling server-side logging ...... 279 Reading the log files...... 282 Topic B: Active Site Analytics for user behavior analysis...... 283 Samples and custom aggregator ...... 285 Adding an aggregator to a page...... 288 Aggregators and themes ...... 289

Lab 13: Enabling and reading the logs...... 293 Objectives...... 294 Task 1: Enabling site analysis logging ...... 295 AccompanyingTask 2: Reviewing the log ...... 299

Lesson 14. Theme architecture...... 303 Objectives...... 303 Topic A: Client-side aggregation versus server-side aggregation ...... 304 Page aggregation concepts ...... 304 Understanding aggregation options ...... 304 Topic B: Portal customization and branding...... 307 Defining and creating a brand ...... 307 Defining themes and skins ...... 308 Implementing a theme ...... 314 Adding themes ...... 315 Applying a theme ...... distribution ...... 316 Lesson 15. Installing WebSphere Portal ...... 317 Objectives...... for ...... 317 Topic A: Options, methods, and sources for installing WebSphere Portal. 318 The Base option...... 318 The Full option ...... not...... 318 Installation methods ...... 318 Profiles ...... 324 Topic B: Configuring WebSphere Portal ...... 325 Developer mode...... 325 Empty portal...... 327 SPVC; Lab 15: Installing WebSphere Portal Server 7.0 ...... 329 Objective ...... 329 for Lesson 16. Configuring WebSphere Portal ...... 339 Objectives...... 339 Topic A: Working with the ConfigEngine and the Configuration Wizard. . . 340 ConfigEngine overview ...... 340 ConfigEngineguide Wizard over view ...... 340 How the ConfigEngine works ...... 340 Topic B: Configuring the database ...... 342 Configuration tasks for the database ...... 342 Properties for the database configuration ...... 345 Topic C: Using profiles ...... 350 Profile types ...... 351 Considerations for multiple profiles ...... 352 Creating profiles ...... 354

Lab 16: Configuring the portal database ...... 361 Objectives...... 361 Task 1: Configuring the database ...... 362 AccompanyingCreating DB2 databases ...... 362 Migrating databases to DB2...... 363

© Copyright IBM Corp. 2011. All rights reserved. ix Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 2: Verifying the data transfer ...... 372

Lesson 17. Security for WebSphere Portal ...... 375 Objectives...... 375 Topic A: LDAP-based authentication ...... 376 Overview of LDAP-based authentication ...... 376 Topic B: Portal security ...... 377 Authentication ...... 377 VMM and LDAP integration ...... 380 Stand-alone LDAPs, federated repositories, and multiple LDAPs . . . . . 380 Security for immediate use...... 381 Custom LDAP integration...... distribution ...... 382 Property extension database (formerly the Look-aside database). . . . . 382 External security managers ...... for ...... 382 Lab 17: Enabling portal security using an LDAP repository ...... 383 Objectives...... 383 Task 1: Checking existing users and groups . . not...... 385 Task 2: Editing security property settings...... 385 Modifying security properties ...... 385 Restarting WebSphere_Portal ...... 387 Changing the WebSphere Portal administrator and administration group . . 387 SPVC; Restarting WebSphere_Portal ...... 388 Task 3: Testing the new seforcurity settings ...... 389 Lesson 18. Creating a cell ...... 391 Objectives...... 391 Topic A: Network deployment overview ...... 392 Concepts ...... 392 Architecture guide...... 393 Topic B: Creating a cell ...... 393 Installing network deployment ...... 393 Creating and working with the deployment manager profile ...... 394

Lab 18: Creating a portal cell ...... 401 Objectives...... 401 Task 1: Stopping WebSphere Portal Server, if needed ...... 403 Task 2: Installing the Deployment Manager ...... 404 Task 3: Starting and configuring the Deployment Manager ...... 419 Starting the Deployment Manager ...... 420 Configuring the Deployment Manager ...... 421 Increasing the HTTP connection timeout ...... 422 AccompanyingSetting the requestTimeout for the Java management extensions connector 425 x © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Contents

Changing the maximum Java heap size ...... 430 Creating a WebSphere Portal administrator group ...... 433 Changing the SOAP timeout ...... 436

Lesson 19. Federating a portal node into a cell ...... 439 Objectives...... 439 Topic A: Federating and clustering a WebSphere Portal node ...... 440 Planning ...... 440 Administrative tools ...... 442 Federating the node...... 442 Topic B: Managing a WebSphere Portal cluster ...... 447 Starting and stopping the node agent ...... distribution ...... 447

Lab 19: Federating and clustering the primary node ...... 451 Objectives...... for ...... 451 Task 1: Creating the WebSphere Portal profile template ...... 453 Task 2: Preparing the deployment manager ...... 454 Task 3: Federating and clustering the primary nodenot ...... 455 Federating the node...... 455 Creating a static cluster ...... 456 Creating the cluster definition and adding WebSphere_Portal to the cluster 457 Verifying that the cluster was createdSPVC; ...... 463 Lesson 20. Troubleshooting ...... 467 Objectives...... for...... 467 Topic A: Overview of troubleshooting...... 468 Logs ...... 468 Logging and tracking ...... 468 IBM Support Assistant-lite ...... 469 Topic B: Tools forguide troubleshoot ing ...... 472 Tracing ...... 472

Lab 20: Troubleshooting a portal ...... 477 Objectives...... 477 Task 1: Restarting all servers and checking runtime log files...... 478 Stopping the portal, node agent, and deployment manager on all nodes . . 478 Deleting the log files for the servers...... 479 Starting the deployment manager and node agent and examining the log files ...... 479 Starting the portal nodes ...... 479 Starting the portal server from the administrative console ...... 480 AccompanyingUsing the administrative console to examine the SystemOut and SystemErr logs for each server ...... 480

© Copyright IBM Corp. 2011. All rights reserved. xi Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 2: Enabling tracing for portal components ...... 481 Changing the detail level for tracing on the first cluster member ...... 481 Restarting WebSphere Portal ...... 483 Examining the startup trace information in the trace.log file ...... 483 Logging in to the portal and examining the trace log ...... 483 Task 3: Working with the IBM Support Assistant ...... 484 Task 4: Using the Tivoli Performance Viewer...... 485 Starting the performance viewer ...... 485 Monitoring the portal servlet...... 486 Examining the Tivoli Performance Viewer performance advisor ...... 488 Exiting the Tivoli Performance Viewer and disabling monitoringdistribution on the servers...... 491 Cleaning up your desktop ...... 492 for Lesson 21. XML Access...... 493 Objectives...... 493 Topic A: The XML configuration interface for WebSpherenot Portal...... 494 Overview of the XML configuration interface ...... 494 Working with the XML configuration interface tool ...... 495 Topic B: Examples of when to use XML Access ...... 497 Exporting configurations...... 497 Lab 21: Using XML Access . . . SPVC;...... 501 Objectives...... 501 Task 1: Generating a full export of the WebSphere Portal 7.0 configuration . . 502 for Task 2: Verifying that the export process ran successfully...... 504

Lesson 22. Production topologies ...... 505 Objectives...... 505 Topic A: Productionguide topologies...... 506 Distributed or stand-alone ...... 506 Vertical cluster ...... 507 Horizontal cluster ...... 507 Portal farms, cloud computing, and network deployment infrastructures507 Topic B: Building a development- and a production-ready deployment . . . 514 Planning ...... 514 Considerations ...... 515 Topic C: Reducing single points of failure ...... 517 Portal infrastructure ...... 517 Approaches for reducing single points of failure ...... 518 Topic D: Enabling redundancy for configuration data ...... 519 AccompanyingDefining configuration data ...... 519 Topic E: Evaluating data requirements ...... 520 Evaluating data requirements ...... 520 xii © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Contents

Topic F: Database split options ...... 521 Defining database split options ...... 521 Topic G: Configuring databases for failover ...... 522 Database failover support options ...... 522 Defining scalability ...... 524 Topic H: Capacity planning considerations ...... 524 Topic I: Web Services for Remote Portlets...... 526 Defining WSRP ...... 526 Benefits of WSRP ...... 526 Limitations of WSRP ...... 527

Lesson 23. Managing portlets in WebSphere Portal clustersdistribution ...... 531 Objectives...... 531 Topic A: Deploying portlets in a cluster ...... 532 Clustered portlet deployment task ...... for ...... 532 Clustered portlet deployment process ...... 533 Topic B: Installing or updating a portlet in a cluster ...... 535 Topic C: Synchronizing nodes ...... not...... 535 Topic D: Using XML Access in a cluster...... 536

Lesson 24. Staging to production...... 537 Objectives...... 537 Topic A: Moving from a staging to a production environment ...... 538 Staging versus production . . . SPVC;...... 538 Determining what is moved into production ...... 538 Topic B: Reviewing the releasefor life cycle ...... 539 Overview of the release life cycle...... 539 Topic C: Staging system and production system ...... 540 Defining the staging environment...... 541 Defining the production environment ...... 542 Topic D: Implementingguide releases...... 542 Defining releases ...... 542 Managing releases...... 543 Topic E: Using Release Builder ...... 547 Defining Release Builder ...... 547 Executing Release Builder ...... 547 Exploring release scenarios ...... 548 Topic F: Moving artifacts manually...... 550 Identifying artifacts not supported by Release Builder ...... 550 Moving artifacts manually from staging to production ...... 551

Lab 24: Deploying resources from staging to production ...... 553 Objectives...... 553 AccompanyingTask 1: Exporting the release from production...... 555 Exporting the current configuration using XML Access ...... 555 Verifying that the export process ran successfully ...... 556

© Copyright IBM Corp. 2011. All rights reserved. xiii Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 2: Moving staging resources to production ...... 556 Task 3: Running Release Builder to create a differential release...... 556 Task 4: Importing a differential release (production server) ...... 557 Importing the differential release ...... 557 Verifying that the XML Access command ran successfully ...... 558 Activating the portlet...... 558

Lesson 25. Production procedures ...... 559 Objectives...... 559 Topic A: Backup procedures for the production environment...... 560 Backup procedures ...... 560 Topic B: Applying updates in the production environment . . .distribution ...... 562 Applying WebSphere Application Server updates ...... 563 Applying WebSphere Portal updates ...... for ...... 563 Appendix A. Certification and exam competencies...... 565 IBM Software Service for Lotus training and certification...... 566 Lotus Professional Certification ...... not...... 566 Place in certification ...... 566 Preparing for a Lotus certification exam...... 567 Preparing for the IBM WebSphere Portal 7.0 System Administration exams 569 IBM WebSphere Portal 7.0 SystemSPVC; Administration Exam Competencies . . 570 IBM Lotus Certification Train and Certify promotion...... 577 for Appendix B. IBM WebSphere Portal 7.0 training paths ...... 579 System administrators new to IBM WebSphere Portal 7.0...... 580 System administrators with IBM WebSphere Portal experience ...... 581 Developers who are new to IBM WebSphere Portal 7.0 ...... 582 Developers withguide IBM WebSphere Portal experience ...... 583 Acknowledgements ...... 585

Accompanying

Course description

This comprehensive course combines informative lectures and discussions with relevant activities and labs so that you can administer IBM WebSphere Portal 7.0. In the first half of the course, you practice common day-to-day administration tasks on IBM WebSphere Portal Server 7.0, including portlet installation, security configuration, and WebSphere Portal site management. In the second half of the course, the focus shifts to installation and configuration of WebSphere Portal V7.0. Configurationdistribution includes the database used by WebSphere Portal, federated user registries, and clustering for scalability andfor fault tolerance. Skills taught After completing this course, you shouldnot be able to use the features, functions, and procedures of IBM WebSphere Portal 7.0: Add portlets to pages using the new drag and drop of the page builder Deploy a new portlet Manage access SPVC; Set up a blog and a wiki Set up taggingfor and rating Create and apply visibility rules Work with syndication feeds Integrate mashups Configureguide search Customize or brand the portal Deploy a custom theme Transfer the ready-to-use data from the Derby database to DB2 Universal Database Configure WebSphere Portal to use an IBM Tivoli Directory Server LDAP server Create a Network Deployment cell containing a single node cluster Select the best topology for your organization’s needs Accompanying Turn on logging and tracing

© Copyright IBM Corp. 2011. All rights reserved. xv Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Use XML Access to streamline management activities Back up and restore data Implement release management practices

distribution for not

SPVC; for

guide

Accompanying

Course agenda

Day 1 Lesson 1 Introduction Lesson 2 Page management Lab 2 Exploring portal page hierarchy and portal commands Lesson 3 Deploying portlets Lab 3 Deploying a portlet Lesson 4 WebSphere Portal security managementdistribution Lab 4 Implementing security and creating a Developer Administrationfor page Lesson 5 Wikis and blogs Lab 5 Setting up a blog and a wiki not Day 2 Lesson 6 Tagging and rating Lab 6 Enabling and configuring tagging and rating Lesson 7 Attribute-based administration Lab 7 Creating rules Lesson 8 Virtual portlets and realms Lab 8 ConfiguringSPVC; realms and virtual portals Lesson 9 IBM Syndicated Feed Portlet Lab 9for Working with the IBM Syndicated Feed Portlet Lesson 10 Mashup integration Lab 10 Installing and configuring an iWidget

Day 3 Lessonguide 11 WebSphere Portal search Lab 11 Using external search engines Lesson 12 Other administrative portlets Lab 12 Performing miscellaneous administration tasks Lesson 13 WebSphere Portal usage analysis Lab 13 Enabling and reading the logs Lesson 14 Theme architecture Lesson 15 Installing WebSphere Portal Lab 15 Installing WebSphere Portal Server 7.0

Day 4 Lesson 16 Configuring WebSphere Portal Lab 16 Configuring the portal database AccompanyingLesson 17 Security for WebSphere Portal

© Copyright IBM Corp. 2011. All rights reserved. xvii Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Lab 17 Enabling portal security using an LDAP repository Lesson 18 Creating a cell Lab 18 Creating a portal cell Lesson 19 Federating a portal node into a cell Lab 19 Federating and clustering the primary node Lesson 20 Troubleshooting Lab 20 Troubleshooting a portal

Day 5 Lesson 21 XML Access Lab 21 Using XML Access distribution Lesson 22 Production topologies Lesson 23 Managing portlets in WebSphere Portal clusters for Lesson 24 Staging to production Lab 24 Deploying resources from staging to productions not Lesson 25 Production procedures

SPVC; for

guide

Accompanying

Lesson 1

distribution Lesson 1.Introduction for Welcome to IBM® WebSphere® Portal 7.0. This lesson covers WebSphere Portal architecture and notconfiguration. This lesson includes the following topics: WebSphere Portal software stack and architecture WebSphere Portal and the WebSphere Application Server SPVC; Objectives for This lesson has the following objectives: Explore the WebSphere Portal architecture. Administer WebSphere Portal by using the attribute-based technique.guide Explore default port assignments.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 1 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: WebSphere Portal software stack and architecture

This topic discusses the relationship between the two separate application server instances.

View of the stack

In this section, you examine the difference betweendistribution the two application server instances.

Examining the application server instancesfor WebSphere Portal installation creates two application server instances: not server1 runs the Integrated Solutions Console (ISC). WebSphere_Portal runs the WebSphere Portal-related applications: – WebSphere Portal – WebSphere Content Manager – Virtual Member SPVC;Management

Integrated Solutions Console: WebSphere_Portal also runs the Integrated forSolutions Console. The ConfigEngine and the ConfigWizard each use server1 as a management interface, but you can use the Integrated Solutions Console on WebSphere_Portal when convenient. guide The second server instance in Figure 1-1 on page 3, server1, runs the IBM Integrated Solutions Console and is the target of numerous ConfigEngine tasks. The ConfigEngine tasks are used to execute installation and post-installation configurations.

Accompanying

Figure 1-1 Application server instances in WebSpheredistribution Portal The management of the application server can be achieved through the browser-based ISC interface orfor though a scripting interface. In either case, the underlying Java™ Management Extensions (JMX) implementation handles requests to modify settings and state of the applicationnot server and applications that are deployed to the server. Scripts, such as the ConfigEngine scripts, typically start server1 as required and run the scripts against this server instance. WebSphere administrators can also compose scripts to manage server resources such as a database.

Although most of the scripts run equally well against either server, server1 is a much lighterSPVC; weight server in terms of its overall application load. It typically starts and stops much more quickly than the WebSphere_Pfor ortal instance. Attention: Do not delete the server1 instance. Deleting this instance can result in the failure of certain scripts.

Examiningguide the server1 instance The most significant difference between the server1 instance and the WebSphere_Portal instance is the lack of the portal application, the wps.ear file, on this instance. You can use the following WebSphere Application Server administration tools on this instance: The Integrated Solutions Console (GUI) The WebSphere wsadmin scripting tool Custom Java programs

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 3 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Figure 1-2 illustrates the server1 instance.

distribution for not

SPVC; for

Figure 1-2 The server1 instance

Examining the WebSphere_Portal instance Youguide have the following WebSphere Portal administration tools in addition to the WebSphere Application Server tools: The administration portlets of WebSphere Portal XML Access, which is an XML-based scripting tool wpscript, which is a language that augments the WebSphere wsadmin tool

Accompanying

Figure 1-3 illustrates the WebSphere_Portal instance.

distribution for not

SPVC;

Figure 1-3 Thefor WebSphere_Portal instance

Defining port assignments Two methods are possible to determine port assignments for each of the server instances. The first method is to start one of the serverguide instances and navigate to the Ports page by using the WebSphere Integrated Solutions Console. This method requires that you know the port number on which the application listens. The second method is to determine the port assignments for the server instances by examining the serverindex.xml file.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 5 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

In the following steps, we explain how to navigate to the Ports page for the first method. These steps apply to either the server1 or the WebSphere_Portal instance. 1. Click Servers → Application servers → (server instance) → Ports. 2. Connect to the Integrated Solutions Console by using either of the inbound admin ports (Figure 1-4).

distribution for Figure 1-4 The inbound admin ports noton server1

Accessing the ISC on the WebSphere_Portal instance: Use the default HTTP port 10042 or default HTTPS port 10032 to access the Integrated Solutions Console on the WebSphere_Portal instance.SPVC; The enterprise applications that are shown as started depend on which administeringfor console, server1 or WebSphere_Portal, you go to. The console shows only those applications that are running in its Java virtual machine (JVM) as running, which is shown in Figure 1-5 on page 7. guide

Accompanying

distribution for not

Figure 1-5 EnterpriseSPVC; applications based on the instance

If the first method is not practical, you can employ the second to determine the portfor assignments for the server instances by examining the serverindex.xml document. You can find this document in the notes configuration subdirectory of the profile installation directory.

Theguide serverindex.xml file in this course is in either of the following Microsoft® Windows® directories: c:\IBM\WebSphere\wp_profile\config\cells\portal99\nodes\ portal99 c:\IBM\WebSphere\wp_profile\config\cells\portal00\nodes\ portal00

The Linux® directory for the serverindex.xml file in this course is either of the following directories: opt/IBM/WebSphere/wp_profile/config/cells/portal99/nodes/ portal99 Accompanying opt/IBM/WebSphere/wp_profile/config/cells/portal00/nodes/ portal00

© Copyright IBM Corp. 2011. All rights reserved. 7 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Remember that the root of this directory is normally represented by a variable, such as d, and is written, for Windows, with the following syntax:

\config\cells\portal99\nodes\portal99

You learn about a similar variable later in this course.

Administrators might find it convenient and therefore desirable to define a server identity by using the ICS. Defining a server identity this way brands the browser title bar of the ICS web interface and the banner of the ICS. distribution

Topic B: WebSphere Portalfor and the WebSphere Applicationnot Server The WebSphere Portal installation process creates two separate application server instances, server1 and WebSphere_Portal, which we explain in Topic A: “WebSphere Portal software stack and architecture” on page 2. These instances are more generally known as Java virtual machines. The JVM instance named WebSphere_Portal hostsSPVC; the portal that responds to requests from user devices, such as browsers, as is shown in Figure 1-6. for

guide

Figure 1-6 Application server instances

The WebSphere Application Server incorporates an internal HTTP service. This service is not normally accessed directly by users’ browsers. You might recall the discussion of ports used for WebSphere Portal and the Integrated Solutions Console in AccompanyingTopic A: “WebSphere Portal software stack and architecture” on

page 2. These ports are among those to which the embedded HTTP service listens for requests.

In a conventional deployment, an HTTP server, such as the IBM HTTP Server, is installed. The IBM HTTP Server is included as part of the WebSphere Portal installation package.

One component that you install as part of the HTTP server is the WebSphere Plugin. The primary role for the plug-in is to route requests that arrive that have the context root of WebSphere Portal to an appropriate portal instance that can respond the request. The default is /wps/portal. distribution WebSphere Portal derives its configuration from two different sources. The XML files of the applications forserver’s configuration define the application server’s relationship to the portal. The principle application of which portal consists is the wps.ear application file, which is shown in Figurenot 1-7.

SPVC; for

guide

Figure 1-7 The wps preference Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 9 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

In addition, portlets that server business needs and administrative purposes are deployed as enterprise archive (EAR) files. These EAR files collectively represent the programs of which WebSphere Portal consists. WebSphere Portal also has its own configuration databases that store page definitions, page layouts, and many other features of the portal environment.

distribution for not

SPVC; for

guide

Accompanying

Lesson 2

distribution Lesson 2.Page management for This lesson covers common page and portlet management techniques. not This lesson includes the following topics: Navigating and managing WebSphere Portal 7.0 Creating pages and page management SPVC; Objectives for This lesson has the following objectives: Design an effective page hierarchy. Create a WebSphere Portal page hierarchy. Manage page properties and layouts. Exportguide and import page hierarchies.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 11 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Navigating and managing WebSphere Portal 7.0

This topic explains how to navigate the administrative interface and the page hierarchy.

Administrative interface

The administration of WebSphere Portal can be donedistribution graphically and through scripting. The graphic interface is delivered through portlets. These portlets are centrally located on the administration pages of the portal. Additionally, portlets arefor available for ad hoc tasks, such as page customization in the context of when a user is facing page hierarchy. not Management of portal resources, such as pages and portlets, can also be done through scripting. Scripting is exposed through two interfaces, the Portal Scripting Interface and the XML Access configuration interface. The portal Release Builder provides an administrative tool for moving configurations from one environment, such as staging, to another environment, such as production. SPVC; The portal administrationfor pages can be accessed, in a default deployment, by using the following URL: http://:10039/wps/myportal/Administration

In this address, replace with the IP address or host nameguide of your portal.

Pages and page hierarchy

The following administrative tasks pertain to portal: Installing portlets Managing portal security Creating and managing pages

A portal page is the means to organize and define what information to display. As an organization element, a page can be the parent, sibling, or child of other organizational elements, Accompanyingincluding other pages and labels.

Page creation is an administrative task that, at a high level, focuses on the hierarchical arrangement of portal nodes, including portal pages. At a more granular level, page creation consists of the following tasks: Defining a page layout Setting the page properties Placing portlets on a page Setting page security

Page hierarchy is the arrangement of portal pages, labels, and URLs. Pages and labels are referred to as container nodes. Each can serve as a container for other portal nodes. However,distribution only a page can serve as a content container. Typically a label contains page nodes among its child nodes. When a user selects a label, the content of the first child page node is dispforlayed. If a label does not contain any child page nodes, then the “No content is available” message is displayed. not Pages are container nodes and content nodes. As a container node, pages can include, as child nodes, other pages, labels, and URLs. Labels are also container nodes, but they are not content nodes. That is, they cannot show portal content. As container nodes, they can contain other labels, pages and URLs. SPVC; URLs are not container nodes. They are displayed to the user in the page hierarchy with the same presentation as pages and labels. That is, iffor the theme uses a tab menu for example, they provide a similar navigational experience. A URL node either consists of a reference to another WebSphere Portal node, such as a page or label, or the URL refers to an external web URL.

Tableguide 2-1 compares the node types. Table 2-1 Comparison of node types Node type Contains Page Pages, Labels, URLs, portal content Label Pages, Labels, URLs URL Not a container

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 13 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic B: Creating pages and page management

This topic explains how to set up and design a page hierarchy.

Designing the page hierarchy

Designing an effective page hierarchy impacts your ability to manage your portal as it progresses. In general terms, from a user’s perspective, the hierarchy must be both logicaldistribution and predictable. From a maintainability perspective, the two most significant factors of an effective page hierarchyfor design are securability and reusability. An effective page hierarchy has the notfollowing characteristics: Securability The arrangement of pages must take advantage of role inheritance and propagation. Reusability Pages with similarSPVC; layouts use common page templates. Page templates define the initial layout of a new page. The inheritance offor design is a one-time event. Organization Users can navigate the page easily and do not lose a sense of context as it relates to other pages in the hierarchy. Flexibilityguide Pages can be moved with the hierarchy without impacting naming schemes.

Design considerations As you design your hierarchy, consider the information in the following sections.

Portal features The normal process for creating pages is to locate them within the navigable page hierarchy.

The placement of new page content nodes is dependent on the AccompanyingTheme. If you are using the Page Builder theme, you can place

child nodes at the content root. If you are using an existing theme, such as the WebSphere Portal theme, the child nodes of the content root are not visible. This means, in the latter case, that new pages are created as children of the “Home” label or its equivalent. When defining pages to be used as templates, define them as children of Content Root → Administration → WebSphere Portal → Portal User Interface → Page Templates.

Performance Design your pages and hierarchy with refreshes in mind. Limit the number of portlets per page, and design the portlets to use in-place refresh techniques, such as Ajax. distribution Usability Employ the ability of WebSphere Portal to fixfor column width, which makes it easier to limit the number of columns. Base content on work relevance. not An effective design likely requires the services of an experienced interface designer. Although developers understand the mechanics of creating a hierarchy and pages, they tend to overlook the features that make a hierarchy easy to navigate and a page easy to navigateSPVC; and read. WebSpherefor Portal nodes As mentioned earlier, WebSphere Portal has two primary node types: Label nodes are considered an organizing node, because they doguide not contain WebSphere Portal content. They are used to organize the child pages, labels, and URLs beneath them. They always show the content from the first child page node. Page nodes contain content in the form of portlets. These types of nodes, which are children to the label node, can also have their own children pages and labels.

Label with no page or URL: If a label does not contain a page or URL as a child, the message This page does not support content is displayed in the browser.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 15 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

You begin creating your hierarchy with the Manage Pages window (Figure 2-1).

distribution for not Figure 2-1 Manage Pages window

Creating a new label node A label node is used for organizing children page nodes and does not contain any content.SPVC; A label can contain label nodes as its children. However, if the child label is not parent to a page, the error message This page does not support content is displayed. To function correctly,for all labels must have, at some level, a page (or content node) among its children.

Clicking the New Label button on the Manage Pages window takes you to the Page Properties page (Figure 2-2 on page 17). At a minimum,guide creating a label requires a title, as noted by the Title field in the Page Properties window.

Accompanying

distribution for not

SPVC; for

guide

Figure 2-2 Page Properties window: Creating a new label node

the Friendly URL name field, you can create friendly URLs when you create a page. The following example shows a friendly URL name: http:///wps/myportal/Home/HR

Pages and labels: Pages and labels do not require friendly URL names. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 17 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

When sharing a friendly URL name, remember that the reference must include the node hierarchy at every level down to the page or label that you want to access. When users access the node, regardless of whether they enter the friendly URL in their browser, the full node hierarchy is displayed in the browser, such as in the example in Figure 2-3. This human readable URL is appended by the WebSphere Portal navigation state information. This means that a user can bookmark the page with a reasonable expectation that the bookmark will remain valid. For persistent bookmarks that will not be affected by changes in the WebSphere Portal node hierarchy, consider using URL Mappings discussed in Lesson 12, “Other administrative portlets” on page 253. distribution for not

SPVC; Figure 2-3 The friendly URL, humanresources, for the HR page

The new label canfor inherit the render mode of the parent or one of two specific modes: client-side aggregation or server-side aggregation. In general, these properties refer to where the effort of rendering the content of the page will occur.

Youguide can select the I want to make this page my private page check box to restrict the page or label your use only. The assumption is that you must at least be an editor.

Important: When you select the I want to make this page my private page check box, the result is a private page when a privileged user creates a page. When an administrative user wants to create a private page, this user must explicitly select this option. A privileged user is a role type that allows users to customize their portal interface. This and other role types are discussed later. Accompanying

Creating a new page node A page node contains content in the form of portlets and can have its own children page nodes. Creating a new page node is similar to creating a label node. You click the New Page button in the Manage Pages window to access the Page Properties window for the page node.

Creating a page node requires a title, as noted by the Title field in the Page Properties window. Another feature introduced in Version 6.1 is the unique name. The Unique Name field is available at page creation. With a custom unique name, you can assign a more user-friendly internal name to the distributionpage than WebSphere Portal generates for its own use. The custom unique name is exposed in utilities such as XML Access on the export page configurations. Figure 2-4 on page 19for shows an example of creating the page node in the Page Properties window. not

SPVC; for

guide

Accompanying Figure 2-4 Page Properties window: Page node (part 1 of 2)

© Copyright IBM Corp. 2011. All rights reserved. 19 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Figure 2-5 shows the rest of the fields and options in the Page Properties window. The new page can inherit the render mode of the parent or one of two specific modes: client-side aggregation or server-side aggregation. These modes refer to where the effort of rendering the content of the page will occur.

You need to define the type of page that you are creating. The Type of Page list has the following values: Standard Portal Layout – Portlets supply content Static Content distribution – Specify HTML files – Supports globalization for not

SPVC; for

guide

AccompanyingFigure 2-5 Page Properties window: Page node (part 2 of 2)

Also specify your Page Cache Options, when possible, to enhance performance.

Creating a page from a page template Clicking the Create Page From button on the Manage Pages window takes you to the Page Properties page (Figure 2-6). At a minimum, creating a page from a template requires a title, as noted by the Title field in the Page Properties window. A template should be selected, but if one is not selected, the page that is created is the WebSphere Portal default page. distribution for not

SPVC; for

guide

Figure 2-6 Selecting a template to define a new page

Shared pages Users can share the private pages that they created or customized with individual users and groups of users in the organization. They share these pages by using the Share Page link.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 21 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Changing properties after page creation You can change the page properties by clicking the Properties icon or navigating to the page and clicking Edit Page Properties from the Page menu.

You can complete the following tasks with the Advanced options window (Figure 2-7): Create a list of allowed portlets for this page. Set international titles and descriptions. Set page parameters. Create and map visibility rules. distribution for not Figure 2-7 Advanced options window

Page layout

Page layout can be asSPVC; simple or complex as you choose. In most cases, the best layout is the simplest one. In addition to the provided page layouts,for you can customize the layout to add rows and columns. You can limit the column width based on pixels or percentage. Remember that you cannot limit vertical display length of a portlet or page.

On the Change Layout tab (Figure 2-8 on page 23), you can performguide the following actions: Customize the column layout by using the Show layout tools. Change the column layout by using the Column icons. Add portlets by clicking the Add portlets button.

Accompanying

distribution for not

SPVC; Figure 2-8 Page Customizer - Change Layoutfor tab When you select a page layout option from Edit Layout, the Layout tools window (Figure 2-9). If Standard Portal Layout was selected for the Type of Page property, the administrator of the pageguide can change its layout.

Figure 2-9 Layout tools window Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 23 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Each page on the Manage Pages portlet has a toolbar of icons to edit a page layout (Figure 2-10).

Figure 2-10 Toolbar options for editing a page layout

Looking at Figure 2-10, from left to right, the first two icons manage the placement of the node in its relationship to other sibling nodes. The third icon, the Document icon, enables you to edit the node properties. You might see a fourth icon, a “looped arrow” icon. This icon, if shown, indicates that thedistribution page is based on a page template.

The remaining icons are Edit Layout, Markfor (meaning prepare to move the page elsewhere in the portal node hierarchy), Set Page Permissions, and Delete icons. not After you select an option to edit the page layout, you can click Show Layout Tools to view the layout tools.

Portlets and pages SPVC; Portlets are applications that adhere to a specification so that they operate within the portal container. An example of the specifications supportedfor by WebSphere Portal are JSR 186 and the newer standard, JSR 286. These small applications are deployed and managed by administrators. After the portlets are available to the portal, a portlet’s content can be rendered when the guideportlet is placed on a page. After a page is placed into Edit Layout mode, you can click the Add portlets button. Then the Edit Layout window (Figure 2-11 on page 25).

You select how you want to search for the portlets by using the Search by field. Note that the portlets are not shown in any particular order when using this option.

Select the portlet or portlets that you want to display on a page and click the OK button. Accompanying

distribution for not Figure 2-11 Edit Layout window

Locking containers and content The plan to provide users with customizable pages can lead to, in some cases, a need for designers and administrators to protect page elements from beingSPVC; modified or deleted. Portal provides such a mechanism. Containers and their content can be protected by using the Locks tab in the Page Customizer window (Figure 2-12 onfor page 26).

Locking a container and locking container contents have the following distinction: Lockingguide the container prevents modifications to the container. Locking the container content prevents portlets from being added, moved, or removed from the container.

Allowing some users the ability to customize pages provides them with a sense of “ownership” in the portal. You can lock containers and the container content of key areas to retain necessary control.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 25 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

Figure 2-12 Page CustomizerSPVC; - Locks tab Important remindersfor about working with portlets Remember the following points about portlets: Placing a portlet on a page creates a unique portlet instance. – Customize each portlet instance uniquely. –guide Deletion of a portlet instance causes irrecoverable loss of customizations. Lock container content to prevent users from adding portlets to pages. Locking container content might cause performance issues on pages. Restrict portlets that can be placed on a given page.

Accompanying

Page Builder

Page Builder was introduced in WebSphere Portal 6.1.5 and has become the default theme for WebSphere Portal 7.0. With this feature, administrators and users have a means to rapidly deliver content to target audiences. You can create a page by using mouse clicks. The interface for accessing the Page Builder features, in the default layout, is in the Actions menu of the portal banner.

From the Actions menu, you can choose such actions as New Page, which creates a sibling of the current pagedistribution or label. After the new page is added, you can customize it by using the available actions. for Adding feeds, wikis, and blogs is simple. The process for these tasks is discussed later. not Pages that are created using the Page Builder interface can be customized to employ alternative layouts, styles and content. Such pages include wikis, blogs, and mashup pages that contain widgets. SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 27 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

28 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 2: Exploring portal page hierarchy and portal commands

Lab

Lab 2: Exploring portaldistribution page hierarchy and portalfor commands not

This lab helps you explore some of the IBM WebSphere Portal V7.0 features. The tasks include logging in to the portal as an administrator and signing on to the portal as a new user. The goal of this lab is for you to browse the site structure of the portal, focusing first on the AdministraSPVC;tion area. You also create a new page and place a portlet on the new page. for This lab includes the following tasks: Starting and stopping WebSphere Portal Signing up as a new user to the portal Exploring the portal Administration area as an administrator Creatingguide a new portal page and placing a portal on it Backing up the WebSphere Portal configuration

Objectives

This lab has the following objectives: Start and stop the portal. Log in to the portal. Create a new user ID through the sign-up process. Explore the structure of the portal Administration area. Accompanying Create a new page on the portal and place a portlet on it.

© Copyright IBM Corp. 2011. All rights reserved. 29 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 1: Starting and stopping WebSphere Portal

Substitution values: Use the following substitution values when you encounter them in the lab instructions:

Windows: is C:\IBM\WebSphere\PortalServer is C:\IBM\WebSphere\AppServer is C:\IBM\WebSphere\wp_profiledistribution Linux: for is /opt/IBM/WebSphere/PortalServer is /opt/IBM/WebSphere/AppServer is /opt/IBM/WebSphere/wp_profilenot In this task, you review the steps that required to stop and start WebSphere Portal. WebSphere Portal was automatically started during the installation process. However, at times you, as the portal administrator, will have to periodically stop and start the server. SPVC; You must work with the WebSphere Portal Application Server to stop and start WebSpherefor Portal.

Checking the server status of WebSphere Portal and WebSphere Portal Applicationguide Server

To check the status of the servers, complete these steps: 1. Open a command prompt and check the \bin directory. 2. Type the following command: Windows: serverStatus -all Linux: Accompanying ./serverStatus.sh -all

30 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 2: Exploring portal page hierarchy and portal commands

3. If prompted, enter the user name wpsadmin and the password wpsadmin. The WebSphere Application Server instance is server1. The WebSphere Portal Application Server instance is WebSphere_Portal. Both server1 and WebSphere_Portal should be stopped at this time, as shown in the Command Prompt window in Figure 2-13 on page 31.

distribution for

Figure 2-13 Command Prompt not

4. In the directory, type the following command: Windows: startServer WebSphere_PortalSPVC; Linux: ./startServer.shfor WebSphere_Portal The server has started when the Server Websphere_Portal open for e-business message is displayed (Figure 2-14). guide

Figure 2-14 Command prompt window

Tip: If security has been enabled, you are prompted for a user ID and password when attempting to stop a server. Starting a Accompanyingserver does not require a user ID and password.

© Copyright IBM Corp. 2011. All rights reserved. 31 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 2: Signing up as a new user to the portal

In this task, you sign up a user to the portal. A user must sign up to receive a user ID, which is required to log in to the portal. Configuring the theme might or might not provide this ability.

Currently, only one user ID exists on the portal, wpsadmin. To create a non-administrator ID, complete these steps: 1. Open a browser window, and in the Address field,distribution enter the following address: http://portal99:10039/wps/portal for Add URL as a trusted site: You must add http://portal99:10039/wps/portal as a trusted site. not 2. On the Welcome page, click the Sign Up link in the page header. 3. In the Profile Management window, enter the following information: a. In the User ID field,SPVC; enter testuser . b. In the Password field, enter testuser. c. In the First Name field, enter Joe. d. In the Lastfor Name field, enter Smith. e. In the Preferred language field, select your language. f. Click OK. All the required fields are marked with an asterisk in the windowguide shown in Figure 2-15 on page 33.

Accompanying

32 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 2: Exploring portal page hierarchy and portal commands

distribution for not

Figure 2-15 Profile ManagementSPVC; page 4. Click Log infor from the confirmation page (Figure 2-16).

guide

Figure 2-16 User creation confirmation page

5. Log in to the portal using the newly created user ID (testuser) and password (testuser). 6. Observe the appearance and functionality of the Home area. Notice that no link to Administration is displayed in the portal. The link is not there because the testuser ID does not have Accompanying administrator rights. 7. Click Log out on the toolbar in the page header.

© Copyright IBM Corp. 2011. All rights reserved. 33 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 3: Exploring the portal Administration area as an administrator

To log in as an administrator and explore the Administration area of WebSphere Portal V7.0, complete these steps: 1. Log in to the portal with a user ID and password of wpsadmin. 2. Click the Administration link. distribution Figure 2-17 shows a general site structure for WebSphere Portal V7.0 that you will use in future labs. for not

SPVC; for

guide

Figure 2-17 WebSphere Portal page

The Administration area of the default portal provides the tools that you need on a regular basis to administer the portal.

Accompanying

34 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 2: Exploring portal page hierarchy and portal commands

Task 4: Creating a new portal page and placing a portal on it

In this task, you explore the portal Home area by using the new testuser ID. To create a new portal page within the Home area Welcome page and place an existing portlet on the page, complete these steps: 1. Log out of the portal and log in using testuser for the user ID and password. The testuser ID does not have administrator authority.distribution Therefore, no Administration link should be at the top of the page. Testuser has a status of Privileged User on the Home page. A privileged user can view portal forconten t, customize pages and portlets, and create new, private pages. 2. Click Actions → New Child Page from the header (Figure 2-18). not

SPVC; for

guide

Figure 2-18 Actions menu

3. In the Create Page window (Figure 2-19), complete the following actions: a. In the Page name field, enter My Page. b. In the Friendly URL Name field, leave My-Page. c. Click the Create Page button.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 35 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution Figure 2-19 Create Page window

The new page is displayed on the headerfor as the My Page tab. 4. Click Actions → Edit Page from the menu bar to edit your new page. not

SPVC; Figure 2-20 My Page tab for 5. Click the Customize button. This will allow you to change the page layout, add portlets, and add content to the page in the next step. guide

Accompanying

36 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 2: Exploring portal page hierarchy and portal commands

6. In the Add Content portlet that is displayed (Figure 2-21), click All in the Browse Content section. In this window, you can add a portlet to a new page.

distribution for not Figure 2-21 Add Content portlet

a. In the Search field, enter Reminder and click the Search icon (magnifying glass button). b. Click the plus sign (+) next to the Reminder portlet (Figure 2-22). SPVC; c. Click Savefor to save your reminder. d. Click Done to stop personalizing the portlet.

guide

Figure 2-22 Reminder portlet Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 37 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The resulting page (Figure 2-23) confirms that the Reminder portlet was successfully added to the new page.

distribution for not

Figure 2-23 Reminder portlet added to the new page

7. Click Save & Exit SPVC;to save the new page. 8. Verify that the My Page tab is displayed next to the Features tab. for

guide

Figure 2-24 My Page tab

Customizing the Reminder portlet

To customize the Reminder portlet, complete these steps: 1. Navigate to My Page in your portal. The Reminder portlet is already displayed on the page. Accompanying

38 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 2: Exploring portal page hierarchy and portal commands

2. On the Reminder portlet title bar, click the arrow to display the Reminder list and select Personalize (Figure 2-25).

distribution

Figure 2-25 Personalize option for

3. Click Add. 4. In the Reminder dialog box (Figurenot 2-26), in the Enter your reminder text field, enter a reminder (if text is not already entered).

SPVC; for

guide

Figure 2-26 Reminder dialog box Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 39 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

5. Click OK to reload My Page. The new reminder is now displayed in the portlet (Figure 2-27) and click Done.

Figure 2-27 Reminder shown in the portlet

6. Add additional portlets to your page. You can also click Actions → Edit Page → Customize → Changedistribution Layout to change the page layout. Another method to move portlets around the page is to drag and drop them.for 7. Click Log out after you are done.

Stopping the WebSphere_Portalnot instance

To stop the WebSphere_Portal instance, complete these steps: 1. Open a commandSPVC; prompt. 2. Change directories to \bin. 3. Enter the followingfor command: Windows: stopServer WebSphere_Portal Linux: ./stopServer.shguide WebSphere_Portal 4. Enter wpsadmin as the user name and password if prompted.

The server has stopped when you see the Stop completed message.

Accompanying

40 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 2: Exploring portal page hierarchy and portal commands

Task 5: Backing up the WebSphere Portal configuration

In this task, you back up the portal’s WebSphere configuration, including the XML configuration documents and Java artifacts.

To back up the WebSphere Portal configuration, complete these steps: 1. Open a command prompt. 2. Change directories to \bin. distribution 3. Enter the following command: Windows: for backupConfig Linux: not ./backupConfig.sh 4. Enter wpsadmin as the user name and password if prompted.

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 41 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lesson 3

distribution Lesson 3.Deploying portlets for This lesson explains how to deploy portlets.

This lesson includes the following topics:not Portlet deployment Page hierarchy and portlets

Objectives SPVC;

This lesson hasfor the following objectives: Deploy portlet applications. Manage deployed portlets. guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 43 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Portlet deployment

Portlets are created by developers as web applications that are grouped together in a portlet application, where the deployment unit is a web archive (WAR). These applications are written to one of several portlet APIs. The preferred API is the standard portlet specification, JSR 286. Two older specifications are JSR 186 and the proprietary IBM portlet API. The developer provides the WAR file to the portal administrator for deployment. Other portlet sources include the IBM portal catalog and third-party vendors. distribution Regardless of the source of the portlet, you can deploy portlets in one of three ways. Two methods employ the XML scripting interface, XML Access, and the third methodfor employs a graphic interface, the Manage Web Modules portlet. One approach for employing the XMLnot Access interface can be related to a portlet’s dependency on other J2EE resources, such as Enterprise JavaBeans™ (EJB). This approach is usually described as predeployment. The WebSphere Application Server administrator installs an enterprise application (EAR) to the application server in a predeployment scenario. The portlet or portlets are subsequently registered with the portal by using XML Access. This can be describedSPVC; as ISC + XML Access approach. The former is required to properly configure the enterprise Java components. Thefor latter is required to register the module’s portlets with the WebSphere Portal Server.

Another approach is similar to the first approach, but it does not include the predeployment phase. In this scenario, a web applicationguide archive (WAR file) is deployed directly to the portal where it is registered and installed, by WebSphere Portal, as an EAR file. This can be referred to as the Manage Web Modules portlet only approach.

A third approach employs the XML scripting interface, XML Access. The scripting interface is an alternative frequently used in release management for updating a production environment such that changes introduced in a staging environment are deployed. Web modules, the web archive that contains portlets must be deployed to the target system prior to execution of the XML Access script. The scripting interface is discussed in Chapter 21, “XML Access” on page 493.

AccompanyingThe initial phase of the portlet deployment is the same whether the portal environment is clustered or stand-alone. The difference

is in the need to accommodate distribution of the portlet binaries across the members of the cluster before starting the portlet and making it available to the user community.

Stand-alone environment

A single portal instance registers portlets, pages, and other portal resources in a portal database, such as the release database, in a stand-alone environment. This process happens when a web module (WAR file) is uploaded to the portal. In addition, the web module is “wrapped” in an enterprise archive moduledistribution (EAR file) and deployed by the portal to the underlying application server. The portlet or portlets are started immediately in the case of a stand-alone environment. for

Clustered environmentnot

Any portal instance can be selected by the administrator in a clustered environment. This portal instance registers portlets, pages, and other portal resources in a portal database, such as the release database. The registration is known to all members because each memberSPVC; of the cluster shares this (and other) portal databases.

The source binariesfor are not installed directly into the member when the portal instance wraps the web module as an EAR file. These binaries are installed to the cluster as a group. This latter deployment task is managed by the deployment manager and the node agents. guide Portal farms: The purpose of this infrastructure is to provide load balancing and fault tolerance through cluster technology. Beginning with WebSphere Portal 7.0, a load balancing feature called portal farms is provided.

Terms, such as deployment manager, node agent, managed and un-managed nodes, federation, and cell, are defined in Lessons 18 and 19. A cell is a centrally managed collection of application servers. Federation is a term used to describe the incorporation of a node into a cell. The purpose of this infrastructure is to provide load balancing and fault tolerance through cluster technology. Beginning with WebSphere Portal Accompanyingversion 7.0 is a load-balancing feature called Portal Farms. This is discussed in Lesson 22.

© Copyright IBM Corp. 2011. All rights reserved. 45 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

A deployment manager is a WebSphere Application Server that is installed as part of a network deployment cell. A cell is a term that is used to name a number of nodes and application servers that are managed by a single deployment manager. Defining a deployment manager is the first step in creating a cluster.

WebSphere Portal is said to be federated when an instance of it (a node) is added to a cell. A new application server process is created and launched during federation. This process is referred to as a node agent. Node agents contain an application, the fileTransfer.ear file, that facilitates the synchronization of configuration files and binaries with the node on whichdistribution the agent is running. You can find more information about creating clusters and WebSphere Portal later in the course. for An administrator can deploy a WAR file by using an administrative portlet named Web Modules, whether in a clustered or stand-alone environment. A web module is wrappednot in an enterprise archive module (EAR file) and deployed by the portal when it is uploaded to the portal. The deployment, in the case of a cluster, is made to the cluster as a whole, through the deployment manager, and not to the individual constituent members. Synchronization with the deployment manager, in clustered environments, must happen when a web module (WAR file) is deployed. Only after synchronization is completeSPVC; can cluster members start the portlet. A portlet or portlets are installed and started immediately because no synchronizationfor is required with a stand-alone environment. Using the Web Modules portlet The graphical administrative interface for portlet deployment is the Web Modules portlet. On the left navigation bar, expand Portlet Managementguide → Web Modules, as shown in Figure 3-1.

Figure 3-1 Menu showing the Web Modules option

Accompanying

The Manage Web Modules portlet is then displayed as shown in Figure 3-2.

distribution for not

Figure 3-2 Managing the Web Modules portlet

The portlet application is displayed in the list of portlets that are available to the portalSPVC; after the portal completes the deployment. The applications are often referred to as a web module (WAR file). The application status will appear in the web modules listing. The application is startedfor if the Status column is blank.

When the window for uploading the web module opens (Figure 3-3), you must provide the full path and file name of the moduleguide that you are attempting to install.

Figure 3-3 Manage Web Modules window Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 47 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Figure 3-4 illustrates the status of an installed and started web module.

distribution for not

Figure 3-4 Manage Web Modules page SPVC; Completing forclustered portlet deployment As previously described, more effort is required when portlets are deployed to a cluster. ConfigEngine provides a task that synchronizes and activates portlets across the cluster. The task, activate-portlets, is executed from the ConfigEngine directory of theguide . Depending on your environment, you run the task as follows: Windows: ConfigEngine activate-portlets -DWasPassword=password Linux: ./ConfigEngine.sh activate-portlets -DWasPassword=password

You can synchronize the nodes using the Integrated Solutions Console of the deployment manager. In addition, a command line task can be executed from the bin directory of the node agent. To Accompanyinghelp with troubleshooting, check the systemout.log file for both

the deployment manager and each node agent to determine the success or lack of success with regard to synchronization.

Configuring portlets Developers can create portlets that are configurable by the administrator. For example, the administrator points the portlet to a specific database server or web service for its content.

Use the Configure Portlet icon to access the Manage Portlets portlet. This portlet is shown in Figure 3-5. distribution for not

SPVC; Figure 3-5 The Manage Portlets portlet for Each portlet has one set of parameters, which is configurable by the administrator. Read-only preferences are set up by the developer.

Settingguide shared settings A portlet that is displayed to a user can be switched to several management modes. These modes include Edit, Edit Shared Settings, and Configure. Which, if any, of these modes are available in the portlet menu depends on whether the menu is available (defined by the skin) or by the user’s role on the portlet such as User, Privileged User, and so on. Figure 3-6 on page 50 shows an example of the menu with the Edit Shared Settings option.

Skin: A skin is a presentation component that wraps portlets on a portal page. Skins and a related term, themes are discussed Accompanyingin Lesson 14.

© Copyright IBM Corp. 2011. All rights reserved. 49 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution Figure 3-6 Edit Shared Settings option on the portlet menu for Users with Editor privileges on a portlet can set default customization values for other users. An example of this might be a line of business application in which managers of each division prefer settings that are consistent withnot their region. Although it is not a line of business application, Figure 3-7 shows how a user can set the preferences for a World Clock portlet.

SPVC; for

guide

Figure 3-7 Setting preferences for the World Clock portlet

Accompanying

Topic B: Page hierarchy and portlets

You can propagate your page hierarchy from one portal to another through a simple export and import process. The most common way to do this is to create a page hierarchy on your staging portal, perfecting it, and then setting it up on the production portal by using the export import.

Exporting and importing the page hierarchy distribution

The export and import process provides the ability to move pages and portlets with complete fidelity. Page hierarchiesfor are exported using XML Access. Two mechanisms are available to administrators to employ the XML Access.not Exporting a page hierarchy By exporting a page hierarchy, you can back up page layouts and transport to another system, for example, desktop development to test server, test to staging, or staging to production. SPVC; The first and simplest means of exporting is to use the Manage Pages portlet. You expand Portal User Interface on the Administrative Pages,for if it is not already expanded, and click Manage Pages. You can navigate the portal page hierarchy until you find the top-level node of the tree that you want to export.

When you click the Export icon, you are prompted to choose whetherguide to export the entire page hierarchy or just the selected node. Click Yes to export the hierarchy or No to export just the selected node (Figure 3-8).

Figure 3-8 Manage Pages window Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 51 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

In the Opening pageExport.xml window (Figure 3-9), you are prompted for a file name and storage location of the XML file that is generated by the portlet. Disable pop-up blockers, or the browser will not open the prompt.

distribution for not

Figure 3-9 The Opening pageExport.xml window

This file can be used to restore the page hierarchy or to deploy it to another portal instance,SPVC; as shown in Figure 3-10. for

guide

Figure 3-10 File used to restore the page hierarchy

Importing a page hierarchy You use the XML import portlet and XML Access command-line utility to import pages and portlets to a new system.

Accompanying

The process of importing a page is similar. You expand Portal Settings in the left navigation area and click Import XML. In the Import XML window (Figure 3-11), select an upload file. In our example, we choose the file that we exported previously.

distribution Figure 3-11 The Import XML window for You can use the XML Access scripting interface in addition to the graphic interface that is provided by the administration pages. The initial file can be manually written. It is much easier to export a file and then make any necessary edits.not

The XML Access scripting interface is available from the command line of any portal instance. An export command file must be composed to do an export using XML Access. This file is passed to the scripting interface, and two files are generated as a result. One file is the exportSPVC; file that contains the exported data, and the other file is a log of the export process that is executed by the XML Accessfor scripting interface. The result file of an export or a similar file can be passed to the scripting engine to import a page hierarchy using the XML Access scripting interface. In this case, a log file is created indicating the statusguide of the import.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 53 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lab

Lab 3: Deploying a portletdistribution for This lab explains how you can deploy new portlets.

This lab includes the following tasks:not Verifying that WebSphere Portal is started and logging in Deploying a portlet

Objectives SPVC;

This lab has thefor following objectives: Verify that WebSphere Portal is started. Log in to WebSphere Portal. Deploy portlet applications. Askguide for assistance: All parts of this lab are conducted on the portal99 virtual machine. Ask your instructor for assistance if you have questions about any steps in this lab.

Substitution values: In this lab, when you see the value , substitute it as follows depending on your environment: Windows C:\IBM\WebSphere\wp_profile Linux /opt/IBM/WebSphere/wp_profile Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 55 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 1: Verifying that WebSphere Portal is started and logging in

In this task, you verify that WebSphere Portal is started and then log in.

Verifying that WebSphere Portal is started distribution To verify that WebSphere Portal is started, complete these steps: 1. Launch a command prompt and changefor directories to \bin. 2. Enter the following command: not Windows: serverstatus -all Linux: ./serverStatus.sh -all 3. If prompted, enter SPVC;wpsadmin for the user ID and password. 4. If WebSphere Portal is stopped, enter the following command: Windows: for startServer WebSphere_Portal Linux: ./startServer.shguide WebSphere_Portal Server WebSphere_Portal open for e-business is displayed.

