Registration

Dear SAP Community Member,
In order to fully benefit from what the SAP Community has to offer, please register at:
http://scn.sap.com
Thank you,
The SAP Community team.
Skip to end of metadata
Go to start of metadata

Purpose

The WebSphere Server that is hosting Maximo is being upgrade from 6.0.x to 6.1.x.  This article is to answer this question: Are there any settings that need to be changed for Agentry Servers running Maximo v6 Agentry products to connect to the new version?

Overview

The article discusses the steps on configuring the Work Manager server for IBM Websphere.

Steps

Configuring the Server for Application Server Authentication 

The following are steps that need to be performed in order to configure a Work Manager product for Application Server Authentication whether running on Weblogic or WebSphere.

  1. Obtain the file jaas_client.conf from the following directory on the Maximo Server and place this file in the Agentry Server directory:<MaximoInstance>\tools\maximo\j2eeclient
  2. Edit the javaBE.ini file as follows:
    1. At the top of the file, set the maximoAuthenticationMethod property to appserver.
    2. Comment out the line containing server= by placing a # character in front of it.

 Configuring the Work Manager Server for IBM WebSphere

  1. Maximo v7 ships with WebSphere Application Server 6.1 and LDAP support requires the installation of a compatible Application Client. The WebSphere 6.1 Application Client must be downloaded from the IBM website, and is only available to licensed IBM customers of Maximo or WebSphere. To download see the instructions at: http://www-01.ibm.com/support/docview.wss?rs=2346&uid=swg24019569
     
  2. After downloading the package, unzip it and run install.exe.
     
  3. Proceed through the installation wizard accepting default values until you reach the Choose Setup Type panel. On the Choose Setup Type panel, selectCustom Pluggable Client.
     
  4. On the custom setup type panel, make sure that only Pluggable application client is selected as shown below.
  5. In the following panel, the location for the Sun SDK installation location must point to the directories of the Sun Java SDK used by the Work Manager Server. All Agentry servers use the SDK associated with the first SDK located on the PATH environment variable. The Sun JRE installation location should point to the JRE folder under the SDK directory. The IBM WebSphere Pluggable Application Client version 6.1 requires Java version 1.5. Java versions 1.4 and 1.6 are not supported. The consequence of this requirement is that in order for the Work Manager Server to support LDAP authentication to a Maximo server running under WebSphere 6, the Work Manager Server must be configured to use the Sun Java SDK 1.5.  
  6. On the subsequent panel, specify the fully qualified hostname of the Maximo server for hostname, and leave the port property empty.
  7. After installation of the Application Client has completed, verify that a file named orb.properties is present in the lib directory of the JRE specified in step 6.
     
  8. Copy the necessary jar files from the Maximo server to the Work Manager Server. The files needed are businessobjects.jar, mbojava.jar and either mboejb.jar for a Maximo 6 system or mboejbclient.jar for a Maximo 7 system. These files must be copied from the directory:<Websphere Dir>\profiles\<Maximo-profilename>\installedApps\<Maximo-Cellname>\MAXIMO.ea

Where <Websphere Dir> is the directory in which Websphere server is installed, <Maximo-profilename> is the WebSphere profile under which the Maximo application was installed on the Websphere server, and <Maximo-Cellname> is the name of the cell under which the Maximo application server runs. The cell name is indicated in the Cell Name property of the Runtime tab of the Maximo application server page, which is viewable from Servers | Application Serversin the WebSphere administrator console. Place the files in a directory located on the Work Manager Server machine, referred to hereafter as <JarFiles>. In the case of WebSphere, do not extract these jar files from the maximo.ear file, as these files will not have correctly compiled java stub classes which are created when the EAR file is deployed on WebSphere.

                   9. Make the following changes in javaBE.ini:

  1. Uncomment the line beginning with appServerType and set its value to websphere.
  2. Uncomment the line beginning with security.auth.login.config and verify that this line reads security.auth.login.config=./jaas_client.conf.
  3. Uncomment and set the value for the naming.provider.url of the form iiop://<maximo-hostname>:<bootstrap-port>. The bootstrap port is the TCP port configured as the bootstrap address for the node agent controlling the node that the Maximo application server is running under. This information is available in the WebSphere Administrator Console. WebSphere requires the use of the iiop: protocol.
  4. Uncomment and configure the property naming.factory.initial as described in the JavaBE.ini Properties section of this document
  5. Uncomment and configure the property maximo.jndi.rootContext as described in the JavaBE.ini Properties section of this document.
  6. Uncomment the line beginning with maximo.jndi.ejb.accesstoken and verify that it readsmaximo.jndi.ejb.accesstoken=ejb/maximo/remote/accesstokenprovider.
  7. Uncomment and configure the property com.ibm.CORBA.ConfigURL as described in the JavaBE.ini Properties section of this document
     

                10. Modify the agentry.ini file in the Work Manager product directory by setting the classPath property in the [stage:Java] section as follows:               classPath=<JarFiles>\businessobjects.jar;<JarFiles>\mboejb.jar;<JarFiles>\mbojava.jar;.\Java;

