Monday, August 31, 2009

How to combine the results of queries based on two criteria in the Web Content Management local rendering portlet




When using an IBM® Web Content Management (WCM) local rendering portlet, how can one utilize the combined query results based on two criteria?

**Note:** This information is not included in the WebSphere Portal information center topic: Defining menu element formatting options.


Cause
A menu element displays metadata and content from content items that match the search criteria of the menu element. The search criteria of a menu element can include matching site areas, authoring templates, categories and keywords.

The information center topic Defining menu element formatting options does not include any reference for a more complex scenario whereby you could combine the results of a query based on two criteria to include the results of both queries -- a menu component that retrieves content based on a query that considers both a site area or a category.

Example: Menus that display "ALL the contents for a specific site area and an item that is in another site area and has been tagged with a specific category" by combining the search parameters "Site area X" and a "category Y".


Resolving the problem
  1. Create two menus: one for each specific query.

  2. Wrap both menus using an HTML component.

This combination should resolve the issue while providing optimal application performance.

Steps to Expand and Collapse content items within Navigator Component

How can I configure an IBM® Web Content Management (WCM) Navigator component to expand and collapse the content item tree?


Edit the Navigator component.

  1. Set the following fields:
    "Start Type" to Selected
    "Ancestor Level" to All
    "Descendent Level" to "1 Level" as shown in the diagram.
    ( This setting will display only the Site Areas beneath the selected Site Area ( Environment Program )


Tuesday, August 25, 2009

Using Log4J from a WebSphere Based Application

Log4J is an easy to use and powerful logging system. This article will show you how to best configure and use Log4J from a typical WebSphere based application.

We will develop a J2EE 1.3 application and test it with WebSphere V5.

Initializing Log4J

Initializing Log4J has been a thorny problem for a J2EE application. There are two ways to initialize Log4J:

  1. Call PropertyConfigurator.configure(String propertyFileName) - This function takes the full path name of the properies file that contains Log4J configuration information. A J2EE application should not make any assumption about where its files are located in the file system. Use of this function requires the application to know exactly that.
  2. Do not call PropertyConfigurator.configure() and let Log4J look for a properties file called log4j.properties in a J2EE module's class path. The lookup takes place when the Logger.getLogger() method is called for the first time. In this article we recommend using this approach.

A Typical log4j.properties File

#Default log level to ERROR. Other levels are INFO and DEBUG.
log4j.rootLogger=ERROR, ROOT
log4j.appender.ROOT=org.apache.log4j.RollingFileAppender
log4j.appender.ROOT.File=myapplication.log
log4j.appender.ROOT.MaxFileSize=1000KB
#Keep 5 old files around.
log4j.appender.ROOT.MaxBackupIndex=5
log4j.appender.ROOT.layout=org.apache.log4j.PatternLayout
#Format almost same as WebSphere's common log format.
log4j.appender.ROOT.layout.ConversionPattern=[%d] %t %c %-5p - %m%n

#Optionally override log level of individual packages or classes
log4j.logger.com.webage.ejbs=INFO

This configuration file exploits the following features of Log4J:

  1. Set the global log level. ERROR will print messages logged with the Logger.error() method. INFO will print messages logged with Logger.error() and Logger.info(). Finally, DEBUG will print all messages including the ones logged with the Logger.debug() call.
  2. Rotate log files. In this example, when the log file (myapplication.log) reaches 1000KB, it is closed, backed up and a new log file is created.
  3. Set the log format to display timestamp, class name and the message.
  4. Optionally override the global log level for individual Java packages or classes. In this example we set the log level for the com.webage.ejbs package to INFO.

Using Log4J From a Web Module

In this section we will learn how to install and use Log4J from an application built entirely as a Web module (that is, does not use EJBs).

Start WSAD and create a J2EE 1.3 Enterprise Application Project called LogTest and a Web module within it called LogTestWeb. Create a file called log4j.properties in the Java Source folder of the Web module. Add configuration entries similar to as shown in the section above. When you build the web project, the properties file will be automatically copied into the WEB-INF/classes folder. Do not directly create the properties file in the WEB-INF/classes folder. WSAD will delete it, next time the web project is re-built.