Logging in to WebSphere Portal

To log in to WebSphere Portal, complete these steps: 1. Launch a browser and enter the following address: http://portal99:10039/wps/portal 2. Enter wpsadmin for the user ID and password and click Log in. Accompanying

Task 2: Deploying a portlet

Installing a portlet To install a portlet, complete these steps: 1. Click Administration → Portlet Management → Web Modules and click Install. 2. In the Manage Web Modules window (Figure 3-12), click Browse and select the following: Windows: distribution C:\LabFiles\Lab3\PortalLogViewer.war, and click Open. Then click Next. Linux: for /root/LabFiles/Lab 3/PortalLogViewer.war not

SPVC; for

Figure 3-12 Installing a Web module: Selecting a WAR file guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 57 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

3. Confirm that the PortalLogViewer Application is the portlet that is being installed (as Figure 3-13 illustrates). Click Do not start application and then click Finish.

distribution for not

Figure 3-13 Installing a Web module: Viewing theSPVC; WAR file contents You receive a confirmation message that the installation was successful. for Portlets must be active to be displayed on a page properly. Clicking Start Application during the web module installation process installs and activates the portlet. In contrast, clicking Do not start application during the installation process leaves theguide portlet deactivated. An error message is displayed if a deactivated portlet is added to a page. For this lab, the application was not started to demonstrate the steps to activate a portlet.

Accompanying

4. Enter Portal in the Search field. Ensure that File name starts with is selected in the Search by field, and then click Search. 5. In the list, click the Activate icon (lightening bolt) to activate the portlet. Figure 3-14 shows the PortalLogViewer.war line item.

distribution for not Figure 3-14 PortalLogViewer.war file in the Manage Web Modules window

Adding the portlet to the Features page To add the portlet to the Features page, complete these steps: 1. Click AdministrationSPVC; Page → Portal User Interface → Manage Pages. 2. Click Contentfor Root → Home. 3. In the Manage Pages window (Figure 3-15 on page 60), click the Edit Page Layout icon for the Features page.

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 59 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for

Figure 3-15 Manage Pages window not

4. Click Add Portlets. 5. Search for PortalLogViewer. 6. On the Content tab (Figure 3-16), select the PortalLogViewer portlet check box SPVC;and click OK . for

guide

Figure 3-16 Content tab

7. Click Done.

Accompanying

8. Click Home → Features, and observe that the PortalLogViewer portlet is available as shown in the Features tab (Figure 3-17).

distribution for not

Figure 3-17 Features tab SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 61 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

62 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 4. WebSphere Portal security management

Lesson 4

distribution Lesson 4.WebSphere Portal security management for not This lesson provides an introduction to portal security management.

This lesson includes the following topics: Overview of role-based security Defining the portalSPVC; resource security mechanism Blocking propagation and role inheritance Access control settings Granting privilegesfor Creating anonymous pages Traversal Securing your portal page hierarchy guide Objectives

This lesson has the following objectives: Define the portal resource security mechanism. Explain security terminology. Grant access to portal resources to users. Implement security on pages. Implement security on portlets.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 63 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Overview of role-based security

This topic discusses privileges, propagation, inheritance, and traversal.

Privileges

Conceptually, privilege pertains to the ability, or lackdistribution thereof, for a user to interact with portal resources such as portlets and pages. More specifically, privilege can be understood through an examination of a role type and its relationshipfor with a resource.

WebSphere Portal provides a concrete list of role types, such as Editor and Owner. These role typesnot do not express the scope of a user’s privilege. For example, being an Editor of a page is different than being an Editor of a portlet. Thus, it is only when a role type is associated with a resource does the meaning become clear. WebSphere Portal distinguishes abstract role types from concrete privilege by using the term role to describe the relationship of a role type and a resource.SPVC; For example, Eric has a privilege with the Human Resources page. We mightfor say that Eric’s role is Editor@Human Resources Page. However, Eric does not have a role, but is a member of a role. Consequently, we can describe Eric as being a member of the role Editor@Human Resource Page.

When describing role inheritance and propagation, inheritance occursguide between portlet applications and portlets, and among labels, pages and child labels, and pages.

Propagation

If user privilege is managed only by explicitly setting permissions for each resource, the effort, other than being tedious, is unmanageable. For this reason, propagation is an essential means of managing user privilege. You might recall our discussion about concepts to apply during the design of a page hierarchy. Based on that discussion, you understand that, for propagation to be an effective means of managing user privilege, at least with Accompanyingregard to pages, you must understand the value and mechanisms

64 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 4. WebSphere Portal security management

of propagation. For WebSphere Portal, we are concerned with two such mechanisms, inheritance and traversal. Inheritance

Inheritance assures the propagation of privilege so that descendants derive their security settings from their parent. For example, when assigning rights to the HR page, all child nodes inherit rights by default, which is illustrated in Figure 4-1.

distribution for not

Figure 4-1 HR privileges example

This default behavior SPVC;can be altere d through inheritance blocking. A user’s privilege does not necessarily extend to each child in a given page hierarchy.for A well designed page hierarchy simplifies security role assignments: If an administrator assigns a user group to the Privileged User role on the HR label, by default, the user is implicitly granted theguide same privileges on all child nodes. If the administrator assigns explicit privileges for the same user group or any members of that group, the explicit privileges supersedes the implicit privileges. If a user is a member of two distinct roles on any resource, for example, User and Privileged User, the user gains the highest privileges available by the assignment.

In some cases, it is preferred that a user’s privilege on some resources is blocked while other resources in the same page hierarchy are permitted. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 65 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Traversal

Traversal is the ability to navigate to a page without having privileges on intermediate pages. Figure 4-2 illustrates a typical scenario where a user has no privileges on HR, Benefits, Payroll, or 401k, but is a Privileged User on Health Care.

distribution for not

Figure 4-2 HR traversal chart

When defining a page hierarchy, circumstances might arise where a user requires access to a page far down in the hierarchy, without having any privileges SPVC;on pages in between. WebSphere Portal uses traversal to handle this scenario implicitly. for The user sees a non-active link for all pages between the top of the hierarchy and the page where they have privileges. The user does not see any content on the pages where the user does not have privileges. The page that is automatically displayed is the first guideone for which the user has explicit privileges. Consider traversal from the perspective or role assignments. When users have access on resources, such as a Page or URL Mapping, they receive implicit permission to navigate to those resources. This means a guaranteed the ability to navigate through all parent resources of those resources. The parent resources show only their title to the user, while the corresponding resource content (for example the portlets on the page) remains inaccessible.

Accompanying

66 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 4. WebSphere Portal security management

Topic B: Defining the portal resource security mechanism

This topic begins by defining the portal resource security mechanism; then it explores the resources and roles of WebSphere Portal.

Defining the portal resource security mechanism distribution

Authorization implementation on the portal is done by assigning permissions to users based on specific predefinedfor roles: Authentication is handled by IBM WebSphere security to determine who the user is. not Authorization is handled by the portal to determine what the user is allowed to do.

Users are assigned resource privileges through the Resource Permissions portlet. SPVC; Exploring the resources and roles for WebSphere Portal defines many different resources that require security role assignments. Resources are the manageable assets of the portal. The most commonly managed resources are pages, portlet applications, and portlets. guide The following items are other common resources: Application templates URL mapping contexts User groups Web modules

Topic C: Blocking propagation and role inheritance

AccompanyingThis topic discusses blocking propagation and role inheritance.

© Copyright IBM Corp. 2011. All rights reserved. 67 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Blocking propagation

The administrator can block the propagation of privileges from parent to child by disabling the roles that should not propagate. Blocking propagation effectively prunes the branch beneath it.

Figure 4-3 illustrates how blocking propagation from the HR label does not affect the propagation of privileges from the Benefits page to its children, Health Care, and 401(k). distribution for not

Figure 4-3 HR blocking propagation chart SPVC; In the Resource Permissions window, clear the Allow Propagation check boxes for all roles to block all propagated rights from HR to any child pages.for Note that Administrator and Security Administrator cannot be blocked. Also, apply explicit rights to the child pages. guide

Accompanying

68 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 4. WebSphere Portal security management

Health Care and 401k still inherit from Benefits based on the window shown in Figure 4-4.

distribution for not

Figure 4-4 Resource Permissions window SPVC; Blocking inheritance

Blocking inheritancefor allows more selective pruning of branches in the page hierarchy. Figure 4-5 shows how you can alter inheritance on the Payroll page to not allow inheritance from its specific parent, the HR label. guide

Figure 4-5 HR blocking inheritance chart

AccompanyingIn the Resource Permissions window, clear the Allow Inheritance check boxes for all roles to block all inherited rights from parent to

© Copyright IBM Corp. 2011. All rights reserved. 69 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Payroll. Again, note that Administrator and Security Administrator cannot be blocked. Payroll’s children still inherit from Payroll even after applying explicit rights to Payroll, as shown in Figure 4-6.

distribution for not

Figure 4-6 The ResourceSPVC; Permissions window for Topic D: Access control settings

This topic discusses portlet access control settings for pages and portlets.guide Initial access control settings

The portal defines the following specific virtual groups that you can use to make security role assignments: Anonymous Portal User This group consists of all portal users who have not yet logged in to the portal (unauthenticated). All Portal User Groups This super group consists of all authenticated users who have Accompanying a membership in another group in the user repository. Use this group to differentiate newly registered users from those who

70 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 4. WebSphere Portal security management

have been set up into other groups who have been assigned specific privileges within the portal. All Authenticated Portal Users This group consists of all portal users who have logged in to the portal. After a user has logged in, the user is no longer a member of the Anonymous Portal User group.

Initial portlet access control settings

The only user that has privileges on a newly deployeddistribution portlet is the user who deployed it. A user must be a member of the Manager role on the virtual resource, WebSphere Portal, to deploy a portlet. for

A user must be granted Privileged User privileges on the portlet application or portlet to customize anot portlet under Edit Portlet Preferences. Otherwise, that user cannot see the Personalize selection on the portlet menu.

Follow these guidelines when defining a user’s default rights on portlets: Deploying a new portletSPVC; applicat ion provides rights to the deployer. Portlets inheritfor role assignments from the portlet application. Average users have no rights on administrative portlets. All authenticated portal users have Privileged User role on most other portlets. guide Initial page access control settings

Consider the following guidelines when defining a user’s default rights on pages: A newly created page inherits rights from its parent. Users have Privileged User rights on the Home page. All child pages inherit these rights. Users can perform the following tasks: – Edit the page layout. – Create private pages. Accompanying – Add, move, and delete portlets. – Customize portlets.

© Copyright IBM Corp. 2011. All rights reserved. 71 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

– Create and delete portlet wires. Grant page access rights in the same way as you grant portlet rights.

Topic E: Granting privileges

This topics demonstrates the steps to grant portlet privileges.

Granting privileges to a portletdistribution

Portlets inherit privileges from their portlet forapplications, similar to how pages inherit privileges from their parent pages. You can block propagation from the application to the portlet, and you can make explicit role assignments to thenot portlet. To grant privileges to a portlet, follow these steps: 1. Click the Administration link. 2. Click Portlet Management → Portlets. 3. Search for the portlet.SPVC; 4. In the Manage Portlets window (Figure 4-7), click the Assign access to portletfor icon (key icon).

guide

Figure 4-7 Manage Portlets window

Accompanying

72 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 4. WebSphere Portal security management

5. In the Resource Permissions window (Figure 4-8), click the Edit Role icon adjacent to the required privilege level.

distribution for not Figure 4-8 Resource Permissions window (part 1 of 4)

6. Click Add to add a group or user (Figure 4-9). SPVC; for

guide

Figure 4-9 Resource Permissions window (part 2 of 4)

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 73 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

7. From the Search for Users or User Groups list (Figure 4-10), select Users or User Groups.

distribution for not

Figure 4-10 Resource Permissions window (part 3 of 4)

Note the Members SPVC;successfully added to the role message in Figure 4-11. 8. Continue addingfor users or user groups by clicking the Add button.

guide

Figure 4-11 Resource Permissions window (part 4 of 4) Accompanying

74 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 4. WebSphere Portal security management

Figure 4-12 shows the results.

distribution for not

Figure 4-12 World Clock window

Granting differentSPVC; privileges on a single portlet

Block inheritancefor from the portlet application the same way that you might block inheritance from a parent page. Privileges are assigned to portlets, not portlet placements. Placing the same portlet on multiple pages does not affect user privileges for the portlet.guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 75 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

To set different privileges on a single portlet, follow these steps: 1. Click the Copy the portlet icon (two sheets of paper). 2. In the Manage Portlets window (Figure 4-13), assign the appropriate rights to the copy.

distribution for not

Figure 4-13 Manage SPVC;Portlets window Topic F: for Creating anonymous pages

This topic discusses role interactions for pages and portlets.

Analyzingguide role interactions on pages and Portlets

Certain interactions exist between privilege settings even though privileges are not inherited between a page and a portlet. The user cannot customize the portlet if a user has Privileged User privileges on the portlet and only User privileges on the page. Customization is not permitted when defining usage scenarios if a user has Privileged User authorization on a portlet and User authorization on the page.

When the user has rights, the user sees a Personalize option on Accompanyingthe menu. However, because the user does not have the rights to

76 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 4. WebSphere Portal security management

change the page or portlet, the Personalize option is not displayed, as you can see in the menu shown in Figure 4-14.

distribution for Figure 4-14 World Clock window not Topic G: Traversal

This topic discusses traversal and presents a typical traversal scenario. SPVC; The need for traversal for Traversal is the ability to navigate to a page without having privileges on intermediate pages.

When defining a page hierarchy, circumstances might arise where a userguide requires access to a page farther down in the hierarchy, without having any privileges on pages in between. WebSphere Portal uses traversal to handles this scenario implicitly.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 77 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Traversal scenario

In a typical scenario, a user has no privileges on HR, Benefits, Payroll, or 401k, but is a Privileged User on Health Care, as illustrated in Figure 4-15.

distribution for

Figure 4-15 Traversal - HR scenarionot Configuring traversal

The user sees a non-active link for all pages between the top of the hierarchy and the page where the user has privileges. The user does not see anySPVC; content on the pages where the user does not have privileges. The page that is automatically displayed is the first one for which the user has explicit privileges. See Figure 4-2 on page 66 for afor traversal illustration.

guide

Accompanying

78 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 4. WebSphere Portal security management

Topic H: Securing your portal page hierarchy

This topic offers best practices for securing portal pages.

Setting resource permissions

Follow these best practices for creating and securing a page and portlet hierarchy: distribution Organize the hierarchy to permit security through inheritance. Assign roles no higher than Privileged User to the average portal user. for Lock container content to prevent users from adding or deleting content. not Copy portlets to assign different levels of access. Assign user the same privileges on the page as the highest privilege portlet. Assume that a user has the highest level of access granted to them by more thanSPVC; one group. for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 79 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

80 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

Lab

Lab 4: Implementing distribution security and creatingfor a Developer Administration not page

This lab describes how security roles are conferred and maintained. SPVC; This lab includes the following tasks: Verifying thatfor WebSphere Portal is started and logging in Importing the Human Resources page hierarchy Viewing the initial security permissions Setting and verifying page permissions Allowing customization Settingguide and verifying portlet permissions Configuring traversal permissions Creating an Administration page for developers

Objectives

This lab has the following objectives: Describe security roles, propagation, and inheritance. Describe initial security settings, virtual users, and groups. Assign permissions to pages and portlets. Accompanying Set resource access for each user group. Create an inheritance block.

© Copyright IBM Corp. 2011. All rights reserved. 81 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Explain traversal permissions. Configure traversal permissions. Create an Administration page.

Ask for assistance: All parts of this lab are conducted on the portal99 virtual machine. Ask your instructor for assistance if you have questions about any steps in this lab.

Substitution values: In this lab, when you see the value , substitute it as follows depending on your environment: Windows distribution C:\IBM\WebSphere\wp_profile Linux for /opt/IBM/WebSphere/wp_profile not

SPVC; for

guide

Accompanying

82 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

Task 1: Verifying that WebSphere Portal is started and logging in

In this task, you verify that WebSphere Portal is started and then log in.

Verifying that WebSphere Portal is started distribution To verify that WebSphere Portal is started, complete these steps: 1. Launch a command prompt. for 2. Change directories to \bin. 3. Enter the following command: not Windows: serverStatus -all Linux: ./serverStatus.sh -all 4. Enter wpsadmin forSPVC; User Identity and Password if prompted to do so. 5. Enter the followingfor command if WebSphere Portal is stopped: Windows: startServer WebSphere_Portal Linux:guide ./startServer.sh WebSphere_Portal 6. Continue when you receive the “open for e-business” message.

Logging in to WebSphere Portal

To log in to WebSphere Portal, complete these steps: 1. Launch a browser and enter the following web address: http://portal99:10039/wps/portal Accompanying2. Enter wpsadmin as the User ID and Password. 3. Click Log in.

© Copyright IBM Corp. 2011. All rights reserved. 83 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 2: Importing the Human Resources page hierarchy

You import a Human Resources page hierarchy by using the Import XML Portal Setting in the administration interface. Figure 4-16 illustrates the hierarchy of the Human Resources pages.

distribution for not

Figure 4-16 Human Resources page hierarchy SPVC; To import the Human Resources page hierarchy, complete these steps: for 1. Click Administration → Portal Settings → Import XML in the portal. 2. In the Import XML window (Figure 4-17 on page 85), complete these steps: a.guide Click Browse . b. Navigate to: Windows: C:\LabFiles\lab4\HR.xml file.

Linux: root/LabFiles/PortalSecurity/HR.xml c. Click Import.

Accompanying

84 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

distribution for not

Figure 4-17 Import XML window

3. Click Home. Click the new Human Resources tab (Figure 4-18). SPVC; for

guide

Figure 4-18 New Human Resources tab

Task 3: Viewing the initial security permissions

You declare an administrator and an administrative user group during portal installation, which are assigned initial access. Three Accompanyingpredefined virtual users and groups are also created during portal installation and are used to configure initial access rights for an

© Copyright IBM Corp. 2011. All rights reserved. 85 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

abstract set of users. In this task, you view these initial default permissions. You do not change any permissions at this time, because permissions are assigned later in the lab. 1. Click Administration → Portal User Interface → Manage Pages. 2. Click Content Root → Home. 3. In the Manage Pages window (Figure 4-19), for the Human Resources page, click the Set Page Permission icon (the key icon). distribution for not

SPVC;

Figure 4-19 Managefor pages window Some permissions are preset, by default, for the roles depicted in Figure 4-20. 4. Forguide Administrator , click the Edit Role icon (the pencil icon).

AccompanyingFigure 4-20 Resource Permissions window

86 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

User wpsadmin and the group admins have full administrative rights on this page, which are inherited from the parent node of the Human Resources page. Notice that you cannot delete these members from this role. 5. Navigate back by clicking the Human Resources bread crumb, (Figure 4-21).

distribution for not

Figure 4-21 Resource Permissions window

6. Click the Edit Role icon (the pencil icon) for the Editor role to determine who hasSPVC; editor rights on this page. As shown in Figure 4-22, no members are in this role, which was also inherited from the parent node of the Human Resources page,for and none have been explicitly assigned.

guide

Figure 4-22 Resource Permissions window

7. Navigate back by clicking the Human Resources bread crumb. For Privileged User, click the Edit Role icon.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 87 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The All Authenticated Portal Users group is listed as an inherited role as shown in Figure 4-23.

Figure 4-23 All Authenticated Portal User group listed as an inherited role distribution

Important: Users lose the Anonymous Portalfor User identity after successfully logging in and become authenticated members of the All Authenticated Portal Users virtual user group. All Authenticated Portal Users are, bynot default, assigned the Privileged User role on non-administrative pages and portlet applications. This access gives all authenticated users the right to make personal customizations.

Task 4: SettingSPVC; and verifying page permissions for In this task, you modify the permissions for Privileged User and User roles on the Human Resources page in this task. You will also block inheritance of the privileged User role to stop personal customizations of the Human Resources page. 1. Navigateguide back by clicking the Human Resources bread crumb. You do not have a choice to clear the Allow Propagation or Allow Inheritance check boxes for the Administrator and Security Administrator roles. 2. On the Human Resources page (Figure 4-24 on page 89), clear the Allow Inheritance check box for the Privileged User role.

Accompanying

88 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

distribution for

Figure 4-24 Resource Permissions window not 3. Observe the Apply button; it is used for the changes to take affect. Selecting Done without first clicking Apply will mean that your changes are not in effect. To illustrate this: a. Uncheck or verify that the Allow Inheritance for the Privileged UserSPVC; role is unchecked. b. Click Done. c. Click the Set Page Permissions icon (the key icon) for the Human Resourcesfor page. Observe that the Allow Inheritance check box is still checked. In this example, the changes were not applied. In contrast,guide any permissions set in the parent node of the Human Resources page for this role are no longer inherited after you apply this change. To illustrate this: d. Uncheck Allow Inheritance for the Privileged User role. e. Click Apply. f. When you see the message Are you sure you want to modify this resource, click OK. 4. Click the Edit Role icon (the pencil icon) for the Privileged User role. No entries should be displayed. Navigate back to the Human Resources page. 5. Click the Edit Role icon for the User role. No members should Accompanying be in this role. 6. Click the Add button to add users or groups to the User role.

© Copyright IBM Corp. 2011. All rights reserved. 89 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

7. As shown in Figure 4-25, Search for Users or User Groups, select Users to see a list of users. In the Search field, type an asterisk (*), and click Search. At this time, you do not choose an individual user. (Your list might not exactly match the screen capture shown below.)

Not all groups are the same: Be sure to select Managers and not mgrs.

distribution for not

SPVC; for

Figure 4-25 Resource Permissions window guide 8. From the Search for Users or User Groups list, click User Groups to see a list of groups. In the Search by field, select All available and click Search.

Accompanying

90 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

9. As shown in Figure 4-26, select the Employees and Managers check boxes. Click OK to add these groups to the User role. (You might need to examine more than one results page since your screen might not match Figure 4-26.)

distribution for not

SPVC;

Figure 4-26 Resource Permissions windowfor

You should see the Members successfully added to the role message and Employees and Managers listed under the “Members in the Role” column, as illustrated in Figure 4-27. guide

Figure 4-27 Resource Permissions window Accompanying 10.Navigate back to the Human Resources page and click Done.

© Copyright IBM Corp. 2011. All rights reserved. 91 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Setting page permissions Members of the Employees and Managers groups, which are now under the User role, can read the Human Resources page. They cannot make any personal changes to it. The changed permissions are propagated to all Human Resources child pages, the pages under Human Resources, which means Employees and Managers will have User role permissions on all pages under Human Resources. You change permissions to some of the pages under Human Resources later in this lab. To set the page permissions, complete these steps:distribution 1. Select the Human Resources page. 2. Click the Set Page Permissions icon for one of the child pages. for 3. Click Edit Role for User. Note that Employees and Managers are members. Navigate back by notusing the breadcrumb trail. 4. Click Edit Role for Privileged User. Note that no members are in this role. Navigate back by using the breadcrumb trail. 5. Click Done. 6. Click Log Out. Enter Employee1 as the User ID and Password and click Log in. SPVC; 7. Click the Human Resources page. Click the page menu and the portlet menu. Notice that you do not have permissions to customize thefor page. 8. Log out and log back in as wpsadmin.

Taskguide 5: Allowing customization In this task, you allow members of the Employees or Managers group the right to customize the Employee Self Service page through the Privileged User role. You also limit access to the Payroll page by creating an inheritance block.

To allow customization, follow these steps: 1. Click Administration and click Manage Pages → Human Resources. 2. For the Employee Self Service page, click Set Page Permissions. Accompanying3. Click Edit Role for the User role. Employees and Managers have User Privileges to this page. The roles are inherited from

92 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

the parent page, Human Resources, which was changed in the previous task. 4. Navigate back to Employee Self Service. 5. Click Edit Role for the Privileged User role. No entries should be displayed because roles are inherited. 6. Click Add and search User Groups, All Available.

Adding personal customization ability Employee Self Service page permissions are inherited from its parent, Human Resources. Employee Self Servicedistribution begins with one portlet, and based on the access set in the previous task, changes cannot be made. Any member of the Employees and Managers role can make personal customizationsfor to the Employee Self Service page by adding them to the Privileged User role. not To add a personal customization ability, complete these steps: 1. Select Employees and Managers and click OK. 2. Navigate back to the Employee Self Service page and click Done to complete the changes.

Creating an inheritanceSPVC; block Because of inheritance, if permissions are changed on the parent page, Human Resources,for they are also changed on the child page, Employee Self Service. Preventing role inheritance, also known as role blocking, prevents the child page from automatically inheriting the same permissions as the parent.

To createguide an inheritance block, complete these steps: 1. Click Home in the breadcrumb trail, and for the Human Resources page, click the Set Page Permissions icon. 2. Click Edit Role for Privileged User and click Add to add the All Authenticated Portal Users group. Click OK. 3. Click Human Resources and click Done. 4. Click Human Resources and click the Set Page Permissions icon for the Employee Self Service page. 5. Click the Edit Role icon for the Privileged User role. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 93 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

In Figure 4-28, notice that the group, All Authenticated Portal Users, has been inherited from the parent, Human Resources.

distribution

Figure 4-28 Resource Permissions window for

6. Turn off Allow Inheritance for the role if this is not the intended behavior. not a. Select Employee Self Service. b. Clear the Allow Inheritance check box for Privileged User. c. Click Apply and OK to confirm. d. Click the Edit Role icon for the Privileged User role. Notice that the group isSPVC; no longer displayed (Figure 4-29). for

guide

Figure 4-29 Resource Permissions window

e. Click Employee Self Service in the breadcrumb trail and click Done. 7. Navigate to Set Page Permissions for Human Resources. Remove All Authenticated Portal Users from the Privileged Accompanying User role. Navigate back and click Done.

94 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

8. Click Log Out and log back in using Manager1 for the User ID and Password. 9. Navigate to the Employee Self Service page (Figure 4-30).

distribution for Figure 4-30 Human Resources page

10.Click Actions → Edit Page Layoutnot. 11.Click Add Portlets in the right column (Figure 4-31).

SPVC; for

guide

Figure 4-31 Edit Layout window

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 95 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

12.In the Edit Layout window (Figure 4-32), search for the Reminder portlet, select the check box next to the Reminder portlet, click OK. Then click Done.

distribution

Figure 4-32 Edit Layout window for

13.Log out and log back in by using Employee1 as the User ID and Password. Navigate to the Employeenot Self Service page under the Human Resources tab. Only one portlet is on the page. Privileged User permissions have been applied to the Employee Self Service page, which allows users to individually customize the page. SPVC; Task 6: Setting and verifying portlet permissionsfor

You applied permissions to pages in the previous tasks. In this task, you set up portlet permissions. First, you install a portlet, and thenguide you apply permissions to that portlet: 1. Click Log Out. Log back in as wpsadmin for the User ID and Password. 2. Install a portlet application: a. Click Administration → Portlet Management → Web Modules and click Install. b. Click Browse, select the

Windows: C:\LabFiles\lab4\Calculator.war file

Linux: Accompanying root/LabFiles/PortalSecurity/Calculator.war file c. Click Next.

96 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

d. Confirm that the Calculator Web Application is the portlet that is being installed (Figure 4-33). Click Do not start application and then click Finish.

distribution for not

SPVC; Figure 4-33 Manage Web Modules windowfor You receive a confirmation message indicating that the installation was successful. Portlets must be active to display properly on a page. Clicking Startguide Application during the Web Module installation installs and activates the portlet. Installing using the Do not start application parameter leaves the portlet deactivated. It returns an error message (Figure 4-34) if a deactivated portlet is added to a page. The application was not started in this task to demonstrate the steps to activate a portlet.

Figure 4-34 Deactivated portlet message

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 97 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

e. When you see the portlet.war listed, click the Activate icon (the lightening bolt icon) to activate it (Figure 4-35).

distribution for Figure 4-35 Manage Web Modules window

3. Add the portlet to the Retirementnot Benefits page: a. Click Manage Pages. b. Click Content Root → Home to navigate to the Human Resources page. c. Click the Edit Page Layout icon for the Retirement Benefits page. SPVC; d. Click Add Portlets. e. In the Editfor Layout window (Figure 4-36), search for Calculator. Then select the Calculator portlet check box and click OK. guide

Figure 4-36 Edit Layout window

f. Click Done. Accompanying4. Click Home → Human Resources → Retirement Benefits. Note that the Calculator portlet is available.

98 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

5. Log out and log back in as Employee1 or Manager1. Navigate to the Retirement Benefits page. Note that the Calculator portlet is not available for either user ID. 6. Log out and log back in as wpsadmin.

Granting permissions to a portlet Access is granted only to the ID that is used when portlet applications are initially installed, which, in this case, is wspadmin. Permissions have to be granted to the portlet for other user IDs to have access to it. distribution To grant permissions to a portlet, follow these steps: 1. Click Administration → Access → Resourcesfor Permissions. 2. Click Portlets. 3. In the Search field, type Calculator and click Search. Click the Assign Access icon (the keynot icon) for the Calculator resource.

SPVC; for

Figure 4-37 Resource Permissions window 4. Clickguide the Edit Role icon for some of the roles. Notice that Administrator is the only role for which permissions have been assigned. 5. Click the Edit Role icon for the User role. Add Managers and click OK. 6. Click Apply. 7. Log in as Manager1 to verify that you now have permission to view the Calculator portlet.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 99 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 7: Configuring traversal permissions

In this task, you configure traversal permissions. With traversal permissions, you bridge two resources across an object without giving access to that object. Users gain implicit rights to navigate all resources in a page hierarchy based on permissions that are assigned in the parent.

You want all employees to have access to the Human Resources hierarchy, with the exception that only managers distributionhave access to the Payroll page. Employees need a way to access between the Human Resources page and the Hourly page without accessing the Payroll page, which are traversal permissions.for See Figure 4-16 on page 84.

To configure traversal permission, completenot these steps: 1. Limit access to the Payroll page: a. Log in as wpsadmin and click Administration → Access → Resource Permissions. b. Click Pages → Content Root → Home → Human Resources. SPVC; c. Click the Assign Access icon (the key icon) for the Payroll page (Figurefor 4-38).

guide

Figure 4-38 Resource Permissions window

d. Clear the Allow Inheritance check box for the User role, which stops inheritance from the parent, Human Resources. Human resources allowed the Employees and Managers role to view the Payroll page. Accompanying e. Click Apply and then click OK when asked to confirm. The message Propagation/Inheritance modified

100 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

successfully displays if the confirmation was successful shown in Figure 4-39.

distribution for not

Figure 4-39 Resource Permissions window

2. Only wpsadmin has access to the Payroll page at this time. a. Click Home → HumanSPVC; Resources and expand Payroll. b. Click Log Out and log back in as Manager1. Select Human Resourcesfor. The Payroll page should not be visible. c. Log out and log back in as wpsadmin. 3. Navigate back to Payroll Resource Permissions: a. Click Administration → Access → Resource guidePermissions . b. Click Pages → Content Root → Home → Human Resources. 4. Click the Assign Access icon for the Payroll page. Add Managers to the User role. The Manager role now has access to the Payroll page. a. Log out and log back in as Manager1. b. Click the Human Resources page. Note that you have access to the Payroll page, including Salary and Hourly, the permissions for which were inherited from the parent page, Payroll. Accompanying c. Log out and log back in as Employee1.

© Copyright IBM Corp. 2011. All rights reserved. 101 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

d. Navigate to the Human Resources page. Note the you cannot access the Payroll page because the inherited permission for Employees group has no access. e. Log out and log back in as wpsadmin. 5. Configure traversal permissions: a. Click Administration → Access → Resource Permissions. b. Click Pages → Content Root → Home → Human Resources → Payroll. c. Click the Assign Access icon for the Hourlydistribution page. d. Add the Employees group to the User role. Note that the Managers group was inherited from thefor parent page, Payroll. 6. Verify traversal permissions: a. Log out and log back in as Employee1not . b. Navigate to the Human Resources page. You should see Payroll as a title. Expand Payroll and you have access to the Hourly page only. You do not have access to the Salary page. c. Log out and logSPVC; back in as wpsadmin .

Task 8: Creatingfor an Administration page for developers

In this task, you create an Administration page and assign access to aguide limited group of developers in this task. This page allows the assigned users to create pages, add portlets, and define security while restricting their access to your Administration site.

To create an administration page, complete these steps: 1. Create an Administration page for developers. a. Click Administration → Manage Pages → Content Root → Home. b. Click New Page.

Accompanying

102 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

c. Enter the values that are shown in Figure 4-40. Click OK when you are finished.

distribution for not

SPVC;

Figure 4-40 Page Properties window for

d. Click the Edit Page Layout icon for the Developers page. e. Click the Add portlets button. f.guide Search for the Manage Portlets and Manage Web Modules portlets. Select the check box for each portlet and click OK. g. Add another portlet named Resource Permissions by repeating Steps e and f.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 103 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

h. Rearrange the order of the portlets as shown in Figure 4-41. Click Done when you are finished.

distribution for not

SPVC; Figure 4-41 Edit Layouts window for i. Click Home → Developers. Note the three administration portlets. j. Log out and log back in as mgr1. Note that you can see the Developers page and it is blank. Permissions need to be guideadded to it. 2. Add Permissions to the Developers Administration page. a. Log out and log back in as wpsadmin. b. Navigate to the Developers page under Manage Pages. c. Click the Set Page Permissions icon for the Developers page. d. Click the Edit Role icon for the Manager role. Click the Add button and add the group mgrs. Search for All available User Groups. e. Click OK, click Developers in the breadcrumb trail, and Accompanying then click Done.

104 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

3. Add Permissions to the Developers Administration page portlets. a. Click Portlet Management → Portlets. b. Search for the Manage Web Modules portlet. c. Click the Assign access to portlet icon for the Manage Web Modules portlet (Figure 4-42).

distribution for not

Figure 4-42 Manage SPVC;Portlets window d. Click the Edit Role icon for the Manager role and add the group mgrsfor. Search for All Available User Groups. e. Click OK, click Manage Web Modules in the breadcrumb trail, and then click Done. f. Repeat Steps a through d for Manage Pages and Resource guidePermissions.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 105 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

4. Assign Virtual Resource permissions: a. Navigate to Access → Resource Permissions and click Virtual Resources (Figure 4-43). You might have to scroll down.

distribution for not

Figure 4-43 Resource Permissions window

b. Click the AssignSPVC; Access icon for the PORTAL resource. for

guide

Figure 4-44 Resource Permissions window

Accompanying

106 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 4: Implementing security and creating a Developer Administration page

c. Click the Edit Role icon for the Manager role and the group mgrs. Search for All available User Groups and click OK (Figure 4-45).

distribution for not

SPVC; Figure 4-45 Resource Permissions window for d. Log out and log back in as mgr1. Note that you can see the Developers page and all the portlets. You can also see the Administration link, which is not the desired result, because you assigned access to all Administrative portlets guidein the prior step. You need to restrict this access. 5. Restrict access to the Administration link: a. Log out and log back in as wpsadmin. b. Navigate to Access → Resource Permissions and click Virtual Resources. You might need to scroll through the pages. c. Click the Assign Access icon for the PORTAL resource. d. Clear the Allow Propagation check box for the Manager role and click Apply. e. When you see the Are you sure? message, click OK. f. Log out and log back in as mgr1. Note that you can still see Accompanying the Developers page and the portlets. You cannot see the Administration link.

© Copyright IBM Corp. 2011. All rights reserved. 107 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

g. Log out and log back in as Manager1. Note that you can see the Developers page (Figure 4-46). It is blank because you only want the mgrs group to see this page, which is set by the inheritance of the Privileged User role.

Figure 4-46 Developers page distribution 6. Remove permissions for Privileged User: a. Log out and log back in as wpsadmin.for b. Navigate to the Developers page under Manage Pages. c. Click the Set Page Permissionsnot icon for the Developers page. d. Clear the Allow Inheritance check box for the Privileged User role (Figure 4-47). Click Apply, click OK, and then click Done. SPVC; for

guide

Figure 4-47 Removing permissions on the Developers page

e. Log out and log back in as Manager1. Note that you no longer see the Developers page. wpsadmin Accompanying f. Log out and log back in as .

Lesson 5

distribution Lesson 5.Wikis and blogs for WebSphere Portal 7.0 supports the rapid addition of blogs and wikis through the Page Builder theme and web content libraries that are created from predefined templates.not

This lesson includes the following topics: Page Builder theme and a wiki or blog Adding a wiki or blog to a page Deleting wiki or blog content Purging wiki or blogSPVC; content Assigning access to the wiki or blog for Objectives

Thisguide lesson has the following objectives: Review the Page Builder theme. Add a wiki or blog to a page. Delete a wiki or blog from a page. Purge content from a wiki or blog. Assign access to a wiki or a blog.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 109 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Page Builder theme and a wiki or blog

Wikis and blogs provide an environment that substantively encourages users to collaborate on projects, topics, and other areas of common interest. The benefits of a wiki, for example, can include community participation in constructing a knowledge rich response to FAQs. The Page Builder theme facilitates the creation, customization, and sharing of portal pages. This topic introduces you to the Page Builder theme, wikis, distributionand blogs. Overview of the Page Builderfor theme

The Page Builder theme was introduced in IBM WebSphere Portal 6.1.5 as a way to easily create and notcustomize portal pages. The theme provides one-stop shopping versus having to use several tabs and menus to create, customize, or share a page.

The Tab menu in the Page Builder theme allows developers to work directly on the one tab. They can click the Customize button to add content, or change the style of the current page by selecting from a list ofSPVC; predefined styles and layouts. Content and pages can be moved using drag and drop. for Wikis

A wiki, which is Hawaiian for “fast,” is a website that allows the easyguide creation and editing of interlinked web pages by using a web browser using a simplified markup language or a What-You-See-Is-What-You-Get (WYSIWYG) editor. They are typically powered by wiki software. They are used to create collaborative wiki websites and to power community websites in corporate intranets or in knowledge management systems.

Blogs

A blog, which is a blend of the term web log, is a type of website or part of a website. Blogs are usually maintained by an individual with regular entries of commentary, descriptions of events, or Accompanyingother materials, such as graphics or videos. Entries are commonly displayed in reverse chronological order.

Blogs are used to provide commentary or news on a particular subject. Most are text-based with images and links to other blogs and are interactive, allowing readers to leave comments on the posted information. Audio blogs are known as podcasting. Microblogging is another form of blogging that features short posts, similar to Twitter.

You can tag and rate wiki and blog content.

Topic B: Adding a wiki or blogdistribution to a page for Under the covers, a wiki or a blog is created as a content library. The interface for users to create and edit content is based on the components that are defined by web content developers. You can rapidly create a wiki or a blog withoutnot expending significant extra effort.

The Page Builder theme features a Customize link so that you can easily add a wiki or blog to a page. You can still add a wiki or a blog to a custom pageSPVC; with minor changes to your custom theme. Adding a forwiki to a page You can quickly create and edit content inline with a wiki. Use the following steps to add a wiki to a page: 1. Navigate to a target page. 2. Clickguide Customize to add a wiki to the page. Clicking Customize provides access to portal content. In the Create category, you find several choices including a wiki. Adding the wiki to a page and saving the page causes the system to copy the IBM Web Content Management template library that is used to create a blog or blog library. It also places an instance of the JSR 286 Web Content Viewer on a page. The name that you give your wiki is displayed as the portlet title, library display title, and library name when you use alphanumeric characters, spaces, and characters such as $ - _ . ! () or , Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 111 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Other characters are replaced in the actual library name with characters that are supported by a Web Content Management library. 3. Click New Page to add content to your wiki after it is added to your site. You can click Edit to modify content, and click Delete to delete a wiki from a page.

Adding a blog to a page distribution You can add a blog or blog library to a page if you have editor access to the portal or portal page. Use the following steps to add a blog or blog library to a page: for 1. Create a page to contain the blog. 2. Click Customize to add a blog ornot blog library to the page. Clicking Customize provides access to portal content. In the Create category, you find several choices including a blog. Adding a blog to a page and saving the page causes the system to copy the IBM Web Content Management template library that is used to create a blog or blog library. It also places an instance of the SPVC;JSR 286 Web Content Viewer on a page. The name that you give your blog is displayed as the portlet title, library display title, and library name when you use alphanumericfor characters, spaces, and characters such as $ - _ . ! () or , Other characters are replaced in the library name with characters that are supported by a Web Content Management library.guide 3. You can click Create Post to add content after adding a blog to the page. Click Edit to modify your content, and Delete to delete a post. 4. Click Create Blog after adding a blog library to a page, and then click Create Post to modify any content. You can click Edit to modify your content, and Delete to delete a post.

Accompanying

Topic C: Deleting wiki or blog content

You can delete content from wikis or blogs over time. To maintain performance, you must purge content.

The difference between deleting and purging distribution Deleting content removes the content page from view. It is not the same as deleting a wiki or blog in its entirety, which is a topic of strategic interest to web content architects.for

A content item is no longer displayed as an item for view by consumers of the wiki or blog whennot it is deleted by a user. However, the item persists in the web content library. A second step, normally taken by administrators of the blog or wiki, purges the content from the library.

The distinction is to treat deletions as soft deletes and purges as permanent, irreversibleSPVC; elimination of content. Deleting wikifor or blog content

You must have Editor or Administrator access to delete content items from the wiki or blog interface. To delete wiki or blog content, follow these steps, which are illustrated in Figure 5-1: 1. Clickguide the Delete button that is shown on the content item. 2. When you see the Confirm delete message, click OK.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 113 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

Figure 5-1 Delete window

Restoring deleted content:SPVC; To restore deleted content, use the version management feature of Web Content Management: 1. From the Deletedfor items view, select Versions. 2. In the Versions view, select a version to restore. Click the Restore button. 3. Indicate when to restore the item.

Thisguide process is described in the Web Content Management documentation on the following web page: http://www-10.lotus.com/ldd/portalwiki.nsf/xpViewCategor ies.xsp?lookupName=IBM%20Lotus%20Web%20Content%20Managem ent%207%20Product%20Documentation

Accompanying

Topic D: Purging wiki or blog content

Purging is done by administrators of the wiki or blog.

Purging a wiki or blog

To purge a wiki or blog, follow these steps: 1. Click Applications → Content → Web Contentdistribution Management. 2. Select the wiki library that contains the page or pages that you plan to purge. for Click Preferences → Configure → Library Selection to add the library to the selection list if younot cannot select it. 3. Click Item Views → Deleted Items. 4. Select the appropriate wiki page and click Purge (Figure 5-2).

SPVC; for

guide

Figure 5-2 Deleted Items window

Topic E: Assigning access to the wiki or blog

You can assign access to a wiki or a blog by using the Web Content Libraries administrative portlet in the Portal Content Accompanyingsection of the administrative pages.

© Copyright IBM Corp. 2011. All rights reserved. 115 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Wiki and blog roles

You manage access to wikis and blogs by using one of the roles shown in Figure 5-3. An administrator has Manager access and can assign Editor access, or other roles, to others who need to create and manage content in a wiki, such as deleting and purging content. Other users require Editor access to add or edit wiki content. Remember that editors can modify all content within a wiki. A contributor can view wiki content and rate or tag it.

Contributor role: A contributor is a role type thatdistribution is unique to Web Content Management resources. for not

SPVC; for

guide

Figure 5-3 Roles

Accompanying

Configuring access control to wikis or blogs

Access control to wikis and blogs is managed through the Web Content Management libraries. Creating a new wiki from the Page Builder results in a new web content library of the same name. To configure access control, follow these steps: 1. Click Administration → Portal Content → Web Content Libraries. 2. Navigate to a library to assign access and clickdistribution Set Permissions. 3. Click the Edit Role icon for the Editor role and click Add to assign users or groups to the Editor role.for Search for the users or groups that belong to this role.

Web Content Management: Terms,not such as content library, relate to the Web Content Management application. A content library stores data in the JCR repository of WebSphere Portal. For more information about the Web Content Management application, see the following web page: http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Building_a _web_content_system_wp7SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 117 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lab

Lab 5: Setting up a blogdistribution and a wiki for not You can add a user to a portal and grant this user viewer access to the pages that you create, or you can make the page public. Granting page access automatically grants view access to the web content library, which is a new function in IBM WebSphere Portal 7.0. You can also add a user to a portal and grant this user editor access to the pages that you create. Granting editor access automatically grants viewSPVC; access to the web content library (not editor access).

When you add editorfor access to the web content library, you can have view access to the page and editor access to the wiki. You do not need to have editor page access to the page for that ability. Thisguide lab includes the following tasks: Adding Web Content Management authoring to a base installation Adding a blog Adding a wiki Assigning users rights

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 119 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Objectives

This lab has the following objectives: Add Web Content Management to a base installation. Add a blog. Add a wiki. Assign users.

distribution for not

SPVC; for

guide

Accompanying

Task 1: Adding Web Content Management authoring to a base installation

If you install the product using the Base option, blogs and wikis are not installed. However, you can still manually configure these features after installation.

Web Content Management: These instructions apply only if you installed an offering that includes the blog anddistribution wiki samples. An offering that does not include Web Content Management does not include the blog andfor wiki samples. 1. Open a command prompt in the wp_profile/ConfigEngine directory. not 2. Set up the authoring feature by entering the following command that corresponds to your environment: –Linux ./ConfigEngine.sh configure-wcm-authoring -DPortalAdminPwd=wpsadminSPVC; -DWasPassword=wpsadmin – Windows ConfigEngine.bat configure-wcm-authoring -DPortalAdminPwd=wpsadminfor -DWasPassword=wpsadmin After running the command, the following text is displays: [echo] updated RegistrySynchronized in file wkplc.properties with value: Return Value: 0 3. Installguide the blog and wiki content libraries by entering the following command that corresponds to your environment: –Linux ./ConfigEngine.sh configure-blog -DPortalAdminPwd=wpsadmin -DWasPassword=wpsadmin – Windows ConfigEngine.bat configure-blog -DPortalAdminPwd=wpsadmin -DWasPassword=wpsadmin

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 121 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 2: Adding a blog

In this task, you add a blog to a page to collaborate with your team on a single topic. You also add a blog library to a page to collaborate with your team on multiple topics in a centralized view.

Editor access: If you have editor access to the portal page, you can add a blog or blog library to a page. See the WebSphere Portal Family Wiki for an example of how you can modify your custom theme to enable the capability of adding blogs and wikis to a page. distribution

To create a page to contain the blog and then to add a blog, complete these steps: for 1. Log in to the portal as wpsadmin. Click Actions → Edit page and click New page. not 2. In the Create Page window (Figure 5-4), enter a new page name and click Create Page.

SPVC; for

guide Figure 5-4 Create Page window for creating a blog

3. Click Actions → Edit Page. 4. Click Customize to see the content that can be added to the page.

Accompanying

When you click Customize, the IBM Lotus Web Content Management template library (which creates a blog or blog library) is copied, and an instance of the JSR 286 Web Content Viewer is placed on the page (Figure 5-5).

distribution for

Figure 5-5 Creating blogs and wikis not

5. Click the plus sign (+) icon next to the blog or blog library to add it to the page. 6. In the “Add Blog to page” panel (Figure 5-6), type a blog name and click Add. SPVC; for

guide Figure 5-6 Adding a blog

Naming blogs and blog libraries: The name that you provide for the blog or blog library is shown as the portlet title, library display title, and library name when using alphanumeric characters, spaces, and the $ - _ . ! ( ) , characters. Other characters are replaced in the actual library name with characters that are supported by a Web Content Management library. Accompanying7. Click Save & Exit. 8. Click Home.

© Copyright IBM Corp. 2011. All rights reserved. 123 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

9. On the Blog tab, under My Blog (Figure 5-7), click Create Post to add content.

distribution Figure 5-7 Finished blog for Figure 5-8 shows the blog entry. To modify your content, click Edit. To delete a post, click Delete.not

SPVC; for

guide

Figure 5-8 Blog entry

Task 3: Adding a wiki

If you have editor access for the page, you can add a wiki to a page. When you add a wiki to a page, a copy of the wiki template Accompanyingis created using the name that you provided when you added the

wiki to a page. This copy of the wiki template is used to store wiki page content.

Custom theme: See the WebSphere Portal Family Wiki for an example of how to add blogs or wikis to a custom theme.

To add a wiki, complete these steps: 1. Create a new page called wiki. 2. Go to the new page and click Actions → Edit Page. 3. Click Customize to view the content available.distribution 4. Click the plus sign (+) icon next to the Wiki entry to add the wiki to the page. 5. In the “Add Wiki to page” panel (Figurefor 5-9), enter a name for the wiki. a. Click Save and Exit. not

SPVC; for Figure 5-9 Creating a wiki

Naming wikis: The name that you provide for the wiki shows as the portlet title, library display title, and library guidename when using alphanumeric characters, spaces, and the $ - _ . ! ( ) , characters. Other characters are replaced in the actual library name with the characters that are supported by a Web Content Management library.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 125 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Figure 5-10 shows a finished wiki.

distribution for not Figure 5-10 Finished wiki

6. After adding a wiki to your site, click New Page to add content (Figure 5-11). To modify existing content, select the entry and click Edit. To delete a wiki page,SPVC; click Delete . for

guide

Figure 5-11 New wiki entry Accompanying

Task 4: Assigning users rights

Users can be granted the following rights: The portal administrator can assign Editor access to you if you need to create and manage blogs within the site. If you are given Editor access to a blog, you can create or modify posts in that blog. If you are given Editor access to a blog library, you can create and modify blogs and you can create and modify posts in that blog library. distribution If you have Manager rights to a blog, you can create, modify, and delete posts and delete comments in that blog. If you are given Manager rights to a blogfor library, you can create, modify, and delete blogs. You can also create, modify, and delete posts and delete commentsnot within the blogs. For wikis, the access indicates whether you can read, tag, or create content. Because the purpose of a wiki is to share content, you must have Editor access to the wiki to create content. Contributors can rate and tag the content only. If the page allows anonymous users to access, they can view the wiki entries butSPVC; they cannot perform any other actions. To add users to the Editor role, as an example of assigning user rights, set the permissionsfor of the page where the wiki resides to allow all users to see it as explained in the following steps: 1. Click Administration and select Portal User Interface → Manage Pages. 2. Inguide the Manage Pages panel (Figure 5-12 on page 128), search for the wiki page that you just created and click Search.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 127 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution Figure 5-12 Manage Pages panel for 3. Select Set Page Permissions. 4. Edit the role for User and click Add. 5. Select the Users and User Groupsnot check box and click OK. All entries are selected (Figure 5-13).

SPVC; for

guide

Figure 5-13 Page resources permissions

6. Select wiki in the bread-crumb trail, and then click Apply to save the changes. Now you can set the permission to the wiki itself.

Accompanying

7. Click Portal Content → Web Content Libraries (Figure 5-14).

distribution for not

SPVC; for

Figure 5-14 Web Content Libraries guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 129 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

8. Go to the wiki that you just created to assign access and click Set Permissions (Figure 5-15).

distribution for

Figure 5-15 Set permissions not 9. Click the Edit Role icon for the Editor role (Figure 5-16).

SPVC; for

guide

Figure 5-16 Resource permissions

Accompanying

10.Click Add to assign users or groups to the Editor role (Figure 5-17).

Figure 5-17 Assigning users or groups to the Editordistribution role 11.Search for the available users. for 12.Select the user1 check box as an Editor so that this user can edit the content in the wiki. Then click OK (Figure 5-18). not

SPVC; for

guide

Figure 5-18 Adding role members

13.Select Resources in the bread-crumb trail and edit the role for Accompanying a contributor.

© Copyright IBM Corp. 2011. All rights reserved. 131 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

14.Add user2 as a member of the Contributor role (Figure 5-19).

distribution

Figure 5-19 Wiki contributor role for

15.Select Resources in the bread crumb. 16.Click Apply to save and apply yournot changes. 17.Click Done to return to the Web Content Libraries list. You can log in as user2 (password=user2). Now you see that you can tag and rate the content. 18.Log in as user1 (password=user1). Now you see that you can also create or edit SPVC;the content. for

guide

Accompanying

Lesson 6

distribution Lesson 6.Tagging and rating for This lesson provides an introduction to tagging and rating.

This lesson includes the following topics:not Tag clouds Public, private, personal, and community tags Statistics SPVC; Objectives for This lesson has the following objectives: Review tag clouds. Explain public, private, personal, community, and anonymous tagging,guide and rating. Explain tagging and rating statistics.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 133 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Tag clouds

A tag is a non-hierarchical keyword that is assigned to content found on the web. As such, a tag cloud is a visual representation of content that is represented by these terms. Content that is most frequently tagged by a particular word is highlighted in such a way that the visual impact is more pronounced.

WebSphere Portal 7.0 users can tag or rate portal content and view the tags and ratings. Portal resources that can be tagged include Web Content Management pages, portaldistribution pages, portlets, images, and custom resources, such as items in an online store.

Essentially, all uniquely identified portal resforources can be tagged. Tag clouds are displayed by the Tag Cloud portlet.

Important: A default portal installanottion supports tagging and rating of pages for the Page Builder theme only. The Tag Center might not be displayed as expected if you select the Portal theme as the default site theme.

SPVC; Topic B: Public, private, personal, and communityfor tags

Users can choose between applying a tag or rating as private or public. Tags can also be considered as personal tags or community tags. This topic discusses public, private, personal, andguide community tagging. This topic also discusses anonymous users. This information also applies to ratings.

Private tags Private tags can be seen only by the user who applied it. They have the following usage guidelines: A user can apply the same private tag only once to one specific resource. A user can apply the same tag to multiple resources. This means that an individual user can use the same tag more than once and only once per resource. Accompanying A user can only delete private tags that the user has applied. Users with a Manager role have more rights.

Public tags All public tags from all users can be seen by all users who belong to the community and who have access to the resource itself, independent of who created the tag or rating. They have the following usage guidelines: A user can apply the same public tag only once to one specific resource. A user can apply the same public tag to multiple resources, meaning that an individual user can use the same tag more than once and only once per resource. The same public tag can be applied to the samedistribution specific resource by multiple users. All users can apply the same tag, or rating, to a resource once. As a result,for the resource can have the same tag applied to it multiple times. Users can only delete public tags that they have applied. Users with a Manager role have more rights. not Personal tags Personal tags are applied by a specific user. Users apply the tag to the resource as a personal tag when they tag a resource. As noted earlier, public tags can be seen by everyone who belongs to the community, and privateSPVC; tags can only be seen by the user who created the tag.