                 11. Add the nonStandardJavaOptions property to the [stage:Java] section and configure as follows: 

nonStandardJavaOptions=-Djava.endorsed.dirs=<AppClientDir>\java\jre\lib\endorsed -Djava.ext.dirs=<Sun-JRE-Home>\JRE\lib\ext;<AppClientDir>\lib;<AppClientDir>\plugins;<AppClientDir>\lib\WMQ\java\lib 

where <AppClientDir> is the directory in which the Websphere Pluggable Application Client was installed and <Sun-JRE-Home> is the directory specified for the Sun JRE used by Work Manager as specified in step 1. Due to a limitation with Agentry's processing of these options, the nonStandardJavaOptions property specified above should contain only space characters between the -D options. The paths for <AppClientDir> and <Sun-JRE-Home> cannot contain spaces, double-quote characters, or carriage returns and thus must be specified above using the short path notation on Windows. If this property is misconfigured, the error will usually be indicated by java.lang.ClassNotFound exceptions in the server console window and log files when a user attempts to log in on a client, where the classes not found are those in com.ibm.* packages.
A correctly configured nonStandardJavaOptions property example is shown below:nonStandardJavaOptions=-Djava.endorsed.dirs=C:\PROGRA~1\IBM\WEBSPH~1\APPLCLI~2\java\jre\lib\endorsed - Djava.ext.dirs=C:\PROGRA~1\JAVA\JDK15~2.0_1\JRE\lib\ext;C:\PROGRA~1\IBM\WEBSPH~1\APPCLI~2\lib;C:\PROGRA~1\IBM\WEBSPH~1\APPCLI~2\plugins;C:\PROGRA~1\IBM\WEBSPH~1\APPCLI~2\lib\WMQ\java\lib

  • Enter the above line into agentry.ini under the [stage:Java] section.
    • Ensure there are no carriage returns or tabbed characters in the property.
    • Perform a search and replace of the directory tokens with the short path found above in a text editor.
    • Test by running the Agentry server's command line server agentrycmd.exe so that standard output will be visible.
       
  • Edit the file sas.client.props in <AppClientDir>/properties, and change the following properties: 
    • com.ibm.CORBA.validateBasicAuth=false
    • com.ibm.CSI.performClientAuthenticationRequired=true
    • com.ibm.CSI.performTransportAssocSSLTLSSupported=false 
  • When a user enters incorrect credentials, Websphere allows for the error message to be passed from the external directory service provider to the handheld client. To enable this behavior, open the Websphere Administrative Console and navigate to Security | Global security. On this screen, select Custom properties under Additional Properties. Enter a new custom property with the name com.ibm.websphere.security.registry.propagateExceptionsToClient and the value true.
     
  • Save settings to the master configuration and either reboot the machine hosting WebSphere or manually stop and restart all WebSphere services running on the machine. 

JavaBE.ini Properties

For Application Server Authentication on IBM WebSphere, use the WebSphere Value.
The server property is not a new property but is included here for completeness.

  • Property: maximoAuthenticationMethod
    • WebSphere Value: appserver
  • Property: server
    • WebSphere Value: NA
       
  • Property: appServerType
    • WebSphere Value: websphere
       
  • Property: security.auth.login.config
    • WebSphere Value: ./jaas_client.conf
       
  • Property: naming.factory.initial
    • WebSphere Value: com.ibm.websphere.naming.WsnInitialContextFactory}
       
  • Property: maximo.jndi.rootContext
    • WebSphere Value: Of the form cell/nodes/<node-name>/servers/<maximo-servername> where <maximo-servername> is the name of the application server on which the Maximo application is running and <node-name> is the name of the node on which the <maximo-servername> is running. Both the Maximo application server name and node name can be found in the WebSphere administrative console by viewing Servers | Application Servers.
       
  • Property: maximo.jndi.ejb.accesstoken
    • WebSphere Value: ejb/maximo/remote/accesstokenprovider
       
  • Property: com.ibm.CORBA.ConfigURL
    • WebSphere Value: Of the form file:<AppClientDir>/properties/sas.client.props where <AppClientDir> is the full path to the local directory where the WebSphere Pluggable Application Client is installed. This path is specified as an absolute path using drive letters, forward slashes, and no quotation marks as in the following example:file:C:/Program Files/IBM/WebSphere/AppClient/properties/sas.client.props
  • Property: naming.provider.url
    • WebSphere Value: Of the form iiop://<hostname>:<port-number> where <hostname> is the Maximo server fully qualified hostname or IP address and<port-number> is the TCP port configured as the bootstrap address for the node agent controlling the node under which the Maximo application server is running. The port number should match the BOOTSTRAP_ADDRESS property of the node agent that controls the Maximo application server. Open the Websphere administrative console and navigate to System administration | Node agents, find the name of the node that runs the Maximo application and click its link. One the Node agents detail screen, open Ports and find the BOOTSTRAP_ADDRESS host and port. By default the port for the deployment manager is 9809.
       
  • Property: java.text.AppServerAuthenticationError
    • WebSphere Value: NA

Related Content

IBM Maximo mobile application in Agentry - What ports are needed to connect to Maximo?

Related Documents

Related Notes:

  • No labels