Community tagsfor Public tags become community tags when they are shown to users, which means that community tags are always public. Community tags can be seen by all users who belong to the community,guide not only by the user who created the tag. Anonymous users Anonymous users of WebSphere Portal can tag and rate portal content if an administrator adds the anonymous user to the appropriate roles. The following side effects can occur because WebSphere Portal cannot distinguish one anonymous user from another: Tagging: A user can only apply the same tag to the same resource once. An anonymous user can apply the same tag to the same resource multiple times. Rating: A user can rate a single resource only once. An Accompanying anonymous user can rate the same resource more than once.

© Copyright IBM Corp. 2011. All rights reserved. 135 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Analogy: Anonymous tagging is similar to stuffing the ballot box. Anonymous users can tag as often as they want.

Topic C: Statistics

This topic discusses deriving and sharing tagging and rating statistics. distribution Tagging and rating statics

You can obtain the tags and tag counts for fora specific portal page or all tags that a specific user has applied. You can write queries for more detailed statistics or create a user interface to visualize them. not

The portal provides a Java Model API and a RESTful API that relates to tagging and rating. You can also extend the included Dojo widget user interface. For example, you can enhance tagging and rating in the following ways: Create additional querieSPVC;s about different aspects of the tagging and rating behavior of your WebSphere Portal users. Build additionalfor user interfaces to show the statistics about the tagging and rating behavior of your WebSphere Portal users. Implement additional functionality by exploiting the tags through access to the shared render parameters. Portlets on a page can then react to what is currently happening in the tag widget.guide

Meta information about tags and ratings is already collected. Therefore, extracting and performing additional statistical analysis of existing tags and ratings involves accessing the meta information and performing your own analysis.

The Java API that the portal provides for tagging and rating follows the pattern of the portal controller SPI. For more information, see “The Java API” wiki page at the following address about the portal controller API: http://www.lotus.com/ldd/portalwiki.nsf/dx/ AccompanyingThe_Java_API_wp7

The REST API provides the ability to work with tagging and rating. For more information, see the following web address: http://www.lotus.com/ldd/portalwiki.nsf/dx/ The_REST_API_wp7

Sharing tagging and rating data with portlets

You can implement additional functionality by exposing tag information or properties as a shared render parameter,distribution which can be consumed by other portlets. Thus, other portlets on a page can react to what is currently happening on the page with respect to tagging and rating. for

Scenario: The page can dynamically display the most popular component that is maximized by usingnot the tag information components on a page.

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 137 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

138 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 6: Enabling and configuring tagging and rating

Lab

Lab 6: Enabling and distribution configuring taggingfor and rating not

In the past years, a shift has occurred in the way that content is added to web-based systems. Previously, dedicated authors were responsible for adding content. Today, entire communities contribute. As a result, these systems grow quickly and become uncoordinated. SPVC; Tagging and ratingfor have become popular collaboration techniques that introduce new ways to organize and structure content. With tagging and rating, users can better organize, categorize, and find portal content, including Web Content Management and custom content. For example, users can tag or rate books in an online bookstore. You can tag or rate portal content and view the tags andguide ratings.

With the blacklist filter, you can block selected terms from being used as tags, such as terms that might be perceived as offensive. If you enable the blacklist filter, the portal checks every term that users type as a tag before it is eventually applied and stored. If a user types a term that is listed on the blacklist, the portal blocks this tag and responds with a message. You can determine the terms that you want on the blacklist by using the XML configuration interface.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 139 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

This lab includes the following tasks: Enabling or disabling tagging and rating for portal users Enabling and adding words to the blacklist Working with whitelist filters

Objectives

This lab has the following objectives: Enable or disable tagging and rating for portaldistribution users. Enable and add words to the blacklist. for not

SPVC; for

guide

Accompanying

140 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 6: Enabling and configuring tagging and rating

Task 1: Enabling or disabling tagging and rating for portal users

Tagging and rating are enabled in the Page Builder theme, which is the default portal theme. Use the following configuration properties to disable and enable tagging and rating globally for the entire portal: To disable and enable tagging portal wide, use the com.ibm.wps.cp.tagging.isTaggingEnabled property. To disable and enable rating portal wide, use distributionthe com.ibm.wps.cp.rating.isRatingEnabled property.

To enable rating or tagging in the WebSpherefor App lication Server administrative console, complete these steps: 1. In the left navigation pane of the Integrated Solution Console (https://localhost:10032/ibm/consolenot (Figure 6-1), click Resources → Resource Environment → Resource Environment Providers.

SPVC; for

guide

Figure 6-1 Integrated Solution Console - Resources

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 141 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

2. In the “Resource environment providers” panel (Figure 6-2), select the WP CPConfigurationService.

distribution for not

SPVC; for

Figure 6-2 Resource environment providers panel guide

Accompanying

142 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 6: Enabling and configuring tagging and rating

3. In the WP CPConfigurationService panel (Figure 6-3), select Custom Properties check box.

distribution for

Figure 6-3 WP CPConfigurationService configuration panel not

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 143 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

4. In the Custom properties panel (Figure 6-4), verify that the first two list items, which enable tagging and rating, are set to true.

distribution for not

SPVC; for

guide

Figure 6-4 Custom properties panel

Task 2: Enabling and adding words to the blacklist

In the following steps, we continue our procedure from Task 1 “Enabling or disabling tagging and rating for portal users” on page 141, and explain how to enable and add words to the Accompanyingblacklist:

144 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 6: Enabling and configuring tagging and rating

1. Scroll through the Custom Properties list and select the com.ibm.wps.cp.filter.tagging.blacklist property to enable the blacklist filter (Figure 6-5).

Figure 6-5 Blacklist property

2. In the Configuration panel (Figure 6-6), set the value for com.ibm.wps.cp.filter.tagging.blacklist to true. Then click Apply. distribution for not

SPVC; for

Figure 6-6 Setting the blacklistguide value to true

3. In the message that is displayed at the top of the page (Figure 6-7), click Save.

AccompanyingFigure 6-7 Saving the changes

© Copyright IBM Corp. 2011. All rights reserved. 145 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

4. Use the code in Example 6-1 to create an XML file and name it blacklist.xml.

Example 6-1 The blacklist.xml file for not

DefaultBlacklistFilter: This XML file registers the two words whatever and badword with the blacklist filter for all locales. You must specify DefaultBlacklistFilter for the attribute ID of theSPVC; tag filter. You can optionally specify the attribute locale for the tag filter data. After you run this XML script, usersfor cannot use whatever or badword as tags. You can import the blacklist filter by using the XML Access or the Import XML on the Administration page. guide

Accompanying

146 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 6: Enabling and configuring tagging and rating

5. Log in to WebSphere Portal (http://portal99:10039/wps/portal) as wpsadmin and select Administration, in the left navigation pane (Figure 6-8). Click Portal Setting → Import XML.

distribution for not

SPVC; for

Figureguide 6-8 Selecting Portal Setting → Import XML

6. In the Import XML panel (Figure 6-9), select the blacklist.xml file that you just created and click Import.

Accompanying Figure 6-9 Importing the XML file

© Copyright IBM Corp. 2011. All rights reserved. 147 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

7. Click View Details to see the results as displayed in Figure 6-10.

distribution

Figure 6-10 Blacklist import results for 8. Restart the WebSphere Portal Servernot to update your configuration changes. 9. Go to the wiki or blog page that you created and tag it with a word in the blacklist (Figure 6-11).

SPVC; for

guide

Figure 6-11 Entering a blacklist word on a blog page

Accompanying

148 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 6: Enabling and configuring tagging and rating

Figure 6-12 shows the tag error message.

distribution for not

Figure 6-12 Tag error message

10.Export all the tags to see the list of tags that you entered (Example 6-2). a. Save the text ofSPVC; Example 6-2 into an xml document. b. Log into Portal and go to Administration → Portal Settingsfor→ Import XML. c. Import the xml document. d. Click Import. e.guide Click View Details to see the tag export. Example 6-2 Exported tags Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 149 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 3: Working with whitelist filters

You can use the XML configuration interface to configure both blacklist and whitelist filter lists. To work with the whitelist, adapt the examples by changing the ID of the filter from DefaultBlacklistFilter to DefaultWhitelistFilter. Sample scripts for the XML configuration interface are in Windows: C:\IBM\WebSphere\PortalServer\doc\xml-samples Linux: distribution /opt/IBM/WebSphere/PortalServer/doc/xml-samples

Whitelist definition: Blacklist filters prohibifort specific terms only. Conversely, whitelist filters allow only those terms defined in the whitelist. The portal checks every term that users type as a tag before it is eventually applied and stored.not

SPVC; for

guide

Accompanying

Lesson 7

distribution Lesson 7.Attribute-based administration for not This lesson discusses attribute-based administration using personalization rules and theme policies

This lesson includes the following topics: Personalization rules Administering the SPVC;portal using attribute-based techniques Defining attribute-based administration Creating and managing visibility rules for Objectives

Thisguide lesson has the following objectives: Define attribute-based administration. Create a visibility rule. Manage visibility rules. Assign visibility rules to portlets. Assign visibility rules to pages. Define attributes. Create a theme policy.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 151 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Personalization rules

Personalization shapes the portal experience according to rules in such a way that content is driven to the interface, or other behaviors, such as navigation, are altered. From the user perspective, the term customization has been replaced with the term personalization. From an administrative and development perspective, customization is the means by which a user alters the content, or behavior, of the portal to suit their own ad hoc interests. distribution By using personalization, sites become easier to use, content relevance increases, and user efficiency improves to the degree that personalization is understood and implemented.for

Rules not

To define how the site will interact with users, you write readable logic statements (rules) that define a condition to evaluate and an action to take based on the outcome of an evaluation. SPVC; Exploring campaigns

Campaigns organizefor sets of personalization behavior. Open enrollment on healthcare benefits might be the basis for an annual campaign on an HR intranet portal. Personalization can be used to place content according to start and stop date rules and rules to contentguide spot mappings. Topic B: Administering the portal using attribute-based techniques

Attribute-based administration is a tool to administratively define the content and behavior of portal under predetermined circumstances.

Accompanying

Access control and visibility rules

Access control determines the persistent access of a user or group to portal resources. Users might experience a change in portal experience as their group memberships change. Access control is not an implementation of attribute-based administration.

Visibility rules, which are one example of attribute-based administration, provide a transient means of managing the presentation of resources. One example of visibility rules is to display a portlet if a user’s locale is within a specified region. The visibility rule is moot if a user’s access does not incldistributionude permission to view a portlet. The visibility rule filters the portlet according to the rule action if the user’s access permits access to a resource, such as a portlet. for

Policies not

Policies target resources and are applied to classes of users. By defining specific settings for a resource, such as mail, administrators can apply the policy to a class of users. A resource can have more than one policy so that effectively several classes of user can experienceSPVC; different settings through the application of a policy. for Error condition behavior

Because error conditions can occur, you want to be prepared to handle such conditions. For example, an attribute that is evaluated in a guiderule might not be available when the rule is evaluated. You can set or modify the default settings to handle these error conditions. If a problem occurs during evaluation, err on the side of caution. For example, visibility rules that encounter an error should hide the resource.

Topic C: Defining attribute-based administration

Attribute-based administration provides the administrator with Accompanyinganother tool to display or hide pages and portlets under specific circumstances. As mentioned previously, one example of

© Copyright IBM Corp. 2011. All rights reserved. 153 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

attribute-based administration is visibility rules, which allow the evaluation of user-specific data before displaying a resource. For example, if a user is from a specific region of the country, a visibility rule by might be set to show a portlet specific to that type of user. Visibility rules are different from access control. Access control is a hard rule that allows the user specific privileges on a resource.

Attribute-based administration provides a facility to customize the runtime layout of a page based on user attributes and other factors at run time. User attributes can be stored in the release, community, and customization databases. distribution Attribute-based administration also determines which pages and portlets are shown with visibility rules. The forshow or hide action is executed if the rule evaluates true. As illustrated in Figure 7-1, visibilitynot rules take advantage of the personalization engine. The portal’s personalization capabilities provide the rule creation, storage, and evaluation mechanism necessary to implement visibility rules. The personalization engine evaluates the applicable rules at run time and shows or hides the resource depending on the outcome of the evaluation. SPVC; for

guide

Figure 7-1 Visibility rules

Accompanying

Examining visibility rules

Visibility rules can evaluate based on the following information: Lightweight Directory Access Protocol (LDAP) attributes Time of day, including calendar and clock attributes Properties, such as custom attributes defined by portlet developers Session information

The portal automatically triggers rule evaluation. distributionYou can assign additional rules to pages and portlets. The Automatic Programming Interface (API) invokes the rulesfor programmatically. For example, you can hide a portlet from users based on their geographical location. You must ensure that the LDAP schema includes the user location attribute, andnot then create a visibility rule to hide the portlet based on a location attribute. The visibility rule is assigned to a portlet.

Exploring interactions between security and rules SPVC;

Portal security isfor always the overriding factor in displaying a resource. If a user has no privileges on a specific page or portlet, no visibility rules are evaluated on the page or portlet, and the resource is not shown to the user. Figure 7-2 shows an example where a user has privileges, access is granted, and the resource is shownguide to the user.

Accompanying Figure 7-2 Security and visibility rules

© Copyright IBM Corp. 2011. All rights reserved. 155 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Considering that a user has privileges on the resource, all applicable rules are evaluated, and the resource is displayed or hidden based on the outcome of the rule evaluation. Figure 7-3 shows an example where the following actions occur: The user logs in to IBM WebSphere Portal. Portal checks the access control list to determine what the user is authorized to view. The content is then filtered based on the visibility rules. distribution for not

SPVC; for

guide

Figure 7-3 Security and visibility rules

Handling errors

As mentioned previously, errors can occur during rule evaluation. For example, an attribute that is evaluated in a rule might not be available when the rule is evaluated. You can set defaults to Accompanyinghandle these error conditions. If a problem occurs during evaluation, err on the side of caution and hide the resource. Errors

can be caused if a rule has been deleted, if a user object is null, or it other similar missing objects are not available to the rules engine at the time that the rule is evaluated.

The following examples are ways that you might evaluate error conditions: A rule is not found, and an exception occurs during rule execution. In this case, the page or portlet is hidden, which is the system default. Change the default behavior by modifying thedistribution rulesEngine.visibilityDefault property in PersonalizationService.properties. for This file is in the wp_profile_root/PortalServer/config/ config/services/ directory. Set the value of the property to show when an error occurs. not The user is not found during rule execution. The rulesEngine.throwObjectNotFoundException property specifies the behavior if false. The error is recorded in the portal log file. The page or portlet is not displayed.

If an error occurs whenSPVC; locating or using a rule assigned to a page or portlet, by default, that page or portlet is hidden. The system continues if a user or expected application does not exist. This behavior might forbe appropriate, and therefore, you might need to change this behavior for testing purposes in a development environment. Update the PersonalizationService.properties file to override this behavior globally.

Theguide rulesEngine.visibilityDefault property specifies whether a page or portlet renders if the assigned rule has a problem. Changing the property value to show means that the page or portlet is shown even though the assigned rule cannot be found or if a problem resides with the rule.

Set the value of this property to true to throw an exception if the object is not found.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 157 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic D: Creating and managing visibility rules

You can create visibility rules while editing a page layout or page properties if you are using an existing Portal theme. Creating rules this way, while it might be the most expedient path for rule creation, does not produce a coherent and well organized list of rules.

Create rules from the Personalization Navigator, and then apply the rules when editing a page layout or page properties.distribution You can create visibility rules from the following areas for Page Builder theme-based pages: for On the page, click the Action tab and select Edit Page Properties. In Page Properties, click Advancednot Properties → Control Display through rule mapping. In the Personalization Navigator, click New → Rule.

You can create visibility rules from the following areas for existing Portal theme-based pages:SPVC; In the Edit Layout portlet, click Edit Page Layout → Show Portlet Rule Mappings → Create New Rule. In Page Properties,for select Advanced options → Show or Hide page rule → Create New Rule. In the Personalization Navigator, click New → Rule. Creatingguide rules from the Personalization Navigator offers the following advantages: Allows better management of existing rules Provides full access to personalization resources Allows editing of any existing rule in conjunction with the Personalization Editor

A page must be created for whomever is to create and manage the rules. This person needs the Personalization Navigator (Figure 7-4 on page 159) and Personalization Editor portlets.

Accompanying

distribution for not

SPVC; Figure 7-4 Personalization Navigator for Applying visibility rules to pages and portlets guide Rules can be applied while editing page layouts, editing page properties, or by using XML Access. The rule must exist in order to apply it to resources. Applying rules by using XML Access applies to situations where you deploy releases from staging to production. Deploying rules from one environment to another requires additional steps, where applying a rule with XML Access is an integral part of the page and portlet deployment process.

One other factor to consider is that, when a user creates a derived page, where a Privileged User edits the layout of a shared page, the derived page automatically inherits all visibility rules. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 159 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lab

Lab 7: Creating rulesdistribution for In this lab, you apply a visibility rule to a portlet. The implementation of this rule can show or hide a portlet based on the criteria that you set, which is determinednot during the evaluation of rules at run time. You apply the rule to the Human Resources page hierarchy that was imported in “Lab 4: Implementing security and creating a Developer Administration page” on page 81.

Visibility rules work in addition to permissions. They do not override access control.SPVC; Access is evaluated first and then the Personalization engine executes rules.

This lab looks atfor wher e you apply a rule to a page and a portlet. You also locate the parameter that controls the ability to add a rule to a portlet. This parameter is enabled by default, and you test the functionality of blocking the ability of adding rules by changing this parameter.guide This lab includes the following tasks: Verifying that WebSphere Portal is started and logging in Validating the ability to apply rules to a portlet Working with visibility rules

Objectives

This lab has the following objectives: Describe Edit Layout attributes that control applying rules Accompanying Create a visibility rule Apply a rule to a portlet or a page

© Copyright IBM Corp. 2011. All rights reserved. 161 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Substitution values: In this lab, use the following substitution values, depending on your environment, when you encounter them in the lab instructions: – Windows: C:\IBM\WebSphere\wp_profile –Linux: /opt/IBM/WebSphere/wp_profile distribution – Windows: for C:\IBM\WebSphere\AppServer –Linux: not /opt/IBM/WebSphere/AppServer

SPVC; for

guide

Accompanying

Task 1: Verifying that WebSphere Portal is started and logging in

In this task, you verify that WebSphere Portal is started and then log in.

Verifying that WebSphere Portal is started distribution To verify that WebSphere Portal is started, complete these steps: 1. Launch a command prompt. for 2. Change directories to \bin. 3. Enter the command: not serverstatus -all 4. Enter wpsadmin for user ID and password when prompted. 5. Enter the following command if WebSphere_Portal is stopped: startServer WebSphere_Portal 6. Continue when youSPVC; receive the “open for e-business” message. for Logging in to WebSphere Portal

To log in to WebSphere Portal, complete these steps: 1. Launchguide a browser and enter the following web address: http://portal99:10039/wps/portal 2. Enter wpsadmin as the user ID and password. 3. Click Log in.

Task 2: Validating the ability to apply rules to a portlet

The Edit Layout portlet has an attribute that controls the ability to apply rules to a portlet. This attribute is enabled by default. In this Accompanyingtask, you explore where you apply a rule to a portlet or page. You also configure the rule mapping attribute of the Edit Layout portlet.

© Copyright IBM Corp. 2011. All rights reserved. 163 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

To validate the ability to apply rules to a portlet, complete these steps: 1. Locate where to apply a rule to a page (you apply rules later in this lab): a. Click Administration → Portal User Interface → Manage Pages → Content Root → Home. b. Click the Edit Page Properties for the Human Resources page. c. Expand Advanced Options. d. Click the arrow next to No rule mapped todistribution display the Personalization Rule Picker list. e. Click Cancel. for not

SPVC; for

Figure 7-5 Page Edit Layout portlet guide

Accompanying

2. Locate where to apply a rule to a portlet. a. Click the Edit Page Layout icon for the Human Resources page. b. Click the Show Portlet Rule Mappings link (Figure 7-6).

distribution for not

Figure 7-6 Portlet Edit Layout portlet

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 165 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The Show Portlet Rule Mappings link changes to Hide Portlet Rule Mappings (Figure 7-7). c. Click the arrow next to No rule mapped to display the Personalization Rule Picker list. d. Click Hide Portlet Rule Mappings to toggle back to Show Portlet Rule Mappings. e. Click Done.

distribution for not

SPVC; Figure 7-7 Portlet Edit Layout portlet for 3. Configure the rule mapping attribute of the Edit Layout portlet: a. In the left navigation pane, click Portlet Management → Portlets. b. In the Manage Portlets window, in the Search field, enter guideEdit Layout . Then for Edit Layout, click the Configure portlet icon (the wrench icon).

AccompanyingFigure 7-8 Manage Portlets window

c. In the Parameter column (Figure 7-9), locate showRuleMappingOption and click the Edit value icon (the pencil icon). The value is set to Yes by default.

distribution for not

Figure 7-9 Manage Portlets window

d. Change the Value to No and click OK. Then click OK again. e. Click Manage PagesSPVC;→ Human Resources and then click the Edit Page Layout icon. Notice that the ShowRuleMappingfor link is no longer displayed. Click Done. f. Under Portlet Management, for Edit Layout, click Portlets → Configure portlet. g. For showRuleMappingOption, click the Edit value icon. h. Change Value back to Yes and click OK. Then click OK guideagain.

Task 3: Working with visibility rules

Visibility rules determine what content is visible to a targeted audience. In this task, you create, apply, and validate time-based visibility rules for a portlet and a page in this task.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 167 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Creating a visibility rule

To create a visibility rule, complete these steps: 1. Click Applications → Content → Personalization → Business Rules. The Applications link is at the top of the page in the banner navigation.The Personalization Navigator and Editor are displayed. 2. Click New → Rule and notice that the Personalization Editor expands (Figure 7-10). distribution for not

SPVC; for

Figure 7-10 Personalization Editorguide

Accompanying

3. In the Personalization Editor panel (Figure 7-11), complete these steps: a. For the rule name, enter DateBasedVisibilityRule. b. Click the Rule Type list, select Visibility Rule.

distribution for not

SPVC; for

guide Figure 7-11 Rule Type list

The Show page or portlet when link is displayed by default. You can change the value to Hide by clicking the Show page or portlet when link. We use the default Show.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 169 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

c. As shown in (Figure 7-12), click attribute * and click Date → Date.

distribution for not

SPVC; Figure 7-12 Personalization Editor for d. Click is → is between. Two new options, value * and value *, which are where you define your date range, are displayed after the is between guideoption is selected. e. Select the first value * and enter tomorrow’s date. Then click Submit.

Accompanying

f. Select the second value * and enter Saturday’s date (Figure 7-13). Then click Submit.

distribution for not

Figure 7-13 Personalization Editor SPVC; 4. Click Save. forYou might have to scroll down to see the Save button. All changes are lost if you do not save.

The new rule has now been added to the Personalization Navigator. guide Applying the new rule to a portlet

To apply the new rule to a portlet, complete these steps: 1. Click Administration → Portal User Interface → Manage Pages. 2. Navigate to the Human Resources page. 3. Click Edit Page Layout for Human Resources. 4. Click the Show Portlet Rule Mappings link. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 171 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

5. In the Edit Layout window (Figure 7-14), notice that No rule mapped is the default setting. Click Personalization Rule Picker → Select Rule.

distribution for not

Figure 7-14 Edit Layout window

6. In the Personalization Picker window (Figure 7-15), select the DateBasedVisibilityRule check box from the Personalization Picker portlet and SPVC;click OK. for

guide

Figure 7-15 Personalization Picker portlet Accompanying

7. Back in the Edit Layout window (Figure 7-16), notice that the visibility rule has been applied to the portlet. Click Done.

distribution for not Figure 7-16 Edit Layout window

Important: Visibility rules apply to everyone, even the administrator ID. The Reminder portlet must be hidden. Remember, by default, visibility rules are shown if the condition evaluatesSPVC; to true. In the following steps, you change the rule to show the portlet. for 8. Validate the rule: a. Click Home and navigate to the Human Resources page. b. Click Applications → Content → Personalization → Business Rules. Select DateBasedVisibilityRule, if guideneeded. c. Click Edit in the Personalization Editor. d. Change the first date value to yesterday’s date, click Submit, and then click Save. e. Click Administration → Portal User Interface → Manage Pages. f. Navigate to the Human Resources page and click Edit Page Layout. g. Re-apply the rule: i. Click Personalization Rule Picker → Select Rule. Accompanying ii. Click OK. iii. Click Done.

© Copyright IBM Corp. 2011. All rights reserved. 173 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

9. Click Home and navigate to the Human Resources page. The Reminder portlet is now visible.

Creating and applying a visibility rule to a page

To create visibility rule and apply it to a page, complete these steps: 1. Click Administration → Portal User Interface → Manage Pages. distribution 2. Click Content Root → Home → Human Resources. 3. Click Edit Page Properties icon for thefor Payroll page. 4. Expand Advanced options, click Personalization Rule Picker → Create New Rule. This opens the Personalization Picker portlet, which is automaticallynot applied to the page when you save this rule. 5. In the Personalization Picker panel, complete these steps: a. Enter the rule name PayrollVisibilityRule. b. Click Show pageSPVC; or portlet when and click Hide. c. Click attribute* and click Portal Users → Groups. A window opens displaying the groups. If you do not see this window, disablefor your popup blocker. d. Click is and select includes any of. You might need to scroll to select this parameter. e. Mouse over value * and click the greater than (>) sign. guide

AccompanyingFigure 7-17 Personalization Picker portlet

f. Scroll down to the bottom of the list and click Select Group.

Watch for popup: Watch for popup to see available groups.

g. In the Search for field, type Emp and click Search. h. Select the Employees group and click OK. i. Click Save. 6. Click OK. 7. Log out and then log back in as Employee1. 8. Click Human Resources and notice Payroll isdistribution no longer visible. 9. Click Log Out and close the browser. for not

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 175 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lesson 8

distribution Lesson 8.Virtual portals and realms for This lesson provides an introduction to virtual portlets and realms.

This lesson includes the following topics:not Virtual portals and multiple realms VMM realm configuration files Creating a realm Creating a virtual portal Scoped and non-scoped resources Virtual portal provisioningSPVC; script for Objectives

This lesson has the following objectives: Defineguide a realm. Identify Virtual Member Manager (VMM) configuration files. Differentiate between true and virtual portals. Define planning considerations for virtual portals. Identify scoped and non-scoped resources. Create a virtual portal. Customize the provisioning script for virtual portals.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 177 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Virtual portals and multiple realms

This topic explains how to define virtual portals and realms and discusses the relationship of virtual portals with multiple realms.

Defining virtual portals

Virtual portals are administrative entities and aredistribution logical portals that share the same hardware and software installation. They have the following key benefits: Delegating the administration of a virtualfor portal. User privilege for some resources employed by a virtual portal can be managed by a team of administrators from another organization. not Associating discrete user communities with unique virtual portals.

These two benefits are understood in the terms scope and realms. Creating a virtual portal begins with realm definition. A realm is a collection of congruentSPVC; users managed by a user repository. A virtual portal forand a true portal have the following differences: Virtual portals: – Share hardware resources – Share licenses – Share software installation and updates –guide Share portal resources – Allow separate user communities True portals: – Require independent hardware and software – Require separate updates for each portal instance – Have a unique set of portal resources – Have a single user community – Provide strong isolation of applications

Define a realm that you will use for a specific virtual portal prior to creating the virtual portal. You cannot change to another realm after you create a virtual portal. You can change the membership Accompanyingcomposition of the realm at any time. You must create a new virtual portal if you determine that a different realm is required.

With the virtual portals feature, you can create multiple logical portals for different user communities. You can assign different administrative groups to each virtual portal, as illustrated in Figure 8-1.

distribution for not

Figure 8-1 Shared hardware and software installation

Creating multiple virtual portals has the following advantages: Each instance usesSPVC; shared hardware and shared software. All portals use one IBM WebSphere Portal software installation. for All portals use a shared WebSphere Application Server or cluster. Each virtual portal can have a unique user population. Eachguide virtual portal supports anonymous pages. Each virtual portal can have unique configuration properties. Each virtual portal can be administered by a unique administration team.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 179 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

A single “true” true portal can be configured to host as many as 150 virtual portals, which is illustrated in Figure 8-2.

distribution for not

Figure 8-2 Multiple virtual portals

Defining realmsSPVC;

In this section, wefor examine user- and group-distinguished names, defining a federated repository, and examining WebSphere Portal security.

User- and group-distinguished names A realmguide is a defined subset of a number of repositories defined in the federated repository configuration of the VMM. User membership in a realm is based on user- and group-distinguished names.

Creating multiple realms requires a hierarchical naming structure and a federated repository. A single LDAP can be employed by virtual portals and, if selected, access to each portal must be managed through access controls.

Creating security realms provides the ability to subdivide an all-encompassing federated repository. Distinguished naming enables LDAP administrators to generate unique names for each Accompanyinguser.

In a large organization, the naming repository can become large and unwieldy. Therefore, by dividing the repository into realms, the administrator can segment the user community based on the distinguished naming characteristics of the repository.

Defining realms becomes particularly important when implementing virtual portals. Creating realms enables the administrator to tailor the user community to the virtual portal Because each portal might have distinctly different user communities.

Defining a federated repository distribution WebSphere Portal security employs the VMM to define its repository. The VMM can support a stand-alone LDAP, or it can federate multiple different repositories as thoughfor they are a single repository.

When defining a federated repository,not keep in mind the following caveats: A group in one of the repositories cannot encompass members from another repository. Names must be unique across the entire federated repository. SPVC; Federate additional repositories into the VMM with databases and LDAPs. They do not need to be an identical type. The federated repository can actfor as a single namespace (Figure 8-3).

guide

Accompanying Figure 8-3 A federated repository definition

© Copyright IBM Corp. 2011. All rights reserved. 181 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Examining IBM WebSphere security VMM uses a database to federate and track its child repositories. The database does not contain the individual user membership. The VMM database contains the necessary information that is required to access the child repository.

VMM uses its own repository on a stand-alone server. You cannot localize authentication settings to an individual server. Access Control Lists are set by application.

VMM uses a single federated repository for the entire cell when you implement security in a cell. Users are authenticateddistribution locally by each WebSphere instance that includes authentication with the deployment manager and node agents. for Virtual portals with multiplenot realms The virtual portal to realm relationship is one-to-one. The realm membership can change, but the realm cannot be changed. When planning the virtual portal environment, take this relationship into consideration before placing virtual portals into production.

The realm to virtual portalSPVC; relationship, in contrast, is one-to-many; that is, one realm supports a number of virtual portals. for Topic B: VMM realm configuration files guide VMM stores its configuration settings in the wimconfig.xml file. Do not edit this file directly to implement your changes. If you do edit this file, distribution of the file out to the individual nodes in a cell is not triggered. Instead use the ConfigEngine utility.

Updating the wimconfig.xml file: Avoid editing the wimconfig.xml file directly. Instead, use the ConfigEngine utility to update it.

When you examine the VMM control file, you see that the VMM configuration is defined by the wimconfig.xml file. This file is in the Accompanying\config\cells\\wim\config directory.

The wimconfig.xml file defines the following items: The participating repositories for both databases and LDAPs The full repository’s base distinguished names (DN) The full repository’s search bases for user and group The realm configuration for all defined realms

Topic C: Creating a realm

Use the ConfigEngine configuration utility to update the wimconfig.xml file to add realm support. To createdistribution a new realm, follow these steps: 1. Modify the wkplc.properties file beforefor executing each task. 2. Run wp-create-base-entry to create base distinguished names that are used throughout the full repository. 3. Run wp-create-realm to create thenot realm definition along with the initial participating base entry. 4. Run wp-add-realm-baseentry to add additional base entries to an existing realm. 5. Run wp-add-ldap-entitytype-rdn to define new search bases. SPVC; 6. Restart all servers in the cell after completing the tasks: a. Stop the portalfor instances. b. Stop the node agents. c. Stop the deployment manager. d. Start the deployment manager. e. Start the node agents. f.guide Start the portal instances.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 183 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic D: Creating a virtual portal

This topic explains how to create a virtual portal.

Using the Virtual Portal Manager portlet

The original portal, WebSphere Portal, is defined as a virtual portal instance, and you manage virtual portals with the Virtual Portal Manager portlet. The true portal is defined as a virtual portal, which is illustrated in Figure 8-4. distribution for not

SPVC; Figure 8-4 Virtual Portal Manager window for Define a URL context that the user will enter to access the virtual portal when creating a virtual portal. This URL context is appended to the original context. You can also create a virtual portal host name, which enables the user to access the virtual portalguide using the unique host name. You cannot define a host name that is identical to the default portal host name.

The initial admins group can be the same as the default portal. The admins group specified here has a sharply curtailed set of privileges.

Accompanying

Using the ConfigEngine create-virtual-portal task

To create a new virtual portal, follow these steps: 1. Click Administration → Virtual Portals → Manage Virtual Portals → New Virtual Portal. 2. Connect to the virtual portal by entering the URL context in a browser and entering the virtual portal host name in a browser. 3. Choose a defined realm. The realm must exist before creating the virtual portal (Figure 8-5). distribution for not

SPVC; for

guide

Figure 8-5 Virtual Portal Manager

4. Define the initial admins group, which must be a smaller group than the full portal administrators group. Reinitializing the virtual portal takes it back to its original scripted state.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 185 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

5. Define the host name for the virtual portal by using the following addresses (Figure 8-6): – http://mydomain.com/wps/portal/newyork – http://nyp.newyork.ibm.com/wps/portal

distribution for Figure 8-6 Virtual Portal Manager not Topic E: Scoped and non-scoped resources

This topic discusses definingSPVC; scoped and non-scoped resources.

Defining scopedfor resources

Scoped resources are resources that are available to only a specific virtual portal.

Scopedguide resources have the following characteristics, among others: They can be assigned to a specific virtual portal. They cannot be shared between virtual portals. They can be customized for each virtual portal.

You can still use access control to restrict individual users or groups of access permissions within the context of a specific virtual portal. Scoped resources include portal pages and portlet instances.

Accompanying

Figure 8-7 illustrates how you can restrict access to these resources by virtual portal users through portal access control.

Figure 8-7 Restricting access distribution Some resources can be scoped to use within individual virtual portals. Technically, this is not the same as fora scoped resource. For practical purposes, using an ACL to scope a resource serves the same result. not Defining non-scoped resources

Non-scoped resources are shareable resources across many virtual portals. Portlets are a non-scoped resource. SPVC; Non-scoped resources have the following characteristics, among others: They are sharedfor by all virtual portals. Customization affects all virtual portals. Some resources can be scoped through the Portal access control.guide The following non-scoped resources can be scoped by using portal access control: Portlets Portlet applications Web modules URL mapping contexts Users and groups

The following non-scoped resources cannot be scoped by using portal access control: Themes and skins Accompanying Vault segments and vault slots Supported clients and markups

© Copyright IBM Corp. 2011. All rights reserved. 187 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Application templates Composite applications Policies

Topic F: Virtual portal provisioning script

You can control the appearance of new virtual portals by altering the provisioning script or creating one of your own.distribution The provisioning script defines the create time pages and their layout. To customize the initial virtual portal content,for follow these steps: 1. Locate the existing script in \installedApps\portal00\wps.ear\ wps.war\virtualportal\InitVirtualPortal.xmlnot 2. As shown in Figure 8-8, in the Integrated Solutions Console, expand Applications → Application Types and click Assets. In the right pane, select VirtualPortal.zip. You can examine the asset to locate the default initialization file. SPVC; for

guide

Figure 8-8 Managing the virtual portal asset

3. Create a new script in the same directory as the InitVirtualPortal.xml file. Accompanying

4. From the Virtual Portal Manager portlet menu, select Configure and enter the new script name (Figure 8-9).

distribution

Figure 8-9 Using the Virtual Portal Manager configuration settings to provide a script name for not

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 189 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

190 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 8: Configuring realms and virtual portals

Lab

Lab 8: Configuring realmsdistribution and virtual portalsfor not This lab discusses enabling multiple realm support using the IBM Tivoli Directory Server 6.2 with IBM WebSphere Portal 7.0 across an existing portal and a newly created virtual portal. In this lab, you modify Virtual Member Management (VMM) configuration files to enable realm support. You also create and test the new virtual portal. SPVC; This lab includes the following tasks: Creating a newfor user realm Creating a virtual portal

Objectivesguide This lab has the following objectives: Enable security with multiple realm support. Modify the VMM configuration files to support multiple realms. Create a virtual portal.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 191 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Substitution and location of the file for this lab: In this lab, when you see the value , substitute it as follows depending on your environment: Windows C:\IBM\WebSphere\wp_profile Linux /opt/IBM/WebSphere/wp_profile

The file for this lab is in the \config\cells\ portal99\wim\config\wimconfig.xml. distribution for not

SPVC; for

guide

Accompanying

192 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 8: Configuring realms and virtual portals

Task 1: Creating a new user realm

In this task, you modify the wkplc.properties configuration file to add a new realm.

Base entries for realms: Base entries for the realms have been previously implemented.

To create a new user realm: 1. Ensure that the portal server is running. distribution 2. Use file explorer to browse to the \ConfigEngine\properties\wkplc.properties file. for 3. Make a backup copy of the wkplc.properties file. 4. Open the wkplc.properties file notin WordPad. 5. Replace the values of the following wkplc.properties parameters as indicated: realmName=NewYork addBaseEntry=dc=newyork,dc=ibm,dc=com 6. Save the wkplc.propertiesSPVC; file; save and close the file. 7. At the command prompt(\ConfigEngine), enter the followingfor command: Windows: ConfigEngine.bat wp-create-realm -DPortalAdminPwd=wpsadmin -DWasPassword=wpsadmin Linux:guide ./ConfigEngine.sh wp-create-realm -DPortalAdminPwd=wpsadmin -DWasPassword=wpsadmin

The following message line is displayed: [echo] updated RegistrySynchronized in file wkplc.properties with value: Return Value: 0

Task 2: Creating a virtual portal Accompanying To create a virtual portal, complete these steps:

© Copyright IBM Corp. 2011. All rights reserved. 193 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

1. Ensure that the portal server is running. 2. Click the Administration link. 3. Click the Manage Virtual Portals portlet. 4. In the Virtual Portal Manager window (Figure 8-10), click New Virtual Portal.

distribution for

Figure 8-10 Virtual Portal Manager windownot

SPVC; for

guide

Accompanying

194 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 8: Configuring realms and virtual portals

5. In the Create New Virtual Portal panel (Figure 8-11), set the following properties and then click OK: – Virtual portal title: NewYorkPortal – URL context: newyork – Virtual portal hostname: nyp.training.ibm.com – User realm: NewYork – Initial admin user group: nyadmins

distribution for not

SPVC; for

Figure 8-11 Virtual Portal Manager window: Set properties

6. Afterguide the portal is created, click Reinitialize. 7. Add an entry to the hosts file for the IP address of the portal99 instance with a host name of nyp.training.ibm.com. 8. Open a new browser and enter the following web address: http://portal99:10039/wps/myportal/newyork 9. Log in as nyadmin1/nyadmin1. 10.Open a new browser and enter the following web address: http://nyp.training.ibm.com:10039/wps/portal 11.Log in as nyadmin1/nyadmin1. Accompanying12.Click Administration → Access → Users and Groups.

© Copyright IBM Corp. 2011. All rights reserved. 195 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

13.Set the search property to Users. In the Search text box, enter an *, and then click Search. Notice that the page structure does not show any of the pages that you previously created. Also, notice the additional nyadmins and nyusers groups. 14.Click Logout.

Adding and deleting a virtual portal: If you attempt to add a virtual portal and then delete the virtual portal, you may be unable to recreate the virtual portal. The error message you see may indicate a duplicate key. To resolve the duplicdistributionate key issue, use the xmlaccess configuration interface and execute the sample Task.xml script. for In Windows, you can run Task.xml from C:\IBM\WebSphere\PortalServer\bin using the following syntax: not xmlaccess -user uid=wpadmin, cn=users, dc=train ing,dc=ibm,dc=com -password wpsadmin -url localhost:10039/wps/config -in C:\IBM\WebSphere\PortalServer\doc\xml-samples\Task.xml -out C:\IBM\WebSphere\PortalServer\doc\xml-samples\TaskResultASPVC; .xml

In Linux, you canfor run Task.xml from /opt/IBM/WebSphere/PortalServer/bin using the following syntax:

./xmlaccess.sh -user uid=wpadmin, cn=users, dc=training,dc=ibm,dc=comguide -password wpsadmin -url localhost:10039/wps/config -in /opt/IBM/WebSphere/PortalServer/doc/xml-samples/Task.xml -out /opt/IBM/WebSphere/PortalServer/doc/xml-samples/TaskResul tA.xml

Accompanying

Lesson 9

distribution Lesson 9.IBM Syndicated Feed Portlet for The new IBM Syndicated Feed Portlet for IBM WebSphere Portal offers enhanced feed subscription and presentation capabilities. This lesson discusses the enhancednot features.

This lesson includes the following topics: IBM Syndicated Feed Portlet Feeds SPVC; Objectivesfor This lesson has the following objectives: Set up a proxy for a portlet. Discuss the configuration options and any management implications.guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 197 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: IBM Syndicated Feed Portlet

With the Syndicated Feed Portlet, you can integrate, view, and manage Really Simple Syndication (RSS) and Atom syndication format (ATOM) feeds from your WebSphere Portal pages. You can organize the feeds into new and existing feed categories and extensively customize the presentation style of these feeds.

User interaction is simple. Personalize a Syndicated Feed Portlet by adding categories and subscriptions (Figure 9-1).distribution for not

SPVC; for

Figure 9-1 Syndicated Feed Portlet guide Proxy for the portlet

The portlet is supported in a proxied environment and enables dynamic modification of the portlet window title. As an administrator, you can configure several administrative settings from within the portlet interface and apply selective locks on a user’s ability to customize the portlet.

The portlet complies with the Outline Processor Markup Language (OPML) standards for subscription management and supports the export of feeds to an OPML-compliant file and import Accompanyingof multiple feeds into the portlet from an OPML URL.

Configuration options for administrators

A user can perform the following tasks using the Syndicated Portlet Feed: Integrate, view, and manage RSS and ATOM feeds from WebSphere Portal pages. Organize the feeds into new and existing feed categories. Specify authentication options and credentials, private or shared, for password-protected feeds. Extensively customize the presentation style fordistribution feeds. Export the feeds of the Syndicated Feed Portlet to an OPML-compliant XML field and an appropriatefor OPML URL. Enable and configure servlet and dynamic caching for caching the portlet user interface and feed data respectively. not An administrator can perform all the functions that a user can with the Syndicated Feed Portlet. Additionally, you can regulate a user’s ability to customize the portlet: Apply locks on a user’s ability to perform feed subscription related functions, such as the following examples: – Adding feeds toSPVC; the portlet – Enabling or displaying the feeds in the view mode of the portlet for – Configuring cache settings Apply locks on a user’s ability to customize feed presentation related options, such as the following examples: –guide Choosing a presentation style for the feeds – Displaying or hiding the toolbar A toolbar enables a user to perform all the operations related to feeds and feed categories from within the view mode – Displaying or hiding the channel bar The channel bar shows the name of the feed category and the name of the feed subscription separated by a forward slash (/). – Customizing the portlet window title to be the same as the default portlet title, the title of the first selected feed, or a Accompanying custom title

© Copyright IBM Corp. 2011. All rights reserved. 199 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

– Displaying or hiding the author of feed items – Displaying or hiding the published date of feed items

You can perform all of these tasks from within the IBM Syndicated Feed Portlet. The steps to perform these tasks are in the WebSphere Portal Help, which you can access by clicking the Syndicated Feed portlet menu and choosing Help.

Management implications

Remember the following points when using the Syndicateddistribution Feed Portlet: The Syndicated Feed Portlet supports thefor following authentication methods: – Basic authentication not – Form-based authentication – Single sign-on (SSO) through Lightweight Third-Party Authentication (LTPA) and Netegrity SiteMinder You cannot use the XML file to which you export the feed details from one instance of the Syndicated Feed Portlet to import the exportedSPVC; feed details into another instance of the portlet. for Export file of an IBM Syndicated Feed Portlet: One purpose of OPML is to provide a means of sharing web feeds with other feed aggregators. The IBM Syndicated Feed Portlet cannot accept, as an import file, the export file of guideanother IBM Syndicated Feed Portlet. Initially, your users view the feeds in the View mode based on the settings you configured in the Configure mode of the portlet. If the user, at a later date, modifies the settings from the Personalize mode, then these settings take precedence over the subsequent settings that you configure using the Configure mode. Perform the steps in the “Viewing feeds using international character sets from the IBM Syndicated Feed Portlet for WebSphere Portal” technote at the following web page: http://www.ibm.com/support/docview.wss?rs=688&uid=swg21 Accompanying 314122

Topic B: Feeds

The IBM Syndicated Feed Portlet uses the Secure Sockets Layer (SSL) feed to provide security for communications over networks, both internal and external. This section discusses the SSL feed, client-side aggregation, configuration of cookies, and portlet proxies.

SSL feeds distribution Some feeds that use HTTP over SSL (HTTPS) might not function properly because of missing SSL certificates when using the Syndicated Feed Portlet over WebSphere Portal.for

You might encounter the following types of error messages among others: not Missing certificate Unknown certificate Untrusted certificate

These error messages occur because of missing root signer certificates or missingSPVC; self-signed certificates in the WebSphere Application Server certificate trust store. Regardless of the reason, you must add the appropriate certificates to the WebSphere Applicationfor Server certificate store in use for your WebSphere Portal Server installation.

To add the missing certificates, follow these steps: 1. Verify that you have administrator access to the WebSphere Applicationguide Server. 2. Obtain the missing certificates: – Missing root signer certificate Various mechanisms are available for this situation depending on the type of certificate that is missing. The quickest way is to access the feed you are trying to add directly from a web browser. All modern browsers provide the capability to view a certificate and its trust chain. The instructions for viewing and exporting certificates from a web browser are browser-vendor specific. You might need to contact your IT administrator for assistance. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 201 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

– Missing self-signed certificate You might be prompted with several warning messages about the acceptance or trust of this certificate. Ensure that you trust the third-party server before you add the certificate to your WebSphere Application Server certificate trust store. 3. Follow the instructions in the “Adding a signer certificate to a keystore” topic in the WebSphere Application Server Information Center at: http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/i ndex.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/ tsec_ssladdsignercert.html distribution 4. Restart the WebSphere Application Server. for Client-side aggregation not The IBM Syndicated Feed Portlet can be configured to operate in the client-side aggregation rendering mode. Client-side rendering ensures an improved user experience through faster response time. WebSphere Portal does not re-render the whole page when you enable client-side rendering in the portlet. It only re-renders the aspects of the portletSPVC; that change. The following capabilities are available when client-side rendering is enabled for thefor IBM Syndicated Feed Portlet: Feed management capabilities – Subscribe to feeds by specifying the feed URL, title, and, optionally, the credentials. –guide Edit a feed to change the feed title. – Enable or display the feeds in the view mode of the portlet. – Delete a feed subscription. Feed presentation capabilities – Customize the number of articles to be displayed per feed. – View the feed article content either expanded or collapsed. – Display or hide the author of feed items. – Display or hide the published date of feed items.

Accompanying

Cookies and feeds

You can configure the IBM Syndicated Feed Portlet to forward HTTP cookies with outbound requests to feed sources. Alternatively, you can restrict the portlet to forward cookies only to specific domain names.

You can also enable active content filtering for all feeds to remove active content, such as JavaScript, from the feed text: 1. Log in as administrator into WebSphere Portal. 2. Select Administration → Portlet Managementdistribution→ Portlets. 3. Locate the Syndicated Feed Portlet. 4. Click the Configure portlet icon in the forSyndicated Feed Portlet row. 5. Add the preferences and value pairs in Table 9-1 as appropriate to configure the portlet.not

Table 9-1 Preference and value pairs Preference Value cookiesToForward Specify one or more HTTP cookie names. Use a space to separate multiple cookie names.SPVC; This preference forwards the specified cookies with the outbound portlet request whenfor connecting to the feed source. You can specify cookies to forward for a given feed when you add feeds to portlet. The cookies that you specify as the value for cookiesToForward are appended to the list of cookies you specified when you added the feed. limitCookiesToForward Specify one or more domain names to which you want to forward cookies.guide This preference restricts cookie forwarding to only the domain names that you specify. You can specify a fully qualified domain name or a partially qualified domain name as in the following examples: Fully qualified domain name: www.ibm.com Partially qualified domain name: ibm.com useACF Specify the following values: true: This value enables active content filtering for all feeds and removes any active content from the feed text, such as embedded Java™ scripts. false: This value disables active content filtering for all feeds. Accompanying6. Click OK to save your changes.

© Copyright IBM Corp. 2011. All rights reserved. 203 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Portlet proxies

The IBM Syndicated Feed Portlet is supported in a proxied environment. To specify the details of a proxy server, follow these steps: 1. On the WebSphere Portal administrative console, under Portlet Management, click Portlets. 2. Search for the Syndicated Feed Portlet entry. 3. Click the Configure Portlet icon that corresponds to the Syndicated Feed Portlet. distribution 4. Add the configuration parameters in Table 9-2 to the existing list of configuration parameters for the Syndicated Feed Portlet: for a. In the New Preference field, enter the parameter name. b. In the New value field, enter the value of the parameter. c. Click Add. not

Table 9-2 Configuration parameters Parameter Value proxyHost Specify the process server host name. proxyPort SPVC;Specify the proxy server’s port number.

You do not needfor to restart the server after specifying the configuration parameters.

guide

Accompanying

204 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 9: Working with the IBM Syndicated Feed Portlet

Lab

Lab 9: Working with thedistribution IBM Syndicated Feed Portletfor not In this lab, you add and configure the IBM Syndicated Feed Portlet.

This lab includes Adding and configuring a syndicated portlet. SPVC; Objectives for This lab has the following objectives: Add a syndicated feed to a page. Configure the syndicated feed. Enable client-side rendering. guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 205 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 1: Adding and configuring a syndicated portlet

To add and configure a syndicated portlet, follow these steps: 1. Create a new page with a name of your own choosing. 2. Edit the page and choose to customize the page. Hint: Use the Action menu. 3. Click the Add Content tab, and click Collaboration to filter content type (Figure 9-2). distribution for not

SPVC; for

Figure 9-2 Collaboration portlets 4. Addguide the Syndicated Feed Portlet to your page (Figure 9-3). Save then exit.

Figure 9-3 New Syndicated Feed added to page

Accompanying

206 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 9: Working with the IBM Syndicated Feed Portlet

Figure 9-4 shows the default content.

distribution for not

SPVC; Figure 9-4 Feedfor added 5. Click the menu in the top right corner of the Syndicated Feed Portlet and click Configure (Figure 9-5). guide

Figure 9-5 Configure menu Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 207 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

6. Click Add (Figure 9-6).

distribution for not

Figure 9-6 Editing the configuration

7. In the Enter a URL for the feed to add field, enter the following sample RSSSPVC; feed and click OK. You can also select an RSS feed of your choice (Figure 9-7). http://rss.cnn.com/rss/money_latest.rssfor

guide

Figure 9-7 Adding a feed

Accompanying

208 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 9: Working with the IBM Syndicated Feed Portlet

8. Click Done (Figure 9-8).

distribution for

Figure 9-8 Forum feed added not

Figure 9-9 shows the feed.

Live feed might differ from screen shot: Because the feed is live, your screen mightSPVC; not match the screen shot. for

guide

Figure 9-9 WebSphere Forum feed

Additional information Initially, the user views the feeds in the View mode as indicated by the settings configured by the administrator from the Configure Accompanyingmode of the portlet. Thereafter, if the user modifies the settings from the Personalize mode, these settings take precedence over

© Copyright IBM Corp. 2011. All rights reserved. 209 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

the subsequent settings that the administrator configures from the Configure mode.

The administrator can lock settings, in the Appearance Permissions section of the Syndicated Feed Portlet, to prevent the user from changing them (Figure 9-10).

distribution for not

SPVC; Figure 9-10 Permissions

For example, thefor administrator can lock the caching settings (Figure 9-11).

guide

Figure 9-11 Caching

Accompanying

Lesson 10

distribution Lesson 10.Mashup integration for This lesson provides an introduction to mashup integration.

This lesson includes the following topics:not Defining mashups and iWidgets Integrating mashups

Objectives SPVC;

This lesson hasfor the following objectives: Describe iWidgets. Add iWidgets to a page. Use the Mashups tab. guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 211 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Defining mashups and iWidgets

This topic discusses mashups and iWidgets, including a definition, preferences, and how to add an iWidget to a page.

Mashups

Mashups are a popular way to create new, dashboard-styledistribution applications from existing, often disparate applications and data sources. IBM WebSphere Portal 7.0 incorporates a Mashup Center runtime component that supports thefor use of iWidgets to rapidly create experiences for users. Sources for iWidget data include Lotus Domino xPages, Lotus Sametime, and Lotus Connections. not

iWidgets

iWidgets are an open-source specification that allows for seamless interoperabilitySPVC; across various platforms and products. Users can perform various tasks on iWidgets. The availability of these tasks to the user depends on the access rights of the users on the iWidgets.for

Users can perform the following operations on widgets depending on the assigned mashup theme: Modify the settings for widgets. Modifyguide the skins for widgets. Rename, hide, or delete widgets. Create wires between widgets. Add a widget from the toolbox to a page. Remove a widget from a category.

Users need Editor@HRMashPage role access rights for a non-private mashup page named HRMashPage to perform these tasks. No additional rights are required for a private page.

WebSphere Portal can render both iWidgets and portlets on the same page with the Page Builder theme architecture. Managing your widgets rendered on your pages is similar to managing your Accompanyingportlets.

WebSphere Portal only supports iWidgets that are written to comply with the iWidget Specification 2.1.

For additional information about mashups and deploying a widget, see Topic B:, “Integrating mashups” on page 216.

WebSphere Portal and iWidgets

WebSphere Portal provides a dedicated iWidget Wrapper portlet to make the handling of iWidgets easier. The unique WebSphere Portal name for this portlet is wp.p.IWidgetWrapperdistribution. iWidget definition for An iWidget definition is identified by a corresponding unique iWidget Definition URI. WebSphere Portal has at least one corresponding clone of the iWidget notWrapper portlet that provides management access to the iWidget for each individual iWidget definition. WebSphere Portal creates such an iWidget Wrapper portlet clone in the following cases: When you register a specific iWidget definition URI in WebSphere Portal by using the register-iwidget-definition configuration taskSPVC; When you deploy static page markup to WebSphere Portal that containsfor a specific iWidget definition URI The WebSphere Portal infrastructure loads the corresponding iWidget definition XML file and maps the information provided by the referenced iWidget definition into the corresponding portlet metadata when you register a new iWidget URI. This information includesguide events and modes that the iWidget supports. The title and description of the created iWidget Wrapper clone are derived from the corresponding values of the iWidgets idescriptor item set.

Preferences WebSphere Portal maps all preferences that are exposed by individual iWidgets, which are elements of the iWidget attributes item set, directly to corresponding portlet preferences. You can then configure the values for those preferences by using the corresponding WebSphere Portal administration interfaces. AccompanyingFor example, the corresponding iWidget Wrapper portlet clone defines a portlet preference named zipcode if an iWidget defines

© Copyright IBM Corp. 2011. All rights reserved. 213 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

an attribute named zipcode. You can modify this value, for example, by using the Manage Portlets portlet. You can also create additional clones, for such iWidget Wrapper portlet clones, for supporting multiple preconfiguration variants of the same iWidget definition. Users can overwrite these preferences in the Edit Shared Settings and Personalize modes the same way that they might overwrite portlet preferences.

The iWidget specification includes an attribute named sandbox. You can enable security for non-trusted widgets. This is known as sandboxing. Use this security mechanism to prevent a widget from sending malicious code to the user’s system by wrappingdistribution the widget in a secure iFrame within a different subdomain. This isolates the widget from other widgets on thefor page. You can use the sandbox attribute to determine whether you want the corresponding iWidget definition to be rendered in an iWidget sandbox. WebSphere Portal maps thisnot iWidget sandbox attribute to the com.ibm.portal.iw:iwidget:sandbox portlet preference. You can modify this preference by using the same approach as mentioned in the previous section to control whether the corresponding iWidget definition is rendered in an iWidget sandbox.

WebSphere Portal storesSPVC; the URI that points to an iWidget Definition used for a specific iWidget Wrapper clone in a portlet preference withfor the com.ibm.portal.iw:iwidget:base key. This URI allows the reload of an iWidget Definition that has changed. For example, if new events are declared in the definition, the URI allows the reload of the updated iWidget definition information from the given URI and updates the iWidget Wrapper portlet accordingly.guide You can also trigger reloads by using one of the following options: Explicitly calling the refresh-iwidget-definitions configuration task Scheduling the com.ibm.portal.services.RefreshIWidgetDefinitionsTask scheduled task

You manage access control privileges on individual iWidgets by granting users and user groups access to the corresponding iWidget Wrapper portlet clones. WebSphere Portal applies the same access control enforcement model that it uses for portlets to AccompanyingiWidgets that are wrapped by iWidget Wrapper portlets.

Users have the following abilities: Users who have User role access rights on a specific iWidget Wrapper portlet have read-only access to the corresponding iWidget. Users who have Editor access rights on the same portlet can edit shared settings on the iWidget.

Adding an iWidget to a page

You register available iWidget definitions in WebSpheredistribution Portal by specifying the location from where it can load the iWidget definition XML. WebSphere Portal can load the iWidget definitions from the following locations: for A location that WebSphere Portal can access by using HTTP routed through the WebSphere Portalnot Ajax Proxy A server relative URL that is relative to the WebSphere Portal Server A location within the WebSphere Portal Web-based Distributed Authoring and Versioning (WebDAV) file store that is identified by a corresponding WebSphere Portal WebDAV URI SPVC; Registered iWidgets become available to WebSphere Portal administration through corresponding iWidget Wrapper portlet clones. These clonesfor are created during the iWidget registration process.

You can register iWidgets for use with the Page Builder theme by using one of the following methods: iWidgetguide registration through the register-iwidget-definition configuration task This method is the typical way to register iWidgets in WebSphere Portal. iWidget registration through static page deployment You can create a new page by uploading an archive or compressed file that contains your static page markup files with this method. This static page deployment process checks whether any of the referenced iWidget definitions in the given status page index HTML file exist in WebSphere Portal already and then registers the ones that do not exist. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 215 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Example 10-1 shows the HTML element that the static page content contains.

Example 10-1 Static page content for the HTML element

The static page deployment process, in this case,distribution ensures that the iWidget defined by the SampleWidget.xml file in the /iwidgets/sampleWidget directory of the WforebDAV file store is registered in WebSphere Portal after the page is created. not Topic B: Integrating mashups

Mashups are a versatile means of delivering a new capability to users. By adding iWidgets to a mashup page and wiring them together, users can meet their own unique business needs for long- or short-term processes.SPVC;

Enabling forthe Mashups tab

You enable the Mashups tab user interface by using the deploy-portal-mashup-ui portal ConfigEngine task. Upon a fresh installation,guide the task takes about 3 minutes. 1. Open a command prompt and navigate to the \ConfigEngine ConfigEngine folder in your portal profile root. 2. Execute the following deploy-portal-mashup-ui task: ./ConfigEngine.sh deploy-portal-mashup-ui -DWasPassword= -DPortalAdminPwd= 3. Restart WebSphere Portal.

After the Mashups tab is enabled, users can log on and work with “My Mashups.” Accompanying

Adding a new widget

To add new widgets to the Mashup tab, you perform the following tasks: 1. Install the widget. 2. Register the widget. 3. Make it available in the toolbox.

Installing the widget Install the widget: distribution 1. Start the WebSphere Portal Server, if it is not already started. 2. If a developer provides the widget web archive file, deploy the widget WAR file package by using the Integratedfor Solutions Console to the WebSphere Application Server. 3. Click Applications → Install Newnot Application . A web context must be provided. Do not use “widgets” because this context already exists. 4. Click WebSphere_Portal as the target server mapping in the target server mapping section. 5. After the WAR file SPVC;is installed, verify and record the application name in the Name column in the list of enterprise applications and ensure that the application is started. for Registering the widget To register the widget, navigate to the ConfigEngine directory from a command line: ConfigEngine.sh|batguide register-mashup-module -DApplicationName=application_name -DWasPassword=password -DPortalAdminPwd=password

Updating and modifying the toolbox Update and modify the toolbox: 1. Update the catalog properties by copying the catalog_default.xml file in the /base/ wp.mmi.deploy/config/binaries/catalogs directory. 2. Use the copy as a template and save the file under a new name in another temporary location. Modify this copy as required. Use the tags if you want to add your new Accompanying widget in a category of its own. Use a new tag to add your widget to a new or existing category.

© Copyright IBM Corp. 2011. All rights reserved. 217 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

3. After the edits are complete, run the following configuration task: ConfigEngine.bat/.sh import-config-file -DMMImportFile="fully_qualified_filename" -DMMImportFilePropertyName="propertyname_in_WAS"

distribution for not

SPVC; for

guide

Accompanying

218 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 10: Installing and configuring an iWidget

Lab

Lab 10: Installing anddistribution configuring an iWidgetfor not In this lab, you add and customize iWidgets.

This lab includes the following tasks: Enabling mashup integration Adding an iWidget Getting started withSPVC; customizing iWidget attributes

Objectivesfor

This lab has the following objectives: Enable mashup integration. Addguide an iWidget. Customize iWidget attributes.

Substitution values: In this lab, when you see the value , substitute it as follows depending on your environment: Windows C:\IBM\WebSphere\wp_profile Linux /opt/IBM/WebSphere/wp_profile Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 219 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Considerations

Consider the following information for working with iWidgets.

Portal model When you register an iWidget in your portal, most sections of the iWidget definition and microformat are stored in the portal model. They are stored as portlet preferences of a copy or clone of the IWidgetWrapper portlet.

Portlet identifiers distribution Each iWidget definition corresponds to a distinct copy of that portlet. The portlet preferences carry the prefixfor com.ibm.portal, which identifies them as parameters that are used internally. The values of the iWidget attributes are stored without the prefix. Instead, the item identifier is used asnot a key to the item value, which offers the following advantages: You can easily distinguish iWidget attributes from other preferences when you want to customize their values after registering an iWidget in your portal. This method is more useful for preconfiguring an iWidget definition that is inSPVC;tegrated on different portal pages by using the corresponding iWidget microformats. for Update behavior Another important aspect of iWidget attributes and their corresponding portlet preferences in the portal model is that the update behavior can be specified. The update behavior allows for use guidecases when you want to retain customization across updates of an iWidget definition.

Accompanying

220 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 10: Installing and configuring an iWidget

Task 1: Enabling mashup integration

If you want to use mashups, enable mashup integration for WebSphere Portal. To enable mashup integration for WebSphere Portal, complete these steps: 1. Open a command prompt and go to the /ConfigEngine directory. 2. Run the following configuration task: Windows: ConfigEngine.bat deploy-portal-mashup-uidistribution -DWasPassword=wpsadmin -DPortalAdminPwd=wpsadmin for Linux: ./ConfigEngine.sh deploy-portal-mashup-ui -DWasPassword=wpsadmin not -DPortalAdminPwd=wpsadmin This script creates a top-level page named My Mashups next to the Home page.

Task 2: AddingSPVC; an iWidget

The XML file of foran iWidget is pulled from the remote system because only one server is in the class. The iWidget was installed locally as an application on WebSphere Application Server.

To add an iWidget, complete these steps: 1. Goguide to the followi ng URL to view the XML shown in Figure 10-1 on page 222: http://portal99:10039/HelloiWidget/HelloWidget.xml

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 221 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for Figure 10-1 HelloWidget.xml not 2. To verify that you can access the iWidgets XML file, complete these steps: a. Go to the ConfigEngine folder. b. Run the following command to pass the URL of the iWidget's definitSPVC;ion XML file:

Windows: ConfigEngine.batfor register-iwidget-definition -DIWidgetDefinition=/HelloiWidget/HelloWidget.xml -DWasPassword=wpsadmin -DPortalAdminPwd=wpsadmin Linux: guide./ConfigEngine.sh register-iwidget-definition -DIWidgetDefinition=/HelloiWidget/HelloWidget.xml -DWasPassword=wpsadmin -DPortalAdminPwd=wpsadmin

3. Add the iWidget to any page.

Accompanying

222 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 10: Installing and configuring an iWidget

4. Create a new page and search for HelloWidget. Select HelloWidget and add it to your page (Figure 10-2).

distribution for Figure 10-2 Verifying that HelloWidgetnot is added The iWidget tab shows the Hello World message (Figure 10-3).

SPVC; for Figure 10-3 HelloWidget showing the Hello World message

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 223 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 3: Getting started with customizing iWidget attributes

To access the portlet to customize the iWidget attributes, complete these steps: 1. Click WebSphere Portal Administration → Portlet Management → Portlets (Figure 10-4). 2. Search for, or scroll to locate, HelloWidget. distribution for not

SPVC; for

Figure 10-4 Manage Portlets window guide

Accompanying

224 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 10: Installing and configuring an iWidget

3. Click the Configure Portlet icon ( ). In the configuration mode, you can see the properties of the iWidget. See Figure 10-5.

distribution for not

Figure 10-5 Configuring the HelloWidget

4. Click the Edit icon and change the value of the com.ibm.portal.iw.content.view.valueSPVC; property (Figure 10-6). for

guide

Figure 10-6 Changing the value of a property

5. Click OK and then click OK again.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 225 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

6. Log out and log on again; then return to the page where you placed the iWidget to view the result.

Figure 10-7 View configuration change result distribution for not

SPVC; for

guide

Accompanying

Lesson 11

distribution Lesson 11.WebSphere Portal search for Users need a single entry point to resources. A portal serves to aggregate content from many content sources across the enterprise. Search is a strategic meansnot by which users discover relevant information.

This lesson includes the following topics: Comparing search options Working with WebSphereSPVC; Portal search

Objectivesfor

This lesson has the following objectives: Determine which search option to use. Workguide with search collections.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 227 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Comparing search options

You can choose either of the following search options depending on your needs: Portal Search Service Remote Content Server Search Service

You select the Portal Search Service to manage search collections that contain portal pages, content managed by Web Content Management, or indexed Web pages. distribution You can configure the search portlets for local operation, or you can configure them for remote search service. Remote search service might have performance benefits byfor offloading and balancing system load depending on your configuration. Also, you must use the Remote Content Server Search Service for a cluster portal environment. not

By creating additional search services, the indexing load can be distributed and offer performance advantages. To create a new search service or manage an existing one, use the Manage Search portlet (shown in Figure 11-1), which is under Administration pagesSPVC;→ Manage Search. for

guide

Figure 11-1 Manage Search portlet

In addition to WebSphere Portal Search, WebSphere Portal 7.0 offers a means to connect to external content and search providers, such as Google, Flickr, and others. This means is facilitated through a separate mechanism, which you can explore by using the External Search Results portlet.

Accompanying

Search collections

A search collection is the administrative focus for WebSphere Portal Search. Each collection contains content sources to describe where the collections will obtain their information. A collection is the index against which searches are submitted, regardless of the constituent content sources.

Select an existing search service to manage search collections. The Manage Search portlet shows a list of existing collections, as illustrated in Figure 11-2. distribution for not

SPVC; for Figure 11-2 Existing collections in the Manage Search portlet

Collections consist of content sources. A content source is a target content repository. WebSphere Portal Search supports the followingguide types of content sources, which are also shown in Figure 11-3 on page 230: Web site Seedlist provider Portal site Web Content Management site

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 229 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

Figure 11-3 Content sources supported by WebSphere Portal Search

The content source typesSPVC; are actually types of crawlers. Each crawler is software that is engineered to find hyperlinks and metadata from defined target sites. A crawler finds this information according to thefor type of site.

Website crawler A website crawler is used for remote sites regardless of whether theyguide are portal sites. Only anonymous pages are returned and indexed by the crawler if the remote site is a WebSphere Portal Server. The crawler does not index the site if the remote web site target URL contains the following line:

Seedlist provider crawler A seedlist provider crawler is a special HTTP crawler that is used to crawl external sites that publish their content using the seedlist format. This type of crawler is more effective and reduces the effort that is required of the crawler. The format is an ATOM/XML-based format that is specifically for publishing Accompanyingapplication content and all its metadata. The crawler expends less effort because only updated content between crawling sessions is

gathered. You must obtain the seedlist URL to configure a seedlist crawler.

Portal site crawler Use a portal site crawler for a local portal site. The content source is already configured in the default search provider.

Crawling a portal site consists of three security dimensions. First, crawling a remote site is restricted to anonymous pages. Second, crawling secured pages on a local site requires credentials for the crawler. Third, when users search the index of the secured site, the results are filtered according to the access settingsdistribution of the searching user.

Remember that the credentials that are usedfor by the crawler are stored on the disk in plain text unless additional steps are taken. You must encrypt the data. not Securing the crawler credentials: The XML scripting interface is discussed in Lesson 21, “XML Access” on page 493. Secure the crawler credentials by locating the searchsecret.xml file in the /search/wp.search.admin/bin directory. Make a copy of the file and save the copy as a working copy so that the original is availableSPVC; as a template. Edit the file and locate the value CHANGE TO YOUR SECRET KEY and replace it with an encryptionfor string of your own choosing. The modified file is used as in input file for the XML scripting interface to define a slot called search.secret in the credential vault. Slots and the credential vault are discussed in the product documentation. After you execute the XML Access script, check theguide output file and correct any errors. When the script is successful, delete the input file that contains the encryption key.

The following example shows the syntax: xmlaccess.sh|bat -in copiedsearchsecret.xml -out searchsecretsresults.xml -user wpsadmin -pwd wpsadmin -url http://local_host:local_port/wps/config

Web Content Management site crawler Web Content Management site crawlers are configured by using the Web Content Management portlet. The content source can be Accompanyingadded to a collection after it is configured. The previous comments

© Copyright IBM Corp. 2011. All rights reserved. 231 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

and note concerning portal crawler search security apply to the Web Content Management site crawler as well.

Topic B: Working with WebSphere Portal search

This topic discusses search scope, search links, and the External Search Results portlet. distribution Search scope for You give users options to narrow their search by defining search scopes. A search scope’s container is a collection, which can narrow the search to a content sourcenot within the collection. Alternatively, the scope can be based on document features, such as a type of document. Figure 11-4 is an example of a search scope container within the Manage Search portlet.

SPVC; for

Figure 11-4 Search scope container

The Manage Search portlet provides a list of existing scopes, a description,guide and status. You can sort the scopes, and the Search Center reflects the order you select. If you move a particular scope to the top of the list, it becomes the default scope for user searches. A scope is not available for search if it is inactive.

You click New Scope to create a new scope. In the New Search Scope window (Figure 11-5 on page 233) of the Manage Search portlet: Enter a value for the Scope Name field. Enter a meaningful description. In the Custom Icon URL field, enter the name of an icon Accompanying image to provide a way to brand the scope with an intuitive icon for user convenience.

Leave Status set as the default value, Active, so that it is available to users. For the Visible to Anonymous Users radio button, change the default value from No to Yes if you want the scope to be seen by users who are not logged in.

distribution for not

SPVC; for

Figureguide 11-5 New Search Scope window

You can narrow the scope of the search by choosing one of two ways: Select Features Select Locations

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 233 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Figure 11-6 shows the options in the Select Features section.

distribution for

Figure 11-6 Select Features optionsnot

Figure 11-7 shows the options in the Select Locations section.

SPVC; for

guide

Figure 11-7 Select Locations options Accompanying

Figure 11-8 shows the Search Center. In the top right corner, you see the name of a search scope that has been set as the default scope. You see a selection, including the default scope, all sources, and a custom link in the Search Center portlet.

distribution for not

Figure 11-8 Search Center portlet

Search links SPVC;

By adding custom links to search locations, users can include external locationsfor such as Google or Yahoo. These links are displayed in the Search Center selection menu of search options.

Creating a search link by using the Manageguide Search portlet The interface to create custom links is on the same page as scopes as shown in Figure 11-9.

Figure 11-9 Interface to create custom links

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 235 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

When you click New Custom Link, the New Custom Link window (Figure 11-10) opens. In this window, you must provide a name for the link and a URL. You can additionally provide a branded icon for the external search site.

distribution for not

SPVC; Figure 11-10 New Custom Link window for

guide

Accompanying

External Search Results portlet

You can add several External Search Results portlets to the Search Center page, in addition to its facility for displaying search results from a user’s query. Figure 11-11 shows an example of this portlet on the Search Center page.

You can add this specialized portlet to the Search Center. The results of searches from the Search Center include those from third-party external search engines. You can add more than one copy of the External Search Results portlet to the Search Center page, and you can configure each of these copiesdistribution to show a specific number of search results. for not

SPVC; for

guide

Figure 11-11 External Search Results portlet on the Search Center page

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 237 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

You can access the configuration settings of the default External Search Results portlet by clicking the Administration pages → Portlet Management → Portlet and clicking the Configure icon (Figure 11-12).

distribution for not

SPVC; for

Figure 11-12 Configuration settings of the External Search Results portlet guide

Accompanying

You must make a copy of the portlet first if you want to place additional External Search Results portlets on the Search Center page. Browse or search for the portlet to copy from the listing of portlets. Click the Copy icon, and provide a new meaningful name for the portlet. Then configure the copy as shown in Figure 11-13.

distribution

Figure 11-13 Manage Portlets window for

You need to set the search engine URL in the portlet’s configuration, as shown in Figure 11-14.not

SPVC; for

guide

Figure 11-14 Setting the search engine URL in the portlet configuration

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 239 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lab

Lab 11: Using externaldistribution search engines for not The External Search Results portlet is a specialized portlet that you can add to WebSphere Portal Search. The results of a search initiated from the Search page includes results from third-party external search engines, such as Yahoo! and Google, when you add the portlet.

You can add more thanSPVC; one copy of the External Search Results portlet to the WebSphere Portal Search page. You can also configure each forcopy to display a specific number of search results. This lab includes the following tasks: Configuring external search scopes Configuring the External Search Results portlet guide Objectives

This lab has the following objectives: Configure external search scopes. Update the Ajax proxy configuration. Configure the External Search Results portlet to pull from Yahoo! Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 241 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 1: Configuring external search scopes

Configuring the external search scope defines what the site user sees in the search list. In this task, you configure the external search scope that returns search results in a new window or tab. In Task 2 “Configuring the External Search Results portlet” on page 244, you configure the external search results portlet to show the search results in the Search Center portlet.

The user’s search term, or phrase, that is entereddistribution in the Search field is appended to the search URL string. Therefore, you must rearrange search request parameters to ensure that the user’s query string parameter is positioned last infor the string. To configure the external search scope,not complete these steps: 1. Log in to WebSphere Portal as wpsadmin. 2. Click the Administration link. 3. Click Search Administration → Manage Search → Search Scopes → New Custom Link. 4. In the New CustomSPVC; Link panel (Figure 11-15 on page 243), complete these steps: a. In the Custom link name field, specify the name that you want to showfor in the Scope list. Users will see this name when conducting a search. b. In the Link URL field, specify a search URL to use. For example, you can use one of the following URLs: guide• Google http://www.google.com/search?&q= • Yahoo!: http://search.yahoo.com/search?p= You can also include an icon for the search scope.

Accompanying

distribution for not Figure 11-15 New Custom Link panel

5. Click OK. The Search Scopes panel (Figure 11-16) shows your changes. SPVC; for

guide

Figure 11-16 Search Scopes panel Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 243 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Figure 11-17 shows options as they are displayed on the Search Center tab. (You can access the Search Center through the link at the top of the portal page.) Google was defined as the external search scope, and no icon was used in this example.

Figure 11-17 Search Center distribution

The result is that the Google site opens in fora browser and shows your search results.

Task 2: Configuring notthe External Search Results portlet

In this task, you update the Ajax proxy configuration to allow the HTTP request for the external site to work. You configure a portlet that retrieves and showsSPVC; search re sults from third-party search engines, such as Yahoo! and Google. for Updating the Ajax proxy

You must modify the proxy configuration of the portlet if you want to addguide or modi fy an external search engine. All HTTP requests from the portlet to the external search engines are directed through the HTTP Proxy for Ajax applications, which are included in WebSphere Portal. The External Search Results portlet includes an application-specific configuration for this proxy. It allows only connections to the URL of the default external search engine in a standard portal installation: http://www.ibm.com/developerworks/views/res/*

Modify the proxy-config.xml file that is bundled with WebSphere Portal to add external search sites as explained in the following steps: Accompanying1. Navigate to Windows:

C:\IBM\WebSphere\PortalServer\installableApps\ and click 7-Zip → open Archive (Figure 11-18).

distribution for

Figure 11-18 Opening the archive ofnot 7-Zip Linux: /opt/IBM/WebSphere/InstallableApps/ and expand the searchCenter.war file. 2. Locate the proxy-config.xml file in the \WEB-INF folder (Figure 11-19). SPVC; for

Figureguide 11-19 The WEB-INF folder 3. Open the proxy-config.xml file in an editor (Example 11-1).

Example 11-1 Default proxy-config.xml file

xmlns:proxy="http://www.ibm.com/xmlns/prod/sw/ajax/proxy-con fig/1.1">

© Copyright IBM Corp. 2011. All rights reserved. 245 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

GET HEAD text/xml* application/xml*

application/atom+xml*

application/rss+xml* distribution 4. Add a new element to allow searching on Yahoo! and Google (Example 11-2). for Added information: You must addnot well-formed information. Example 11-2 Adding a element GET HEAD SPVC; text/xml* application/xml*for

application/atom+xml*

application/rss+xml* guide GET HEAD text/xml* application/xml*

application/atom+xml*

application/rss+xml* Accompanying

5. Save the proxy-config.xml file to the archive. 6. Click Administration → Portal Management → Web Modules. 7. Find searchCenter.war (Figure 11-20), and click the Update Web Module icon.

distribution for not Figure 11-20 Manage Web Modules portlet

8. Click Browse and select the searchCenter.war file that you just updated (Figure 11-21). Click Next. SPVC; for

guide

Figure 11-21 Manage Web Modules portlet

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 247 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

9. In the “Updating a Web module, Step 2: View WAR file contents” panel (Figure 11-22), click Start application. Then click Finish.

distribution for not

SPVC; for Figure 11-22 Web module, Step 2: View WAR file contents panel

You now see a message indicating that the external sites were successfullyguide installed (Figure 11-23).

AccompanyingFigure 11-23 Manage Web Modules portlet

Configuring the External Search Result portlet

You must be logged in as Administrator to add an External Search Results portlet to the Search Center. The portlet can only be added to the Search Center on the Portal Search page. It will not function anywhere else.

To configure the External Search Results portlet, complete these steps: 1. Click Administration → Portlet Managementdistribution→ Portlets from the main portal menu. 2. Locate External Search Results from forthe list of portlets, and click the Configure icon next to the portlet name (Figure 11-24). not

SPVC; for

Figure 11-24 Searching for External Search Results

3. Click the Edit icon for searchEngineURL and enter the followingguide URL: http://news.search.yahoo.com/news/rss?p=${searchTerms}& ei=UTF-8&eo=UTF-8 4. Click the Edit icon for searchEngineFullPageURL and enter the following URL: http://news.search.yahoo.com/news/rss?p=${searchTerms}& ei=UTF-8&eo=UTF-8 This parameter is optional. You can delete it or leave it empty. A More link, which links to the website of the external search engine, is added at the bottom of the portlet when you set this parameter. The value represents a parameterized form of the URL that is used to locate the search engine that is queried. Accompanying The ${searchTerms} string must be included in the parameter

© Copyright IBM Corp. 2011. All rights reserved. 249 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

value as shown in the following example. The portlet replaces the string represented by ${searchTems} in the following example, with the actual query terms submitted by the user during the search: http://news.search.yahoo.com/news/search?q=${searchTerm s} This URL returns the public HTML page of the search engine. 5. In the “Configure portlet: External Search Results” panel (Figure 11-25), change the value of the numOfEntries parameter to 5. This parameter determines the maximum number of search results to show in the Externaldistribution Search Results portlet. Then click OK. for not

SPVC; for

guide

Figure 11-25 Configure portlet: External Search Results

Accompanying6. Navigate to the Search Center and try the search, then click OK.

You can now use the External Search Results portlet, as shown in Figure 11-26.

distribution for not

Figure 11-26 Search Center SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 251 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lesson 12

distribution Lesson 12.Other administrative portlets for not This lesson provides an introduction to other administrative portlets.

This lesson includes the following topics: Portal clients Web clippings SPVC; URL mapping Custom names for Objectives

Thisguide lesson has the following objectives: Support existing clients. Use web clippings. Define URL mappings. Create a custom name.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 253 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Portal clients

You manage portal clients by using the Manage Clients portlet (Figure 12-1). The portlet is under Administration pages → Portal Setting → Supported Clients.

distribution for not Figure 12-1 Manage Clients portlet

Existing client support

To choose an existingSPVC; client and modify, in the Manage Clients window (Figure 12-1), click the Edit selected client icon.

To edit the selectedfor client, in the Manage Clients window (Figure 12-2 on page 255), change the user agent string, markup, manufacturer, model, version, capability list, such as HTML support, and position relative to other items in the list. These changes are not likely needed to the default entries. guide

Accompanying

distribution for not

Figure 12-2 Manage SPVC;Clients window Adding supportfor for new clients You can create new entries for the supported clients list by using an approach similar to that described for existing clients. Be especially certain that the user agent entry is consistent with the value presented by the client during server requests or the request will guidenot be managed correctly.

Topic B: Web clippings

This topic defines web clippings and explains how to use the Web Clipping Editor to import content.

Defining web clippings

Web clippings are portlets that are created to display all or some of Accompanyingan external site’s content on a portal page. Start from the

© Copyright IBM Corp. 2011. All rights reserved. 255 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Administrative page and select Portlet Management → Web Clipping.

With the Web Clipping Editor portlet (Figure 12-3), administrators can create portlets based on a web clipping configuration.

distribution for Figure 12-3 Using the Web Clipping Editor to create portlets

The effectiveness of web clipping portlets is limited. For example, there is no assurance that the contentnot will remain appropriate if the target URL is beyond the control of an organization. Sites that employ extensive JavaScript do not render well within the web clipping portlet container. Sites that require interaction, such as form submission, are not appropriate candidates for web clipping portlets. SPVC; Using thefor Web Clipping Editor to import content

A simple web clipping portlet requires a name, a target URL, and a description,guide as shown in Figure 12-4.

AccompanyingFigure 12-4 Using the Web Clipping Editor to import content

A preview window is displayed after the simple clipping is defined, as shown in Figure 12-5.

distribution for not

Figure 12-5 Web clipping preview window SPVC; The Web Clipping Editor offers the following advanced options (Figure 12-6 onfor page 258): Choose clipping types and behaviors, such as regions and HTML tags. You might not need or want to capture the entire page. Some pages have information located “below the fold,” which is an areaguide of the web page that requires users to page down to see it. By choosing an alternative clipping type, administrators can present users with the desired content in a way that reduces user effort and improves content visibility. Configure firewall settings that are required to access the target URL. By setting proxy information, the web clipping portlet can access content through a proxy. Define credentials and authentication types. Some sites require authenticating. By using this advance setting, administrators can store the logon credentials and make the content available to a target audience without Accompanying requiring them to provide secondary logons. Protecting secure

© Copyright IBM Corp. 2011. All rights reserved. 257 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

resources such as this is done through portal privilege settings. Modify URL rewriting rules to conform with site requirements. A target site, such as an internal HR site, might be in the process of migrating to a portal. Some links must point back to the portal, where other links might need to refer to resources on the target site. If all content, except the target page, has been moved to the portal, an administrator can choose standard rewriting to point links in the target URL to the portal site. Sites that contain URL links that are not serveddistribution by the portal require URL rewriting exceptions. Define rules for portal rewriting so that linksfor are managed according the nature of the URL. Some links can point to the portal window, but other links can be rewritten to point to an external window. For example, a rule matching such as *ibm\.com.* rewrites any URL thatnot contains ibm.com. Rules can be written in Perl 5 regular expressions.

SPVC; for

Figureguide 12-6 Web Clipping Editor

Topic C: URL mapping

This topic defines URL mapping and explains how to create such mappings.

Defining URL mappings

Users expect a portal to behave similar to other websites. They Accompanyingexpect to bookmark a page and use the Back and Forward buttons. Actually, they expect that, when they use those features,

the portal page will be the same as it was the last time they loaded it. This matter of managing state is important, and portal URLs, the long seemingly indecipherable ones, enable users’ expectations to be met. The view that they expect is distinct from the content that they might also expect. Content is associated with a different persistence layer, such as a session, LDAP, or database facilities. Bookmarks and related user expectations relate to the navigational state.

URL mappings provide entry point navigation to portal pages. Use them in print media, and other locations where reliable URLs are needed. URL mappings are not impacted by changesdistribution in the portal typology, such as moving pages to alternative hierarchy locations.

URL mappings are different from friendly URLsfor in the following ways: URL mappings are not bound to the portal typology. Consider the following URL: not http://www.myportal.com/wps/myportal/TravelPlans This URL mapping reflects none of the portal typology. The URL syntax consists of the following format: protocol://hostname/context/vpname/ url-mapping-context-labelSPVC; A friendly URL, in contrast, might look similar to the following example: for http://www.myportal.com/wps/myportal/Home/ HumanResources/Trips URL mappings are not retained while inter-reacting with the target page. The URL replaces the familiar portal-generated URLguide for navigational state management as soon as it is rendered. Content nodes might have only one friendly URL, and they might have many URL mappings.

Creating a URL mapping

Creating a URL mapping consists of defining a label and a context. The label must never match or overlap a term that is used for a friendly URL. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 259 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

To access the URL mapping portlet (Figure 12-7), go to the Administration pages and click Portal Settings → URL Mapping.

distribution

Figure 12-7 URL mapping portlet for

Click New Context, which prompts for a label, as shown in Figure 12-8. not

SPVC; for

Figure 12-8 URL mapping portlet

The label is displayed in the lists of contexts after it is defined (Figureguide 12-9).

Figure 12-9 View Content window Accompanying

As shown in Figure 12-10, note that no mapping is listed in the “Mapped to column.” The globe icon prompts the user to select a content node for the context of the label. Content nodes with children are displayed as clickable links. You can search for content nodes or browse the content node hierarchy to locate the context.

distribution for not Figure 12-10 Content node

Topic D: Custom names SPVC; This topic explains custom names and explains how to create them. for Defining custom names

Object IDs identify portal resources to guarantee that each one is unique.guide These generated values are extended alphanumeric strings that can be hard to remember. You can use the Manage Custom Unique Names portlet to assign human-readable names to these resources.

For example, moving resources from staging to production is much easier than using the XML configuration interface. Developers can use these resources to link portlets to other portal resources. The custom unique names are far easier to work with if security is managed by external access control systems.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 261 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Creating custom names

To access the Manage Custom Unique Names portlet (Figure 12-11), go to Administration pages and click Portal Settings → Custom Unique Names.

distribution for not

Figure 12-11 Manage Custom Unique Names portlet

Select the resources by type, such as Pages (Figure 12-12), and then browse or searchSPVC; for the resource. for

guide

Figure 12-12 Choosing a type

Accompanying

Click the Edit icon to define or modify the unique name. Use caution when editing unique names. For example, pages are listed by name and show the object ID and unique name, if defined as illustrated in Figure 12-13.

distribution for not

Figure 12-13 Pages listed by name and showing the object ID and unique name SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 263 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

264 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 12: Performing miscellaneous administration tasks

Lab

Lab 12: Performing distribution miscellaneous for administration tasks not

In this lab, you learn how to perform miscellaneous tasks.

This lab includes the following tasks: Using web clippingsSPVC; to import content Creating a URL mapping Creating customfor names Objectives

Thisguide lab has the following objectives: Use web clippings. Create a URL mapping. Create custom names.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 265 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 1: Using web clippings to import content

Web clippings are portlets that are created to display all or some of an external site’s content on a portal page.

To create a web clipping, complete these steps: 1. Click Administration → Portlet Management → Web Clipping. 2. Click New Portlet. distribution 3. In the Web Clipping Editor (Figure 12-14), provide values for the Name and default locale title field,for and the Description field. Enter the following URL in the URL to clip field: http://www-10.lotus.com/ldd/portalwiki.nsf . not

SPVC; for

Figure 12-14 Web Clipping Editor

4. Clickguide Advanced options.

Accompanying

266 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 12: Performing miscellaneous administration tasks

5. In the Modify Web clipper options panel (Figure 12-15), click Modify clipping type.

distribution for

Figure 12-15 Modify Web clipping options panel not 6. In the Modify clipping type panel (Figure 12-16), click one of the options and click OK.

SPVC; for

guide Figure 12-16 Modify clipping type panel

7. Back in the Modify Web clipper options panel, click Modify display options. 8. In the Modify display options panel (Figure 12-17), complete these steps: a. Click Inside an iFrame on the portal page. b. For the Width field, enter 900. c. Click Allow browser to access resources directly. Accompanying d. Click OK. e. Click Next.

© Copyright IBM Corp. 2011. All rights reserved. 267 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for

Figure 12-17 Modify display options notpanel

9. Click Next.

SPVC; for

guide

Accompanying

268 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 12: Performing miscellaneous administration tasks

10.In the Content preview panel (Figure 12-18), review the changes. Click Finish if you are satisfied with the changes.

distribution for not

SPVC; for Figure 12-18 Content preview panel

The new portlet is now displayed in the Web Clipping Editor (Figure 12-19). guide

Figure 12-19 Web Clipping Editor

11.Click Finish. Accompanying12.Click Home.

© Copyright IBM Corp. 2011. All rights reserved. 269 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Creating a new page

To create a page, named Clipping, complete these steps: 1. Click the Edit page icon. 2. Type the page name in the dialog box that displays. 3. Under Browse Content, select Customize and All. 4. In the Search field, enter pro and click the Search icon, as shown in Figure 12-20.

distribution for not

SPVC;

Figure 12-20 Clipping tab for

5. Add the Product Wiki portlet to the page. 6. Click Save and then click Exit. guide Task 2: Creating a URL mapping

Creating a URL mapping consists of defining a label and a context. The label must never match, or overlap, a term that is used for a friendly URL.

Accompanying

270 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 12: Performing miscellaneous administration tasks

To create a URL mapping, complete these steps: 1. Click Administration → Portal Settings → URL Mapping. 2. In the “URL mapping portlet —, Root contexts” panel (Figure 12-21), click New Context.

distribution for not

SPVC;

Figure 12-21 URL mapping portlet for

3. In the “URL mapping portlet” panel (Figure 12-22), enter SalaryPayroll in the Label field. This label is used in the URL.guide Then click OK.

Figure 12-22 URL mapping portlet

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 271 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The label is displayed in the list of contexts after it is defined. Note that no mapping is listed in the “Mapped to” column, illustrated in Figure 12-23. 4. For SalaryPayroll, click the globe icon. Content nodes with children are displayed as clickable links (Figure 12-23). You can search for content nodes or browse the content node hierarchy to locate the context.

distribution for not

SPVC; for

Figure 12-23 URL mapping portletguide 5. Click Home → Human Resources → Payroll.

Accompanying

272 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 12: Performing miscellaneous administration tasks

6. As shown in Figure 12-24, click Salary and click OK.

distribution for Figure 12-24 URL mapping portlet

Notice that the “Mapped to” columnnot for SalaryPayroll indicates Salary as shown in Figure 12-25.

SPVC; for

guide

Figure 12-25 URL mapping portlet Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 273 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

7. In the browser, enter the following web address: http://portal99:10039/wps/myportal/SalaryPayroll The page displays. When you look at the URL, you see that it has changed.

Task 3: Creating custom names

To create a custom name for a page, complete these steps: 1. Click Administration → Portal Settings → Custom Unique Names. distribution 2. In the Manage Custom Unique Names portlet (Figure 12-26), for Resource type, click Pages. for not

SPVC; for

Figure 12-26 Manage Custom Unique Names window guide

Accompanying

274 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 12: Performing miscellaneous administration tasks

3. In the Manage Custom Unique Names portlet (Figure 12-27), scroll down to the Hourly page and click the Edit icon to modify the unique name.

distribution for not Figure 12-27 Manage Unique Custom Names portlet

4. In the “Edit unique name for Page” panel (Figure 12-28), enter PayrollHourly in the Unique name field and click OK. SPVC; for

guide

Figure 12-28 Edit unique name for Page panel

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 275 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The Manage Custom Unique Names portlet (Figure 12-29) now shows a message indicating that the change was successful. The new unique name can now be used in administration scripts.

distribution for not

Figure 12-29 Manage Custom Unique Names portletSPVC; Adding unique names to pages enables you to reference them in scripts. Also, if youfor give a page a unique name, you can reuse any scripts that reference that page. This is different from an automatically-assigned unique identifier. An automatically-assigned unique identifier might not be the same across Portals. guide

Accompanying

Lesson 13

distribution Lesson 13.WebSphere Portal usage analysis for not This lesson shows how to gather data regarding IBM WebSphere Portal usage and how to analyze the data. You can collect the following types of data: Server-side data, which consists mainly of technical data that is internal to WebSphere Portal Behavioral data, whichSPVC; is how users use WebSphere Portal This lesson includesfor the following topics: Monitoring portal usage Active Site Analytics for user behavior analysis

Objectivesguide

This lesson has the following objectives: Explain how to use portal usage analysis. Determine how to analyze user behavior.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 277 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Monitoring portal usage

Why is it useful to monitor portal usage? Organizations invest significant effort to implement a portal solution and need quantifiable answers to questions such as the following examples: Is the focus of use what we expected? How are users changing their usage, and how can we meet their new needs? What do users look for when using the search function? How do users arrive at our site? distribution WebSphere Portal has a logging function thatfor you can use to monitor usage data. It writes usage records to a dedicated log file if site analysis logging is enabled.

You can collect statistical data from notvarious areas by using multiple types of site analyzer logs, or loggers. The WebSphere Portal Server manages the data on its own. You can also log custom details of business events.

Data points availableSPVC; on the server side

The WebSpherefor Portal configuration server, SiteAnalyzerLogService, determines the type of site analysis data that WebSphere Portal logs at run time. The following events are logged based on the service configuration: Page management, such as creating, reading, updating, and deletingguide pages Page requests by users Portlet requests by users Session activities, such as login, logout, time out, and login failed User management actions, such as creating, reading, updating, and deleting users and groups

The resulting log entries comply with the National Center for Supercomputing Applications (NCSA) Combined industry standard. You can monitor the applications on your WebSphere Portal by analyzing the log entries. The site analysis infrastructure Accompanyingprovided by WebSphere Portal accommodates most scenarios.

Custom report: You must write a custom report to log custom business events that occur in portlets. You can obtain a more sophisticated evaluation of WebSphere Portal usage or generate reports for portlet action by writing such a report.

You can find more information at the following WebSphere Portal wiki pages: Analyzing portal usage data http://www-10.lotus.com/ldd/portalwiki.nsf/dx/ Analyzing_portal_usage_data_wp7 distribution Logging and analyzing server-side site data http://www-10.lotus.com/ldd/portalwiki.nsf/dx/ Logging_and_analyzing_server_side_site_data_wp7for

Enabling server-side loggingnot

Site analysis logging is not enabled by default. The names and locations of the log files must be specified as parameters in WP SiteAnalyzerLogService to enable site analysis logging. SPVC; The following steps to enable server-side logging are for reference only. You perform them in the lab that follows this lesson. 1. Specify the namesfor for the log files and backup log files. a. Specify the location and file name of the log file as follows. SiteAnalyzerFileHandler.fileName guideThe default value is logs/$APPSERVER_NAME/sa.log. b. Specify the location and file name of the backup file for the log file as follows: SiteAnalyzerFileHandler.backupFileName The default value is logs/$APPSERVER_NAME/sa_$CREATE_TIME.log. The current data is stored in the sa_$CREATE_TIME.log backup file, and a new sa.log log file is created when the log file is backed up. You can specify the following tokens as part of the directory location or file name: – $APPSERVER_NAME is the name of the application server. Use this token for vertical clusters to enforce that the different Accompanying application servers write to different files if they share the same file system.

© Copyright IBM Corp. 2011. All rights reserved. 279 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

– $CREATE_TIME is the date and time that the file is created. Specify the format of this token in SiteAnalyzerFileHandler.dateFormat. – $CLOSE_TIME is the date and time that the file is closed. Specify the format of this token in SiteAnalyzerFileHandler.dateFormat. 2. Specify the date format for tokens in the log file names: SiteAnalyzerFileHandler.dateFormat Specify a value to format the date and time for the $CLOSE_TIME and $CREATE_TIME tokens as in the following example:distribution SiteAnalyzerFileHandler.dateFormat=yyyy.MM.dd- HH.mm.ss 3. Specify the interval to back up log files.for The following parameter sets the backup interval in minutes. Specify the value between 1 and 60. SiteAnalyzerFileHandler.minutesPerLogFilenot The following line sets the backup interval in hours. Specify a value between 1 and 24. SiteAnalyzerFileHandler.hoursPerLogFile The following line sets the backup interval in days. Specify any value that indicatesSPVC; the number of days between backups. SiteAnalyzerFileHandler.daysPerLogFile for Tips for specifying the date and interval: When specifying the date and interval, consider these tips: Use the smallest interval if you enable more than one guidedate format interval. The file is backed up after 60 minutes if you specify 60 minutes. The file is backed up on the next full hour, for example, 01:00, 02:00, and so on, if you specify one hour. The file is backed up at 24:00 (midnight), if you specify an interval of days.

4. Activate the loggers as appropriate. Select the logger that you plan to activate and set the value to true, as in the following example: Accompanying SiteAnalyzerSessionLogger.isLogging=true

Tip: Site analysis logging can impact performance. Consider choosing to disable loggers for this reason when necessary. Set the value to false to disable loggers.

Table 13-1 lists and describes the available loggers.

Table 13-1 Available loggers WebSphere Portal Server analysis logger Description and activity logged SiteAnalyzerSessionLogger.isLogging HTTP requests that include the URLs: /Command/Login /Command/Logout distribution SiteAnalyzerUserManagement HTTP requests that include the URLs: Logger.isLogging /Command/UserManagement/for CreateUser /Command/UserManaement/ DeleteUser /Command/UserManagement/ CreateGroup /Command/UserManagement/not DeleteGroup SiteAnalyzerPageLogger. isLogging HTTP requests that include the URLs: /Page/* /Command/Customizer/ CreatePage /Command/Customizer/ EditPage /Command/Customizer/ DeletePage SiteAnalyzerPortletLogger. isLogging SPVC;HTTP requests that include the URL /Portlet/* SiteAnalyzerPortletAction Logger.isLogging HTTP requests that include the URL for /PortletAction/* SiteAnalyzerErrorLogger. isLogging HTTP requests that include the URLs: /Error/Portlet /Error/Page SiteAnalyzerApplication guide HTTP requests that include the URL ActionLogger.isLogging /ApplicationAction/* SiteAnalyzerJSRPortlet Logger.isLogging JSR 286 Web Content Viewer

SiteAnalyzerErrorLogger.isLogging: The Referrer field, shown in the following examples, points to a portlet name or a page name: http://your.server.name/Portlet/1/PortletName http://your.server.name/Page/1/PageName

Accompanying5. Restart WebSphere Portal.

© Copyright IBM Corp. 2011. All rights reserved. 281 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Reading the log files

The WebSphere Portal site analysis information is in the /wp_profile_root/logs/app_server_name/sa_date_time.log directory. In this path, wp_profile_root is the WebSphere Portal root directory, and date_time is the date and time at which the file is created. The current, active log file is the sa.log file.

Remember that the dateFormat parameter determines the interval at which the file is created.

The site analysis log uses the NCSA Combined logdistribution format, which is a combination of the NCSA Common log format and three additional fields: Referrer, user_agent, andfor cookie . Example 13-1 shows a sample entry in the log. Example 13-1 Sample log file entry not 9.37.3.88 - customer2 [10/Apr/2010:21:33:16 +0000] "GET /Portlet/146/Welcome_Portlet?PortletPID=146&PortletMode= View&PortletState=Normal HTTP/1.1" 200 -1 "http://myserver.company.com/Page/110/ Welcome" "Mozilla/4.0 (compatible;SPVC; MSIE 5.5; Windows NT 4.0)" "JSESSIONID-OXDFAPVR4SXYZOIHSLVGA2Y"for

Table 13-2 describes each field.

Table 13-2 Log field descriptions Field guideLog field name and description 9.37.3.88 Host. The IP address of the HTTP client that sent the request. The IP address that is logged is of the reverse proxy server rather than the HTTP client if a reverse proxy server is between the client and WebSphere Portal. - (hyphen character) ref931.The identifier user to identify the client making the request. The field is set to the hyphen character (-) if the client identifier is unknown. customer2 User Name. The user ID for the client. The field is set to the hyphen character (-) if the user ID is unknown. [10/APR/2010:21:33:16 +0000] Date:time time zone. The date and time of the HTTP Accompanying request.

Field Log field name and description "GET /Portlet/146/ Request. The HTTP method, the URL of the requested Welcome_Portlet? PortletMode= resource, and the version of the HTTP used by the client. View&PortletState= Normal HTTP/1.1" 200 Status code. The HTTP status code for the request. -1 Bytes. The number of bytes of data transferred from the client as part of the request. A value of -1 means unknown. "http://myserver.company.com/ Referrer. The URL that linked the client to the web site. The Page/110/Welcome" referrer might not be logged for some requests.distribution The field is set to empty double quotation marks (" ") in such cases. "Mozilla/4.0 (compatible; MSIE user_agent. The type of web browser used by the client. 5.5; Windows NT 4.0)" for "JSESSIONID=OXDFAPVR4SXYZOIHS cookies. The name and value of a cookie that was sent to the LVGA2Y" client browser. The list is delimited by the semicolon character (;) if multiple cookies are sent.not

Topic B: Active Site Analytics for user behaviorSPVC; analysis

WebSphere Portal provides Active Site Analytics (ASA), with which you can collectfor data on how your users use WebSphere Portal. A rich set of page metadata, including the following examples, is provided as part of WebSphere Portal’s themes and skins: Page title Pageguide identifier Portlet title Portlet identifier

You can write scripts, called aggregators, to retrieve the data. The WebSphere Portal Page Builder theme includes a sample aggregator named asa.sample.js. You can customize these aggregators or write your own to collect page metadata, such as the previously listed examples.

You add the aggregator scripts to pages as required. The aggregator is then injected into the markup of the page the next Accompanyingtime the page is rendered. You can select the point of injection

© Copyright IBM Corp. 2011. All rights reserved. 283 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

arbitrarily. For example, injection can occur just before the closing body tab of the HTML markup.

Figure 13-1 shows an example of how an aggregator fits into the regular flow.

distribution for not

SPVC; for Figure 13-1 How an aggregator fits into the regular flow

The user behavior data is retrieved for analysis from markup that is embedded in the WebSphere Portal pages. The aggregator that is associatedguide with the page formats the data so that it can correspond to the requirements of the external analytics server to which it is finally submitted. You can change the information that is retrieved from the page and submitted for analysis by changing the JavaScript.

The data is represented as a microformat in the WebSphere Portal page HTML Document Object Model (DOM) tree and tagged with cascading style sheet (CSS) classes. The following example shows a microformat: My Portlet Accompanying

Figure 13-2 shows the page structure with annotated portlets.

distribution for not

Figure 13-2 Page structure with annotated portlets SPVC; Samples and custom aggregator for You can write your own aggregators, or scripts, to retrieve data for Active Site Analytics from the WebSphere Portal themes and skins. Remember that the Page Builder theme includes the sampleguide aggregator asa_sample.js file. The WebSphere Portal themes and skins come with plugpoints that you can inject custom JavaScript snippets. You can write an aggregator to retrieve the instances of the microformat in which you are interested. For example, the aggregator can be all CSS classes that start with asa. You can extract that data and submit it to the external analytics service, where the data is then recorded and processed for evaluation.

The aggregator script is typically a JavaScript file. A standard JavaScript code implementation builds URLs with Active Site Analytics parameters. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 285 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Tips for using the sample aggregator When you use the sample aggregator file, asa_sample.js, remember the following tips: Update the JavaScript variable trackingImg to point to a real HTTP server. Ensure that the tracking image exists and is available. Otherwise, the alternative text is displayed on the WebSphere Portal page. Additional tips for writing aggregators distribution Keep in mind the following additional tips for writing aggregators: The aggregator can iterate over all instances of metadata to retrieve the relevant information for the forHTML DOM tree. The aggregator collects and formats individual data according to the requirements of the external analytics service within the iteration loop. not The aggregator adds a new element (for example, an img element) to the HTML DOM tree of the current page after all instances of metadata are collected. Adding this element with the source URL, which points to the external analytics service, triggers a browser request from that remote location. The browsers submits SPVC;this data to the external analytics service, because the element URL contains the collected metadata as HTTP GET parameters.for The sample aggregators contain more detailed information about the process of collecting, formatting, and submitting data.

Identifyingguide and solving problems for Active Site Analytics Perform the following checks if Active Site Analytics is not working correctly: Verify that the HTML markup of the WebSphere Portal page contains the metadata for which the aggregator is looking. Ensure that the tagging method that is used in the themes, skins, and portlets matches the expected behavior of the aggregator. For example, the Page Builder theme is shipped with the portal tags and all metadata with CSS classes whose names start with asa. The sample aggregators look for those Accompanying CSS classes to retrieve portlet identifiers and portlet titles.

Specify the following trace string to review what occurs in the aggregator inclusion: com.ibm.wps.theme.extensions.ActiveSiteAnalytics=debug

Remember that aggregators are regular JavaScript files. All tools and helpers that are applicable to generic JavaScript debugging also apply to developing and debugging an aggregator.

Supported aggregator tags WebSphere Portal supports the following aggregator tags for Active Site Analytics: distribution Portlet window ID The unique identifier of the portlet. Tag it as asa.portlet.id. It is injectedfor into the skin. Portlet window title The title of the portletnot becaus e it is delivered to the client. Tag it as asa.portlet.title. It is injected into the skin. Page URL The friendly URL of the current page without navigational state. Tag it as asa.url. This element is empty if no friendly URL was set for the page. Page title The titleSPVC; of the page in the WebSphere Portal default language. Tag is as asa.page.title. It is forinjected into the theme. Web Content Management content querystring The unique identifier of the IBM Lotus Web Content Management content item that is displayed in a portlet. Tag it as guide asa.wcm.content_item.path. It is injected into the Web Content Management Rendering Portlet. Web Content Management content title This is the title of the Web Content Management content item that is displayed in a portlet. This is not necessarily the same as the portlet window title. Tag it as asa.wcm.content_item.title. It is injected into the Web Content Management Rendering Portlet.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 287 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Adding an aggregator to a page

You can assign an aggregator to one or more WebSphere Portal labels or pages. To assign an aggregator to a page, you edit the page properties and add a new parameter by using the WebSphere Portal administration portlets.

The following steps, to add an aggregator to a page, are for reference only. You perform them later in the lab. 1. Click Administration → Manage Pages. 2. Locate the page to which you want to assign thedistribution aggregator. Use the Manage Pages portlet to locate the page. The page must be under the WebSphere Portal contentfor root. 3. Click the Edit Page Properties button for the page that you selected. You cannot add an Active Site Anotnalytics aggregator to the content root. An Edit Page Properties button is not available for the content root. 4. Expand Advanced Options to expand the available choices. 5. Click the I want to set parameters link. 6. In the window thatSPVC; opens, complete the following tasks: a. In the New Parameter field, type asa_aggregator. b. In the Newfor value field, type the name of the aggregator script file. c. Click Add. 7. Verify that the new parameter has been added to the list. 8. Clickguide OK to return to the main Page Properties window. 9. Click OK to save your changes and return to the Manage Pages window.

Children and parent pages: Children pages inherit the script that was set on the parent page. You can use these same steps to make the appropriate assignment if you want to use a different aggregator on a child page.

You can also use these steps to block inheriting the aggregator setting from the “parent” page. The difference is to only leave the value in step 6b on page 288 blank. As a result, no Accompanyingaggregator is assigned for the page, and all children of the page will inherit the new setting.

Aggregators and themes

WebSphere Portal provides the Page Builder theme that is prepared and suitable with Active Site Analytics. You can also enhance the other portal themes or create your own custom theme to use the Active Site Analytics functionality.

Making Active Site Analytics work in a custom theme entails the following tasks: 1. Adding metadata to the page 2. Including an aggregator with the page distribution 3. Including microformats of interest that are related to the statistical data you want to collect for Adding metadata to the page An aggregator picks up information notthat is stored in the DOM tree of a page. This information must be present in the HTML source of the page. The preferred approach to add this information to a page is to implement the theme or skin so that it writes all the necessary information into the DOM tree of the page.

The following examplesSPVC; show adding metadata to a page: You can add the identifier of a portlet to the DOM tree by adding the followingfor line to the skin.html file in the theme WebDAV folder: <%= myPortletID %> The aggregator can then fetch the identifiers of all portlets on a pageguide by iterating over all occurrences of span elements with a class attribute of asa.portlet.id. This line depends on the definition of myPortletID earlier in the skin.html file. It is defined, by default, by using the JavaServer Pages (JSP) code in the following example:

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 289 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

You can add the portlet title to the DOM tree by wrapping the statement in the skin.html file with a span element that has a class attribute of asa.portlet.title:

Including aggregators with the page The portal ships a default implementation of the theme extension point com.ibm.portal.theme.plugin.ActiveSiteAnalyticsItemsdistribution. It locates and includes a JavaScript with a name that corresponds to the value specified by the asa_aggregator key that is given with the page metadata. for

Add the code in Example 13-2 near the closing body tag () of the themeName\nls\theme_languageCode.htmlnot file of the theme WebDAV folder.

Example 13-2 Code to execute the implementation SPVC; for

This code loops over every implementation of the theme extension point and executes it. The default implementation that is shipped with WebSphere Portal follows the approach that we outlined previously.guide

Including microformats of interest You might need to modify the skins that are used by a theme so that all of the microformat information that you want to be captured is present when the page is rendered. For example, developers can add the following code to the skin.html file of a skin: <%= myPortletID %>

Adding this code to the file ensures that the portlet ID of all portlets that are using the modified skin on a given page are Accompanyingavailable for the aggregator script to discover.

The asa_sample.js file, in this case, looks for elements with the asa.portlet.id class to find the portlet ID of all portlets that are present on the page. Portlet titles can be rendered by using code similar to the following example:

You can add an additional span element with a class defined for titles that the analytics JavaScript file looks for to capture such portlet titles: distribution The asa.portlet.title class, in this case, is recognized as the class for all span elements that encompassfor the rendered text of the portlet titles. not

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 291 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lab

Lab 13: Enabling anddistribution reading the logs for not IBM WebSphere Portal 7.0 implements a logging function for usage data. WebSphere Portal writes usage records to a dedicated log file if site analysis logging is enabled. Multiple types of site analyzer loggers enable portal administrators to collect statistical data in various areas. The WebSphere Portal Server manages the collection of data on its own, but from a business perspective, you can alsoSPVC; log custom details of business events.

The portal configuration service, SiteAnalyzerLogService, determines the fortype of site analysis data that the portal logs at run time. Depending on the service configuration, the portal logs the following events: Page management, such as creating, reading, updating, deletingguide pages Requests of pages by users Requests of portlets by users Session activities, such as login, logout, time out, and login failed User management actions, such as creating, reading, updating, and deleting users and groups

The resulting log entries comply with the National Center for Supercomputing Applications (NCSA) Common log format, which is an industry standard. By analyzing the log entries, you can monitor applications running on your portal site. The site analysis Accompanyinginfrastructure provided by the portal accommodates most scenarios.

© Copyright IBM Corp. 2011. All rights reserved. 293 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

This lab includes the following tasks: Enabling site analysis logging Reviewing the log

Objectives

This lab has the following objectives: Enable site analysis logging. Review the logs. distribution for not

SPVC; for

guide

Accompanying

Task 1: Enabling site analysis logging

Site analysis logging is not enabled by default. To enable site analysis logging, specify the names and locations of the log files as values for the parameters in WP SiteAnalyzerLogService. You enable the site analyzer logger for standard portlets by using the portal configuration service SiteAnalyzerLogService. You set its property in the administrative console through the resource environment provider WP SiteAnalyzerLogService.distribution To enable site analysis logging, complete these steps: 1. Select the appropriate WebSphere Applicationfor Server administrative console, depending on your environment: – If your portal runs stand-alone, use the local administrative console at not https://localhost:10032/ibm/console/logon.jsp – If your portal is installed in a cluster, use the administrative console of the deployment manager. 2. In the left navigation pane, click Resources → Resource Environment → ResourceSPVC; Environment Providers. 3. In the Resource environment providers window: – From the forScopes list, select the appropriate node or cluster. – Clear the Show Scope check box and select one of the following options, depending on your portal environment: • If your portal runs as a single server, select Browse guideNodes and select the node. • If your portal is installed in a cluster, select Browse Clusters and select the portal cluster.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 295 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

4. From the resource list (Figure 13-3), select the check box next to WP SiteAnalyzerLogService.

distribution for not

SPVC; for

Figure 13-3 Selecting from the resource list

guide

Accompanying

5. In the WP SiteAnalyzerLogService panel (Figure 13-4), click Custom properties.

distribution for

Figure 13-4 SiteAnalyzerLogServicenot

6. In the “Custom properties” panel (Figure 13-5), choose one of the following actions as required: – Select the check box next to the SiteAnalyzerJSRPortlet Logger.isLogging property and change its value to true. Then click OK. SPVC; for

guide

Figure 13-5 Resource environment providers - Custom properties

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 297 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

– If the property is not in the list, click New to create a new property. In the SiteAnalyzerJSRPortletLogger.isLogging panel (Figure 13-6), complete these steps: i. In the Name field, type SiteAnalyzerJSRPortlet Logger.isLogging. ii. In the Value field, enter true. iii. From the Type list, select java.lang.String. iv. Click OK. distribution for not

SPVC; for

Figure 13-6 Defining the new property guide 7. In the Messages window (Figure 13-7), click Save.

Figure 13-7 Save message

8. When prompted to confirm your change, click Save again. 9. Optional: If your portal runs in a cluster configuration, Accompanying replicate your changes to the cluster.

Task 2: Reviewing the log

To review the log, complete these steps: 1. Restart the portal to apply the changes. 2. Access the wiki and blog pages. 3. View the files in the wp_profile/logs/WebSphere_Portal folder (Figure 13-8).

distribution for not

SPVC; Figure 13-8 The sa.log file in the folder for The sa.log file: The current (active) log file is named sa.log. The sa_yy_mm_dd_timestamp.log files are the backup based on the time setting. guide The site analysis log uses the NCSA Combined log format, which is a combination of the NCSA Common log format and three additional fields: the referrer field, the user_agent field, and the cookie field.

Example 13-3 shows an entry in the site analysis log.

Example 13-3 Site analysis log portal99.training.ibm.com - virtuser [27/Sep/2010:11:25:50 -0400] "GET /Portlet/Z5_MU4CVKG10OVF80IQCDUBCG3054/Web_Content_Viewer_ Accompanying(JSR_286)/My%20Blog%2fBlog%2fHome?PortletPID=Z5_MU4CVKG10O

© Copyright IBM Corp. 2011. All rights reserved. 299 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

VF80IQCDUBCG3054&PortletMode=view&PortletState=normal&Requ estType=render HTTP/1.1" 200 -1 "http://wpl80.wpstraining.ibm.com/Page/Home/Blog/?id=Z6_MU 4CVKG10OVF80IQCDUBCG30A5" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10" "LtpaToken2=LPrJ0kgP4KGgviGQeqp4cd44oiFAUfIZluddqFu+SHs7cO dwu3quDAZyAVBTIjm6gJYKG6NyV9PURlxj+vDiwOZMPJbZ9ocGAMdlVNDV 20QfzsAWliPJ2ZYpQ2xfWnm+Kn4jfwQvMwACqCM+PnvyjjWD5MAKEK09iM rB+yR0LdYA3b3X40gEten3KDjLmzh2+JB0mdwO6tFyZl/SqqZcxurcGMwU o5w/Fzh5fOg2u57UoJvJrK5vj0eXbu9yyINhkytHXjnryxeNCfKcvRZO/1 QRdaKVeBsjnbc1CAOSEU/hiq7mIWGHUDxWdScpi6jymg+KLe60RhPbXa/Odistribution FcziQKg9phYmtSBbQoMpfnKyFpABwwDR4d0UbWGcZR80foqXNF9ozkhAcf OvutZ88Oodtum4cxyAz0EJ1BZi0xgH5CBLOnTI1ieFmSyysLyWziUj4Fby oCQZYf4ZcZ34QruHHppr/U2Dy3rulJlrWLRT7HpHbq515AoskJYALeyb5Hfor kYVubDglAWsRA24y3azyPGxPQWx5Rz0xwn1xarQNbqagi/DKc9KUEywu6E xxyVOnI8MInRBNkLwQhxYiz3mdtmC0wZRJJwiHLPkUWV34Si4BtbpgKgVT IDilJqAeHikMecuIrSxa1DcuDfqSlISImNibzNiJdkZPDeT2y9+bbA5NfFnot HMwmrgE9gpbbvEnoZ4yR;TE3=;sessionCode=942217941;JSESSIONID =0000IVlSm3-dbMJSDh9gkBMyxU8:-1;TJE="

Table 13-3 describes each field of the log format. Table 13-3 Log format fields SPVC; Field in the example Log field name and explanation portal99.traininig.ibm.com host: Thefor IP address or DNS of the HTTP client that sent the request.

Important: If a reverse proxy server is between the client and the portal, the IP address logged is that of the reverse proxy server rather than the HTTP client. To log the IP address of the guideHTTP client, you must remove the reverse proxy server from the environment. - rcf931: The identifier used to identify the client making the request. If the client identifier is not known, the field is set to the hyphen character (-). virtuser username: The user ID for the client. If the user ID is not known, the field is set to the hyphen character (-). [27/Sep/2010:11:25:50 -0400] date:time: timezone: The date and time of the HTTP request.

Accompanying

Field in the example Log field name and explanation "GET request: The HTTP method, the URL of the requested /Portlet/Z5_MU4CVKG10OVF80IQC resource and the version of HTTP used by the client. DUBCG3054/Web_Content_Viewer_ (JSR_286)/My%20Blog%2fBlog%2f Home?PortletPID=Z5_MU4CVKG10O VF80IQCDUBCG3054&PortletMode= view&PortletState=normal&Requ estType=render HTTP/1.1" 200 statuscode: The HTTP status code for the request. -1 bytes: The number of bytes of data transferreddistribution from the client as part of the request. A value of -1 means unknown. "http://wpl80.wpstraining.ibm referrer: The URL that linked the clientfor to the website. For .com/Page/Home/Blog/?id=Z6_MU some requests, the referrer might not be logged. In such 4CVKG10OVF80IQCDUBCG30A5" cases, the field is set to empty double quotation marks (" ") "Mozilla/5.0 (Windows; U; user_agent: The type of Webnot browser used by the client. Windows NT 5.1; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10" " JSESSIONID=0000IVlSm3- cookies: The name and value of a cookie that was sent to the dbMJSDh9gkBMyxU8:-1;TJE=" client browser. If multiple cookies were sent, the list is delimited by theSPVC; semicolon character (:). for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 301 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lesson 14

distribution Lesson 14.Theme architecture for This lesson provides an introduction to theme architecture.

This lesson includes the following topics:not Client-side aggregation versus server-side aggregation Portal customization and branding

Objectives SPVC;

This lesson hasfor the following objectives: Define branding, themes, and skins. Explain theme design considerations. Customize styles sheets. Installguide and deploy themes and skins. Define the theme deployment process for stand-alone and clustered WebSphere Portal instances.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 303 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Client-side aggregation versus server-side aggregation

This topic discusses the difference between client-side aggregation and server-side aggregation.

Page aggregation concepts

Content is combined from several sources when distributiona portal page is rendered for a user. Aggregation describes how content on a page is combined into a single coherent unit. In early versions of WebSphere Portal, aggregation took placefor on the server. This meant that, when users interacted with a page, the request sent to the server was followed by aggregation on the server side. not WebSphere Portal 7.0 supports a new unified theme architecture. This architecture permits server-side and client-side page aggregation. The client-side aggregation architecture has been updated since version 6.1.5.

UnderstandingSPVC; aggregation options

You can choosefor from two aggregation options: client-side aggregation and server-side aggregation. In general aggregation is how information from various components is combined into a coherent view. Earlier versions of WebSphere Portal relied upon server-side aggregation as the sole means of assembling content beforeguide sending the view to a browser. The browser received the markup and created the view according to the instructions provided in the markup. The obstacle to performance became clear when content from a discrete area of the page required that the entire page be reloaded. Techniques were, and still are, available for managing this. Caching technologies and portlet render behaviors can mitigate the load incurred by repeated page loads.

This process is changed by such frameworks as Ajax that permits a browser to request partial page updates. It became clear that the browser could and should carry a greater role in the task of aggregating content. To this end, WebSphere Portal supports a Accompanyingnew aggregation model called client-side aggregation.

Client-side aggregation A full page does not need to be refreshed in client-side aggregation. Page changes, for example, occur without refreshing a full browser page. Content that is provided by the IBM Syndicated Feed Browser, for example, can be relegated to the browser for aggregation. Therefore, users who interact with portlets or widgets enabled for client-side aggregation can update that portlet or widget without affecting the page. This does not mean that interaction with other elements on the page that require a response from the server are unaffected. Other portlets and widgets on the page can be affected as a result of wiring. In some cases, a response from the server is required thatdistribution might result in a partial page refresh through an Ajax call, or it might result in a reload of the page. for Client-side aggregation works through a JavaScript-based component called the client-side aggregator. The client-side aggregator controls the interaction withnot the portal by making calls to the Representational State Transfer (REST) service of page fragments and doing the assembly on the client.

RESTful architecture: REST is a software architecture that was described by Roy Fielding in 2000. Fielding was a principle author of the HTTP 1.0SPVC; and 1.1 sp ecification. The purpose of RESTful architecture is to reduce load on systems by understanding how networked systems manage the representationfor of resources and how systems transition from one “representational” state to another. The key is to implement a software design that takes better advantage of the networked nature of many systems with many types of resources.

Server-sideguide aggregation Page changes cause a refresh of the full browser page in server-side aggregation. Similarly, interactions with portlets result in a refresh of the full browser page. However, on pages that support iWidgets, interaction are processed according to the behavior of the client-side mode. This does not mean that Ajax calls are not permitted. The difference might be understood in terms of granularity. By enabling server-side aggregation, you put the task of aggregating the rendered content entirely on the server. A developer might enable an update to a field, for example, through Ajax, but it is not turned on or off at the page level. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 305 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Additional considerations Before choosing an aggregation option, you must understand the following trade-offs: Some portal pages, such as those that use existing themes, are incompatible with client-side aggregation. Some portlets are incompatible with client-side aggregation. (In client-side aggregation, portlets are wrapped by the server as iWidgets.) Some browsers cannot support client-side aggregation. distribution Setting page aggregation options You set page aggregation mode by using the Edit Page Properties portlet. To access this portlet, click Administrationfor Pages → Manage Pages interface, or click the Action tab and select the Edit Page Properties interface. not The choice is to inherit the parent page setting or to choose either server-side or client-side aggregation. The page reverts to server-side aggregation if the theme applied to it does not support client-side aggregation. Figure 14-1 shows where you select page aggregation. SPVC; for

guide

Accompanying Figure 14-1 Page Properties: Selecting the page aggregation options

Topic B: Portal customization and branding

This topic explains how to define and create a brand, how to define themes and skins, and how to implement cascading style sheets.

Defining and creating a brand

This section explains how to define a create a brand.distribution

Defining a brand for Branding turns the WebSphere Portal into your organization’s portal. A brand includes the organization’s logo, colors, trademarks, content, navigation, andnot pages among other things. It expresses the business and practices of the organization. The primary tools for expressing the organization’s brand are themes and skins.

Creating a brand Creating a brand requiSPVC;res the input of many people. The ideal team lead is an experienced user interface designer. You must consult your organizafor tion’s legal department about preserving trademarks. Also consult with your organization’s marketing department, which can contribute the necessary graphics and provide a perspective on the organization’s image. Youguide need the following items to create your brand: Mastery of WebSphere Portal navigation Layout of the default portal Understanding of theme and skin architecture Comprehension of the business purpose of your portal Experience with HTML and CSS

You must also perform the following tasks to create your brand: Gather graphics and red, green, and blue (RGB) color patterns. Involve both legal and marketing departments. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 307 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Defining themes and skins

Themes and skins are used to establish the brand.

Page Builder and the Unified Theme Architecture A new approach to theme architecture has been implemented in WebSphere Portal 7.0.

Defining the Page Builder Unified Theme Architecture You can now use static pages that employ ordinarydistribution HTML. Your developers define placeholders for components, such as portlets or iWidgets, to incorporate dynamic content.for Developers create and edit static pages by using an HTML editor tool of their choice.

Supporting multiple aggregation modes, you can use the new theme architecture to configure whethernot a page is rendered in client-side aggregation mode or in server-side aggregation mode. You can grant users editor rights on the page to switch them between client-side and server-side mode.

You use portlets and iWidgets to add application logic to a static page. These componentsSPVC; are self-cont ained applications that you can use in a flexible way.

Remember thatfor portlets are Java-based applications. They are executed in a portlet container on the server side. Portlets can be rendered through client-side aggregation. Their presentation is translated by the portal into iWidgets markup that can be executed in theguide browser if this setting is enabled. iWidgets are written as JavaScript logic. They execute in the browser on the client-side. The portal wraps the iWidgets as portlets if server-side aggregation is enabled.

The Page Builder theme has evolved from the Page Builder in version 6.1.5. Manage your themes directly in static HTML files

Accompanying

stored in a Web-based Distributed Authoring and Versioning (WebDAV) entry point.

WebDAV: WebDAV is defined in RFC2518. WebDAV extends the HTTP protocol so that you can collaboratively create and edit files on a remote web server.

The WebSphere Portal implementation provides WebDAV for the following reasons: Management of pages A file store for mashup integration Web Content Management distribution

The entry points for WebDAV can be identified in a service document retrieved from the following URL:for http:///wps/ mycontenthandler/!ut/p/model/service-documentnot The root for WebDAV is fs-type1 and entry points are: Themes: fs-type1/themes Skins: fs-type1/skins Mashups: fs-type1/users/ SPVC; A WebDAV client for themes might use the following URL: http://my_company.com:10039/wps/mycontenthandler/dav/fs- type1/themes for

You change style and layout through static CSS and layout templatesguide that are stored and configured through WebDAV (Figure 14-2 on page 310).

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 309 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not Figure 14-2 Theme WebDAV architecture

You need a WebDAV client to access the theme folders. The entry point for new themes and existing themes is the themelist folder (Figure 14-3). To create a new theme, the WebDAV requires the following URL: SPVC; http:///mycontenthandler/dav/themelist for

guide

Figure 14-3 The themelist folder

You can add a theme to the themelist folder by first copying and renaming it. In addition, creating an empty folder defines the folder hierarchy for the theme that will be created. The empty theme is not displayed in the list of theme folders until it contains the required artifacts, such as the theme.html file. To access the individual themes, use the following URL: http:///mycontenthandler/dav/fs-type1/themes/ Accompanying

Figure 14-4 illustrates the contents of the CSA2 theme.

distribution for

Figure 14-4 CSA2 theme contents not Managing the WebDAV file store You might need to enable write-access to the file store for non-administrators. This effort applies to user folders and not specifically to the theme-related folders (or mashup-related folders). Only administrators can write to certain folders, including public and user-ownedSPVC; folders, immediately upon installation. You can enable write access for all authenticated users on the WebDAV file storefor folders. Add the filestore.writeaccess.allowed property to the WP ConfigService resource environment provider in the WebSphere Application Server administrative console to enable write access for all authenticated users. Set the value for the property to true. Seeguide Figure 14-5 on page 312.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 311 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

Figure 14-5 The filestore.writeaccess.allowed propertySPVC; In addition to the two entry points mentioned, several other WebDAV entry forpoints are possible. However, the filestore.writeaccess.allowed property applies to the filestore entry points for home directories for each user located at the following address: http://server_name:port/wps/mycontenthandler/dav/fs-type1/ users/user_nameguide

Users can modify only their own directories. You must grant additional permissions for users to modify other directories.

The theme and mashup folders are handled differently. The access control policy is managed by assigning, for example, the MANAGER role on THEME MANAGEMENT if your goal is to permit the user or users to create, modify, or delete themes and related artifacts. See Figure 14-6 on page 313.

Accompanying

distribution

Figure 14-6 Access control for theme management for

WebSphere Portal 7.0 themes WebSphere Portal 7.0 themes are composednot of typical J2EE components. Each theme is a collection of JavaServer Pages (JSPs), JSP fragments, cascading style sheets, and property bundles that define the functionality and appearance of the portal. These themes are managed as enterprise archive files. Installation of the theme requires you to move the EAR file to a location that can be resolvedSPVC; by the portal resource addressability framework, such as an EAR file deployed on the portal. Then you must register thefor new theme by using XML Access. Use multiple themes in the following situations: When the portal has multiple personalities that act as multiple divisions of a larger parent organization Whenguide each branch (customer, vendor, or intra-company) is a logical portal When identifying areas, such as a user area or administrative area, within the portal

Defining skins A skin is a wrapper for a portlet that provides a title and controls for the portlet.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 313 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Implementing a theme

This section explains how to implement a theme.

Building the new theme New themes are implemented by using the WebDAV interface and common HTML editors. Change the metadata for the title and description of the theme if you copy an existing one.

To stage a theme managed in the WebDav filestore, follow these steps: distribution 1. Connect to dav:fs-type1 and locate the folder that contains the source theme. for Version 6.1 theme: If the theme was defined in version 6.1, after you locate the theme EAR file, you can begin with step 4. not

2. Copy this folder to the FileStore folder on the target server by using a WebDAV client. 3. Stage the theme descriptor as usual by using XML Access or Release Builder. SPVC;

You can use the previously existing themes from WebSphere Portal 6.x if youfor have existing themes. Remember that deploying older themes does not take advantage of the new theme architecture.

The following steps explain how to deploy older themes from WebSphereguide Portal 6.x. You must perform Steps 1 through 5 if the theme is from version 6.0.

Version 6.1 theme: If the theme was defined in version 6.1, after you locate the theme EAR file, you can begin with step 4.

1. Create the themes and Dojo directories and copy the contents of your existing theme into both directories. 2. Create a WEB-INF directory and copy in the TLD files. 3. Archive the entire structure into a WAR file. 4. Deploy the WAR file through WebSphere Portal. Accompanying5. Register the theme by using XML Access.

Adding themes

Your new theme is automatically registered if you added it by using WebDav. You might want to alter the skin list. However, no other steps are required. You must manually register your theme if you are using existing themes.

To define an existing theme by using the Themes and Skins portlet, follow these steps: 1. Click Administration → Portal User Interface → Themes and Skins. distribution 2. In the Themes and Skins window (Figure 14-7), click the Add new theme icon. for not

SPVC; for

Figure 14-7 Themes and Skins window: Clicking the Add new theme button guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 315 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

3. In the next window (Figure 14-8), complete these steps: a. Enter a theme name. b. Enter the directory name that is case-sensitive and that is a subdirectory of themes/. c. Click a skin in the All skins field, and click the right arrow button to add the skin to the Skins for this theme field. Repeat this process until all skins listed have been added.

distribution for not

Figure 14-8 Themes and Skins window: Adding a new theme SPVC; Applying a theme for To apply a theme (Figure 14-9), follow these steps: 1. Edit the page Title field. 2. Select a theme from the Theme list. 3. Set the theme policy from the Navigation type (theme policy) list.guide

Figure 14-9 Applying a theme to a page.

Accompanying

Lesson 15

distribution Lesson 15.Installing WebSphere Portal for This lesson explores the installation and configuration options for WebSphere Portal. not This lesson includes the following topics: Options, methods, and sources for installing WebSphere Portal Configuring WebSphere Portal SPVC; Objectives for This lesson has the following objectives: Review the different installation options for WebSphere Portal. Discuss the various configuration choices. guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 317 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Options, methods, and sources for installing WebSphere Portal

WebSphere Portal provides the following installation options: A Base option A Full option

The Base option distribution

The Base option installs a functional WebSpherefor Portal instance. The benefit of the Base option is that you do not have to disable undesired features, nor do you need to remove unwanted samples. This option is ideal for a deploymnot ent scenario where the staging environment is complete and you are preparing to implement the production environment. You can selectively enable additional features, samples, and developed content after the installation as needed.

The Full optionSPVC;

You install the fullfor set of WebSphere Portal features and samples that are available for your offering. An offering is the purchased product entitlement such as WebSphere Portal Enable or WebSphere Portal Extend. The full option is ideal for proof-of-concept deployment or a sandbox environment where exposureguide to the full set of features is beneficial.

Portal-light mode: WebSphere Portal provides a portal-light mode that features improved portal start-up time and reduced memory consumption. For more information, see Topic B: “Configuring WebSphere Portal” on page 325.

Installation methods

You can install WebSphere Portal 7.0 by using a graphical user interface, GUI, an interactive console method, or a silent Accompanyingunattended installation using a response file.

The Installation wizard The Installation wizard GUI is easy to use, and the time spent using it is brief, making it an excellent choice for stand-alone installations. You can access the interface by locating your product source files. You use a CD image in the lab. See “Installation sources” on page 322 for more information.

To run the Installation wizard, you follow these steps: 1. From within the Installation Setup folder, double-click install.bat or, from Linux, run ./install.sh. 2. When the wizard opens, choose the WebSpheredistribution Portal entitlement that you purchased (Figure 15-1). The WebSphere Portal Enable edition includesfor all the features of WebSphere Portal Server with integrated Web Content Management, document libraries, and advanced portal search. The WebSphere Portal Extend editionnot includes all the features of WebSphere Portal Enable and adds services for collaboration and electronic forms.

SPVC; for

guide

Accompanying Figure 15-1 WebSphere Portal and Lotus WCM Installation Wizard

© Copyright IBM Corp. 2011. All rights reserved. 319 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

3. Accept the license agreement. 4. Select the installation option: – Base – Full 5. Specify the installation directory. A short path is always preferred. In Windows, do not add a space in the path name. 6. Enter the node name and fully qualified host name. The node name identifies the WebSphere Portal installation in a Network Deployment. If you are planning on federating the node anddistribution if this node will be the primary node, modify the node name with an alternative, such as wpsPrimaryNode. for 7. Enter the administrative user ID and password. The credentials are used to initially administer the WebSphere Portal Server, the Web Content Managementnot infrastructure, and the underlying WebSphere Application Server. The user ID and password are stored in a file-based realm in the federated repository of the application server. 8. Specify the Windows Services setting if you are installing WebSphere Portal on Windows. Setting WebSphereSPVC; Portal to run as a Windows service can be helpful if the server is a stand-alone installation. The Node Agent processfor is responsible for the state of the underlying application server of WebSphere Portal in a federated environment.

guide

Accompanying

9. Review the installation summary (Figure 15-2). You can use the summary as a documentation source and for ensuring that the intended choices and values were provided.

distribution for not

SPVC; for

Figure 15-2 WebSphere Portal and Lotus Web Content Management Installation Wizard: Installation summary guide The console installation method Launch the console method from a console such as a Windows command prompt. Navigate to the software Installation Setup directory. The console installation method is useful when a GUI is unavailable, such as on a Linux platform where desktop support is not installed.

Use the following command syntax depending on your environment: Windows command Accompanying install.bat -console

© Copyright IBM Corp. 2011. All rights reserved. 321 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Linux command ./install.sh -console

Figure 15-3 shows the Windows command.

Figure 15-3 Command window

The silent unattended installation methoddistribution WebSphere Portal simplifies a highly repetitive process, such as building an enterprise deployment, by usingfor a response file to install or uninstall. You might need to modify the response file to reflect variations among target platforms. A sample installation response file, installresponse.txtnot, and a sample uninstallation response file, uninstallresponse.txt, are in the software setup directory such as l-setup or W-Setup.

Launch the silent installation by using the following command syntax depending on your environment: Windows: SPVC; install.bat -options "path_to_file\response_filename" Linux: for ./install.sh -options "path_to_file/response_filename"

Warning message for failure to detect ports: If the GUI or console mode installation program fails to detect ports for either WebSphereguide Application Server or WebSphere Portal, a warning message is displayed. The installer offers you another chance to enter the values. If the silent installation fails to detect ports, the installer exits.

Installation sources You have the following choices for configuring your installation software source: DVD Using a DVD is simplest option because no further preparation for starting the installation is required. Accompanying

Local file system folders Folders are required for silent installation. They are more practical, in most cases, because you are not prompted to supply a path for the next disk equivalent. Network folders The benefit of network folders is the effort to configure them does not need to be repeated for each install as is the case when using local folders.

You can set up folders by copying DVD contents or by extracting parts that you download from Passport Advantage®.distribution The naming of each folder is important for the installation to proceed without prompts. for With a DVD as the origin of the source, you can copy the DVD into its own directory, as shown in the following examples for Linux and Windows: not Windows: E:\wps7\W-Setup Linux: /wps7/IL-Setup SPVC; This way, the operating system platform code serves as the prefix of the software forsetup folder. Note the following operating system codes: A AIX® (32-bit and 64-bit) I IBM i IL Intel® Linux (32-bit and 64-bit) PL guidePowerPC® Linux (32-bit and 64-bit) ZL zLinux (64-bit) SS Solaris™ (32-bit and 64-bit) SO Solaris (amd64) W Windows (32-bit and 64-bit)

Downloading media from Passport Advantage requires the download parts be extracted. The part description indicates the appropriate name and operating system code for each part.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 323 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Profiles

WebSphere Portal 7.0 supports a multiple profile feature. You install WebSphere Portal once and then create multiple profile instances based on the original installation.

With multiple profile support, you can define different behaviors for your WebSphere Portal deployment by creating additional profiles and modifying them. You can create additional profiles immediately after installation if you want each profile instance to use the unmodified version of the WebSphere Portal configuration. distribution

Creating an application server profilefor for WebSphere Portal on Windows If you are new to profile creation, use the Profile Management Tool. This GUI provides information notto you as you provide required input.

As shown in Figure 15-4, run the pmt.bat command from the \bin\ProfileManagement directory to launch the Profile Management Tool.SPVC; for

guide

Figure 15-4 ProfileManagement directory

A Welcome page opens when the tool is launched. Click Launch Profile Management Tool to see a list of existing profiles or to create a new one. A list showing the existing profiles is displayed. As shown in Figure 15-5, click Create to launch the Profile Creation wizard.

Accompanying

distribution for Figure 15-5 Profile Management Toolnot See the following web page for more details about creating additional WebSphere Portal Server profiles: http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Supporting_m ultiple_profiles_wp7. SPVC; Topic B: for Configuring WebSphere Portal

This topic explains how to configure WebSphere Portal. guide Developer mode

Configure a portal server in developer mode to improve startup performance for development. Do not use WebSphere Portal in development mode in a production environment.

Select the Base option when installing WebSphere Portal if you intend to operate it in development mode. Run the ConfigEngine task enable-develop-mode-startup-performance. The ConfigEngine task switches the Java virtual machine to development mode and adjusts the initial heap size to the maximum allowable heap size. In turn, the change to the heap Accompanyingsize improves startup performance by reducing the amount of

© Copyright IBM Corp. 2011. All rights reserved. 325 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

garbage collection that occurs during startup. In addition, all but a subset of portlets and web applications are activated upon first access, and not at startup.

In the whitelist, include any portlets that you want in the startup activation sequence. The whitelist is stored in the \\PortalServer\\config\\ StartupPerformance\\wp.base_TargetMapExclList.properties file.

Add a line for the name of each application as it is known to the application server, such as the PA_Blurb application.distribution Find a list of applications by using the Integrated Solutions Console: 1. Run the following task from the wp_profile_root\\ConfigEngine directory:for ConfigEngine.bat enable-develop-mode-startup-performancenot -DWasPassword=password 2. Restart the WebSphere Portal Server to render the change effective.

Troubleshooting issues that occur in quality assurance (QA), and not in development, mightSPVC; require you to restore WebSphere Portal to a normal runtime state: 1. Run the following task from the wp_profile_root\\ ConfigEnginefor directory to revert to a production server: ConfigEngine.bat disable-develop-mode-startup-performance -DWasPassword=password 2. Restartguide the portal to make the change.

Accompanying

Empty portal

Use the empty portal configuration to support implementation of a staged environment. Run the following task, from the wp_profile_root/ConfigEngine directory to configure a portal for initialization of a new production server from your staging environment: ConfigEngine.sh|bat empty-portal -DWasPassword=password

For more information about this task, see Topic E: “Using Release Builder” on page 547. distribution

No content available message: After you run the empty_portal task, you see an error messagefor indicating that no content is available if you access WebSphere Portal Server. You can ignore this message until you import another configuration into the server. not

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 327 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

328 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 15: Installing WebSphere Portal Server 7.0

Lab

Lab 15: Installing distribution WebSphere Portal forServer 7.0 not

In this lab, you install WebSphere Portal Server 7.0, which you will use for the rest of the course.

Shut down the Portal99 image: Before you begin this lab, shut down the Portal99 image.SPVC; Failure to do so may result in performance degradation. for Objective

Thisguide lab has the objective of installing WebSphere Portal Server 7.0.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 329 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

To install WebSphere Portal Server version 7.0, follow these steps, which include the steps for both Windows and Linux operating systems: 1. Navigate using one of the following paths based on your operating system: – Windows - C:\Installs\Portal Extend\W-Setup folder, and double-click install.bat to launch the installation wizard. –Linux - /root/software/portal7/IL-setup and run the following command: ./install.sh. 2. Click IBM WebSphere Portal Extend and clickdistribution Next. Figure 15-6 illustrates how your page is displayed. for not

SPVC; for

guide

Figure 15-6 Portal Launch Information Center

Accompanying

330 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 15: Installing WebSphere Portal Server 7.0

3. Click I accept the terms in the license agreement after you have read it, and click Next.

Figure 15-7 illustrates the license agreement page.

distribution for not

SPVC; for

Figure 15-7 Portal Software Licenseguide Agreement

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 331 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

4. Click Full and click Next (Figure 15-8).

distribution for not

SPVC; for

Figure 15-8 Portal installation type window

5. Retain the default installation path as listed below and click Nextguide: Windows: C:\IBM\WebSphere Linux: /opt/IBM/WebSphere

Accompanying

332 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 15: Installing WebSphere Portal Server 7.0

6. Accept the default value for the installation directory. Figure 15-9 shows the portal installation path. Click Next.

distribution for not

SPVC; for

Figure 15-9 Portal installation path guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 333 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

7. Enter Portal00 in the Node Name field and Portal00.training.ibm.com in the Fully Qualified Host Name field and click Next (Figure 15-10).

distribution for not

SPVC; for

Figure 15-10 Portal node and host name page guide 8. Enter installadmin in the following fields, as shown in Figure 15-11 on page 335. a. Application server and portal administrative ID b. Application server and portal password c. Confirm password 9. Click Next.

Accompanying

334 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 15: Installing WebSphere Portal Server 7.0

distribution for not

SPVC;

Figure 15-11 Portal administrative ID and forpassword

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 335 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

10.Verify that the Create services to start, stop configure startup check box is clear and click Next (Figure 15-12).

distribution for not

SPVC; for

Figure 15-12 WebSphere Portal page - Microsoft Window Services guide

Accompanying

336 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 15: Installing WebSphere Portal Server 7.0

11.Review your portal installation, as shown in Figure 15-13.

distribution for not

SPVC; for Figure 15-13 Installation review

12.Click the Back button to make any corrections, if necessary. Theguide installation takes approximately 30 minutes. 13.Verify your selections and click Next. 14.Clear both Launch options and click Finish. 15.Start the WebSphere Portal Server.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 337 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lesson 16

distribution Lesson 16.Configuring WebSphere Portal for not This lesson provides an introduction to WebSphere Portal configuration.

This lesson includes the following topics: Working with the ConfigEngine and the Configuration Wizard Configuring the databaseSPVC; Using profiles for Objectives

This lesson has the following objectives: Defineguide the contents of the portal configuration database. Determine any issues surrounding the default database configuration. Explain the reasons to split the portal configuration database. Use the WebSphere Portal configuration wizard to migrate the portal configuration database.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 339 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Working with the ConfigEngine and the Configuration Wizard

This topic discusses how to work with the ConfigEngine and the ConfigEngine Wizard.

ConfigEngine overview distribution The installation process includes the required software components and enables features accordingfor to the Base or Full installation option that is selected. Additional configuration is required for deployment considerations, such as database location and type, security, load balance and fault tolerance requirements, and process management.not

The ConfigEngine employs a console-based interface, works with properties stored in a file, and, based on predefined tasks, interacts with system resources through additional scripting interfaces and APIs. This tool has been the primary tool for administrators of WebSphereSPVC; Portal for several versions of the product. for ConfigEngine Wizard overview

The ConfigEngine Wizard has more recently come to prominence as a convenient graphical presentation of some of the predefined tasksguide managed by the ConfigEngine. If installing portal with the graphical installation tool, the task completes by presenting you with a choice to launch the Configuration Wizard to complete common post installation tasks, such as transferring the portal databases.

How the ConfigEngine works

The ConfigEngine works with property files and command line inputs. The wkplc.properties file, which is in the wp_profile_root\ConfigEngine\properties directory, is the primary file for storing input data. Make a backup copy of this file Accompanyingbefore you make changes, and treat the backup as a template.

Tips for working with the ConfigEngine When working with the ConfigEngine, remember the following tips: Before you make any edits, always make a backup of the property files. Before you run the ConfigEngine tasks, always make a backup of the configuration repository. Do not store passwords in properties files. Pass them as arguments, such as -DPortalAdminPwd=. distribution Properties and tasks ConfigEngine tasks are used to perform several post installation steps such as enabling the mashup user interface.for To enable the integration of WebSphere Portal and mashups, follow these steps: 1. Open a command prompt by clicking Start → All Programs → Accessories → Command Promptnot. 2. In the command prompt, change directory to your WebSphere Portal profile as follows, depending on your environment: –For Windows: C:\IBM\WebSphere\wp_profiles\ConfigEngineSPVC; – For Linux: /opt/IBM/WebSphere/wp_profiles/for ConfigEngine 3. Depending on your environment, enter the following command (all on the same line): –For Windows: guideConfigEngine.bat deploy-portal-mashup-ui –DWasPassword= –DPortalAdminPwd= – For Linux: ./ConfigEngine.sh deploy-portal-mashup-ui –DWasPassword= –DPortalAdminPwd=

The following ConfigEngine tasks, among others, follow a similar syntax: Database transfer Security configuration Accompanying Starting and stopping of WebSphere Portal

© Copyright IBM Corp. 2011. All rights reserved. 341 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic B: Configuring the database

This topic discusses configuring the database.

Configuration tasks for the database

The database configuration requires the following tasks: Exploring the portal configuration databases Defining the issues of the portal configuration database Defining enterprise database alternatives distribution Exploring the portal configurationfor databases The portal configuration databases contain the configuration of pages, portlets, and all of the resources for WebSphere Portal. The installation of WebSphere Portalnot creates, by default, a single database for all of its configuration data. The default database uses the open-source Derby database. Derby is a Java database that uses the JVM resources of WebSphere Portal to store and retrieve its data. The Derby database simplifiesSPVC; the installation of WebSphere Portal. With this database, administrators can make their own database choices based on the organization’s needs and standards. Derbyfor is a single process database. Consequently, it is desirable to transfer this data to a relational database server as soon as possible after installation.

Data security: The Derby database provides few resources to guaranteeguide the security of the data that it stores.

WebSphere Portal uses the portal configuration database for the following actions: Determine page configuration, layout, and contents. Store user-specific customizations. Store web content. Maintain document libraries. Store rules and data.

Accompanying

The initial portal configuration databases consist of multiple schemas and all configuration content, as illustrated in Figure 16-1.

Figure 16-1 Multiple schemas Defining the issues of the portal configurationdistribution database The installation creates a single open source Derby database. The following database issues, among others,for have been identified: It runs in the same Java process as WebSphere Portal, which impacts performance. not A single-process database cannot be clustered. A non-secured database can be copied and analyzed. Defining enterpriseSPVC; database alternatives The ConfigEngine scripting tool provides the capability to transfer data from the Derby database to several mainstream database server products.for You must edit the following files to meet the specifications required for your database server to use the ConfigEngine scripting tool: wkplc.properties wkplc_comp.propertiesguide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 343 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Database transfer: See the following topics in the WebSphere Portal 7.0 documentation that contain details about using ConfigEngine to perform the database transfer: “Windows stand-alone: Configuring WebSphere Portal to use a database” http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Windows _standalone_Configuring_WebSphere_Portal_to_use_a_dat abase_wp7 “Linux stand-alone: Configuring WebSphere Portal to use a database” distribution http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Linux_s tandalone_Configuring_WebSphere_Portal_to_use_a_datab ase_wp7 for “Windows clustered server: Configuring WebSphere Portal to use a database” not http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Windows _clustered_server_Configuring_WebSphere_Portal_to_use _a_database_wp7 “Linux clustered server: Configuring WebSphere Portal to use a database” SPVC; http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Linux_c lustered_server_Configuring_WebSphere_Portal_to_use_a _database_wp7for

You can transfer data from any one database to any other. WebSphere Portal provides the following methods to transfer data: ConfigEngine, which uses a command line ConfigWizard,guide which is GUI-based

The following target databases effectively guarantee sufficient compatibility to function as a portal configuration repository: IBM DB2 Universal Database™ IBM DB2 for iSeries® IBM DB2 for z/OS® Oracle Enterprise Edition SQL Server 2005

Accompanying

Properties for the database configuration

This section includes the following concepts: Splitting the portal configuration databases configuring the WebSphere Portal database

Splitting the portal configuration databases The installation creates multiple schemas. The following list identifies the installation options: distribution Keep the databases as one database. Split certain schemas into their own databases. Split all schemas into separate databases.for Split databases across multiple servers.

When you are deciding to split the database,not remember the following tips: Split into multiple databases to improve performance. Split to allow replication and redundancy of databases. Run WebSphere Portal without the customizing the database.

Achieving data redundancySPVC; and reducing single point of failure: Your primary criteria must be to achieve data redundancy and reduce single point of failure, even though you might want to splitfor the schemas across multiple databases. Your secondary criteria should always be performance.

Configuring the portal databases To transferguide the portal configuration data to one or more enterprise databases with ConfigWizard when you configure the portal databases, follow these steps: 1. Create the target database or databases. 2. Select the default language.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 345 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

3. On the Welcome page (Figure 16-2), click the Next button.

distribution for not

SPVC; for Figure 16-2 Welcome page

guide

Accompanying

4. On the page that prompts you to select the task that you want to perform (Figure 16-3), click Transfer data to other databases and click Next.

distribution for not

SPVC; for

Figure 16-3 Transfer function guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 347 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

5. Enter the administrative password. 6. Select the source database type. 7. On the Target Database Type page (Figure 16-4), click the target database type.

distribution for not

SPVC; for

Figure 16-4 Target Database guideType page

Accompanying

8. Define the target database driver. 9. Define the target databases. 10.On the “Parameters for database driver” page (Figure 16-5), confirm the transfer and click Next.

distribution for not

SPVC; for

Figure 16-5 Database transferguide confirmation page

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 349 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

11.Click Next to complete the transfer, as shown in Figure 16-6.

distribution for not

SPVC; for Figure 16-6 Parameters for database domain

Topicguide C: Using profiles

A profile defines the runtime environment. A profile includes all the files that the server processes in the runtime environment and those files that can be edited or changed. The installer for the WebSphere Portal Server creates a configuration profile for the application server to represent the full configuration of a single portal instance. The application configuration profiles support such items as data source definitions, web applications, portlet deployments, and the Java virtual machine configuration.

WebSphere Portal 7.0 introduces a new feature that allows for multiple profiles. Prior to WebSphere Portal 7.0, one configuration Accompanyingprofile was available per installation. This profile was typically named wp_profile.

The multiple profile feature provides the ability to have multiple, independently configured portal instances running from the same installation. You install WebSphere Portal once and then create multiple profile instances based on the original installation. Additional profiles are built by using a captured “baseline” portal configuration as a foundation.

Configuring your system with multiple profiles offers the following advantages: The reuse of a single installation for multiple independent portal instances These instances can be used to support variousdistribution test scenarios or development efforts. The ability to recover from a configurationfor problem by deleting the current profile and recreating it without re-installing the product The flexibility to easily expand a notcluster’s capacity through the creation of custom profiles without managing the extra, nonessential resources of a regular stand-alone instance The ability to update a deployment manager profile to handle portal servers and thus avoid all the manual preparation steps SPVC; Profile types for You can define more than one type of profile. The following types of profiles can be generated: Portal.default Managed.portal Management.portal.augmentguide

The portal.default profile contains a stand-alone portal server in the captured configuration.

The managed.portal profile is a custom profile that is enhanced with the portal runtime environment. This profile does not contain any servers. The main purpose of the managed.portal profile is to provide a runtime environment for additional cluster members. The standard portal tasks can be used to create a portal server cluster member from an existing cluster template after the federation of this custom profile.

AccompanyingThe management.portal.augment profile is created by augmenting a standard deployment manager profile. The resulting profile

© Copyright IBM Corp. 2011. All rights reserved. 351 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

holds a deployment manager that prepared for use with WebSphere Portal. This profile can be used as a target for the federation of portal nodes without needing significant manual steps.

You can create a portal farm or a clustered environment with multiple profiles. A portal farm is a simple way to build and maintain a highly scalable and highly available server environment. A portal farm differs from a cluster environment in that members of a farm are not network deployment managed nodes. distribution Hint for applying maintenance and maintaining profile templates for WebSphere Portal: You can apply fix packs to WebSphere Portal that affect its configuratioforn after you initially run the enable-profiles task. After applying a fix pack, it is best to run the replace-profiles task. This way any WebSphere Portal configuration updnotates associated with the fix packs are captured in the configuration archive, which creates additional WebSphere Portal profiles in the future.

Hint for updating WebSphere Portal profile templates due to customization: Similarly, some time after you initially run the enable-profiles taskSPVC; to capture the baseline WebSphere Portal configuration, you might want to do further customization to your baselinefor WebSp here Portal environment. After performing the customization to your baseline environment to capture an updated configuration archive file, run the replace-profiles task. This way future additional profiles will include the configuration updates. guide This process does not introduce the new configuration changes into any existing additional WebSphere Portal profiles that have already been created.

Considerations for multiple profiles

The multiple profile environment requires special considerations for certain management and operation tasks. These tasks include search collections, cluster configurations, and default profiles. Accompanying

Search considerations The Search functionality does not support sharing search collections between multiple profiles. Prior to running the enable-profiles or replace-profiles tasks, delete all search collections, including the default search collection. When the enable-profiles and replace-profiles tasks are run, all existing search collections are captured in the profile templates. If the search collections are not deleted, search errors occur when additional profiles are created.

Use the backup and restore procedures to preserve the search collections on the original profile. Alternatively, usedistribution the export and import steps as follows: 1. Export the existing search collections. for 2. Remove the existing search collections. 3. Run the enable-profiles or replace-profiles configuration task to capture the portal configurationnot in the profile template. 4. Import the saved search collections on the original profile. 5. Create new profiles by using the profile templates. Default search collections are automatically created in the new profile.

You must configure a SPVC;remote search server to support the sharing of the search collections to share search collections between multiple portal server instances, such as in a clustered or portal farm environment.for

Cluster configurations Clustering is a technology for supporting robust scalability and faultguide tolerance. The employment of the multiple profile feature raises implications for clustering.

Maintaining a WebSphere Portal installation with multiple profiles involves applying maintenance to the product binaries and to each profile instance. All profile instances and the WebSphere Portal product binaries must be updated at the same time to avoid conflicts.

Consider one profile on a particular installation that belongs to a cluster. When that cluster is updated, the shared product binaries for WebSphere Portal and all other profiles on the system must also be updated to maintain synchronization. All profiles that Accompanyingshare the same product binaries (such as multiple profile enablement on a single hardware platform) must belong to the

© Copyright IBM Corp. 2011. All rights reserved. 353 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

same cluster to align with the best practice of applying maintenance at the cluster boundary.

Default profiles In the multiple profile environment, certain commands require a specified -profileName parameter if the profile is not the default profile. In such cases, it might be easier to use the commands in the bin directory of each profile rather than from the bin directory of the . Issue one of these commands from within the bin directory of the profile. The command defaults to act on that profile unless -profileName specifies a differentdistribution profile. Creating profiles for

Profiles are typically created when the product is installed. Additional profiles can be created immediatnot ely after installation. WebSphere Portal 7.0 provides the ability to install and configure WebSphere Portal, building a customized environment to serve as a foundation for additional profiles.

Creating multiple profiles entails the following tasks: Preparing the systemSPVC; for multiple profile support Creating the profiles

Preparing thefor system for multiple profile support WebSphere Portal 7.0 is shipped a new configuration profile template called the portal profile template. This new profile template type is registered with the WebSphere Application Serverguide when the product is installed.

Accompanying

Figure 16-7 shows the system after the installing WebSphere Portal 7.0.

Default Portal Profile

Portal Profile Templat es Profile Portal Files Management distributionTool

Profile Profile WebSphere Templat es forRegistry

Application Server Default Portal Pro. not Figure 16-7 System after installation

You can then create new configuration profiles based on the portal profile template. The portal profile template must be primed with the baseline application server configuration prior to the creation of new configuration profiles. The “baseline” portal profile is used as a foundation for theSPVC; creation of new profiles. This baseline configuration is provided in the form of a configuration archive (CAR) file that isfor created from an existing portal profile. The CAR file is created by exporting the contents of an existing portal profile.

WebSphere Application Server uses the wsadmin scripting interface to support the CAR file creation. WebSphere Portal providesguide a configuration task that creates the CAR file and captures additional portal-specific files to be kept with the CAR file. The task also places the CAR file and any associated files in the correct directory.

Run the enable profiles task as follows, depending on your environment, to create the CAR file for your system from the wp_profile-root/ConfigEngine directory of the desired configuration profile: Linux ./ConfigEngine.sh enable-profiles -DWasPassword Accompanying UNIX ./ConfigEngine.sh enable-profiles -DWasPassword

© Copyright IBM Corp. 2011. All rights reserved. 355 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Windows ConfigEngine.bat enable-profiles -DwasPassword

The Portal.car file is saved to the PortalServer_root/profile Templates/default.portal/configArchives directory.

Figure 16-8 shows the location of a CAR file when preparing the system for multiple profile support.

distribution Default Portal Profile for 1. Create CAR and ot her ZIP files 2. Register in PMT

Portal Profile Templat es Portal Profile CARnot Known Management Templat es Tool

Profile Profile WebSphere Templat es Registry Application Server Default Portal Pro.

Figure 16-8 Running SPVC;profile enablement

Only make thosefor changes to the wp_profile directory that are to be included in all additional portal profiles after generating the initial profile template with your required configuration. The portal profile template then contains the required configuration and updates immediately when maintenance is applied. guide Creating the profiles Create the profiles using the Profile Management Tool or the manageprofiles commands. The Profile Management Tool is a GUI that guides you through the process. This GUI is the preferred method for beginners because the interface uses automatically created default values.

64-bit environment: The Profile Management Tool is not supported in a 64-bit environment. Use the manageprofiles command to create profiles in a 64-bit environment. All required parameters to create the profile can be entered by using a Accompanyingcommand line with the manageprofiles command.

Creating or augmenting a profile requires a profile template, which is used to execute the required actions. The templates are in the PortalServer_root ProfileTemplates directory. Choose the appropriate file to create or augment your profile.

The newly created profile’s administrator ID and password for WebSphere Application Server are set according to the input given. WebSphere Portal still has the same security and database configurations, including the portal administrator ID and password, as the initial profile that is used to run the enable-profiles task. A fresh copy is automatically created with the newdistribution profile if your initial profile was configured to use the Derby database. If your initial profile was configured to use a non-Derby database, all the database domains of the new profile are identicallyfor configured. Likewise, any security configurations that were made before running the enable-profiles task are preserved with the new profile. not Profile Management Tool To create a profile by using the Profile Management Tool, follow these steps: 1. To start the Profile Management Tool GUI, run the command for your system fromSPVC; within the AppServer_root\bin\ ProfileManagement directory: –Linux for ./pmt.sh –UNIX ./pmt.sh –guide Windows pmt.bat 2. Click the Launch Profile Management Tool button. 3. Click Create to create a new profile. 4. In the Environment Selection window, expand WebSphere Portal Server 7.0.0 → WebSphere Portal Server. Click Next. 5. Click the Advanced Profile Creation and click Next. 6. In the Profile Name and Location window, enter the name for the new profile and its location in the file system. The name and location must be unique from other existing profiles. Click Accompanying Next.

© Copyright IBM Corp. 2011. All rights reserved. 357 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

7. In the Node and Host Names window, enter the node name and TCP/IP host name for the new profile. The node name must be unique from other profiles in the same management cell (under deployment manager control) if you plan to federate this profile. The host name must be a valid and reachable over the network. Click Next to continue. 8. In the Federation window, select the Federate this node later check box to federate the node in the future.

Attention: Do not enter the values for the deployment manager to federate now because this causes an unusable portal node. distribution

9. In the Security Certificate (Part 1) window,for complete the following steps: a. Click one of the following radio buttons: • Create a default personal certificate.not • Import an existing default personal certificate. b. Click one of the following radio buttons: • Create a new root signing certificate. • Import an existing root signing certificate. c. Click Next. SPVC; 10.In the Security Certificate (Part 2) window, choose to either provide the newfor certificate information or verify the existing certificate information. Click Next. If you choose to federate the profile, the Port Values Assignment window opens. 11.Change any necessary port values, and then click Next. 12.Inguide the Profile Creation Summary window, review the information that was collected by the wizard. Click Create to create the new profile with WebSphere Portal. 13.Click Finish to exit the Profile Management Tool.

The manageprofiles command Run the manageprofiles command for your system from the AppServer_root bin directory to create a profile using the manageprofiles command: Linux manageprofiles.sh -create -templatePath/opt/ IBM/WebSphere/PortalServer/profileTemplates/ Accompanying default.portal -profileName testPortal1

-profilePath /opt/IBM/WebSphere/PortalServer /profiles/testportal1 -cellName testCell -nodeName testNode UNIX manageprofiles.sh -create -templatePath/opt/IBM/ WebSphere/PortalServer/profileTemplates/default.portal -profileName testPortal1 -profilePath /opt/IBM/WebSphere/PortalServer /profiles/testportal1 distribution -cellName testCell -nodeName testNode for Windows manageprofiles.bat -create -templatePath C:\IBM\WebSphere\PortalServer\profileTemplates\not default.portal -profileName testPortal1 -profilePath C:\WebSphere\testportal1 -cellName testCell -nodeName testNodeSPVC; The profile template in the Linux and UNIX examples is installed in the /opt/IBM/WebSphere/PortalServer/profileTemplates/ default.portalfor directory. The new profile is testportal1 and is in the /opt/IBM/WebSphere/PortalServer/profiles/testportal1 folder.

The profile template in the Windows example is installed in the C:\WebSphere\PortalServer\profileTemplates\default.portalguide directory. The new profile is testportal1 and is in the C:\WebSphere\testportal1 directory.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 359 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

You can use the following additional parameters with the manageprofiles command: -isDefault signifies that this profile serves as the default profile for the installation -isDeveloperServer indicates that WebSphere Portal is to be configured for development mode in this profile. -nodeName provides a node name for the new profile. If a name is not provided, the node name defaults to a value based on the local host name. This parameter is required if federating this profile into a managed cell because this value must be unique from other nodes in the cell. distribution

You can augment the existing deployment manager profiles based on the existing template after running the enable-profilesfor task.

Each portal profile maintains its own independent configuration. The configuration tasks for WebSpherenot Portal are executed against only one profile with separate property files and multiple profile options.

SPVC; for

guide

Accompanying

Lab

Lab 16: Configuring thedistribution portal database for not This lab provides an introduction to WebSphere Portal configuration.

This lab includes the following tasks: Configuring the database Verifying the data SPVC;transfer

Objectivesfor

This lab has the objective of using the WebSphere Portal configuration wizard to migrate the WebSphere Portal configurationguide database.

Substitution values: In this lab, when you see the value , substitute it as follows depending on your environment: Windows C:\IBM\WebSphere\wp_profile Linux /opt/IBM/WebSphere/wp_profile

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 361 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 1: Configuring the database

Creating DB2 databases

You will create the required databases in DB2 by running a custom script. More information about writing a custom script file to create the Portal databases in a RDBMS can be found in the Information Center. The following steps describe how to create DB2 databases.distribution Windows 1. Open a DB2 command window for the DB2COPY1for instance and navigate to C:\LabFiles\lab 16. 2. Enter the following command: CreatePortalDatabases.batnot This creates the necessary DB2 databases and tables. It runs for approximately 2 minutes. 3. Verify the output for any error messages before proceeding with the transfer. 4. In the command promptSPVC; window, scroll up and verify that there are no error messages for all databases: commdb, custdb, fdbkdb, jcrdb, lmdb, reldb. 5. Exit the commandfor prompt window.

Linux 1. You are logged on as root. Log off and then log on as db2adminguide using was1edu as your password. 2. Using a terminal (Computer → Applications → More Applications → System → Gnome Terminal), navigate to the home directory and run the following command: ./CreatePortalDatabases.sh 3. Verify the output for any error messages before proceeding with the transfer. Alternatively open the DB2 Control Center (GUI) and verify tables exist. 4. Log off as db2admin and log on as root using web1sphere as your password. Accompanying

Migrating databases to DB2

In this task, you execute the Portal wizard to migrate the data from the Derby database to the newly created DB2 databases.

The following steps describe how to transfer the portal configuration data to DB2 with configwizard when you configure the portal database: 1. Launch the configuration wizard: – Windows: \PortalServer\wizard\configwizard.batdistribution –Linux: for /PortalServer/wizard/configwizard.sh 2. On the Welcome page (Figure 16-9), click Next. not

SPVC; for

guide

AccompanyingFigure 16-9 Welcome page

© Copyright IBM Corp. 2011. All rights reserved. 363 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

3. Click Transfer data to other databases, as shown in Figure 16-10, and click Next.

distribution for not

SPVC; for

Figure 16-10 Transfer data to other databases guide

Accompanying

4. Enter installadmin in the Password field (Figure 16-11). Click Next.

distribution for not

SPVC; for

Figure 16-11 Administrative password

Theguide process runs for a few minutes to query the server. If the WebSphere Portal Server is not running, it will start.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 365 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

5. Click IBM Derby (Figure 16-12) as the source database type and click Next.

distribution for not

SPVC; for

Figure 16-12 Select database type guide

Accompanying

6. Click the target database type IBM DB2 Universal Database and click Next (Figure 16-13).

distribution for not

SPVC; for

Figure 16-13 Select target database type

7. Define the properties for the DB2 Universal Database (Figureguide 16-14): a. Set the DbVersion: • For Windows: 9.5 • For Linux: 9.7 b. In the DbLibrary field, replace with the library’s path Windows: c:/SQLLIB Linux: Accompanying /home/dsrdbm01/sqllib/java c. Click Next.

© Copyright IBM Corp. 2011. All rights reserved. 367 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC;

Figure 16-14 Define the target database driverfor

8. Define the target database driver. – In Windows, for the dbUrl, change guideto portal00 and change the port to 50001: jdbc:db2://portal00:50001/RELDB:returnAlias=0 – In Linux, for the dbUrl, change to portal00 and change the port to 50002: jdbc:db2://portal00:50002/RELDB:returnAlias=0

Linux port number: The port number defined for Linux is not the same as the port number defined for Windows.

Target Database is the name from the script that you used to create the database. You enter the information for each Accompanying database.

9. Define the Target Database (Figure 16-15): a. For Release, enter a Dbname of RELDB. b. For Customization, enter a DbName of CUSTDB. c. For Community, enter a DbName of COMMDB. d. For jcr enter, a DbName of JCRDB. e. For Feedback, enter a DbName of FDBKDB. f. For likeminds, enter a DbName of LMDB. g. For the DbUser, enter the Database administrator user name of db2admin. h. For the Database administrator password, enter was1edu. distribution for not

SPVC; for

guide

Figure 16-15 Define the target databases

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 369 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

10.Review the database drivers and click Next (Figure 16-16).

distribution for not

SPVC; for Figure 16-16 Database drivers

guide

Accompanying

11.Review the database drivers and click Next (Figure 16-17). This process takes 30 minutes, or more, for the server to complete.

distribution for not

SPVC; for

Figure 16-17 Reviewing database parameters guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 371 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

12.On the final page, click Finish (Figure 16-18).

distribution for not

SPVC; for Figure 16-18 Final page

Task 2: Verifying the data transfer guide In this task, you verify the database transfer by accessing WebSphere Portal. 1. Open a browser and go to: http://portal00:10039/wps/portal

Trusted site: Add http://portal00 as a trusted site.

The displayed Welcome page will be the same as when WebSphere Portal was using the Derby database. 2. Log in to the portal using installadmin for the user ID and Accompanying password. 3. Verify that you are able to successfully log in to the portal.

4. View the Data sources. 5. In the browser, go to: https://localhost:10032/ibm/console. 6. Log in using installadmin for the user ID and password. 7. In the left navigator pane (Figure 16-19), expand Resources → JDBC → Data sources to view examples like wpdbDS_community in the Name column for all the DB2 databases. distribution for not

SPVC; for

guide Figure 16-19 Integrated Solutions Console tab

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 373 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lesson 17

distribution Lesson 17.Security for WebSphere Portal for not This lesson discusses Lightweight Directory Access Protocol (LDAP)-based authentication and portal security.

This lesson includes the following topics: LDAP-based authentication Portal security SPVC;

Objectivesfor

This lesson has the following objectives: Define LDAP-based authentication. Selectguide an appropriate LDAP.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 375 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: LDAP-based authentication

This topic discusses LDAP-based authentication.

Overview of LDAP-based authentication

Most organizations use a security mechanism based on an LDAP repository even though a database mechanism is highly reliable. LDAP is not so much a repository as it is a protocol for access to a repository without requiring knowledge of the underlyingdistribution storage mechanism.

The protocol provides a standardized interfacefor to the repository and the information managed by that repository loosely adheres to a specification for the LDAP schema. This means that different LDAP repositories will have differentnot schemas. Examples of these are IBM Tivoli Directory Server, IBM Lotus Domino, and Microsoft Active Directory. One requirement for implementing LDAP integration is to understand the schema requirements, classes, and attributes managed by the LDAP repositories you integrate. You can configure WebSphereSPVC; Portal to use either a stand-alone or federated LDAP, as illustrated in Figure 17-1 on page 377.

Configuring thefor stand-alone LDAP makes it the exclusive repository for the portal. Configuring a federated LDAP adds one LDAP at a time into the existing mechanism. With this configuration, you can authenticate against the database and any number of LDAPs, making it a highly recommended configuration. guide Each user must be uniquely named across the entire federated repository, which includes the distinguished naming structure.

Accompanying

distribution for not

Figure 17-1 LDAP configuration illustration SPVC; Topic B: for Portal security

This topic explains how you can secure WebSphere Portal.

Authenticationguide

The authentication process is the same regardless of the repository configuration. WebSphere Application Server generates a security token based on the user’s credential information when they have been authenticated.

Remember me cookie WebSphere Portal passes the security token, LTPA token, back to the user’s access device in the form of a cookie. The browser sends the cookie back to the portal to serve as the user’s Accompanyingcredential on subsequent access requests.

© Copyright IBM Corp. 2011. All rights reserved. 377 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The cookie is valid for the length of the user’s portal session. The cookie is invalidated when the user logs off, or when the user’s session expires because of a lack of activity.

You can further enhance the security in the following ways: Linking to an LDAP server only over a secure backbone, because no user traffic goes across the backbone Encrypting traffic between WebSphere and LDAP Employing an external security systems, such as Tivoli Access Manager or WebSeal distribution Step-up authentication You can extend the single sign-on (SSO) mechanismfor to servers outside of the portal scope by employing a token mechanism (Figure 17-2). Domino servers accept the same token as the portal. You can authenticate the usernot at the edge of the network and generate a token that is acceptable to other servers to extend it further. The additional servers implement a Trust Association Interceptor (TAI) that validates the tokens over those servers.

SPVC; for

guide

Figure 17-2 Extending SSO to servers outside the portal scope Accompanying

Impersonation Use impersonation to access the portal as though you are another user. Support staff use the impersonation feature to view pages, portlets, and other portal components to find issues and errors.

Portal managers might encounter a problem that they cannot resolve. In this case, a support specialist can use the impersonation feature and access that portal system as the manager to determine a solution to the problem without needing the manager’s password.

You enable the impersonation feature by first assigningdistribution the Can Run As User role to the users who will use the impersonation.

You can use the default Impersonation portletfor to impersonate specific users. You can alternatively create a resource environment provider to enable impersonation and develop a custom portlet for impersonating users.not Portal Access Control provides the ability to impersonate other users.

Impersonation is turned off by default and must be enabled. The first step is to add a custom property to the WP Authentication Service. The second step is to add a custom property to the WP_PortletServiceRegistryService.SPVC; Impersonation isfor enabled after restarting the server. Considerations for using impersonation Consider the following points regarding impersonation: Client-side aggregation Doguide not activate client-side aggregation. Client-side aggregation does not support user impersonation. For this reason, ensure that you do not activate client-side aggregation on any portal pages where the impersonation portlet is deployed. User impersonation and people awareness When a user who is enabled for impersonation impersonates other users, the people awareness feature is disabled for the entire session for which that user is authenticated. Impersonation and back-end data Impersonation does not give users access to the data Accompanying generated by a portlet.

© Copyright IBM Corp. 2011. All rights reserved. 379 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

VMM and LDAP integration

Virtual Member Management (VMM) stores information that pertains to user repositories. Repositories can be file based, a database, or an LDAP. The VMM supports configuration of a property extension database in those circumstances where a user might need attributes that are not managed by the repository. The wimconfig.xml file is the principle file for configuration of VMM. Direct edit of this file is strongly discouraged.

Stand-alone LDAPs, federated distribution repositories, and multiple LDAPsfor This section discusses stand-alone, federated, and multiple LDAPs. not Stand-alone LDAPs You must ensure that all required users and groups are available to the portal to authenticate against an LDAP. At a minimum, this applies to the default administrator ID and portal’s administrator group. It can include groups for collaboration, document management, and contentSPVC; management depending on the features that you configure for your portal. for For example, you might want to define the following administrator IDs and groups: Required IDs – Portal administrator –guide WebSphere Administrator Required groups – Portal administrators – Virtual portal administrators – WebSphere administrators – Document or content reviewers – Document or content approvers

Federated respositories You can configure a federated LDAP by using the following methods: Accompanying ConfigEngine, using a command line configwizard, using a GUI

You edit the wkplc.properties file to configure a federated LDAP, which sets the appropriate search parameters for the chosen LDAP. Next, you validate the configuration and then create the new LDAP. You must also run the wp-change-portal-admin-user task if you intend to use an ID and group from the newly added LDAP as the administrator credentials.

The steps are summarized as follows: 1. Edit the wkplc.properties file. 2. Validate the configuration file: ConfigEngine validate-federated-ldap distribution ConfigEngine wp-create-ldap 3. Set the portal admin ID and portal administrativefor group: ConfigEngine wp-change-portal-admin-user

Run the wp-create-realm task for eachnot addi tional realm to add realm support. To add realm support, you use these steps: 1. Edit the wkplc.properties file in the /ConfigEngine/Properties directory. Define the following values: – realmName – securityUse SPVC; – delimiter – addBaseEntryfor 2. Run the ConfigEngine wp-create-realm task. 3. Restart all servers. Configurationguide wizard You can also add and configure single and federated LDAPs by using the configuration wizard, called configwizard. You start configwizard from the C:\IBM\WebSphere\wp_profile\ PortalServer\wizard\configwizard directory.

Security for immediate use

The VMM uses file-based repository security when you install WebSphere Portal. If you are building a cell, it is also used, by default, on the deployment manager. When you federate the WebSphere Portal node into the deployment manager cell, the Accompanyingsecurity settings of the portal node are replaced with the deployment manager’s security settings.

© Copyright IBM Corp. 2011. All rights reserved. 381 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The required group for the WebSphere Portal administrators and administrative user must be defined in the deployment manager’s security repository prior to federating your portal node into the cell. Otherwise, the administrators group and administrative user for WebSphere Portal are lost when federating the node into the deployment manager.

Custom LDAP integration

A custom repository can be configured if none of the repositories that are ready for immediate use is sufficient. Settingdistribution up custom user repositories involves such tasks as defining additional repositories to the default federated user registry. Your development team must create an implementationfor of the UserRegistry interface in WebSphere Application Server to make the custom repository available. not Property extension database (formerly the Look-aside database)

You can choose to use a property extension database if the schema of the user repositorySPVC; does not support a specific attribute or is read-only. You might want to implement a property extension database to providefor these attributes for users. A property extension database can be used with federated repositories, stand-alone LDAP, or a custom registry.

Externalguide security managers Organizations with central access control management needs often use external security managers, such as IBM Tivoli Access Manager, to perform authentication and authorization for IBM WebSphere Portal. These managers can handle authentication only, or you can configure them to handle both authentication and authorization. In the case of authorization, provide custom unique names for externalized portal resources, such as pages and portlets, so that security managers can more easily and accurately define access to those resources.

Using an external security manager to perform only authorization Accompanyingis not supported at this time.

382 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 17: Enabling portal security using an LDAP repository

Lab

Lab 17: Enabling portaldistribution security using an LDAPfor repository not

In this lab, you change the security configuration to use a LDAP server. In version WebSphere Portal 7.0, a ConfigEngine script is available to change from one user registry to another, in this case from the default user registry to the LDAP server, as previously mentioned. You can alsoSPVC; use this script to update a user registry. This lab includesfor the following tasks: Checking existing users and groups Editing security property settings Testing the new security settings guide Objectives

This lab has the following objectives: Edit security properties. Validate properties. Update Portal security information.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 383 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Substitution values: In this lab, when you see the value , substitute it as follows depending on your environment: Windows C:\IBM\WebSphere\wp_profile Linux /opt/IBM/WebSphere/wp_profile distribution for not

SPVC; for

guide

Accompanying

384 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 17: Enabling portal security using an LDAP repository

Task 1: Checking existing users and groups

Go to the portal administration area and verify users and groups that are currently listed. These lists will change by the end of the lab. 1. In the browser, go to: http://portal00:10039/wps/portal 2. Enter installadmin as the user ID and password and click Log in. distribution 3. Click Administration. 4. In the Access section, click Users and forGroups . You will see User Groups in the Search list and All available in the Search by list. not 5. Click Search and observe the current list of groups. 6. In the Search dropdown list, click Users to display uid in the Search list. 7. Enter an asterisk (*) in the Search field, click Search, and observe the currentSPVC; list of users. 8. Click Logout and close the browser. for Task 2: Editing security property settings guide Modifying security properties

1. Go to the \ConfigEngine\properties directory and open wkplc.properties in an editor. 2. Find the following properties and modify values as needed: WasUserid=uid=installadmin,o=defaultWIMFileBasedRealm WasPassword=installadmin PortalAdminId=uid=wpsadmin,cn=users,dc=training,dc=ibm, dc=com PortalAdminPwd=wpsadmin PortalAdminGroupId=cn=wpsadmins,o=defaultWIMFileBasedRe Accompanying alm federated.ldap.id=PortalClusterLDAP

© Copyright IBM Corp. 2011. All rights reserved. 385 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

federated.ldap.host=portal00 federated.ldap.bindDN=uid=wpsbind,cn=users,dc=training, dc=ibm,dc=com federated.ldap.bindPassword=wpsbind federated.ldap.ldapServerType=IDS6 federated.ldap.baseDN=dc=training,dc=ibm,dc=com federated.ldap.et.group.searchFilter=objectclass=groupO fUniqueNames federated.ldap.et.group.searchBases=cn=groups,dc=traini ng,dc=ibm,dc=com federated.ldap.et.personaccount.searchFilter=objectclas s=inetOrgPerson distribution federated.ldap.et.personaccount.objectClasses= inetOrgPerson federated.ldap.et.personaccount.searchBases=cn=users,dcfor =training,dc=ibm,dc=com federated.ldap.gc.name=ibm-allGroupsnot federated.primaryAdminId=uid=wpsbind,cn=users, dc=training,dc=ibm,dc=com federated.realm=PortalRealm federated.serverId=uid=wpsbind,cn=users,dc=training,dc= ibm,dc=com federated.serverPassword=wpsbind newAdminId=uid=wpsadmin,cn=users,dc=training,dc=ibm,dc=SPVC; com newAdminPw=wpsadminfor newAdminGroupId=cn=admins,cn=groups,dc=training,dc=ibm, dc=com

Back up wkplc.properties: It is recommended that you back upguide the wkplc.properties file. 3. Save and close the file. 4. Open a command prompt and change the directory to \ConfigEngine and execute the following script: ConfigEngine validate-federated-ldap –DWasUserid=uid=installadmin,o=defaultWIMFileBasedRealm -DWasPassword=installadmin The BUILD SUCCESSFUL message is displayed in the output. 5. Execute the following script: Windows: Accompanying ConfigEngine wp-create-ldap -DWasUserid=uid=installadmin,o=defaultWIMFileBasedRealm

386 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 17: Enabling portal security using an LDAP repository

-DWasPassword=installadmin or Linux: ./ConfigEngine.sh wp-create-ldap -DWasUserid=uid=installadmin,o=defaultWIMFileBasedRealm -DWasPassword=installadmin This task takes less than 2 minutes to complete. BUILD SUCCESSFUL message is displayed in the output.

Restarting WebSphere_Portal distribution 1. Open a command prompt and change the directory to \bin and enter for Windows: stopserver WebSphere_Portal not Linux: ./stopServer.sh WebSphere_Portal 2. When prompted, enter installadmin for user identity and user password and wait for the Stop Completed message to display. SPVC; 3. If necessary, open a command prompt and change the directory to \bin and enter Windows: for startServer WebSphere_Portal Linux: ./startServer.shguide WebSphere_Portal Changing the WebSphere Portal administrator and administration group

1. Open a command prompt, change the directory to \ConfigEngine. 2. Enter the following command on one line: Windows: ConfigEngine wp-change-portal-admin-user -DnewAdminId=uid=wpsadmin,cn=users,dc=training,dc=ib Accompanying m,dc=com -DnewAdminpassword=wpsadmin

© Copyright IBM Corp. 2011. All rights reserved. 387 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

-DnewAdminGroupId=cn=admins,cn=groups,dc=training,dc= ibm,dc=com -DWasUserId=installadmin-DWasPassword=installadmin -Dskip.ldap.validation=true Linux: ./ConfigEngine.sh wp-change-portal-admin-user -DnewAdminId=uid=wpsadmin,cn=users,dc=training,dc=ibm,d c=com -DnewAdminPw=wpsadmin -DnewAdminGroupId=cn=admins,cn=groups,dc=training,dc=ib m,dc=com distribution -DWasUserId=installadmin -DWasPassword=installadmin for Restarting WebSphere_Portal not 1. Open a command prompt and change the directory to \bin and execute the stopServer script. Windows: stopServer WebSphere_Portal -username installadmin -password installadminSPVC; Linux: ./stopServer.sh WebSphere_Portal -username installadmin -password installadmin.for 2. If prompted, enter installadmin for user identity and user password and wait for the Stop Completed message to display. 3. Change the directory to \bin and enter startServer.guide 4. When the open for e-business message is displayed, enter the following command to start the server: Windows: startServer WebSphere_Portal Linux: ./startServer.sh WebSphere_Portal You can now access the portal with the new administrator name wpsadmin and password wpsadmin. Accompanying

388 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 17: Enabling portal security using an LDAP repository

Task 3: Testing the new security settings

1. Use the new password to verify access to the portal. 2. Open a browser and go to http://portal00:10039/wps/portal. 3. Enter wpsadmin for the user ID and password. 4. View the list of users and groups (now coming from the LDAP server) and click Administration. 5. In the Access section, click Users and Groupsdistribution. User Groups is displayed in the Search list and All available is displayed in the Search by list. for 6. Click Search and observe the new list of groups. 7. From the Search list, select Usersnot to display uid in the Search by list. 8. Enter an asterisk (*) in the Search field and click Search. 9. Observe the new list of users. 10.Log out and close the browser. SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 389 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lesson 18

distribution Lesson 18.Creating a cell for This lesson provides an introduction to creating a cell.

This lesson includes the following topics:not Network deployment overview Creating a cell

Objectives SPVC;

This lesson hasfor the following objectives: Define a cell. Use cell terminology. Describe clustering. Createguide a deployment manager.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 391 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Network deployment overview

This topic discusses cell concepts and architecture.

Concepts

A cell is a logical grouping of WebSphere Application Server instances into a single management entity. A celldistribution consists of the following items: Deployment manager for A deployment manager is a WebSphere Application Server instance that is responsible for the administrative functions of the cell. Only one deployment managernot is in a cell. Master configuration repository: The configuration data is organized in a directory structure whose hierarchy descends from a directory whose name matches the defined name of the cell. This structure is called the master configuration repository. Changes made to the files in the repository are written by the deploymentSPVC; manager. These files are synchronized across all members of the cell through a file transfer process.for If an administrator makes changes to a file in a copy of this repository on a member of the cell, those changes are over-written by the values in the master repository when synchronization occurs.

Nodeguide agent A node agent is a WebSphere Application Server instance that is responsible for synchronizing server configurations with the deployment manager. The node agent responds to directions from the deployment manager to execute such tasks as stopping or starting WebSphere Application Servers that are members of the node. A node agent is associated with only one profile. A cell can contain many nodes. Application server One or more application servers can be part of a single node. The application server performs the work that is associated with the business purposes of the cell. The configuration of the Accompanying application server or servers is synchronized by the node

agent that is associated with that profile. Many servers can be members of a single node.

Architecture

The cell definition includes a logical grouping of WebSphere server instances and a central point of administration for two or more servers, as is illustrated in Figure 18-1.

distribution for not

Figure 18-1 WebSphere architecture SPVC; Topic B: Creating a cell for This topic discusses installing, creating, and working with the deployment manager.

Installingguide network deployment

The installation of network deployment begins with the installation of WebSphere Application Server. You define a profile based on the profile template of the deployment manager following the installation. This process configures an instance of WebSphere Application Server to function as the deployment manager of a cell. The cell is named during the creation of the profile. Initially, the only member of the cell is the deployment manager.

The deployment manager runs a primary system application, Integrated Solutions Console. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 393 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Creating and working with the deployment manager profile

This section describes creating and working with the deployment manager profile.

Features The deployment manager has the following features: A WebSphere instance running an Integrated Solutions Console application distribution Security configuration for all cell members A master copy of all applications for all forcell members and configurations of all cell members Configuration and management tasks for all cell members, including support for synchronizationnot of the configuration repository with nodes

Examining a node Creation of a node, as with a deployment manager, begins with the installation of WebSphereSPVC; Application Server. In the case of WebSphere Portal, the installation of the WebSphere Application Server is often accomplished as part of the WebSphere Portal Server installation.for However, no node agent is defined during the installation process.

References to the state of the stand-alone node are referred to as a withered node, which is also often described as an unmanaged nodeguide. The node agent runs a primary system application, the file transfer application.

A node agent is defined by several scenarios. These include the creation of a custom profile, the creation of a new WebSphere Portal 7.0 profile, and the federation of an existing profile. You can use the Profile Management Tool or the manageprofiles script to define new profiles.

Federation: Federation is the process of joining nodes to cells. For more information about this topic, see Lesson 19, Accompanying“Federating a portal node into a cell” on page 439.

In the first scenario, a custom profile is one in which the process of federation is carried out at the time the profile is created or is deferred until a future time by using a script named addNode. This scenario initially produces a node that contains only a node agent and no other WebSphere Application server instances.

In the second scenario, you define a new profile that contains a node agent and an instance of WebSphere Application Server hosting WebSphere Portal. An active node agent is initialized when the node is federated.

Federating the new node during file creation:distribution The Profile Management Tool provides an option to federate the new node during profile creation. However, this option results in an instance of WebSphere Portal that is unstable.for Do not use this option. Alternatively, you can defer federation and use the addNode script to federate the node. not Every instance of a node agent defines a separate node. Similarly all nodes contain a node agent. The exception is the deployment manager node. The term node is used ambiguously so that a physical server, a virtual server, or logical partition is considered to be a node, which is appropriate in some cases. However, when discussing a network SPVC;deployment cell and its constituent members, a node coincides with the a node agent regardless of the underlying platform.for More than one node agent can run in the same partition or physical or virtual server. At that point, it is a multiple node configuration from the deployment manager perspective.

Theguide post-installation stand-alone portal has no node agent and is generally considered to be a self-contained node. This is considered an unmanaged node. When a node has been federated (joined to the cell), the WebSphere instance that runs the file transfer application (the node agent) manages a local copy of all applications for local servers and configurations of all local servers.

Examining a server The application servers (for example, the instances hosting WebSphere Portal Server) are responsible for the business purposes of the portal. The server1 instance is the target of many of the portal’s configuration scripts because of its lightweight Accompanyingnature.

© Copyright IBM Corp. 2011. All rights reserved. 395 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The WebSphere instance runs business applications and WebSphere Portal and responds to user requests.

Defining and exploring profiles During our discussion of nodes, profiles were treated as an analogy. Remember that profiles contain configuration data for WebSphere server instances. You can use the Profile Management Tool to create and manage profiles. The Profile Management Tool divides the templates for creating profiles into two categories: application server and WebSphere Portal Server.

Application server distribution The application server has the components listed in Table 18-1. for Table 18-1 Application server components Component Description Cell For deploymentnot manager and a federated server. Creates two profiles: a deployment manger profile and one application server profile in a federated node. Management Creates a deployment manager SPVC;profile. Application server Creates a stand-alone application for server capable of running applications. Custom profile Creates an empty node that might be federated but does not contain an application server. Secureguide proxy For configuration-only. A secure proxy configuration-only profile for use with a DMZ secure proxy server.

WebSphere Portal Server 7.0.0 WebSphere Portal Server has the components listed in Table 18-2.

Table 18-2 WebSphere Portal Server 7.0.0 components Component Description WebSphere Portal Server Creates a stand alone portal profile. Accompanying

Component Description Custom Portal profile Creates an empty node that is used as the basis for creation of a federated portal node.

The WebSphere Portal Server 7.0.0 profile template is not available to the Profile Management Tool until the ConfigEngine task, enable-profiles, has been completed. You can create new WebSphere Portal Server profiles based on the template after the task is complete. distribution You can create a deployment manager profile regardless of whether you run the enable-profiles task. Working with a deployment manager profile consists of twofor scenarios. The first scenario occurs when the deployment manager is to be implemented on the same host as the WebSphere Portal Server. The second, and by far the most commonnot scenario, occurs when the deployment manager profile is defined on a remote host.

Creating a local deployment manager profile and preparing it to receive a WebSphere Portal node presents the fewest initial complications. The reason is that a WebSphere Application Server is installed by the WebSphere Portal installer and, as a result, it meets the versionSPVC; and fix levels required by WebSphere Portal. for Creating a remote deployment manager profile begins when you install WebSphere Application Server with the correct version and patch level. In a Network Deployment environment, the deployment manager must equal or exceed the version and fix level of the proposed cell members. A simple means of installing WebSphereguide Application Server for the deployment manager is to use a special installation method, called a customized installation package (CIP). This package produces an installation that meets the requirements for an application server that is hosting WebSphere Portal to join, or be federated into, the cell.

After the necessary application server version is installed, you can use the Profile Management Tool or the manageprofiles script to create a deployment manager profile.

The Profile Management Tool You launch the Profile Management Tool from the AccompanyingProfileManagement directory in the application server root. You see a list of existing profiles, if any, and a button to create a new

© Copyright IBM Corp. 2011. All rights reserved. 397 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

profile. Among the profile types that are available, you see one named Management. Then you see the server types; the correct option is deployment manager.

By clicking Advanced profile creation, you are guided to enable deployment of the administrative console, the Integrated Solutions Console, which is required. You also define a name and location for the new profile. Keep your path short, and place the profile in the same root as the existing wp_profile directory, if you are configuring a local deployment manager profile. Remember that the name and location must be unique from other existing profiles. distribution Augmentation: The Profile Management Tool and the manageprofiles script provide a feature called augmentation. Augmentation is used to prepare a deploymentfor manager profile for federation of a WebSphere Portal Server node. For more information, see Lesson 19, “Federating a portal node into a cell” on page 439. not

You must provide values for the node name, DNS host name (long), and cell name for your new deployment manager or cell. Ensure that the host name is valid and reachable over the network. You must also ensure that you enable administrative security and provide valuesSPVC; for the User name, Password, and Confirm password fields. This information is stored in the default file-based securityfor realm of the federated repository. Certificates are required for secure communications and can be modified later. The options to create new default personal certificates is simplest at this point. You might need to use ports other than the default or recommended ports. The recommended portsguide are based on profile detection by the tool, and the numbers are automatically incremented to avoid conflicts. The default ports for WebSphere Portal and deployment manager come from two different ranges. You can choose whether to register and control the deployment manager in this profile as a service.

Tip: Remember the port values and the deployment manager simple object access protocol (SOAP) connector port values of the administrative console (Integrated Solutions Console) because you need these values when you manage the cell or when you federate nodes.

Two ports are listed for administration: standard (HTTP) and Accompanyingsecure (HTTPS).

The manageprofiles scripts Many administrators prefer a scripted means to accomplish frequent tasks such as profile creation. The manageprofiles script is a command line script for listing, creating, and deleting profiles. The script is launched from the bin > ProfileManagement directory.

To use the script for profile creation, specify the create task where the template you want to use is located, for example /profileTemplates/management. This directory is the location of the default templates. You must provide the long form of the DNS host name of your system. Becausedistribution we want to create a deployment manager profile for a cell that contains WebSphere Portal, we provide the name of the template, which is management. for Note the following script arguments:not -create The task name executed by the script. -templatePath A path including the directory containing the template you will use to create your profile. -hostName Use the long form of the host’s DNS name. -profileName A meaningfulSPVC; name you provide for your profile. -profilePath A location where your profile will be created forincluding the name of the profile folder. -cellName A meaningful name you provide for your cell. -nodeName A meaningful name you provide for your node. -enableAdminSecurity guide Set this value to true. -adminUserName An administrative user name. -adminPassword An administrative user’s password.

64-bit systems: For 64-bit systems, you cannot use the Profile Management Tool; instead, you must use the manageprofiles script.

Another use of the manageprofiles script is to list existing profiles. As profiles are listed, they are registered with the system. You can use the listProfiles command, as in the following example, Accompanyingwhen you are uncertain of a profile name that you want to modify: manageprofiles -listProfiles

© Copyright IBM Corp. 2011. All rights reserved. 399 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

To determine the path of an existing profile use -getPath as shown in the following example: manageprofiles -getPath -profileName

You can get help from the command line by entering the following command: manageprofiles -help

You can use other commands to delete, augment, unaugment, and determine the name of the default profile. For information about the manageprofiles script, see the WebSpheredistribution Application Server Information Center at the following website: http://publib.boulder.ibm.com/infocenter/wasinfo/v7r0/ index.jsp. for

Note that the Profile Management Tool and the manageprofiles script are also used to augment thenot deployment manager profile, which is discussed in Lesson 19, “Federating a portal node into a cell” on page 439.

SPVC; for

guide

Accompanying

Lab

Lab 18: Creating a portaldistribution cell for not There are multiple ways to configure clustering of your portal servers. Clustering can be complex procedure. In this lab, you implement a best practice for developing a clustered WebSphere Portal Server environment. This lab includes the followingSPVC; tasks: Stopping WebSphere Portal Server, if needed Installing the Deployment Manager Starting andfor configuri ng the Deployment Manager

Objectives guide This lab has the following objectives: Install and configure the Deployment Manager. Use the Profile Management Tool and the Administrative Console.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 401 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Substitution values: In this lab, use the following substitution values, depending on your environment, when you encounter them in the lab instructions: – Windows: C:\IBM\WebSphere\wp_profile –Linux: /opt/IBM/WebSphere/wp_profile distribution – Windows: C:\IBM\WebSphere\AppServer\profiles\Dmgr01for –Linux: /opt/IBM/WebSphere/AppServer/profiles/Dmgr01not – Windows: C:\IBM\WebSphere\AppServer –Linux: SPVC; /opt/IBM/WebSphere/AppServer for

guide

Accompanying

Task 1: Stopping WebSphere Portal Server, if needed

Ensure that WebSphere Portal is stopped to prevent problems with the installation of the deployment manager. 1. Open a command prompt and change the directory to \bin. 2. Type the command: serverStatus -all. 3. When prompted, enter installadmin for the user Identity and user password. distribution Server1 is the WebSphere Application Server instance and WebSphere_Portal is the name of the WebSpherefor Portal Server instance. 4. If the WebSphere_Portal server is running, enter the following command in the \binnot directory: stopServer WebSphere_Portal. 5. When prompted, enter installadmin for user identity and user password. The server will stop when you see the Stop completed message. SPVC;

Stopping the server: We are stopping the server with the installadmin accountfor because we did not change the application server administrator in the previous lab. We only changed the portal administrator.

6. If server1 is running, enter the following command in the \binguide directory: Windows: stopServer server1 Linux: ./stopServer.sh server1 7. When prompted, enter installadmin for user identity and user password.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 403 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 2: Installing the Deployment Manager

Use the following steps to launch and run the installation. 1. Go to \bin\ProfileManagement and run one of the following files: – For Windows: pmt.bat – For Linux: ./pmt.sh 2. On the Welcome page (Figure 18-2), click Launch Profile Management Tool. distribution for not

SPVC; for

guide

Figure 18-2 Profile Management Tool Welcome window

Accompanying

3. On the right side of the Profile Management Tool page, click Create, as illustrated in Figure 18-3.

distribution for not

SPVC; for Figure 18-3 Profile Management Tool - Create button

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 405 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

4. On the Environment Selection page (Figure 18-4), click Management and click Next.

distribution for not

SPVC; Figure 18-4 Environment Selection page for

guide

Accompanying

5. On the Server Type Selection page (Figure 18-5), click Deployment manager and click Next.

distribution for not

Figure 18-5 Server TypeSPVC; Selection page for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 407 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

6. On the Profile Creation Options page (Figure 18-6), click Advanced profile creation and click Next.

distribution for not

Figure 18-6 Profile CreationSPVC; Options page for

guide

Accompanying

7. On the Optional Application Deployment page (Figure 18-7), retain the default selection Deploy the administrative console (recommended) and click Next.

distribution for not

SPVC; Figure 18-7 Optional Application Deployment page for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 409 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

8. On the Profile Name and Location page (Figure 18-8), clear the Make this Profile the Default check box and retain the default values in the Profile name and Profile directory fields.

distribution for not

SPVC; Figure 18-8 Profile Name and Location page for

guide

Accompanying

9. On the Node, Host, and Cell Names page (Figure 18-9), retain the default values for the Node name, Host name, and Cell name fields and click Next.

distribution for not

SPVC; Figure 18-9 Node, Host, and Cell Names page for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 411 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

10.On the Administration Security window (Figure 18-10), keep the Enable administrative security check box active. Enter wasadmin for the User name, Password, and Confirm Password fields and click Next.

distribution for not

SPVC;

Figure 18-10 Administrativefor Security page

guide

Accompanying

11.On the Security Certificate (Part 1) page (Figure 18-11), retain the default values to create a new certificate and click Next.

distribution for not

Figure 18-11 SecuritySPVC; Certificate (Part 1) page for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 413 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

12.On the Security Certificate (Part 2) page (Figure 18-12), retain the default values and click Next.

distribution for not

SPVC; Figure 18-12 Security Certificate (Part 2) page for

guide

Accompanying

13.On the Port Values Assignment page (Figure 18-13), retain the default values in all the fields and click Next.

distribution for not

Figure 18-13 Port ValuesSPVC; Assignment page

14.On the Windowsfor Service Definition page (Figure 18-14), clear the Run the deployment manager process as a Windows service check box. Yo u do not want to run the deployment manager as a Windows service. Then click Next. Linux:guide On the Linux Service Definition page, clear the Run the deployment manager process as a Linux service check box. You do not want to run the deployment manager as a Linux service. Then click Next.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 415 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

Figure 18-14 Windows Service Definition page SPVC; for

guide

Accompanying

15.Review the Profile Creation Summary page (Figure 18-15) and click Create when you have reviewed it. The Create process runs for approximately 2 minutes.

distribution for not

SPVC; Figure 18-15 Profile Creation Summary page for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 417 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

16.On the Profile Creation Complete page (Figure 18-16), keep the Launch the First steps console check box active and click Finish.

distribution for not

SPVC; Figure 18-16 Profile Creation Complete page for

guide

Accompanying

Figure 18-17 shows the two profiles in the Profile Management Tool: Portal Server and Deployment Manager.

distribution for not

SPVC; for Figure 18-17 Profile Management Tool Profiles tab

Taskguide 3: Starting and configuring the Deployment Manager

In this task, you increase timeouts for the HTTP connection, Java Management Extensions (JMX) connector, and SOAP. You also modify the maximum Java heap size and create a Portal Administrator user and group.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 419 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Starting the Deployment Manager

1. In the “First steps” window (Figure 18-18), click Start the deployment manager.

distribution for not

SPVC; for Figure 18-18 First steps window

2. In the “First steps output” window (Figure 18-19), review the output to ensure that the message displays stating that server dmgrguide is open for e-business.

Figure 18-19 First steps output window

3. Close the “First steps output” window. Accompanying

Configuring the Deployment Manager

1. In the “First steps” window (Figure 18-20), click the Administrative console link. Windows: If a Security Alert is displayed, click Yes to proceed. Linux: If a “This Connection is Untrusted” page is displayed, expand I Understand the Risks and click Add Exception. In the Add Security Exception window, click Get Certificatedistribution and then click Confirm Security Exception. for not

SPVC; for

guide

Figure 18-20 First steps window

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 421 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

2. In the Integrated Solutions Console (Figure 18-21), enter wasadmin, which you configured in an earlier lab, for the user ID and password and click Log in.

distribution Figure 18-21 Integrated Solutions Console Welcomefor window Increasing the HTTP connectionnot timeout 1. Expand System Administration and click Deployment Manager (Figure 18-22).

SPVC; for

guide

Figure 18-22 Deployment Manager

2. Click the Web container transport chains link in the lower Accompanying right corner of the window.

3. In the Transport Chain panel (Figure 18-23), click the WCInboundAdmin link.

distribution for Figure 18-23 WCInboundAdmin link

4. In the Integrated Solutions Consolenot window (Figure 18-24), click the HTTP inbound channel (HTTP_1) link.

SPVC; for

guide

Figure 18-24 HTTP inbound channel link

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 423 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

5. In the Read timeout and Write timeout fields, change the values to 180 and click OK (Figure 18-25).

distribution for not

Figure 18-25 Integrated Solutions Console: General Properties

6. In the Messages areaSPVC; (Figure 18-26), click Save. for

guide

Accompanying Figure 18-26 Save link

7. Click the WCInboundAdminSecure link and repeat Steps 4 through 6.

Setting the requestTimeout for the Java management extensions connector

1. In the left navigator, under System Administration (Figure 18-27), click Deployment manager, or use the breadcrumb trail. distribution for not

SPVC; for

guide Figure 18-27 Integrated Solutions Console navigation

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 425 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

2. On the Configuration tab, under Additional Properties, click the Administrative Services link (Figure 18-28).

distribution for not

Figure 18-28 Administrative Services link under Additional Properties SPVC; 3. Under Additional Properties, click the JMX Connectors link (Figure 18-29).for

guide

Figure 18-29 JMX Connectors link Accompanying

4. Select the check box for SOAPConnector (Figure 18-30).

distribution for

Figure 18-30 SOAPConnector not

5. Under Additional Properties, click the Custom properties link (Figure 18-31). SPVC; for

guide

Figure 18-31 Custom properties link

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 427 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

6. Click the requestTimeout type (Figure 18-32).

distribution Figure 18-32 requestTimeout type for 7. In the Value field, enter 6000 (Figure 18-33). not

SPVC; for

Figureguide 18-33 General Properties

Accompanying

8. In the Messages area (Figure 18-34), click the Save link to save your changes.

distribution for not Figure 18-34 Save link

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 429 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Changing the maximum Java heap size

1. In the left navigator, click Deployment manager, or use the breadcrumbs. 2. Under Server Infrastructure, expand Java and Process Management and click the Process Definition link (Figure 18-35).

distribution for not

SPVC; for Figure 18-35 Process Definition link

guide

Accompanying

3. Under Additional Properties, click the Java Virtual Machine link (Figure 18-36).

distribution for not

Figure 18-36 Java Virtual Machine link SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 431 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

4. In the Initial Heap Size field, enter 256, and in the Maximum Heap Size field, enter 768 and click OK (Figure 18-37).

distribution for not

Figure 18-37 Heap sizeSPVC; values 5. In the Messages area (Figure 18-38), click the Save link. for

guide

Figure 18-38 Save link

Accompanying

Creating a WebSphere Portal administrator group

1. In the left navigator (Figure 18-39), expand Users and Groups → Manage Groups, and click Create.

distribution for not

Figure 18-39 Create button SPVC; 2. In the Manage Groups window (Figure 18-40): a. In the Groupfor Name field, enter wpsadmins. b. Optional: Enter text in the Description field and click the Create button. c. When the messageThe group was created successfully guidedisplays, click Close.

Figure 18-40 Created successful message

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 433 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

3. In the left navigator (Figure 18-41), under Users and Groups, click the Manage Users link. 4. Optional: In the Search for Users panel, click the Search button to see the user, wasadmin, created earlier in the lab. 5. Click Create.

distribution for not Figure 18-41 Create button

6. In the Create a User window (Figure 18-42), complete the following the fields as indicated: – In the User ID field, enter wpsadmin. – In the First NameSPVC; field, enter wps. – In the Last Name field, enter admin. – In the Password/Confirmfor Password field, enter wpsadmin. Then click Group Membership.

guide

Figure 18-42 Manage Users panel

7. Click Search. Accompanying

8. In the matching groups list (Figure 18-43), click wpsadmins, and click Add. Then click Close.

distribution for Figure 18-43 Group Membership panel Figure 18-44 shows closing the notgroup membership in the Integrated Solutions Console window.

SPVC; for

Figureguide 18-44 Group Membership panel

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 435 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

9. Click Create (Figure 18-45).

distribution

Figure 18-45 Create button for

10.When the message The user was created successfully displays, click Close (Figure 18-46).not

SPVC; Figure 18-46 The user was created successfully message for Changing the SOAP timeout

1. At the upper right corner, click Logout. 2. Closeguide the browser. 3. If the First step window is still open, click Exit to close it. 4. Windows: Open Windows Explorer and navigate to \properties. Linux: Using the Nautilus File System Browser, navigate to /properties. 5. Windows: In WordPad, open soap.client.props. Accompanying Linux:

Using gEdit, open soap.client.props. 6. Set com.ibm.SOAP.requestTimeout to 6000. 7. Save and close the file. 8. Restart the deployment manager to apply the changes. Earlier in the lab, you started the deployment manager using the First step window. Now, use the following command: a. Open a command prompt. b. Change to the \bin directory and enter the following command: distribution Windows: stopManager for Linux: ./stopManager.sh c. When prompted, enter wasadminnot for user identity and user password. The Stop completed message is displayed. d. Enter the following command: Windows: startManager SPVC; Linux: ./startManager.shfor

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 437 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

438 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 19. Federating a portal node into a cell

Lesson 19

distribution Lesson 19.Federating a portal node into a cell for not This lesson discusses federating the existing portal into a cell.

This lesson includes the following topics: Federating and clustering a WebSphere Portal node Managing a WebSphere Portal cluster SPVC; Objectivesfor

This lesson has the following objectives: Federate a node into a cell. Manageguide multiple WebSphere instances.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 439 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Federating and clustering a WebSphere Portal node

This topic explains how to federate and cluster a WebSphere Portal node.

Planning

The purpose of defining a cell is to federate a node,distribution which was discussed in Lesson 18, “Creating a cell” on page 391. The purpose of federating a node, in the case of an application server hosting WebSphere Portal, is to create a cluster.for

The purpose of a cluster is to provide a mechanism for load balancing and fault tolerance, whichnot is not your only option for a load balanced environment. Beginning with WebSphere Portal 7.0, you can implement a new feature, called portal farms, to satisfy demand in a scalable manner.

The process of defining a cluster consists of the following phases: Phase 1 is to installSPVC; WebSphere Portal. Phase 2 is to transfer the WebSphere Portal databases to an enterprise relationalfor database management system (RDBMS). Derby database: The Derby database does not support more than one database connection, making this step unusable for a clustered environment. guide Phase 3 is to prepare the deployment manager. Phase 4 is to federate the node that contains WebSphere Portal. Phase 5 is to create a cluster.

Accompanying

440 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 19. Federating a portal node into a cell

LDAP: According to IBM support, you can integrate Lightweight Database Access Protocol security at anytime. Generally, when building a cluster, this task is deferred until after the node is federated and the cluster has been defined. For this reason, LDAP integration is not described as a member of the federation or cluster configuration process.

You previously enabled LDAP in the labs for this course to demonstrate the typical process of defining a stand-alone instance of WebSphere Portal. distribution Before committing to clustering, consider the following limitations of a cluster: for You must install WebSphere Portal as a stand-alone node before creating a cluster. You cannot install WebSphere Portal into an existing managed node. not WebSphere Portal is not supported when running on a managed node that is not part of a clustered environment, except for the temporary state during the initial setup of the cluster. It is not possible to change settings through the Global Settings portlet or SPVC;the XML configuration interface in a clustered environment. These changes must be made by modifying the respective properties in the Integrated Solutions Console of thefor deployment manager. You must install and configure Search for a remote search service on an application server node that is not part of the cluster to support it in a clustered environment.

Rememberguide the following additional points for cluster implementation: Do not use spaces in the cluster name or the cluster member name when creating a cluster or a cluster member. For the deployment manager and each WebSphere Portal node to be in the cluster, verify that each system clock is set to within five minutes of the others or the addNode command will fail.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 441 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Administrative tools

Implementing a federated and clustered WebSphere Portal solution includes the following tools: Profile Management Tool or manageProfiles script, which is used to define a deployment manager profile and a WebSphere Portal 7.0 profile ConfigEngine, which is used to create WebSphere Portal databases, execute post federation tasks, and execute cluster setup tasks distribution Application server scripts, such as addNode, which are used to federate a WebSphere Portal application server node into a cell for Property files, such as wkplc.dbdomain.properties, which are used to specify settings for the Java Content Repository (JCR) Seedlist bus not The filesForDmgr.zip file in the / filesForDmgr directory, which is used to prepare the deployment manager to receive federation of a WebSphere Portal application server Integrated SolutionsSPVC; Console on the deployment manager, which is used to configure environment settings, such as the JCR Seedlist bus, and to manage the cluster for Terminology: The terms such as JCR Seedlist bus, the filesForDmgr.zip file, and the wkplc.dbdomain.properties file are discussed later in the lesson. guide Federating the node

This section explains how to federate a node.

Preparing the deployment manager If the deployment manager is remote, additional steps are required to ensure that it is prepared for federation.

Accompanying

442 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 19. Federating a portal node into a cell

Use the following steps only if the deployment manager is installed on a remote machine: 1. Copy the filesForDmgr.zip file from the /filesForDmgr directory of your local WebSphere Portal Server. 2. Stop the deployment manager on the remote machine. 3. Extract the filesForDmgr.zip file into the directory of the remote deployment manager machine.

Important: The deployment manager profile that you defined must be given the default name Dmgr01 and mustdistribution be in the default location /profiles/Dmgr0,1. If you did not do these two tasks, copy the metadata_wkplc.xml file from the /profiles/Dmgr01/config/.repositoryfor directory to the config/.repository directory of your deployment manager profile. not The wkplc.properties file does not generally need to be updated unless the deployment manager is configured for stand-alone LDAP. Use a federated repository and not a stand-alone LDAP.

Use the Profile Management Tool, or manageProfiles script, to augment the deploymentSPVC; manager profile. Augmentation optimizes the deployment manager for communications with a WebSphere Portalfor node by increasing the timeout values of the web container and SOAP. Augmentation is necessary because of the latency associated with the large volume of data to be sent from the node to the deployment manager during the federation process.

A finalguide step in preparation of the deployment manager for federation and cluster might be required if the short name of the WebSphere Portal administrator overlaps with a name in an LDAP repository known to the deployment manager.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 443 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Mitigating a short-name conflict: To mitigate a short-name conflict, follow these steps: 1. Log on to the Deployment Manager IBM Sharable Code. 2. Click Security → Global security. 3. In the “Global security window”, complete these steps: a. Under “User account repository”, click Configure. b. In the Primary administrative user name field, alter the user ID so that it uses the full distinguished name. For the default file user registry, the syntax is distribution uid=userID,o=defaultWIMFileBasedRealm as in the following example: uid=wpsadmin,o=defaultWIMFileBasedRealmfor c. Click Apply. 4. Enter the password for the usernot and then confirm the password. 5. Save all changes. 6. Log out of the administrative console.

Preparing and federatingSPVC; the primary node If the deployment manager is configured for federated realms, you do not need to updatefor the wkplc.properties file. The following changes are required if this file is using stand-alone LDAP: 1. Log on to the ISC on the deployment manager and locate the Virtual Member Manager settings for a stand-alone LDAP. 2. Edit the wkplc.properties file on the primary node by using theguide settings from the deployment manager.

Federation of the node requires a SOAP connection from the machine that is hosting WebSphere Portal and the machine that is hosting the deployment manager. The default port for these communications is 8879. It is possible that an alternative port is in use.

Accompanying

444 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 19. Federating a portal node into a cell

You can determine the port by logging on to the ISC of the deployment manager, click System Administration → Deployment Manager and, from the page headings, expand Ports, as illustrated in Figure 19-1.

distribution for Figure 19-1 Deployment manager ports not The addNode script: Use the application server script, addNode, to add your WebSphere Portal node to the cell. 1. Ensure that the deployment manager is running. 2. From a command prompt in the \bin of your WebSphere PortalSPVC; profile, enter the script using the following syntax: addNode - -includeapps -includebusesfor -username -password You can omit the dmgr port if your deployment manager is using the default port. guide The newly federated WebSphere Portal node is not supported until it has been clustered.

Clustering WebSphere Portal Two cluster models are available for WebSphere Portal customers: Dynamic cluster if you installed IBM WebSphere Virtual Enterprise Static cluster if you installed IBM WebSphere Network Deployment Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 445 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Execute the following post-federation task after you federate your node: ConfigEngine cluster-node-config-post-federation -DWasPassword=

This task completes the configuration of the deployment manager and prepares the environment for creation of a cluster.

Update the WebSphere Portal administration account to align it with the security configuration of the deployment manager. This task ensures that you have logon access to the soon-to-be-defined cluster member. You must usedistribution the full DN of the new user and group. You can review this by logging on to the ISC on the deployment manager and verifying the settings that are associated with short names as discussed forearlier: ConfigEngine wp-change-portal-admin-user -DWasPassword=not -DnewAdminId= -DnewAdminPw= -DnewAdminGroupId=

Use the following task to create the cluster after the deployment manager’s configuration is complete and the accounts are aligned: SPVC; ConfigEngine cluster-node-config-cluster-setup -DWaspassword= If you stored any passwords in the property files, delete them by entering the following command: ConfigEngine delete-passwords -DWasPassword=

The cluster has been created at this point. Now you must configure the JCRSeed bus: 1. From the ISC on your deployment manager, click Service Integration → Buses. 2. Select JCRSeedBus and find the heading “Bus members.” Accompanying3. Click Add and click Cluster. You see your new cluster in the drop-down menu.

446 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 19. Federating a portal node into a cell

4. If it is not already selected, select Enable Messaging Engine Policy Assistance and choose the messaging engine policy setting. 5. Click Data Store. 6. Select the name of the first engine in the list and specify the data store properties. Provide the following information from the wkplc_dbdomain_properties file: – Data source Java Naming and Directory Interface (JNDI) name: jdbc/data_source_name, where data_source_name is the value for the jcr.DataSourceName property distributionin the wkplc_dbdomain.properties file in the wp_profile_root/ ConfigEngine/properties directory offor the primary node. – Schema name: Enter the value of the jcr.DbSchema property in the wkplc_dbdomain.properties file.not – Authentication alias (You might have only one in the list.) In addition, you must complete these steps: a. Verify that the Create Tables check box is selected. b. Review the tuning options. c. Review SummarySPVC; and Save to Master config repository.

Your portal cluster configuration process is complete. Restart WebSphere Portalfor to confirm accessibility.

Topic B: Managing a WebSphere Portalguide cluster

This topic explains how to manage a WebSphere Portal cluster.

Starting and stopping the node agent

After you federate and cluster the portal node, you must manage the following WebSphere Application Server instances: Deployment manager Node agent Accompanying WebSphere Application Server → WebSphere Portal

© Copyright IBM Corp. 2011. All rights reserved. 447 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Deployment manager Use the following commands to start and stop the deployment manager: To start the deployment manager, from the /bin directory, run the following command: startManager.bat To stop the deployment manager, from the dmgr_profile>/bin directory, run the following command: stopManager.bat distribution Node agents You can stop node agents from the deploymentfor manager administrative console GUI. You cannot start them from this GUI because the deployment manager has no process running on the node from which to send a start message.not You can start and stop agent nodes from a command line by using the following commands. These actions must be performed from the WebSphere Portal node. To start a node, from the /bin directory, run the following command:SPVC; startNode.bat To stop a node,for from the /bin directory, run the following command: stopNode.bat Startingguide and stopping the federated portal server From the deployment manager console, select the server and click Stop, which stops the cluster member. The cluster is also stopped if there is only one member. You can also stop all the cluster members by selecting the cluster and clicking Stop.

When stopping application servers, such as the one hosting WebSphere Portal, choose the correct stop option. Cluster members and clusters each have different stop options: Cluster members: –Stop Do not accept new connections. Process all current Accompanying transactions and new transaction requests from existing sessions.

448 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 19. Federating a portal node into a cell

– Immediate Stop Do not accept new connections. Process all current requests or transactions. Do not accept new transaction requests. – Terminate Terminate the Java virtual machine (JVM).

Attention: This option might cause data loss and corruption of transaction logs. It is not a routine choice.

Clusters: distribution –Stop Applies to all members. Do not acceptfor new connections. Process all current transactions and new transaction requests from existing sessions.not – Immediate Stop Applies to all members. Do not accept new connections. Process all current requests or transactions. Do not accept new transaction requests.

Similarly, you can startSPVC; an entire cluster or individual members. To start a member, find it in the list of application servers and click Start. for To start the entire cluster, you can choose from the following options: Start Appliesguide to all members and starts them in parallel. Use this option when scaling clusters horizontally. The impact of initializing the JVM is distributed or isolated. Ripplestart Applies to all members and starts the servers in the series. Use this option when scaling clusters vertically. Here, the impact of initializing several JVMs concurrently can saturate computing resources increasing the delay before users can access WebSphere Portal.

Vertical clustering: Such topologies as vertical or horizontal clustering are discussed in Lesson 22, “Production topologies” Accompanyingon page 505. In vertical cluster, members of the cluster, the JVMs, run on a single hardware platform.

© Copyright IBM Corp. 2011. All rights reserved. 449 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

450 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 19: Federating and clustering the primary node

Lab

Lab 19: Federating anddistribution clustering the primaryfor node not In this lab, you use scripts to add your portal node to the deployment manager cell and update the configuration of the deployment manager. You also configure property values for your environment. This lab includes the followingSPVC; tasks: Creating the WebSphere Portal profile template Preparing the deployment manager Federating andfor clusteri ng the primary node

Objectives guide This lab has the following objectives: Use ConfigEngine scripts. Update properties for your environment. Install and configure a web server.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 451 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Substitution values: In this lab, use the following substitution values, depending on your environment, when you encounter them in the lab instructions: – Windows: C:\IBM\WebSphere\wp_profile –Linux: /opt/IBM/WebSphere/wp_profile distribution – Windows: C:\IBM\WebSphere\AppServer\profiles\Dmgr01for –Linux: /opt/IBM/WebSphere/AppServer/profiles/Dmgr01not – Windows: C:\IBM\WebSphere\AppServer –Linux: SPVC; /opt/IBM/WebSphere/AppServer for

guide

Accompanying

452 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 19: Federating and clustering the primary node

Task 1: Creating the WebSphere Portal profile template

After installing the primary node and configuring your database, create the configuration archive (CAR) file to create additional portal profiles.

Do the following steps to create the WebSphere Portal 7.0 profile template: 1. Stop the Portal server and Deployment Manager.distribution 2. In the wkplc_dbDomain.properties file, make sure database user IDs and passwords are correct. for 3. Open \ConfigEngine\properties\ wkplc_dbDomain.properties in an editor. 4. Set the following property valuesnot (to expedite the process, use Find/Replace to replace all occurrences of ReplaceWithYourPwd and ReplaceWithYourDBAPwd with was1edu): – feedback.DbPassword=was1edu – feedback.DBA.DbPassword=was1eduSPVC; – likeminds.DbPassword=was1edu – likeminds.DBA.DbPassword=was1edufor – release.DbPassword=was1edu – release.DBA.DbPassword=was1edu – community.DbPassword=was1edu –guide community.DBA.DbPassword=was1edu – source.community.DbPassword=was1edu – customization.DbPassword=was1edu – customization.DBA.DbPassword=was1edu – jcr.DbPassword=was1edu – jcr.DBA.DbPassword=was1edu – jcr.DbSaPassword=was1edu 5. Save and close the file. 6. Run the ConfigEngine task: Accompanying For Windows: ConfigEngine enable-profiles -DWasPassword=wasadmin

© Copyright IBM Corp. 2011. All rights reserved. 453 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

For Linux: ./ConfigEngine.sh enable-profiles -DWasPassword=wasadmin This command creates a configuration archive (CAR) file that creates additional WebSphere Portal profiles. The Portal.car file is saved to the \profileTemplates\ default.portal\configArchives directory and also compresses the profile Templates directory and creates a profileTemplates.zip file in the /profileTemplates/zip directory. This can take 10-15 minutes. distribution Task 2: Preparing the deploymentfor manager

1. Go to: \bin\ProfileManagementnot – For Windows: run pmt.bat – For Linux: run ./pmt.sh 2. On the Welcome page, click Launch Profile Management Tool. 3. In the Profile ManagementSPVC; Tool (Figure 19-2), select the Dmrg01 profile and click Augment. for

guide

Figure 19-2 Profile Management Tool - Profiles tab

Accompanying

454 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 19: Federating and clustering the primary node

4. On the Augment Selection page (Figure 19-3), click Deployment Manager For Portal and click Next.

distribution for not

SPVC; for Figure 19-3 Augment Selection page

5. On the Summary page, click Augment. 6. Onguide the Profile Augmentation Complete page, click Finish. Task 3: Federating and clustering the primary node

In this task, you use a script to add the portal node to the deployment manager cell. After completion, you will have created a single node cell.

Federating the node

Accompanying1. Start the dmgr server if it is not running.

© Copyright IBM Corp. 2011. All rights reserved. 455 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

2. Go to the \bin folder. Windows: addnode portal00.training.ibm.com -includeapps -includebuses -username wasadmin -password wasadmin -localusername installadmin -localpassword installadmin Linux: ./addNode.sh portal00.training.ibm.com -includeapps -includebuses -username wasadmin -localusername installadmin -localpassword installadmin 3. Continue when you receive a BUILD SUCCESSFULdistribution message. Federation is now complete. for Creating a static cluster

1. Open a command prompt and stnotop the deployment manager by executing the following command from the \bin directory: Windows: stopManager Linux: SPVC; ./stopManager.sh 2. If prompted,for enter wasadmin for user identity and user password. 3. After it stops, start the deployment manager by executing the following command: Windows:guide startManager Linux: ./startManager.sh 4. In the wkplc.properties file on your portal server, set the correct property values for your environment. 5. Open \ConfigEngine\properties\ wkplc.properties in WordPad. 6. Set the following property values: – WasSoapPort=8879 Accompanying – WasRemoteHostName=portal00.training.ibm.com

456 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 19: Federating and clustering the primary node

– WasUserid=uid=wasadmin,o=defaultWIMFileBasedRealm – WasPassword=wasadmin – PortalAdminPwd=wpsadmin – PrimaryNode=true – ClusterName=PortalCluster 7. Save and close the file. 8. Update the configuration for the deployment manager (for the new WebSphere Portal Server). 9. Open a command prompt and switch to distribution \ConfigEngine. 10.Execute the following script (this task runs for approximately two minutes): for Windows: ConfigEngine cluster-node-config-post-federationnot Linux: ./ConfigEngine.sh cluster-node-config-post-federation 11.Update the portal admin user so that it is consistent with the dmgr: ConfigEngine.batSPVC; wp-change-portal-admin-user -DWasPassword=wasadmin -DnewAdminId=uid=wpsadmin,o=defaultWIMFileBasedRealmfor -DnewAdminPwd=wpsadmin -DnewAdminGroupId=cn=wpsadmins,o=defaultWIMFileBasedRea lm

Creatingguide the cluster definition and adding WebSphere_Portal to the cluster

1. In a command window go to the \ConfigEngine directory. 2. Execute the following script (this task runs for approximately 15 - 20 minutes): Windows: ConfigEngine cluster-node-config-cluster-setup Linux: Accompanying ./ConfigEngine.sh cluster-node-config-cluster-setup

© Copyright IBM Corp. 2011. All rights reserved. 457 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

3. Remove any passwords that are stored n the property files by using the following ConfigEngine commands: Windows: ConfigEngine cleanup-work-dir -DWasPassword=wasadmin ConfigEngine delete-passwords -DWasPassword=wasadmin Linux: ./ConfigEngine.sh cleanup-wor-dir -DWasPassword=wasadmin ./ConfigEngine.sh delete-passwords -DWasPassword=wasadmin distribution The cluster has been created at this point. 4. Configure the JCRSeed bus. for 5. From the ISC on your deployment manager, click Service Integration → Buses. 6. Select JCRSeedBus (Figure 19-4).not

SPVC; for

guide

Figure 19-4 Integrated Solutions Console

Accompanying

458 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 19: Federating and clustering the primary node

7. In the “JCRSeedBus” panel, under the Topology header, click Bus members (Figure 19-5).

distribution for not

SPVC; for

guide Figure 19-5 JCRSeedBus panel

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 459 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

8. In the “Bus members” panel (Figure 19-6), click Add.

distribution Figure 19-6 Bus members panel- Add buttonfor 9. In the “Add a new bus member” window (Figure 19-7). Click Cluster to view your new clusternot in the menu and click Next.

SPVC; for

guide Figure 19-7 Add a new bus member window

Accompanying

460 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 19: Federating and clustering the primary node

10.Click, if not already selected, Step 1.1: Messaging engine policy assistance settings. 11.In the messaging engine policy assistance settings window (Figure 19-8), click HIgh Availability for the messaging engine policy setting and click Next.

distribution for not

SPVC; for

guide

Figure 19-8 Messaging engine policy assistance settings window

If SVG viewer is not installed: If a scalable vector graphics Accompanying(SVG) viewer is not installed in your browser the graphic shown in Figure 19-8 will be disabled.

© Copyright IBM Corp. 2011. All rights reserved. 461 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

12.Select Data Store and click Next. 13.In the Specify data store properties window (Figure 19-9 on page 462), select the name of the first engine in the list. Use information from the wkplc_dbdomain.properties file in the \ConfigEngine\properties\ folder for the following: a. For the Data source JNDI name, use the value from the jcr.DataSourceName property. b. For the Schema Name, use the value from the jcr.DbSchema property. distribution c. For the Authentication alias, select SearchAdminUser. d. Ensure that the Create Tables checkfor box is selected. Click Next. not

SPVC; for

guide

Accompanying Figure 19-9 Configure a data store window

462 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 19: Federating and clustering the primary node

14.When the messaging engines display, click Next. 15.Click Next on the Tune performance parameters. 16.Review the summary page and click Finish. 17.Click Save to save the master config repository. The nodes have to be synchronized. This is performed by the file synchronization service automatically every minute as well as when the node agents on the nodes start by default. For some changes, such as configuration of the JCRSeedBus, to be effective, the WebSphere_Portal server must be restarted. 18.Click Servers → Server Types → WebSpheredistribution Application Server (Figure 19-10). for not

SPVC; for

Figure 19-10 Integrated Solutions Console

19.Select the check box next to WebSphere_Portal in the list and clickguide Restart .

Restart error: You may see an error that the restart timed out. If so, refresh the table by clicking the refresh icon in the status column.

Verifying that the cluster was created

1. If necessary, open your browser and enter the following URL to open the DMGR admin console: Accompanying https://portal00:9043/ibm/console a. If you see a Security Alert, click Yes to proceed.

© Copyright IBM Corp. 2011. All rights reserved. 463 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

b. Enter wasadmin for the user ID and password and click Log in. 2. In the left navigator, expand Servers and click Clusters. Figure 19-11 illustrates how your PortalCluster is displayed.

distribution for not

SPVC; Figure 19-11 PortalCluster

Figure 19-12for illustrates the Status column where a green arrow means that the portal cluster is started.

guide

Accompanying Figure 19-12 WebSphere Application Server clusters window

464 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 19: Federating and clustering the primary node

3. Click the link to open the PortalCluster and view more information (Figure 19-13). For example, expand Cluster members.

distribution for not

SPVC; Figure 19-13 PortalCluster information for 4. Log off and close the browser. 5. Verify access to WebSphere_Portal by entering the following URL in the browser locator bar: http://localhost:10039/wps/myportalguide 6. Log on by entering wpsadmin as the name and password inputs. 7. Explore the interface to verify functionality. 8. Log off and close the browser.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 465 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lesson 20

distribution Lesson 20.Troubleshooting for This lesson provides an introduction to troubleshooting.

This lesson includes the following topics:not Overview of troubleshooting Tools for troubleshooting

Objectives SPVC;

This lesson hasfor the following objectives: Articulate a problem determination methodology. Locate the relevant log files. Determine the techniques for isolating problem components. Trace WebSphere Portal 7.0 problems. Useguide IBM Support Assistant. Monitor for performance.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 467 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Overview of troubleshooting

This topic discusses logs, logging and tracking, and IBM Support Assistant-lite.

Logs

IBM WebSphere Application Server and IBM WebSpheredistribution Portal Server provide logging mechanisms for each phase of installation, configuration, and deployment. for Logging and tracking not IBM WebSphere and WebSphere Portal generate many log files that are useful in problem resolution. Depending on the nature of the problem that is exposed, you examine the most likely log file first, moving outward to other possible candidates until you resolve the problem. SPVC; The following log files are relevant when determining the location of the problem: Portal installationfor log files in \log directory Configuration logs in \ConfigEngine\log directory WebSphere logs in the following directories: –guide \logs\server1 directory for server1 logs – \logs\WebSphere_Portal directory for portal logs First Failure Data Capture (FFDC) log files in \logs\FFDC, which is usually used by IBM for support purposes Deployment manager logs in \logs\dmgr directory Plug-in logs, which examine the HTTP servers httpd.conf file Accompanying for the plug-in installation location

IBM Support Assistant-lite

IBM Support Assistant is a stand-alone application that can help in your problem resolution process. It is available at no cost. IBM Support Assistant is not included with your WebSphere Portal distribution. However, it can be installed on any workstation and you can install plug-in modules for IBM products in the environment.

You can perform the following tasks with IBM Support Assistant: Open a problem management report (PMR) todistribution gather support information based on problem type. Create, update, and track an electronic forproblem report. Go to the following web page to download IBM Support Assistant: http://www.ibm.com/software/support/isanot To use IBM Support Assistant to help you create a PMR and track it: 1. On the IBM Support Assistant web page, click Updater link (Figure 20-1). SPVC; for

guide

Figure 20-1 IBM Support Assistant web page: Updater link Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 469 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

2. In the Search window (Figure 20-2), search on a specific topic: a. Click Search component in the menu and enter a search string. b. Select Show options and specify any or all of the following options: • Document type • Information center • Product • Product version c. Click Search. distribution for not

SPVC; for

guide Figure 20-2 Search window

Accompanying

3. In the Search Results window (Figure 20-3), view the search results. Click any link in the Search Results tree to view the list.

distribution

Figure 20-3 Search Results window for

4. Click any item in the list to read the details (Figure 20-4). not

SPVC; for

guide

Figure 20-4 Search results list

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 471 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic B: Tools for troubleshooting

This topic explains how to trace and collect diagnostic information.

Tracing

Tracing can be considered an extreme step. Most of the time, examination of the logs leads you directly to the problem resolution. When the interaction of multiple components causes a problem, you must trace the problem. distribution Tracing requires detailed knowledge of WebSphere Portal architecture for it to be useful. Before beginningfor the trace, narrow down the resolution probabilities to specific portal subsystems. Always run a trace from the WebSphere administrative console. Avoid using the Enable Tracing portletnot to initiate traces. Although both tracing methods use the same mechanism, enabling tracing from the Integrated Solutions Console (ISC) is much more intuitive.

To enable tracing, follow these steps: 1. Click TroubleshootingSPVC;→ Logs and Trace. 2. In the Logging and Tracing window (Figure 20-5), click the server name.for

guide

AccompanyingFigure 20-5 Logging and Tracing window

3. In the “WebSphere_Portal” panel (Figure 20-6), click Diagnostic Trace.

distribution for Figure 20-6 WebSphere_Portal panel: Diagnostic Trace

4. In the “Diagnostic trace service” notpanel (Figure 20-7), select an option from the Trace Output Format list, such as Basic (Compatible). Then click Change Log Detail Levels.

SPVC; for

guide

Figure 20-7 Diagnostic trace panel: Trace Output Format Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 473 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

5. In the General Properties section (Figure 20-8), set the log detail levels.

distribution for not

SPVC; for Figure 20-8 General Properties section

The following list identifies areas of concern for tracing: Access control com.ibm.wps.ac.* Authenticationguide com.ibm.wps.services.authentication.*=all Database com.ibm.wps.datastore.*=all com.ibm.websphere..*=all Portal Search com.ibm.portal.search=all Portlet container com.ibm.wps.pe.pc.*=all Services com.ibm.wps.services.*=all XML configuration interface com.ibm.wps.command.xml.*=all

Accompanying

Working with trace settings: The following two tabs are available when setting trace options using the ISC: Runtime Runtime settings are not persistent. They are immediately effective. The settings are not retained when the server is restarted. Configuration settings apply to the current runtime state of the server. To trace server startup issues, a server restart is required. Configuration Configuration settings are persistent regardlessdistribution of the number of server restarts. To disable settings made by using the Configuration tab, you must clear them and restart the server. for

The portal administration pages also offer a facility for tracing. In this case, they are run time only. Younot define the trace settings for the run time on the Administration pages by using the Enable Tracing portlet. Click Portal Analysis → Enable Tracing and define the trace settings. SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 475 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lab

Lab 20: Troubleshootingdistribution a portal for not In this lab, you work with the IBM WebSphere Portal runtime and tracing log files. There are various tools available to browse and administer these files that you will explore.

This lab includes the following tasks: Restarting all serversSPVC; and checking runtime log files Enabling tracing for portal components Working with the IBM Support Assistant Using the Tivolifor Performance Viewer

Objectives guide This lab has the following objectives: Locate the WebSphere Portal runtime and tracing logs. View WebSphere Portal runtime and tracing logs by using the deployment manager administrative console. Enable WebSphere Portal tracing by using the deployment manager administrative console. Use the IBM Support Assistant Workbench to search knowledge databases and run the collector for various Portal problem types. Use the IBM Tivoli Performance Viewer to monitor WebSphere Accompanying Portal resources.

© Copyright IBM Corp. 2011. All rights reserved. 477 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 1: Restarting all servers and checking runtime log files

This task consists of the following subtasks: Stopping the portal, node agent, and deployment manager on all nodes Deleting the log files for the servers Starting the deployment manager and node agent and examining the log files distribution Starting the portal nodes Starting the portal server from the administrativefor console Using the administrative console to examine the SystemOut and SystemErr logs for each server not Stopping the portal, node agent, and deployment manager on all nodes

1. From a command prompt, change the directory to: binSPVC;. 2. Enter the following command: serverstatusfor -all -user wasadmin -password wasadmin Open a browser and load the Deployment Manager ISC using: https://portal00:9043/ibm/console 3. Logguide on as wasadmin for the name and password. a. Using previously described techniques, stop the WebSphere_Portal instance.

Stopping the server: Terminating the server can cause transaction log corruption, rendering the server unusable until repairs are made.

b. When the application server is stopped, use the side navigation tree and expand System Administration → Node Agents. c. Select the check box for nodeagent and click Stop. Accompanying d. After confirmation that the node has stopped, log off the ISC of the Deployment Manager.

e. Open a command prompt at \profiles\dmgr01\bin and enter the command stopmanager. f. If prompted, enter wasadmin for the user name and password.

Deleting the log files for the servers

To get a better understanding of the startup events, you want to clear the old messages, exceptions, and stack traces that are no longer relevant. distribution 1. Go to \logs\dmgr. 2. Delete the SystemOut.log and SystemErr.logfor files. 3. Go to \logs\WebSphere_Portal. 4. Delete the SystemOut.log and SystemErr.lognot files. 5. Go to \logs\nodeagent. 6. Delete the SystemOut.log and SystemErr.log files.

Starting the deploymentSPVC; manager and node agent and examining the log files for 1. From a command prompt, change the directory to: \bin 2. Start the server by entering the following command: startManagerguide 3. Go to the log directory and examine the SystemOut.log files.

Starting the portal nodes

1. From a command prompt, change the directory to: \bin 2. Enter the following command: startNode Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 479 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Starting the portal server from the administrative console

1. Launch a browser and enter the following URL for the deployment manager’s administrative console: http://portal00:9060/ibm/console 2. Log in with wasadmin for both the user ID and password. 3. Click Servers → Application servers. 4. Select WebSphere_Portal and click Start. distribution Wait for the server to start. Messages display indicating a successful start for the server. The server shows a solid green arrow in the Status column indicating a forstarted status.

Using the administrativenot console to examine the SystemOut and SystemErr logs for each server

1. Click Troubleshooting → Logs and Trace → dmgr → JVM Logs. SPVC; 2. Click the Configuration tab and make the appropriate changes. for 3. On the “JVM logs” panel (Figure 20-9), click the Runtime tab.

guide

AccompanyingFigure 20-9 JVM Logs panel: Runtime tab

4. Click View for the SystemOut.log file.

Recommended method: Using this method, you might specify a range of log file lines and click Refresh, and repeat these actions for each figure; however, the recommended method is to use Windows Explorer and navigate to the log files and open them with Notepad.

5. Examine the SystemOut and SystemErr logs for each Portal server. Note that exceptions and stack traces from SystemOut are also written to SystemErr. distribution Task 2: Enabling tracingfor for portal components

This task consists of the following subtasks:not Changing the detail level for tracing on the first cluster member Restarting WebSphere Portal Examining the startup trace information in the trace.log file Logging in to the portal and examining the trace log SPVC; Changing the detail level for tracing on the first clusterfor member

1. From the WebSphere administrative console, click Troubleshooting → Logs and Trace → WebSphere_Portal. 2. Clickguide Diagnostic Trace. 3. In the File Name field (Figure 20-10), enter: – For Windows: C:\LabFiles\Lab20\trace.log – For Linux: /root/labfiles\Lab20\trace.log 4. Click Apply.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 481 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

Figure 20-10 Diagnostic trace service panel: File Name field SPVC; Change location: In a problem determination scenario, you might consider changing the default trace.log location to better organizefor your diagnostic data collection plan.

5. Click the Change Log Detail Levels link under Additional Properties on the right (Figure 20-11). guide

Accompanying Figure 20-11 Logging and Tracing window - Change Log Detail Levels

6. Enter com.ibm.wps.services.authentication.*=all in the trace specification field. This enables tracing on the authentication component at all detail levels. 7. Click OK and click Save.

Restarting WebSphere Portal

When a server starts, several authentication events occur. Restarting the server enables you to view the tracing information generated at the server as the server starts. distribution 1. From a command prompt, change the directory to: c:\IBM\WebSphere\wp_profile\bin. for 2. Restart the portal server.

Examining the startupnot trace information in the trace.log file

1. Go to the directory \Lab Files\lab20 and open the trace.log file with an editor. 2. Scan the file and identifySPVC; specific portal components. 3. Exit the trace.logfor file. Logging in to the portal and examining the trace log guide Because you are tracing authentication, log in to the portal and examine the trace log. 1. Log in to WebSphere_Portal using its internal HTTP port: http://portal00:10039/wps/portal. 2. Log in with wpsadmin for both the user ID and password. 3. Open the trace.log file with an editor and scroll to the end of the file and locate the login events. 4. Search for com.ibm.wps.services.authentication. 5. Close the trace.log file. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 483 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 3: Working with the IBM Support Assistant

IBM Support Assistant (Figure 20-12) is a workbench program that helps to resolve questions and problems with IBM software products, such as Portal, WebSphere Application Server, Rational and more. IBM Support Assistant Workbench enables you to tailor it for the software products you use. distribution for not

SPVC; for

Figure 20-12 IBM Support Assistant page

guide

Accompanying

Task 4: Using the Tivoli Performance Viewer

This task consists of the following subtasks: Starting the performance viewer Monitoring the portal servlet Examining the Tivoli Performance Viewer performance advisor Exiting the Tivoli Performance Viewer and disabling monitoring on the servers distribution Cleaning up your desktop for Starting the performance viewer

1. From the Deployment Manager Integratednot Solutions Console at https://localhost:9043/ibm/console, click Monitor and Tuning → Performance Viewer → Current Activity.

Install Adobe SVG: In Step 2, you may be prompted to install the Adobe SVG viewer. You will need to do this to continue Step 2.SPVC;

2. Select WebSphere_Portalfor and click Start Monitoring. The collection status for both WebSphere_Portal and nodeagent changed from Available to Monitored. 3. Select the portal and then scroll to the top and click View Modulesguide.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 485 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Monitoring the portal servlet

1. When the Tivoli Performance Viewer opens (Figure 20-13), expand Performance Modules → Web Applications. 2. Scroll down and expand wps#wps.war → Servlets.

distribution for not

SPVC; for

Figure 20-13 Tivoli Performance Viewer guide Servlets invoked since the server started: Your system might not display the same number of servlets as shown in the preceding figure. This is because only servlets that have been invoked since the server started are loaded into memory.

3. Select portal and click View Modules. Activity will begin in the graphic chart portion of the page.

Accompanying

4. To initialize your view, in the “WebSphere_Portal” panel (Figure 20-14), click Show Legend, click Clear Buffer, and click Reset To Zero.

distribution for not

SPVC; for

Figure 20-14 WebSphere_Portalguide panel: Reset to zero

5. To generate activity, open a browser and enter the following URL: http://portal00:10039/wps/portal 6. Scroll down below the chart to the table of counters. The RequestCount shows 1 and a relatively large value is displayed for the ServiceTime. Notice that the values for these two counters are scaled differently. The ServiceTime is an average response time in milliseconds. 7. Start a new browser and use the same URL. Accompanying8. Return to the Tivoli Performance Viewer Chart view and wait for the view to refresh.

© Copyright IBM Corp. 2011. All rights reserved. 487 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The RequestCount increases to 2 and ServiceTime decreases. 9. Go back to the browser from which you accessed the portal and refresh it one or two times. Notice that, in the Tivoli Performance Viewer chart, the ServiceTime decreases with increased requests.

Examining the Tivoli Performance Viewer performance advisor distribution 1. Collapse the Tivoli Performance Viewer navigation tree to the left of the chart view. for 2. In the Tivoli Performance Viewer (Figure 20-15), expand WebSphere_Portal. not

SPVC; for

guide Figure 20-15 Tivoli Performance Viewer: WebSphere_Portal tree

Accompanying

3. Click Advisor. Figure 20-16 illustrates the resource statistics.

distribution for not

Figure 20-16 ResourceSPVC; statistics 4. Scroll down and view the status of all the resources. Note particularlyfor the WebContainer and Java Database Connectivity (JDBC) data source statistics. 5. Observe the list performance tuning advice table below the list of resources and verify if there is only one page of tuning advice.guide If there is only one page, click Refresh All Advice to ensure that all pages are displayed.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 489 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Figure 20-17 illustrates how to change the sort order. Click the arrows in the column headings or click the arrows in the Severity column header to change the sort. Leave the table sorted in configuration order.

distribution for not

Figure 20-17 Table sorting

SPVC; for

guide

Accompanying

6. Click the Enable servlet caching tuning message and view the tuning advice. 7. In the General Properties window (Figure 20-18), read the advice about servlet caching and click Back.

distribution for not

SPVC; for Figure 20-18 General Properties window

Exiting the Tivoli Performance Viewer andguide disabling monitoring on the servers

1. In the Integrated Solutions Console, click Monitoring and Tuning → Performance Viewer → Current Activity. 2. Select the servers that have a collection status of Monitored. 3. Select WebSphere_Portal and node agent. 4. Click Stop Monitoring. A message is displayed for each server stopped.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 491 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Cleaning up your desktop

1. Close any command prompt windows that are still open. 2. Exit IBM Support Assistant Workshop if you have not already. 3. Close any extra Windows Explorer windows. 4. Close any extra browser windows.

distribution for not

SPVC; for

guide

Accompanying

Lesson 21

distribution Lesson 21.XML Access for This lesson describes the Extensible Markup Language (XML) configuration interface as a tool to manage the resources for IBM WebSphere Portal 7.0. It includes releasenot management and configuration updates.

This lesson includes the following topics: The XML configuration interface for WebSphere Portal Examples of whenSPVC; to use XML Access

Objectivesfor

This lesson has the following objectives: Describe the XML configuration interface. Reviewguide how the XML configuration tool works. Export configurations.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 493 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: The XML configuration interface for WebSphere Portal

This topic explains what the XML configuration interface is and how it is used.

Overview of the XML configuration interface distribution The XML configuration interface, often called XML Access, is a batch processing tool that facilitates WebSphere Portal updates. The basis of the interface consists of XML forfiles that are created in compliance with the schema, PortalConfig_7.0.0.xsd. The interface provides three fundamental tasks: export, update, and export orphaned data. The schemanot can be extracted and examined from the \base\wp.xml\shared\ app\wp.xml.jar file.

The specific nature of the tasks depends on the structure and content of the XML file, or script, that is passed to the configuration interface.SPVC; Numerous sample scripts are available in the /doc/xml-samples directory.

Using XML Accessfor is easier if you start by making copies of the sample scripts and adapt them for your environment. For example, if you want to export your WebSphere Portal configuration without users, you can use the Export.xml sample script.

Workingguide custom unique names: As soon as possible, define custom unique names for all WebSphere Portal resources. These names make reading your XML Access scripts much easier.

To work with the XML scripting interface syntax in its most basic form, open a command prompt in \ PortalServer\bin and enter the following command: xmlaccess -user -password -url :10039/wps/config -in input_file.xml -out result_file.xml Accompanying

The input file reflects the schema typed request parameters. The output file contains the results of the requested action. The input and output file names must be meaningful to the operators.

Information, including the password, is sent unencrypted. Use a secure channel for your communications. Also, the name and password are visible on the console and the process view. The following alternative syntax can be used for passing credentials: xmlaccess -askForCredential -url myhost:10039/wps/config -in input_file.xml -out result_file.xml

The -askForCredential parameter prompts for thedistribution name and password and does not show the values in the console or in the process view. for Working with the XML configuration interface tool not

The export file contains the XML declaration, followed by the main element, request. The request element contains three attributes: The Namespace attribute, which refers to the PortalConfig schema SPVC; The Type attribute, which specifies the general nature of the example in anfor export request The Export-users attribute, which specifies that users will not be exported

The file also includes a portal element with an action attribute. Theguide portal element indicates which parts of the portal configuration are to be exported or updated. In this example, the entire portal configuration is in scope. The type of action to be performed on the specified scope is defined by the action attribute.

Figure 21-1 shows a reference to these elements and attributes.

Accompanying Figure 21-1 Export file attributes

© Copyright IBM Corp. 2011. All rights reserved. 495 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

For a more discrete example of a page export, see the ExportPage.xml sample script.

As illustrated in Figure 21-1 on page 495, the file begins with the XML declaration and the main element, request. The distinguishing features are reflected in the portal element’s action attribute value, locate. This value instructs the interface to locate, within the configuration, a particular resource. A portal resource in the node hierarchy is identified by the content-node element’s unique-name attribute, com.portal.ssa.SamplePage. The action attribute value is defined to export the identified resource. distribution Recall the discussion of the node hierarchy in Lesson 2, “Page management” on page 11. The content-node element refers to an element in the node hierarchy of the portal.for The content-node element includes the following components: Pages that consist of nested layout elements displaying portlets not Labels used to organize the node hierarchy They do not include nested layout elements, nor do they display portlets. Static pages contaiSPVC;ning an HTML file or an HTML fragment URLs that consist of internal or external references to the portal for Working with content-node resources: Always export and replace an entire stack of page layers. For example, do not use the scripting interface to modify layout layers. Also, do not try to work with derived pages through manually created XML Access scripts.guide Use the portlet to working with pages to edit page layouts and then export the result into an XML response file.

In addition to content-node resources, you can work with users, portlets, themes, skins, and other commonly managed resources.

Accompanying

Topic B: Examples of when to use XML Access

The XML scripting interface is ideal for incorporating additions, updates, and deletions to WebSphere Portal as in the following examples: Transferring or migrating between machines, such as during hardware upgrades Backing up the portal configuration as part of a larger backup strategy distribution Copying parts of a configuration, such as specific pages, from one portal to another for For example, an intranet site can have an information page that is also appropriate for an externally facing portal. Creating a WebSphere Portal conotnfiguration file by an XML export Installing additional resources on WebSphere Portal Performing recurring administration tasks in an automated and reproducible manner Performing these administrativeSPVC; tasks remotely; that is, from another server through an HTTP connection for Exporting configurations

This section explains how to export specific configurations and howguide to work with object IDs. Object IDs Understanding object IDs is essential for successfully working with the XML configuration interface. The ID is generated by WebSphere Portal when it is created. When you examine an XML export result file, you will find an objectid attribute for each resource. These object IDs not only uniquely identify resources. They are also the means by which one resource refers to another. Do not edit object IDs in the XML files with the expectation that these values will be preserved, because they might be unlikely to conform with the internally required format and lead to unexpected Accompanyingoutcomes.

© Copyright IBM Corp. 2011. All rights reserved. 497 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The resource objectid attribute is used for the following tasks: Look up resources for locate, export, update, or delete actions. Assign the object ID if the action is create. Assign the object ID if the action is update and the object ID does not exist in the target system. Describe links from one reference to another.

In addition to object ID usage within WebSphere Portal, you can use object IDs within your script, so that, when a resource is imported, a new object ID are created. distribution You can use object IDs in a script in two ways. The first way is to set the create-oids attribute of the requestfor element to true. This setting has a global effect on all object IDs that are within the script, and your portal will generate new object IDs for every resource whose action attribute is setnot to update or create. The second approach is to define ad hoc object IDs. In some cases, you might want to selectively target resources to force new object IDs. When you set the value of an objectid attribute to a value, such as a string name, the value is treated as symbolic and is not used to locate the resource. When you use this approach, you must first “define”SPVC; the name in your script. If a reference attribute, such as a portletref attribute, refers to an ad hoc object ID, you must have, within your script, a portlet element whose objectid attributefor contains the same value.

Pages Two page export examples were provided in “Working with the XMLguide configuration interface tool” on page 495. The sample scripts address other use cases. Many times a script must export a page and include the portlets that are displayed on the page.

In addition to a content-node element, this script locates a web-app element. The syntax of the previous page export example is repeated here in which the portal element action attribute is locate.

Accompanying

As was, and is, the case with the content-node whose unique-name attribute specifies a specific page, a web-app element exists whose unique-name attribute specifies a discrete web module as illustrated in Figure 21-2.

Figure 21-2 Content-node and the unique-name attribute

In addition to pages and other content-node elements,distribution you can manage users, web modules, portlets, and other portal resources. To implement elegant scripted management of your portal implementation, consult the sample files, thefor configuration schema, and the XML configuration reference. For more information, see the WebSphere Portalnot Family wiki at http://www-10.lotus.com/ldd/portalwiki.nsf/dx/XML_configur ation_reference_wp7.

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 499 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

Lab

Lab 21: Using XML Accessdistribution for In this lab, you take a full or complete export of your portal configuration using the XML Configuration Interface, commonly known as XML Access. not

This lab includes the following tasks: Generating a full export of the WebSphere Portal 7.0 configuration Verifying that the exportSPVC; process ran successfully

Objectivesfor

This lab has the following objectives: Export the WebSphere Portal 7.0 configuration. Verifyguide that the export process ran successfully.

Substitution values: In this lab, use the following substitution values, depending on your environment, when you encounter them in the lab instructions: – Windows: C:\IBM\WebSphere\wp_profile –Linux: /opt/IBM/WebSphere/wp_profile – Windows: C:\IBM\WebSphere\PortalServer Accompanying – Linux: /opt/IBM/WebSphere/PortalServer

© Copyright IBM Corp. 2011. All rights reserved. 501 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 1: Generating a full export of the WebSphere Portal 7.0 configuration

This task shows you how to generate and verify a portal configuration: 1. Copy the file /doc/xml-samples/Export.xml to the following: Windows: distribution C:\LabFiles Linux: for /root/LabFiles 2. Open a terminal or command window and change the directory to /bin.not 3. Run the the following script to set certain environment variables in the current window (such as JAVA_HOME). Windows: setupCmdLine SPVC; Linux: ./setupCmdLine.shfor 4. Run the following xmlaccess command all on one line: – Windows: xmlaccess -user wpsadmin -password wpsadmin guide-url http://portal00:10039/wps/config -in c:\labfiles\Export.xml -out c:\labfiles\result.xml –Linux: ./xmlaccess.sh -user wpsadmin -password wpsadmin -url http://portal00:10039/wps/config -in /root/LabFiles/Export.xml -out /root/LabFiles/result.xml The file name specified after -out will contain the portal configuration as XML. The file can have any name. The protocol can be omitted after the -url parameter except in the case of SSL. Accompanying The following message is displayed when the export completes successfully:

EJPXB0020I: The request was processed successfully on the server.

distribution for not

SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 503 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Task 2: Verifying that the export process ran successfully

1. Verify that the export process ran successfully. 2. Open C:\LabFiles\result.xml with an editor. 3. Scroll to the bottom of the file where the following line is displayed: This indicates a successful export. distribution for not

SPVC; for

guide

Accompanying

Lesson 22

distribution Lesson 22.Production topologies for This lesson covers various possible portal topologies. It also explores the process of creating a cluster.not This lesson includes the following topics: Production topologies Building a development- and a production-ready deployment Reducing single points of failure Enabling redundancy for configuration data Evaluating data requirementsSPVC; Database split options Configuring fordatabases for failover Capacity planning considerations Web Services for Remote Portlets

Objectivesguide

This lesson has the following objectives: Define the default IBM WebSphere Portal 7.0 installation. Define the components of a federated WebSphere Portal installation. Create a desktop to production environment. Reduce single point of failure. Create and maintain a WebSphere Portal cluster. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 505 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Production topologies

This topic discusses the various production topologies for WebSphere Portal.

Distributed or stand-alone

Stand-alone implementations are suitable for proof of concept, development, and departmental platforms. distribution Stand-alone implementations have the following benefits: Simple installation for Straight forward deployment of portlets Uncomplicated infrastructure requirements

Stand-alone implementations have notthe following limitations: No fault tolerance No load balancing

Distributed platforms are suitable for enterprise deployments because they can supportSPVC; load balancing and fault tolerance, which are necessary to meet more stringent service delivery requirements. for Distributed implementations have the following benefits: Scalable Fault tolerant

Distributedguide implementations have the following liabilities: Greater deployment complexity More effort required to deploy artifacts such as portlets

The decision to implement a distributed solution can take several forms. One form is a network deployment cluster. Another form is to implement a portal farm. Clusters can be arranged so that they scale vertically, horizontally, or both.

Accompanying

Vertical cluster

Creating a portal cluster requires only minimal additional steps beyond federating a node into a cell. The first part of the process is to create the cell by creating a deployment manager. Lesson 18, “Creating a cell” on page 391, and Lesson 19, “Federating a portal node into a cell” on page 439, provide information about the steps that are required to create a cluster.

Horizontal cluster distribution This section discusses the horizontal cluster. for Maintaining a portal cluster To add new cluster members, follownot these steps: 1. Install and configure the new portal node.

Configuration: Do not configure database or security.

2. Edit the wkplc.properties portal node properties file. 3. Copy the followingSPVC; configuration files from the primary WebSphere Portal node: – wkplc_comp.propertiesfor – wkplc_dbtype.properties 4. Run the following ConfigEngine tasks: cluster-node-config-pre-federation cluster-node-config-post-federationguide Portal farms, cloud computing, and network deployment infrastructures

This section discusses portal farms, cloud computing, and network deployment infrastructures.

Portal farms The term farm refers to a series of identically configured, stand-alone server instances. The fact that they are stand-alone Accompanyingallows for the farm to be increased or decreased in size without

© Copyright IBM Corp. 2011. All rights reserved. 507 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

worrying about complex cluster configurations or inter-server awareness. Figure 22-1 shows a portal farm.

distribution for not

Figure 22-1 Portal farmSPVC; Server farms offer a simple way to build and maintain a highly scalable, highlyfor available server environment. Creating the farm requires an established content subscriber, two or more installed instances of WebSphere Portal, and an HTTP plug-in for load balancing.

Unlikeguide a formal cluster, no node agent or deployment manager is available in farm-type topologies. Individual nodes are, as stated earlier, identically configured. Essentially, they are stand-alone nodes that can be added or removed more aggressively as resource demand increases and decreases, making the farm topology well suited for today’s cloud environments.

The farm topology has the functional limitations: Distributed cache management Distributed Enterprise JavaBeans (EJB) usage Coordinated task scheduling Cluster scope administrative actions, such as stopping and Accompanying starting

Multiple profiles are done through the virtualization technology. You can create multiple profiles, which you can use to create a portal farm or a clustered environment.

You can choose from two supported portal farm configurations when setting up your portal farm. You can set up a unique installation, where each farm has a unique installation, or you can set up one instance that is shared between multiple farm instances.

Setting up farm instances as unique installations Choose the Setting up farm instances as uniquedistribution installations option if you want all portal farm instances to be unique instances. With this option, you can have control over the server-specific configurations, which are unique from serverfor to server. For example, you can easily apply and test changes or application updates to one server at a time in the farm. The disadvantage to this option is that all administrative actinotons must be repeated on every server in the farm.

Setting up farm instances using a shared configuration Choose the Setting up farm instances using a shared configuration option to set up the portal farm from a shared file system. With this option,SPVC; you can only maintain one image, which makes the farm maintenance easier. Multiple copies of this one image can be used to update farm instances on a server-by-serverfor basis. With this option, fewer resources are necessary to manage, and the environment is simple. The disadvantage to this option is that no ability exists to affect specific changes on a per-server basis, and most changes require a serverguide restart. After setting up your farm using a shared configuration, you might need to disable the farm mode so that you can return the original WebSphere Portal instance that manages the shared file system to a regular, stand-alone server instance. You can then make system updates. For example, you can change the systemTemp value. Next, you can run the enable-farm-mode task to re-enable the farm or use the instance for a different purpose.

WebSphere Portal in a cloud environment Farming has benefits and usage patterns similar to other cloud paradigms. Amazon’s Elastic Compute Cloud (EC2) was used for Accompanyingproof of concept. You can use the same set up with your own

© Copyright IBM Corp. 2011. All rights reserved. 509 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

hardware and network. A cloud-hosted set of machines is not required to realize a WebSphere Portal farm.

VMware support Virtualization technology can be used to mass-replicate identical operating systems that are installed and configured with WebSphere Portal. VMware is fully supported in WebSphere Portal 7.0.

Examining the default WebSphere Portal installation The default WebSphere Portal installation is designeddistribution for ease of installation. You are virtually guaranteed to have a functional installation with a minimum of user input. The default WebSphere Portal is useful as a proof of concept installation.for Beyond these basics, the default installation is not scalable to production requirements without significant re-configuration.not The default installation uses the Derby database for configuration, which has the following benefits: Acts as the user repository Is a stand-alone server Is completely self-contained Is a Java databaseSPVC; running in the server’s Java virtual machine

Figure 22-2 illustrates the default installation using a Derby database for configuration.for

guide

Figure 22-2 Derby database configuration

Extending the WebSphere Portal installation One of the first steps in configuring WebSphere Portal for production is to transfer the configuration data from the existing AccompanyingDerby database to one or more databases hosted on a relational database server.

The following list identifies the potential target servers: IBM DB2 (Universal Database, iSeries, zSeries®) Oracle Microsoft Structure Query Language (SQL) Server

Moving the data to a relational database server has the following benefits: Offloads work from the portal JVM Adds scalability Better performance and management

Figure 22-3 illustrates moving the data to a relationaldistribution database. for not

Figure 22-3 DB2 databaseSPVC; configuration

The next logicalfor step in preparing for production is to create a Network Deployment cell, and add WebSphere Portal into the cell. Incorporating WebSphere Portal into a cell provides a central point of management for WebSphere Portal and related components, such as the HTTP server. guide Creating a deployment manager and adding WebSphere Portal into the cell provides centralized management and enables clustering.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 511 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Figure 22-4 illustrates adding the deployment manager and the node agent.

distribution Figure 22-4 Network deployment cell for Regardless of whether you modify the default installation, you typically do not want to reference WebSphere Portal by using its embedded HTTP port (default is 10039).not To remedy this, you deploy an HTTP server and the WebSphere Plug-in to route HTTP requests directly to WebSphere Portal. The Plug-in’s routing table is the plugin-cfg.xml file. Whenever the configuration of WebSphere Portal or WebSphere is modified in a way that alters the HTTP transport information, you must regenerate and redeploy the plugin-cfg.xmlSPVC; file. The deployment manager can also manage one or more HTTP servers. If you deployfor IBM HTTP Server as an unmanaged node (no node agent) in the cell, the deployment manager can monitor the status of the HTTP server and detect changes that affect plugin-cfg.xml and automatically regenerate and redeploy the file. guide Configuring an external HTTP server routes requests to the appropriate portal and can be deployed in a demilitarized zone (DMZ).

Accompanying

Figure 22-5 illustrates the process of configuring the HTTP server.

distribution Figure 22-5 HTTP server

Creating a portal cluster is the most importantfor step in preparing for production. Best practice is to create a single member cluster at the same time that you federate a portal node into a cell. In the future, when you need the clusteringnot capabilities, adding additional cluster members becomes a simple process.

Clustering introduces Work Load Management and failover capabilities to your environment. Clustering portal servers improves perceived performance and adds fallover and failover to the configuration. SPVC; Figure 22-6 illustrates the process of adding the portal cluster. for

guide

Figure 22-6 Portal cluster

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 513 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic B: Building a development- and a production-ready deployment

This topic explains how to build a development and a production environment.

Planning

The typical development environment requires a portal installation at the developer desktop. Usually, this can be a minimaldistribution installation known as an administration installation. In addition, additional configuration steps minimize thefor portal startup time to help benefit developer productivity.

The following key concepts apply when portal production begins at the developer desktop: not Use Rational® Application Developer 7.5 for full access to all WebSphere Portal 7.0 features. The WebSphere Portal Developer mode has reduced application set for faster startup. Enable the ConfigEngineSPVC; development task: enable-develop-mode-startup-performancefor Tune the portal’s JVM for performance by setting the minimum JVM Heap Size to 768 MB. Tuning has the following benefits: – Reduces reallocations – Reduces garbage collection calls during server startup guide Figure 22-7 illustrates how production portals begin at the developer desktop.

AccompanyingFigure 22-7 Developer desktop

Considerations

This section discusses items to take into consideration during production installation and set up.

Creating a scaled-down test cell for developer testing Although preliminary development work can be done at the developer desktop, integration testing is performed on a test portal. This portal instance does not need to be scalable. By making this portal configuration as similar as possibledistribution to the staging environment, typically fewer problems surface at the staging portal. for The following key concepts apply when creating a scaled-down test cell for developer testing: not Uses an HTTP server Uses a single test server Is configured for security model identical to production Is configured to access test database servers Can beta-test new applications here

Figure 22-8 illustratesSPVC; a scaled-down test cell for developer testing. for

guide

Figure 22-8 Test cell

Creating a production mirror for staging cell (quality assurance) The staging portal must be an identical scaled down image of the production portal. If the production portal is clustered, the staging portal must also be clustered. The staging portal does need not to contain the same number of cluster members as the production Accompanyingportal. A cluster that consists of two members must be sufficient.

© Copyright IBM Corp. 2011. All rights reserved. 515 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The following key concepts apply when creating a production mirror for staging cell (QA): Uses HTTP server Is clustered Is configured for security model identical to production Is configured to access test database servers Can test gold code candidates here

Figure 22-9 illustrates a production mirror for staging cell (QA). distribution for not

Figure 22-9 Staging cell Creating a full productionSPVC; cell The production environment must have full redundancy throughout the cell. An additional factor to consider is whether test, staging, andfor production should all be part of one cell.

The most important consideration is whether a single set of administrators is available for the entire cell. You cannot grant administrative access to a single WebSphere Portal instance. Securityguide is configured globally for all cell members.

The following key concepts apply when creating a full production cell: Uses redundant HTTP servers front ended by a load balancer Is clustered Is configured to use full security Is configured to access live database servers Can have no testing done here

Accompanying

Figure 22-10 illustrates the full production cell.

distribution Figure 22-10 Full production cell for Topic C: Reducing single points of failure not

This topic explains how to reduce failure points.

Portal infrastructureSPVC; Reduce downtime by reducing or eliminating single points of failure. Althoughfor it is impossible to eliminate single points of failure, you can reduce them to the point where a failure at any point is statistically unlikely to occur. The following section contains suggestions on various means to reduce single points of failure.

Figureguide 22-11 identifies where single points of failure can occur: Load balancer HTTP Server Portal Server Configuration Database Server LDAP Server

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 517 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Figure 22-11 Multiple single-points-of-failure

Approaches for reducing singledistribution points of failure for The following figures show methods that reduce single points of failure. not Figure 22-12 illustrates deploying a hot spare to reduce dependency at the load balancer.

SPVC; for

Figure 22-12 Reducing dependency at the load balancer guide Figure 22-13 illustrates deploying multiple HTTP servers that spread the workload to reduce dependency at the HTTP server.

Figure 22-13 Reducing dependency at the HTTP server Accompanying

Figure 22-14 illustrates reducing dependency at the portal by clustering the portal, the configuration database, and the LDAP.

Figure 22-14 Reducing dependency at the portal distribution for Topic D: Enabling redundancy for configuration data not This topic explains how to enable redundancy for configuration data.

Defining configurationSPVC; data Configuration data is defined in this section. for Providing redundancy for configuration data One of the more difficult areas to reduce single point of failure is the portal configuration database. Redundancy at the database level is difficult to achieve because a latency factor exists when attemptingguide to have two identical real-time copies of any database.

You can improve this capability by segmenting the data into multiple databases based on data categories. Depending on the category, the volatility of the data will vary greatly. The most highly volatile data is the customization data. By appropriately segmenting the data, you can effectively allow database redundancy and reduce the single point of failure here.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 519 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Partition configuration data can be configured into logical buckets in the following ways: Configuration data: – Class files, property files, and so on – WebSphere Portal databases: • Java Content Repository Database (JCRDB) – WebSphere Portal Document Manager, • Web Content Management (WCM) • FDBKDB, Feedback • LMDB, LikeMinds distribution Release data: – WebSphere Portal pages and the portletfor instances plus default modes and state – WebSphere Portal database: notRelease Customization data: – Portlet data (user data) – WebSphere Portal database: Customization Community data: – Web Content Manager,SPVC; WebSp here Portal Document Manager, application instances – WebSpherefor Portal database: Community

Topic E: Evaluating data requirementsguide

This topic discusses how to evaluate your data requirements.

Evaluating data requirements

The following list identifies data requirements to evaluate: Data can be distributed across multiple databases or shared between multiple lines of production. Release data must be consistent across lines of production. Accompanying Release data is not shareable. Customization data must be shared across lines of production.

The customization database does not need to be available: – Allow for backup of this potentially volatile database. – Users do not view private pages or customization data. Community data must be shared across lines of production.

Topic F: Database split options

This topic discusses your database split options. distribution Defining database split options for The following figures illustrate various database split options, in which domains are the configuration database or schema objects. not Figure 22-15 illustrates a single domain on a single relational database (RDB) server.

SPVC;

Figure 22-15 Singlefor domain

Figure 22-16 illustrates splitting split domains across multiple databases on an RDB server. guide

Figure 22-16 Splitting domains across databases

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 521 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Figure 22-17 illustrates splitting domains across multiple databases on multiple RDB servers.

Figure 22-17 Multiple RDB servers distribution Topic G: Configuring databases for failover for

This topic discusses how to configurnote your databases for failover.

Database failover support options

In the past, it has been suggested that manually switching to the backup copy of the databaseSPVC; by altering WebSphere Portal’s DataSource definitions was the fail-safe scenario. This process is time consuming and prone to errors and failure. for Implementing database failover The most effective means of handling the fail-over has always been a managed switch that can automatically detect the failure and switch to the backup copy. Figure 22-18 illustrates the failover switch.guide

Accompanying

distribution for not Figure 22-18 Failover switch

LDAP failover support options The failover scenario for the LDAP is similar to, although not as complex, as the database failover scenario. In many cases, the security administratorsSPVC; have already accounted for this possibility, and procedures are already in place.

Implementing forLDAP failover Figure 22-19 illustrates the configuration for the LDAP failover.

guide

AccompanyingFigure 22-19 LDAP failover configuration

© Copyright IBM Corp. 2011. All rights reserved. 523 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Defining scalability

The following methods can help you take scalability beyond the basics: Scalability applies to virtually every subsystem of WebSphere Portal: – Configuration databases – Configuration database servers – Enterprise database servers – LDAP providers – Collaborative services distribution – Enterprise resources planning systems Failover can include redundant clusters.for

Topic H: Capacity planningnot considerations

Capacity planning is the effort to estimate how many WebSphere Application Server instances hosting WebSphere Portal are needed to meet the demandsSPVC; of a known number of users according to predetermined service level agreement (SLA) metrics prior to forentering production. The following metrics are typical: WebSphere Portal login response time, which is typically around four seconds Page-to-pageguide response times after being already logged in, which is typically around two seconds

Capacity planning and testing builds on data collected during performance analysis testing. In addition to stopping a test for reasons found in performance testing, such as resource saturation, a second reason for stopping the test is the failure of any number of SLA metrics.

Accompanying

You can proceed to calculate the number of nodes required in the following situations: A load test saturates a resource before any of the SLA metrics are exceeded. Performance testing has determined that no bottlenecks can or will be mitigated.

In contrast to resource saturation, you must analyze the failure if SLA metrics are exceeded prior to resource saturation. For example, you might determine that loading a particular page exceeds the SLA load time metric and further determine that this excess is acceptable. In this case, you can calculatedistribution the number of required nodes. for The estimated number of required nodes is an extrapolation of that number from a known ration. Generally, if your testing shows that a single WebSphere Portal nodenot can sustain a given number of users, n, in compliance with your SLA metrics, then two nodes can sustain 1.95 * n users. The diminishing law of return prevents a one-for-one correspondence of users on a single node to users on multiple nodes. This can be described as cluster overhead. The following formula is suitable for typical horizontal clustering calculation: SPVC; n (1 + .95 + .952 + .953 + .95m)

Remember thatfor the portal database can become a bottleneck for logging in users. Similarly the JCR database can be a bottleneck for sites using WCM aggressively. Additional design work can be done to isolate portal databases through database split designs, such as placing the JCR database on a separate database server thanguide other portal databases. Ideally, you simulate the load of your entire community against the cluster if you have adequate load generation capacity, which is usually a factor of load testing software licenses.

You also need to measure capacity under failover circumstances if your SLA metrics specify that full performance must be maintained during a failover.

You must plan for future growth in the number of users of the system. New WebSphere Portal implementations typically grow through an iteration of releases. At some point, the frequency and Accompanyingsignificance of new releases can stabilize. You can obtain data from a running production system if this occurs.

© Copyright IBM Corp. 2011. All rights reserved. 525 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic I: Web Services for Remote Portlets

This topic discusses Web Services for Remote Portlets (WSRP).

Defining WSRP

WSRP is a specification intended to provide customers of portals the ability to integrate content and application logic for users without needing to create special adapters. The WSRPdistribution specification indicates, “The goal of this specification is to enable an application designer or administrator to forpick from a rich choice of compliant remote content and application providers, and integrate them with just a few mouse clicks and no programming effort.” not See the Web Services for Remote Services Specification for specification details: http://www.oasis-open.org/committees/download.php/3343/ oasis-200304-wsrp-specification-1.0.pdf. SPVC; Benefits of WSRP for WSRP has the following benefits: WSRP interfaces are common and well defined. With WSRP, you can reuse the presentation layers. WSRPguide offers ease of integration with sources such as OpenText Portal, Oracle WebLogic, and Microsoft Sharepoint Server. WSRP offers separation of execution by decoupling portlet execution from portal aggregation. WSRP is markup and protocol agnostic. WSRP provides data and presentation logic.

Accompanying

Limitations of WSRP

WSRP has the following limitations: Some vendors are reluctant to expose proprietary services to other portals, such as WebSphere Portal. The user experience of WSRP consumers is not as rich as a comprehensive portlet solution. WSRP exposes security issues due to limited control that WSRP consumers have over markup sent to them by the producer. Consider client-side JavaScript as andistribution example. Other content provider technologies such as RSS are often more suitable alternatives. for Consuming a WSRP provider You can consume a WSRP providernot using the Manage Modules portlet or the XML Access interface. Navigate to the Manage Modules portlet on the Administration pages, Portlet Management → Web Modules to use the graphical portlet interface, as shown in Figure 22-20 on page 527. Click Consume and then select a producer from the list. SPVC; for

guide

Figure 22-20 Manage Web Modules: WSRP Consumer

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 527 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

A list of web services from which to choose is displayed, as shown in Figure 22-21. You administer access to it as you might any other module after you have configured the consumer.

distribution for

Figure 22-21 Consume Web Service,not Step 1

You must implement a provider by using the Web Services interface of WebSphere Portal to make a WSRP provider available to it. You need the location (URL) of the Web Services Definition Language (WSDL) file. The WSDL file defines the services and their interface to a webSPVC; service client. Use the Web Services portlet found on the Administration pages, Portlet Managementfor → Web Services to define a producer. Click New Producer, as shown in Figure 22-22.

guide

Figure 22-22 Web Services Configuration, New Producer

Accompanying

You must provide a title and the WSDL location. If needed, you can pass credentials to the producer, configure security settings and markup requirements, as shown in Figure 22-23.

distribution for not

Figure 22-23 Web ServicesSPVC; Configuration: Producer settings for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 529 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

530 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 23. Managing portlets in WebSphere Portal clusters

Lesson 23

distribution Lesson 23.Managing portlets in WebSphere Portal forclusters not This lesson discusses the differences between deploying and updating portlets in a clustered environment as opposed to a stand-alone environment.

This lesson includes the following topics: Deploying portletsSPVC; in a cluster Installing or updating a portlet in a cluster Synchronizing nodes Using XML Accessfor in a cluster

Objectives guide This lesson has the following objectives: Define the mechanics of portlet deployment in a cluster. Install and update portlets in a cluster.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 531 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Deploying portlets in a cluster

Node agents Deployment manager WebSphere Portal Server

Java 2 Platform, Enterprise Edition ( distribution The methods for deploying portlets in a clustered environment must address both the management of J2EE resources and the WebSphere Portal databases. for

The following methods are commonly used to deploy portlets: Manage Web Modules portlet not XML Access Enterprise archive file

Use the Manage Web Modules portlets in the test environment. You can deploy portlets as part of a release after you test the portlet application. SPVC;

You can expect to export pages and portlets when you deploy portlets as part forof a release. XML Access exports the portlets as well as the configuration data associated with the portlets. This method is a much more reliable means of moving from test to staging, and from staging to production. You copy the portlet EAR file from the source server to the target server prior to importing the guiderelease. Then you import the release file to configure the portlets on the target server.

The third method involves deploying an EAR file directly to WebSphere Portal. Use XML Access to import the portlet definition after you deploy the EAR file.

Clustered portlet deployment task

Deploy your new portlet application to a cluster in the same way that you might deploy it to a stand-alone portal. When you use the Manage Web Modules portlet, you deploy your new application to Accompanyinga specific portal instance, which is the WebSphere Portal instance into which you logged in. At this point, other cluster members have

532 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 23. Managing portlets in WebSphere Portal clusters

no knowledge of the portlet code that you deployed. Synchronize all other cluster members with the deployment manager to update the remaining nodes. You can activate the portlet, at this point, to make is available to all cluster members.

All portlets within the application are immediately flagged as inactive when you update a portlet application. WebSphere Portal notifies current users of the portlets that the portlet is unavailable. Again, synchronize all nodes and activate the portlets.

To deploy portlets using the Manage Web Modules portlet, follow these steps: distribution 1. Log in to any cluster member. Cluster nodes do not have to be stopped.for 2. Install the portlet. 3. Synchronize all cluster nodes. not 4. Activate the portlets by using either of the following options: – Activate the individual portlets by using the Manage Web Modules portlet. – Activate all portlets by using the ConfigEngine task, activate-portletsSPVC;. Clusteredfor portlet deployment process

The first process, illustrated in Figure 23-1 on page 534, requires manual synchronization for all nodes. The second process, also in Figure 23-1 on page 534, uses the config task, ConfigEngine, to bothguide synchronize and activate the portlets.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 533 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

Figure 23-1 Portlet deployment processes

Figure 23-2 illustrates the distribution process for portlet applications within a cluster.SPVC; Note the following points: The portal instance updated by the Manage Web Modules portlet is transparent to the deployer. The portal configurationfor database is updated immediately for all users of the portlets.

guide

Figure 23-2 Portlet distribution process within a cluster Accompanying

534 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lesson 23. Managing portlets in WebSphere Portal clusters

More specifically, Figure 23-2 on page 534 illustrates the following tasks: Deploying the portlet at cluster member WP01 – Updates deployment manager master configuration – Updates portal configuration databases Synchronizing nodes, which activates portlets

Topic B: Installing or updating a portlet in a cluster distribution

WebSphere Portal wraps the web archive filefor inside an EAR file for deployment if you deploy the portlet as a WAR file, which is the most common approach. This technique is used because WebSphere Portal invokes the applicationnot as though it were a J2EE application.

You update the WebSphere Portal database configuration. The portlet configuration is then created or updated and the database is then shared across the cluster. The nodes can access portlet configuration immediately after the database has been installed or updated. SPVC; for Topic C: Synchronizing nodes

With synchronization, you can apply changes to all cluster membersguide from the master repository managed by the deployment manager. Each portal node is configured under Administration → Node agents → nodeagent → File synchronization service.

Default, automatic synchronization is set to once per minute. Portal nodes are not aware of synchronization state across all the nodes.

You run the following command from the ConfigEngine directory for any cluster member to activate and synchronize the portlets: ConfigEngine activate-portlets

AccompanyingThis command activates the portlets and causes the deployment manager to synchronize changes across cluster members.

© Copyright IBM Corp. 2011. All rights reserved. 535 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic D: Using XML Access in a cluster

XML Access can run from any node as long as you use either a secure HTTPS connection or an unsecure HTTP.

Portlets are deployed by directing the request to a specific portal server by host name and port. A File not found exception is thrown if other cluster members handle the request and the portlet’s WAR file does not exist on that node. Other nodes can have a different version of the WAR file. distribution

Synchronization must occur after the XML Access import. Cluster members share the release database, andfor it is only required if portlets are deployed. not

SPVC; for

guide

Accompanying

Lesson 24

distribution Lesson 24.Staging to production for This lesson covers potential test to staging to production scenarios. It examines the transitions from one environment to another. not

This lesson includes the following topics: Moving from a staging to a production environment Reviewing the release life cycle Staging system and production system Implementing releasesSPVC; Using Release Builder Moving artifactsfor manually

Objectives guide This lesson has the following objectives: Manage the IBM WebSphere Portal 7.0 release life cycle. Define staging and production systems. Implement releases. Export WebSphere Portal configurations. Use the Release Builder tool.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 537 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Moving from a staging to a production environment

This topic examines the move from a staging environment to a production environment.

Staging versus production

Staging is the process of building the final, testeddistribution release with the intention of deploying that release to production. This environment is commonly called the staging environment. It gives you and your testing team the opportunity to see how WebSpherefor Portal will look in production before you release it to your customers or employees. not The production environment is the intersection of the full implementation of applications and WebSphere Portal configuration with the live target audience.

Determining whatSPVC; is moved into production

Configuration managementfor is the process of moving a portal release to the next environment in the chain. Many companies have their own terms for this, such as elevation, promotion, release, uplift, and deployment.

Yourguide portal consists of portlets, servlets, Enterprise JavaBeans (EJB), and other Java 2 Platform, Enterprise Edition (J2EE) artifacts provided by developers. Designers provide themes, skins, and administrators with information. Architects define the content tree, which consists of labels, URLs, and pages.

Resources in WebSphere Portal have a system generated object ID that uniquely identifies them. These object IDs are generated when resources are created and are globally unique. Object IDs that are automatically generated by different WebSphere Portal installations can never be the same.

When you exchange resources between different WebSphere AccompanyingPortal installations using XML Access, you can do so without

worrying about possible object ID conflicts. Object IDs are represented by the objectid attribute in an XML export.

A resource that has an object ID can optionally also have a unique name. Custom Unique Names were discussed in Lesson 12, “Other administrative portlets” on page 253. You can use the unique name to identify the resource unambiguously. Unique names are useful if you need a symbolic way to identify certain resources.

Creating custom unique names: Assign unique names as early as possible in the release cycle, preferablydistribution in development. Administrators might not see the need to assign unique names to all WebSphere Portal resources in the beginning, especially in early development.for A more thoroughly defined unique name practice will give maximum flexibility for future upgrades and migration. not For example, for one portlet WAR file that contains multiple portlet applications, the initial deployment.xml does not need a unique name for the individual portlet application. Specifying a unique name for the WAR module is sufficient for deployment. Later, if you need to update just one portlet application (for example, changing initialSPVC; portlet configuration), you must update the entire module. for Topic B: Reviewing the release life cycle guide A release is a complete WebSphere Portal configuration. It includes content and code, is perfected and tested at a point in time, and is ready to be moved to the next server in the cycle.

Overview of the release life cycle

Moving WebSphere Portal artifacts from test to staging and staging to production can be an error-prone process without an automated process.

Among the various items that require migration are portlets, Accompanyingpages, configurations, and many other artifacts. Even the most

© Copyright IBM Corp. 2011. All rights reserved. 539 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

organized person is likely to miss components if they are required to perform all steps manually.

The following steps define the WebSphere Portal release life cycle: 1. The WebSphere Portal team develops a solution. 2. The team tests and refines the solution on test servers. 3. The solution is moved to staging or quality assurance: The WebSphere Portal solutions consists of the following artifacts among others: distribution – Portlets – Themes and skins – Portlet services for – Configurations The solution is developed on one system and redeployed to a separate system. not 4. Load testing is conducted. 5. The solutions is moved to production.

Managing resources: The management of resources typically includes a source controlSPVC; system, and assembly tasks are accomplished with tools such as Ant or Maven. These tools, in combination with other tools such as XML Access, can provide an automated forbuild and release management system. In this lesson, we focus on the manual tasks that an administrator might follow in the absence of an automated system. guide Topic C: Staging system and production system

The most critical piece in the process is moving from the staging environment to the production environment. You take many steps to ensure that each application is configured properly and performing well. One way to ensure that the process is as smooth as possible is to configure both the test and staging environments to be as identical as possible. Accompanying

Defining the staging environment

The following list describes the staging environment: Model the staging system on the production system to have the following setup: – Identical operating system and release, with matching system artifacts and functionality – Same Lightweight Database Access Protocol (LDAP) structure, with matching mapping of user access control to object IDs for preconfigured shared settings,distribution and so on. – The same configuration database management system – Cluster staging if production is clusteredfor Staging must be a fractional scale replica of production.

Figure 24-1 illustrates how the stagingnot system mirrors the production system as closely as possible.

SPVC; for

guide

Figure 24-1 Staging system mirrors the production

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 541 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Defining the production environment

The production environment is the most comprehensive operational model among the different systems.

Consider the following factors: Scalability requirements. Availability requirements. Redundancy of key subsystems: – Database servers – LDAP servers distribution – HTTP servers – Load balancers for Figure 24-1 illustrates how the production system is defined as a fully comprehensive model. not Topic D: Implementing releases

The process of moving the environment from one other to another is called a release. A releaseSPVC; is akin to a software vendor releasing a new version of a product. In this case, the new product version deploys within thefor contex t of WebSphere Portal. Defining releases

If you transport a J2EE application from a staging environment to a productionguide environment, most likely you deploy just an enterprise archive (EAR) and a minimal number of other shared artifacts. In WebSphere Portal, you configure an environment for a grouping of portlets that might interact with each other.

You can manage WebSphere Portal configuration through the following items: Property files ConfigEngine tasks XML Access wsadmin Jython/Jacl WebSphere Application Server scripting Accompanying interface

wpscript Jython/Jacl-based WebSphere Portal Server scripting interface Administration portlets

The WebSphere Portal solution release consists of the following items: Content trees Page layouts Access control lists Credential vault configurations Portlets distribution The following list identifies important considerations when creating a release strategy: for A customer WebSphere Portal consists of the following criteria: – Resources defined in the scopenot of multiple users – WebSphere Portal configuration – WebSphere Portal artifacts – WebSphere Portal extension artifacts Specify the following resources to be moved: – New resources addedSPVC; on behal f of the application – Existing resources – Updated resource attributes – Added or deletedfor list properties, such as the number of times a portlet was accessed Define the following resources that are left behind (user configuration data): –guide Derived and user pages – Portlet preferences – User credential data

Managing releases

The primary tool for the release building process is XML Access. You can use XML Access to export a complete configuration or any selected fragment of configuration.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 543 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Examining the initial release Deploy the resource to the target server by importing the exported XML configuration. Figure 24-2 illustrates how to examine the initial release.

distribution for not

Figure 24-2 Examining the initial release

Examining subsequent releases In subsequent releases, you might have actually removed components from the SPVC;exported release. In this case, you want the configuration script to remove those components from the target server, which isfor a more complex process. To build a differential release that adds new components, updates existing components, and deletes deprecated components, use the Release Builder tool. Export a full configuration, or the same configurationguide fragment, from both environments. Release Builder compares the two configuration files and generates a script file that represents the delta between the two files. Import this differential file to synchronize the two configurations.

Accompanying

Figure 24-3 illustrates exporting the QA Server and Production Server configurations when examining subsequent releases.

distribution for Figure 24-3 Exporting configurationsnot Figure 24-4 illustrates importing differential release information to the production server.

SPVC; for

guide

Figure 24-4 Importing release information

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 545 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Defining a differential release Figure 24-5 illustrates how new resources are added, existing resources are deleted, and how resource attributes are updated to add or delete properties. This process does not replace existing property values.

distribution for not Figure 24-5 Defining a differential release

Building a differential release Use the following steps as a guideline for building a differential release: 1. Export the full configuratiSPVC;on from the source WebSphere Portal. 2. Export the fullfor configuration from the target WebSphere Portal. 3. Run Release Builder to create a differential configuration. 4. Edit the differential release file if necessary. 5. Copy the portlet artifacts to the target WebSphere Portal. 6. Importguide the differential release.

Accompanying

Figure 24-6 illustrates building a release.

distribution for Figure 24-6 Building a release not Topic E: Using Release Builder

This topic describes theSPVC; Release Builder tool. Defining Releasefor Builder The following list describes Release Builder: Compares two XML Access export files. Determines the differences. Producesguide a new script to synchronize the two environments. Generates a script to remove artifacts from the target WebSphere Portal that are no longer on the source WebSphere Portal

Executing Release Builder

The XML Access script exports the full WebSphere Portal configuration with the exception of the users. Run this script on both the source and target servers. Release Builder compares the two configurations and generates a script to fully synchronize the Accompanyingtwo environments.

© Copyright IBM Corp. 2011. All rights reserved. 547 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Be wary of running full configurations on a regular basis. As your portal grows, the following undesirable side effects might occur: The synchronization process takes longer. Removing a set of artifacts from the staging server, which is now a full production application, generates a script that removes those same artifacts from the production server.

Example 24-1 shows the ExportAll.xml file.

Example 24-1 The ExportAll.xml file distribution not

Example 24-2 shows how, after generating the two export files, you use Release Builder to generate the differential release.

Example 24-2 GeneratingSPVC; a differential release with Release Builder ReleaseBuilder -inOld Server1Export.xml -inNew Server2Export.xmlfor -out C:\ScriptLocation\Release.xml

Exploring release scenarios

Theguide following section reviews different types of release scenarios.

A complete migration A complete migration release scenario entails the following steps: 1. Capture the entire staging configuration with XML Access. 2. Import the configuration to the production WebSphere Portal server.

Accompanying

This is an acceptable approach for an initial environment configuration. Do not use this approach for regularly scheduled deployments for the following reasons: • It has large XML Access files. • Work is duplicated each time deployment occurs. • Virtual portals are not captured with XML Access and must be handled independently.

A partial deployment A partial deployment release scenario entails capturingdistribution a partial configuration, such as web modules, pages, or portlets. This scenario works for capturing WebSpherefor Portal navigation configuration and all associated artifacts. It does not separate applications from their navigational placement. Separation is the key to the portal architecture to eliminatenot such dependencies. Deploy fragments A deploy fragments release scenario entails the following steps: 1. Deploy only a specific WebSphere Portal artifact, such as portlets for contentSPVC; nodes. 2. Use Export XML or XML Access scripts. XML Access scripts are short. Some can be automatically generated fromfor Ant scripts, authored by hand, or exported by using the portal administration portlets.

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 549 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic F: Moving artifacts manually

This topic explains how to move your artifacts manually from one environment to another.

Identifying artifacts not supported by Release Builder

Table 24-1 lists some of the artifacts that you must move manually from one environment to another. Moving many ofdistribution these items might require a server restart. You must move these artifacts prior to execution of the scripts to register artifacts,for such as themes, with WebSphere Portal. Table 24-1 Artifacts that must be movednot manually Component Property Portal Server Runtime Portal system configuration Portal Server Runtime Performance-related settings Portal Statistics Statistics log settings Portlet Services SPVC;Service configuration Custom Login Commands Login command Custom Credentialfor Vault Vault adaptors Adaptors External Security Manager Externalized portal entitlements Customguide Credentials Credential implementations Java Authentication and Custom modules Authorization Service (JAAS) Login Modules Custom components Custom component property files J2EE Artifacts Any IBM WebSphere Application Server configurations Custom User Registry Custom user registry (CUR) implementation External Security Manager Externalized portal entitlements AccompanyingUser Directory User profiles, groups

Component Property Document Manager Documents and roles Personalization Personalization rules and campaigns Policies Policy files

Moving artifacts manually from staging to production distribution Table 24-2 lists the artifacts and type. for Table 24-2 Type of artifacts to move manually Artifact Type Portlets WARnot files Themes Static HTML, cascading style sheet (CSS), and related files Legacy Themes JavaServer Pages (JSP), images, CSS, and so forth Legacy Skins SPVC;JSP and images Legacy Portal screensfor JSP and images Portlet services Java libraries J2EE artifacts EAR files Java libraries Custom User Registry Java libraries Credentialguide vault adaptors Java libraries Custom credentials Java libraries JAAS login modules Java libraries

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 551 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

552 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 24: Deploying resources from staging to production

Lab

Lab 24: Deploying distribution resources from stagingfor to production not

In this lab, you move portal updates and releases from a staging server to a production server using XML Access and the Release Builder tool.

This lab includes the followingSPVC; tasks: Exporting the release from production Moving stagingfor reso urces to production Running Release Builder to create a differential release Importing a differential release (production server)

Objectivesguide

This lab has the following objectives: Use XML Access to export configurations from the staging server. Use Release Builder to build a differential release. Import and apply the differential release to the production server. Create new pages on the staging server. Create XML Access scripts to extract the newly created pages. Accompanying Import the retrieved content to the production server.

© Copyright IBM Corp. 2011. All rights reserved. 553 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Substitution values: In this lab, when you see the value , substitute it as follows depending on your environment: Windows: C:\IBM\WebSphere\wp_profile Linux: /opt/IBM/WebSphere/wp_profile distribution for not

SPVC; for

guide

Accompanying

554 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 24: Deploying resources from staging to production

Task 1: Exporting the release from production

In this task, you export the current configuration of your production server (portal00 VM).

Exporting the current configuration using XML Access distribution 1. Copy the file, /doc/xml-samples/ ExportRelease.xml to \labfiles. 2. Rename the file to prodCurrentStateExport.xmlfor . Always make copies of sample files and rename and edit them to adapt them to your purposes.not 3. Open a command prompt and change to the \bin directory. 4. Enter the following command on one continuous line: – Windows xmlaccess SPVC; -in C:\LabFiles\prodCurrentStateExport.xml -out C:\LabFiles\prodCurrentStateResults.xml -user wpsadminfor -password wpsadmin -url http://portal00:10039/wps/config –Linux ./xmlaccess.sh -inguide /root/LabFiles/Lab24/Sample results/prodCurrentStateExport.xml -out /root/LabFiles/Lab24/Sample results/prodCurrentStateResults.xml -user wpsadmin -password wpsadmin -url http://portal00:10039/wps/config

More information: The ExportRelease.xml file exports the complete portal configuration from the release domain as required by the portal Release Builder tool. For more information about using the Release Builder, refer to the Information Center.

The following message is displayed when the export completes successfully: Accompanying EJPXB0020I: The request was processed successfully on the server.

© Copyright IBM Corp. 2011. All rights reserved. 555 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Verifying that the export process ran successfully

1. Open C:\LabFiles\prodCurrentStateResults.xml with an editor. 2. Scroll to the bottom of the file to the following line: This indicates a successful export. distribution Task 2: Moving staging resources to production for

In this task, you copy the resources (provided by the development team) into the correct directories. Younot also copy hr_rev2.xml. This is a simulated export of a staging server which contains the new resources configurations. 1. Go to the \LabFiles\Lab24 folder. 2. Copy the following folder: com.ibm.wps.portlets.Calculator.CalculatorSPVC; 3. Paste it in the following production system folder: \PortalServer\deployed\archivefor

Task 3: Running Release Builder to createguide a differential release

In this task, you run the Release Builder to create the differential release (Release Builder runs on a production server). The Release Builder tool analyses the differences between the production and the staging configurations and then writes an output file that can run on the production server. 1. Open a command prompt and change the directory to \bin. 2. Enter the following command on one continuous line: – Windows Accompanying releasebuilder -inOld C:\LabFiles\prodCurrentStateResults.xml -inNew

556 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Lab 24: Deploying resources from staging to production

C:\LabFiles\StagingServerRelease.xml -out C:\LabFiles\StagingServerDifferences.xml –Linux ./releasebuilder -inOld /root/LabFiles/prodCurrentStateResults.xml -inNew /root/LabFiles/StagingServerRelease.xml -out /root/LabFiles/StagingServerDifferences.xml

The script will run but does not provide any indication of success.

Task 4: Importing a differentialdistribution release (production server)for

In this task, you import the differential release created in the previous tasks. You use the output fromnot the Release Builder tool, the StagingServerDifferences.xml file, and import the configuration into the production server configuration.

If the configuration in the XML file does not exist on the production server, it will be added to the configuration. If the configuration exists, an error is written to the output file specified in the XML Access command. At SPVC;the end of this step, you will confirm that the production server was updated appropriately. for Importing the differential release

1. Start a command prompt and change the directory to \PortalServer\binguide . 2. Enter the following command on one continuous line: – Windows xmlaccess -in C:\LabFiles\StagingServerDifferences.xml -out C:\LabFiles\ProductionImportOutput.xml -user wpsadmin -password wpsadmin -url http://portal00:10039/wps/config

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 557 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

–Linux ./xmlaccess.sh -in /root/LabFiles/StagingServerDifferences.xml -out /root/LabFiles/ProductionImportOutput.xml -user wpsadmin -password wpsadmin -url http://portal00:10039/wps/config

Verifying that the XML Access command ran successfully distribution 1. Open the output file \LabFiles\ ProductionImportOutput.xml and scan the file for any obvious error messages. for 2. Open a browser and go to: http://portal00:10039/ wps/portal. not The Human Resources tab is displayed on the home page. 3. Go to Human Resources → Retirements Benefits and verify that the calculator appears. If the portlet is inactive, go to, “Activating the portlet” on page 558 to activateSPVC; it. Activatingfor the portlet 1. The node must be synchronized with the Deployment Manager before the module can be started. a. Log on to the Deployment Manager Integrated Solutions guideConsole at https://localhost:9043/ibm/console as user wasadmin with password wasadmin. b. Use the left-side navigation and click System Administrations → Nodes, select portal00, and click Full Resynchronize. c. Log off the ISC and go to http://localhost:10039/wps/myportal and log on as user wpsadmin with password wpsadmin. 2. Click Administration → Portlet Management → Web Modules. 3. Search for the Web module Calculator. Accompanying4. Click Activate (the lightning bolt icon) to activate the portlet. 5. Return to the Step 3 in the previous section.

Lesson 25

distribution Lesson 25.Production procedures for This lesson discusses considerations for a production portal environment. not This lesson includes the following topics: Backup procedures for the production environment Applying updates in the production environment SPVC; Objectives for This lesson has the following objectives: Back up the IBM WebSphere Portal 7.0 configurations. Back up the configuration databases. Backguide up Lightweight Database Access Protocols (LDAPs). Apply WebSphere and WebSphere portal updates in a production environment.

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 559 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Topic A: Backup procedures for the production environment

This topic discusses specific backup procedures for the production environment.

Backup procedures

This section reviews how to back up WebSpheredistribution configurations, production database, and LDAPs.

Backing up WebSphere configurationsfor Backing up WebSphere configurations is a crucial part of the installation and configuration process.not Consistent state: You must execute a backup across the entire environment at a given point in time. This type of backup ensures that the state of the configuration repositories, the various application binaries, and the WebSphere Portal databases are backed up with their respective information in a consistent relationshipSPVC; throughout the infrastructure.

You have the followingfor opportunities, among others, to introduce inconsistencies with your design documents during the post installation configuration process: Transferring configuration data to a relational database server Creating the deployment manager profile Federatingguide the portal node into the cell Installing and configuring the HTTP server Installing the HTTP Plug-in Enabling security Adding federated repositories

During each of these tasks, you might need to revert to a previous configuration in the process. Note that the backupConfig utility is not a substitute for full image backups. Likewise, an image backup does not account for the state of a remote WebSphere Portal database.

The backupConfig utility AccompanyingWebSphere configurations are backed up by using the backupConfig tool. This tool backs up each node in the cell,

including the deployment manager and each defined profile. It also locates the /bin directory for each profile. The backupConfig utility is not a complete recovery solution.

Be sure to use the -nostop option when using backupConfig to back up staging or production servers. Failure to use this option results in backupConfig stopping the server prior to creating its backup configurations.

To use backupConfig, follow these steps: 1. Enter the administrative user name and password. 2. Always use the -nostop option when backing distributionup production nodes. 3. Add the user name and password to soap.client.propsfor , as shown in the following example, to avoid prompting. Remember that doing so stores those credentials in plain text on the disk. not backupConfig [backup_file] [-nostop] [-quiet] [-logfile ] [-replacelog] [-trace] [-username ] [-password ][-profileName ] [-help]

Backing up the productionSPVC; databases You can back up your production database in one of the following ways: for A replica copy A basic backup

Replica copies of databases have a latency period before the replicaguide copy is truly synchronized with the master copy, meaning that it is truly never a real-time replica. In addition, mistakes always seem to replicate faster than good data.

Backups of databases, while they are snapshots from a specific time slot, can be updated to near currency. The backup might not capture all configuration changes.

Back up the IBM DB2 databases by using the DB2 Control Center. Backups can be left to the discretion of the portal administrators during the configuration phase and Proof of Concept stage of the portal. When in production, this function is most likely left to the Accompanyingdatabase administrator (DBA).

© Copyright IBM Corp. 2011. All rights reserved. 561 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

To invoke the DB2 Control Center, follow these steps: 1. Click Start → Programs → IBM DB2 → DB2copy1 → General Administration Tools → Control Center. 2. Right-click a database entry and click the Backup button to add a backup directory. 3. Click Full Backup. Only offline backups are allowed if the logging type is circular. 4. Tune your backup options. 5. Confirm the backup. 6. Schedule the backup. distribution

Backing up LDAPs for LDAP backups typically fall under the role of network security administrators. WebSphere Portal puts an additional twist on the backups by allowing multiple differentnot LDAPs to be federated into a single repository. Make sure that all of the repositories are included in your backup strategy.

The backup procedure of LDAP depends on the type of LDAP. WebSphere supports the following types: IBM Tivoli DirectorySPVC; Server Microsoft Active Directory Novelle eDirectory SunOne for

One common way to back up the LDAP is to use Export LDAP Directory Interchange Format (LDIF). The best method is to use vendor-suppliedguide tools. Topic B: Applying updates in the production environment

Make sure that you have all of the necessary fixes and fix packs that are available for the environment before applying updates to either WebSphere or WebSphere Portal. Also, ensure that all appropriate fixpacks are applied to the deployment manager instance. Accompanying

Applying WebSphere Application Server updates

Read all relevant documents before applying any updates in WebSphere. Also consider any WebSphere Portal implications and how an update will affect your stand-alone servers. Be sure to read the product documentation that is available through download sites and embedded readme information.

Apply updates in a quality assurance environment and, after the procedure is tested, ensure that all WebSphere Portaldistribution functions perform as expected. Then document your process and proceed to staging and then production for The same holds true for the network deployment cell. Be aware that the deployment manager must be updated to the same or greater level than any constituent cellnot members. Apply any updates to a test cell first, upgrade the deployment manager, validate all WebSphere and WebSphere Portal functions, and then apply the update to the production cell.

Applying WebSphereSPVC; Portal updates The steps for applying updates to WebSphere Portal are similar to the steps for applyingfor them to WebSphere. To apply WebSphere Portal updates, follow these steps: 1. Read all relevant documents before applying. 2. Search for prerequisite WebSphere upgrades. 3. Forguide stand alone servers, perform the following tasks: a. Apply first to a test server. b. Validate all WebSphere and Portal functionality. c. Apply to production servers. 4. For cells, complete the following tasks: a. Apply first to a test cell. b. Upgrade the deployment manager first. c. Upgrade according to supplied documents. d. Validate all WebSphere and Portal functionality. e. Apply to the production cell. Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 563 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

564 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Appendix A. Certification and exam competencies

Appendix A.Certification and exam competencies

IBM Software Services for Lotus offers training anddistribution certification programs that are designed to help customers take full advantage of technology investments to improve businessfor processes. Lotus software training ensures that individuals get up to speed quickly and effectively, whether delivered in the classroom, on the desktop, or through distributed learning.not For more information about Lotus software training, see: http://www.ibm.com/lotus/training

You can also follow us on: Twitter SPVC; http://twitter.com/LotusEducation Daily Twitter forNewsletter http://paper.li/tag/lotuseducation LinkedIn http://www.linkedin.com/groups?mostPopular=&gid=1905017guide Facebook http://www.facebook.com/pages/Lotus-Education/111583885 559983 YouTube http://www.youtube.com/user/LotusTraining

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 565 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

IBM Software Service for Lotus training and certification

The IBM Certified Professional for Lotus Software program provides individuals with a means to benchmark their technical knowledge and achieve industry recognition, which results in increased business value to both the individual and their organization. Individuals enjoy benefits commensurate to their certification level as a member of a highly regarded certified community. See the following website for more information about certification: distribution http://www.ibm.com/lotus/certificationfor Skills Roadmaps are available to guide you on your path to knowledge. Roadmaps identify courses in their logical sequence to complete a specific curriculum or notcertification program. Visit the following site to view Skills Roadmaps for Lotus: http://www.ibm.com/software/lotus/trainingpaths

Lotus ProfessionalSPVC; Certification

Lotus software has robust certification programs in support of IBM Lotus software forand technical skills. Visit the IBM Software Services for Lotus Certification web page at the following web address for complete information about the Lotus Professional certification program: http://www.ibm.com/lotus/certificationguide

Place in certification

This course, Installation and Administration of IBM WebSphere Portal 7.0 on Windows, is listed as one of the preparation resources for the following exams: Exam 920 - IBM WebSphere Portal 7.0 Deployment and Administration Exam 921 - IBM WebSphere Portal 7.0 Migration and Support Accompanying

566 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Appendix A. Certification and exam competencies

Passing these exams grants professional certification in IBM WebSphere Portal 7.0 System Administration. The complete path is described here: IBM Certified System Administrator - WebSphere Portal 7.0 Successfully complete the following exams: – Exam 920 - IBM WebSphere Portal 7.0 Deployment and Administration – Exam 921 - IBM WebSphere Portal 7.0 Migration and Support Alternatively, you must successfully completedistribution the following course and exam: – IBM Certified System Administrator - IBM WebSphere Portal 6.1 (Achieve certification.) for – Exam 910 - IBM WebSphere Portal 7.0 Deployment and Administration Update (Successfullynot pass.)

Preparing for a Lotus certification exam SPVC; Attending this course and using this guide will help you prepare for certification. Some topics covered on the exam are not covered in this course, andfor some of the objectives covered in this course are not tested on the exam.

Follow all steps listed in Table A-1 to prepare fully for the exam.

Tableguide A-1 Preparation steps for Lotus certification exam Step Action 1 Review the exam objectives. 2 Get hands-on experience. 3 Use the exam testing information page. 4 Use all available resources.

Step 1: Reviewing the exam objectives Review the exam objectives to see the complete listing of possible topics for the exam. Use the competency listing as your checklist Accompanyingto determine your weaknesses and the areas on which you will want to focus more attention in yours studies and preparation.

© Copyright IBM Corp. 2011. All rights reserved. 567 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The competency areas are listed in this appendix and on the Exam Objectives tab on the Exam Overview page. You can access this page from the IBM Software Services for Lotus Certification web page at the following address: http://www.ibm.com/lotus/certification

Step 2: Getting hands-on experience Actual hands-on experience is a critical component in preparing for the exam. The exam looks to measure how well you perform tasks, not how well you memorize features and functions. distribution Be sure to spend time using the product and applying the skills learned in class. Direct application of the skills learned in this class cannot be replaced by any other resourcefor listed in this appendix.

Step 3: Using the exam test informationnot page The test information page lists resources that are available for each individual exam. Go to the following web address to find the test information page: http://www.ibm.com/lotus/certification SPVC; Select the appropriate certification link, and choose the applicable exam page, which has the test information lab. for Step 4: Use all available resources Use a wide range of resources when preparing to take an exam. Table A-2 describes the types of resources that are available to help you prepare for certification exams. Use the individual exam test guidepreparation page for a listing of all resources that are specific to each exam. Access the exam test preparation page from the following web address: http://ibm.com/lotus/certification

Table A-2 Exam resources Resource Description Location Lotus Offered at Authorized A complete list of courses and education authorized Independent Training Provider centers are on the IBM Software Services courses (AITP) and Lotus eduction for Lotus Education web page: locations worldwide. http://www.ibm.com/lotus/education Accompanying

568 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Appendix A. Certification and exam competencies

Resource Description Location Assessment The assessment test can be Available from the IBM Software Services tests accessed directly off the for Lotus Certification web page: individual exam test information http://www.ibm.com/lotus/ page. certification Online learning This includes online tutorials and See the individual exam preparation page other learning resources. for online learning resources. A complete list of online learning offerings is available at: http://www.ibm.com/software/lotus/ training/spvc distribution Product Official Lotus product Additional information is available at documentation documentation DeveloperWorks in the WebSphere Portal product wiki: for http://www.ibm.com/developerworks/ websphere/zones/portal/ proddoc.html#v70proddocwikinot IBM Redbooks Technical cookbooks that Ordering information is available at: address topics that the reference http://www.redbooks.ibm.com manuals might not cover.

Preparing for SPVC;the IBM WebSphere Portal 7.0 Systemfor Administration exams The materials for WPL81 - Installation and Administration of IBM WebSphere Portal 7.0 on Windows are available for the IBM WebSphere Portal 7.0 System Administration exams.

Visitguide the individual exam test information page for the most up-to-date resource listed for this exam: http://www.ibm.com/lotus/certification

Lotus certification has published the LOT-920/921 Assessment test to help individuals prepare for this exam. IBM WebSphere Portal 7.0 Solution Development can be accessed by clicking the Sample/Assessment Test tab on the test information page.

Passing the assessment test does not result in achieving a credential. This test is designed to provide diagnostic feedback on the Examination Score Report, correlating back to the test objectives, showing how an individual scored on each section of Accompanyingthe test.

© Copyright IBM Corp. 2011. All rights reserved. 569 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

IBM WebSphere Portal 7.0 System Administration Exam Competencies

The exam competencies are one tool for preparing for IBM Certified for Lotus Software exams. The exam competencies, along with a complete listing of learning resources, can be accessed from the Lotus Certification website: http://www.ibm.com/lotus/certification

The competency areas and objectives in Table A-3 are included in Exam 920, IBM WebSphere Portal 7.0 Deploymentdistribution and Administration.

Table A-3 Competency areas and objectives for Exam 920 for Competency area Objectives Designing a portal Design a content and portal solutionnot solution Describe branding capabilities Design a staging architecture Design end-to-end portal architecture Plan and implement security in a cluster Plan multiple virtual portals Plan security and authentication concepts Including when to use,SPVC; the benefits of using step-up authentication, and the Remember me cookie Plan Web Content Management implementation Understand managementfor implications of setting up wikis and blogs Planning WebSphere Portal migration Understand business process integration concepts Understand cross-cell deployment scenarios Understand development of application components and compositeguide applications Understand dynamic clustering Understand horizontal and vertical clustering Understand planning for multiple clusters and database considerations Understanding the portlet life cycle Understand the differences between and advantages of client-side aggregation and server-side aggregation Understand new installation and topology options Portal farms Multiple profiles VMware support Portal in the cloud environment Understand virtual portals Accompanying

570 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Appendix A. Certification and exam competencies

Competency area Objectives Installation and Add nodes to a cluster and dynamic clusters configuration Configure an Ajax proxy Configure WebSphere Application Server and portal caching Create a WebSphere Network Deployment dynamic cluster Diagnose problems with development environment installations Implement horizontal and vertical clustering Implement portals using the portal site wizard Install and set up a clustered production environment Migrate WebSphere Portal and customized resources Perform a silent installation from a response file Plan your installation distribution Understand ConfigEngine commands Understand installation components Understand portal coexistence (mixed versions)for and installation options Understand portal installation components Understand portal tuning concepts Understand the use of the portal propertynot file Use command-line tools Use configuration templates Understand improvements to the installation wizard when to use the wizard instead of commands Use installation wizards for post-configuration Use multiple LDAP realmsSPVC; Work with application templates to assemble composite applications Plan for the personalizationfor server Set up portal farms Understand where theme files are located after installation Understand when and how to configure WebSphere Portal light mode Setguide up and configure options for wikis and blogs

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 571 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Competency area Objectives Security Administer application roles Administer portal roles and authorization Administer page and portlet security Create a look-aside user registry and add attributes Deploying portlets in a secure environment Enable Solid State Logic between components Establish and administer single sign-on realms Establish Lightweight Database Access Protocol (LDAP) and federated authentication mode Externalize resource security Integrate external security managers distribution Manage portal search security Manager user registries Modify default passwords for WebSphere Portalfor Secure your WebSphere Services for Remote Portlets (WSRP) producer Configure login, logout, and session filters Enable single sign-on (SSO) with WebSpherenot Portal and Lotus Domino Enable impersonation Use the configuration wizard Troubleshoot portal security Understand Lightweight Third-Party Authentication (LTPA) and cookies SPVC; Understand multiple realms for

guide

Accompanying

572 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Appendix A. Certification and exam competencies

Competency area Objectives Customization and Administer parallel portlet rendering administration Administer virtual portals Apply portlet wiring concepts Configure and administer virtual portals Configure cooperative portlets Configure page layouts Configure the locking mechanism Configure WSRP Copy portlets and portlet applications Create and configure portal and web content search collections Customize pages and the use of portlet wiring distribution Customize Web 2.0 themes using the theme customizer Understand portal site management Implement custom unique names for Implement skins and themes Implement URL mapping Manage and configure composite applications Apply template concepts not Manage portal resources with policies Manage portlets in a cluster Manage replication in a cluster Manage the access control of users and groups Modify portal URLs Understand how to configureSPVC; a remote search service for portals Use collaborative portal components Use the Manage Search portlet to administer portal search Use the WebSpherefor Portal Site Management portlet Use portal search Use the Portal Site wizard Administer tagging and rating Work with WebDAV clients guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 573 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

The competency areas and objectives in Table A-4 are included in Exam 921, IBM WebSphere Portal 7.0 Migration and Support.

Table A-4 Competency areas and objectives for Exam 921 Competency area Objectives Maintain and monitor Create XML Access scripts to copy individual portal resources from development to integration environments Create XML Access scripts for deploying, updating, deleting, and performing routine maintenance on portal resources Debug errors in XML Access scripts when importing between environments Demonstrate enabling portlet performance monitor interfacedistribution (PMI) Demonstrate knowledge of the Member Fixer tool Demonstrate knowledge of the ReleaseBuilder process and command-line tool for Describe the purpose of log files created during installation, maintenance, and operation of WebSphere Portal Export and import page hierarchy usingnot Administration portlets Identify the differences and advantages between the portal scripting interface and XLM Access Identify the function of elements in the XML Access script XML schema Identify the required access control list (ACL) roles to delegate WebSphere Portal administration tasks to non-administrator users Install and update portletsSPVC; using Administration portlets Synchronize portal environments using site management Understand how to identify orphan data in the portal and web content, and what tools andfor processes are required to clean up or repair the data Understand how to identify the effective access that a user or group has to WebSphere Portal resources Understand how to start and stop the portal server using command-line tools and using the WebSphere Application Server Integratedguide Solutions Console Understand how to utilize the WebSphere Application Server PMI Understand the portal scripting interface and its relationship to the WebSphere Application Server scripting interface Understand the purpose, functions, and requirements for the site management Understand the release life cycle for deploying changes between WebSphere Portal releases Use the portal scripting interface to create pages, add portlets, set security, and manage portal resources

Accompanying

574 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Appendix A. Certification and exam competencies

Competency area Objectives WebSphere Portal Customize web content authoring content Configure the authoring portlet Demonstrate knowledge of personalization concepts Demonstrate using and knowledge of attribute-based administration Demonstrate working with web content libraries: import/export, creating, and versioning Establish syndication between environments Demonstrate knowledge of syndication strategies Migrate a web content system using the content migration tool Set up a WebSphere Portal Web Content Management (WCM) solution distribution Set up an authorizing server Understand and administer the publishing personalization rules Understand tagging and rating for Understand Authortime search Understand web content integration (WCI) Understand Enterprise Content Management integration – FileNet not –Quickr –r3rd Troubleshooting and Demonstrate knowledge of trace strings and trace enablers serviceability Demonstrate the use of IBM Support Assistant to gather diagnostic tools Describe and use toolsSPVC; for troubleshooting and diagnostics Enable WebSphere Portal and WebSphere Application Server tracing to gather diagnostic data Understand conditionsfor for which WebSphere Portal uses server-side aggregation Understand conditions for which WebSphere Portal uses client-side aggregation Understand troubleshooting of database connectivity Understandguide troubleshooting for installation issues Understand troubleshooting for portal cluster issues

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 575 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Competency area Objectives Integrating your Configure collaboration features: business Common mail Instant messaging Configure Lotus Sametime presence awareness Configure single sign-on with Lotus Domino Integrate with Lotus Domino, Lotus Connections, and Lotus Quickr Plan for collaborative servers and portlets Configure WebSphere Portal for process integration: Configure virtual portals for process integration Configure WebSphere Process Server integration Customize portal process integration distribution Understand options for back-end application integration: Web Application Integrator Unified task list portlet for Configure mashup integration: Understand how iWidgets are added to a page Migration and other Search the Business Solutions catalognot concepts Understand WebSphere Portal and eForms integration Understand how to use feeds with WebSphere Portal: Configure a proxy environment for feed syndication Understand WebSphere Portal migration concepts Migrate core and custom WebSphere Portal resources: Understand improvements to the migration process Migrate WebSphere PortalSPVC; content for

guide

Accompanying

576 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Appendix A. Certification and exam competencies

IBM Lotus Certification Train and Certify promotion

IBM Lotus Certification Train and Certify WPL81: Administration, Installation & Configuration of IBM WebSpheredistribution Portal 7.0

Dear Course Attendee, for

Thank you for attending this course. Your commitment to expanding your knowledge and expertise with IBM technology is an asset to you, your company and your customers.not This course is part of the IBM Lotus Train and Certify Promotion, whose details are accessible via url: http://www.ibm.com/certify/news/lt_20090831a.shtml

Per the IBM Lotus Train and Certify Promotion, we now invite you to take the first core certification test at a 50% discount. This test is valued at $200 USD in developed countries and $100 USD in emerging market countries.

Test LOT-920 IBM WebSphere Portal 7.0SPVC; Deployment and Administration

Before registering for the test, we recommendfor that you prepare for it by referring to the following information, accessible by test number and certification title via the Professional Certification Program from IBM Web site http://www.ibm.com/certify/tests/test_index.shtml

job role description/target audience to which the test is built recommended prerequisite skills or knowledge and skills needed before starting to prepare test objectives or detailed skills measured on the test test preparation / trainingguide resources used to prepare based on the test objectives

To register for the test, please refer to www.prometric.com/IBM and, when prompted, enter the following promotional code for 50% discount off the regular test fee. Please note that the promotional code is not transferable and must be used prior to the expiration date, which is 6 months after the completion of the course. It is recommended that you register early to secure your preferred testing session.

Promotion Code LTEB920A

For any inquiries, please send a note to [email protected]

AccompanyingThe IBM Lotus Education and IBM Lotus Certification Teams

© Copyright IBM Corp. 2011. All rights reserved. 577 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

578 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Appendix B. IBM WebSphere Portal 7.0 training paths

distribution Appendix B.IBM WebSphere Portal 7.0 training paths for not This appendix guides you through the training paths for IBM WebSphere Portal 7.0. For more information about the training paths, go to the following web address:

http://www.ibm.com/software/lotus/trainingpaths SPVC; for

guide

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 579 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

System administrators new to IBM WebSphere Portal 7.0

Use the path shown in Figure B-1 to see the courses that you need to achieve this skill or IBM Certified System Administrator - WebSphere Portal 7.0 certification.

distribution for not

SPVC; for

Figureguide B-1 Training path for administrators who are new to WebSphere Portal 7.0

Accompanying

580 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Appendix B. IBM WebSphere Portal 7.0 training paths

System administrators with IBM WebSphere Portal experience

Use the path shown in Figure B-2 to see the courses that you need to achieve this skill or IBM Certified System Administration - WebSphere Portal 7.0 certification.

distribution for not

SPVC; for

guide

Figure B-2 Training path for system administrators who have WebSphere Portal experience

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 581 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

Developers who are new to IBM WebSphere Portal 7.0

Use the path shown in Figure B-3 to see the courses that you need to achieve this skill or IBM Certified Solution Developer - WebSphere Portal 7.0 certification.

distribution for not

SPVC; for

guide Figure B-3 Training path for developers who are new to WebSphere Portal 7.0

Accompanying

582 © Copyright IBM Corp. 2011. All rights reserved. Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Appendix B. IBM WebSphere Portal 7.0 training paths

Developers with IBM WebSphere Portal experience

Use the path shown in Figure B-4 to see the courses that you need to achieve this skill or IBM Certified Solution Developer - WebSphere Portal 7.0 certification.

distribution for not

SPVC; for

guide Figure B-4 Training path for developers with WebSphere Portal experience

Accompanying

© Copyright IBM Corp. 2011. All rights reserved. 583 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

distribution for not

SPVC; for

guide

Accompanying

This course, Installation and Administration of IBM WebSphere Portal 7.0 on Windows, WPL81, could not have been possible without the ISSL Enablement team and WebSphere product development team.

Special thanks goes to the following subject matter experts for their knowledge and guidance in creating this course:distribution Information contributors from IBM – Annemarie Fitterer for – Anthony Whelan – Brian Ricker – Cathrine Bjorndal – Charles Seaman not – David Nixon – DeAnna Steiner – Dieter Buehler – Fang Feng – Gary Taylor – Howard S. KrovetzSPVC; – Hunter Tweed – JayaPrasad Thambuganipalle – John Jamesfor – Karen Nelson – Kevin Tapperson – Mike Fitzgerald – Prashant K. Kollipara –guide Richard Robbins – Rishi Bhargava – Ryan Smith – Saurabh M. Agarwal – Saurabh Shukla – Simon Kirchmann Lab QA and technical content reviewers – Antonio Fiol Bonnin, IBM – Brian Anderson, IBM – Charles Seaman, IBM – Dave Taber, IBM – David Bennett, IBM Accompanying – Howard S. Krovetz, IBM – Jan Rysz, TPartners

© Copyright IBM Corp. 2011. All rights reserved. 585 Course materials may not be reproduced in whole or in part without the prior written permission of IBM. Installation and Administration of IBM WebSphere Portal 7.0 on Windows: Student Guide

– John Rhodes, Incase – Joseph Galluzzo – Kevin Crocker, Percifient – Kevin Lorenz, Incase – Manjula Seelam, IBM – Markus Donsj, T-Online.de – Noel Bergman, Devtech – Shaneice Jordan, IBM – Stephen Hess, IBM – Sue Canzanelli, IBM – Virginia FitzPatrick, Morris Planning Associates Course design reviewers distribution – Alexander Juech, GroupSphere Education Center – Christine Thomson, Zitiso for – Eric Teitz, Think Learning – Kevin Crocker, Perficient – Marco Zanchi, Prow.it not – Noel Bergman, Devtech – Peter Matthews, Amaroo Services – Virginia Fitzpatrick, Morris Planning Associates

In addition, thanks goes to the following people from IBM ITSO Global Content ServicesSPVC; for creating and publishing this course: Bruce Lill, Kalechi Designs, Inc. G. David Wilkerson, Davalen, LLC Debra Komofor Sena Jenifer Servais Julia A. Dovel Kyle Albert Naji Zeineh, Citent, Inc. Patsyguide Kravitz Popa Terrence Mohammed Tom Powers Trudy Y. Mead

Accompanying

SPVC; for

guide

Accompanying ®

SPVC; for

guide

Accompanying