Download the latest Log4J distribution. Extract the JAR file from the distribution (for example log4j-1.2.8.jar) and copy it to the Web Content/WEB-INF/lib folder of the Web module.

Add a Java class to the Web module called com.webage.model.MyModel. Add a method called checkValid(String name, String value) as follows:

package com.webage.model;

import org.apache.log4j.Logger;

public class MyModel {
static Logger logger = Logger.getLogger(MyModel.class);;

public void checkValid(String name, String value) throws Exception {

logger.debug("ENTRY");
logger.debug("Checking parameter: " + name);
if (value == null) {
throw new Exception("Parameter is absent.");
}
if (value.trim().length() == 0) {
throw new Exception("Parameter is empty.");
}

logger.debug("EXIT");
}
}
Advanced
In real life, model Java classes are often created in a separate Java Project. In that case, add the Log4J JAR file located within the Web module to the build path of the Java project. This will let you compile the Java classes. At run time classes from the Java project will be loaded by the Web module's class loader which will also load the Log4J classes from the WEB-INF/lib/log4j-1.2.8.jar JAR file. If you wish to run the Java classes stand alone (from JUnit for example), you will need to configure the class path of the launch configuration to add the Log4J JAR file as well as the WEB-INF/classes folder.

Add a Servlet with the class name com.webage.servlets.MyServlet. Set the contents of the Servlet's class as follows:

package com.webage.servlets;

import java.io.IOException;
import javax.servlet.ServletException;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import com.webage.model.MyModel;

public class MyServlet extends HttpServlet {
Logger logger = Logger.getLogger(MyServlet.class);

public void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
logger.debug("ENTRY");

MyModel model = new MyModel();

resp.getWriter().println("

Log4J Test Servlet

");
try {
model.checkValid("firstName", req.getParameter("firstName"));
} catch (Exception e) {
logger.error("doGet failed.", e);
}

logger.debug("EXIT");
}

public void init() throws ServletException {
super.init();
logger.info("Servlet initializing...");
}
}

Test

Associate the LogTest project with a WebSphere V5 Server. Run the Servlet. By default, the firstName parameter is absent and the MyModel.checkValid method will throw an exception. The servlet will log the exception. The global log level is set to ERROR and Log4J will add the log entry to the log file. The log file (myapplication.log) will be created in the WSAD installation root directory.

Open log4j.properties and enable DEBUG level log for the com.webage.model package by adding the line:

log4j.logger.com.webage.model=DEBUG

Restart the LogTest project for the change to take effect. Run the Servlet again and check the content of the log file. DEBUG level log from the MyModel class will be shown.

Troubleshooting

If you do not see the log file (myapplication.log) in the root installation directory of WSAD, chances are Log4J did not initialize properly. If Log4J fails to locate the log4j.properties file in the class path, it will put a message in the standard output as shown below.

[3/14/03 13:04:05:498 EST] 19daf47c SystemErr R log4j:WARN No appenders could be found for logger (com.webage.servlets.MyServlet).
[3/14/03 13:04:05:498 EST] 19daf47c SystemErr R log4j:WARN Please initialize the log4j system properly.

In UNIX systems, make sure that spelling of the properties file is correct (log4j.properties in all lower case).

In all systems use the UNIX style forward slahes in the log file name. For example:

log4j.appender.ROOT.File=c:/temp/myapplication.log

Using Log4J in a EJB Application

Create a new EJB module called LogTestEJB under the LogTest Enterprise Application module. Move the Log4J JAR file from the WEB-INF/lib folder of the LogTestWeb module to the root directory of the LogTest project. Create a folder called lib under the LogTest project and move the log4j.properties file there.

Build a Java JAR dependency from the LogTestEJB project to the Log4J JAR file (right click on LogTestEJB and select Properties. Select Java JAR Dependency and check the Log4J JAR file).

Similarly, build a Java JAR dependency from the LogTestWeb project to the log4J JAR file and the LogTestEJB.jar file.

Add the LogTest/lib directory to the class path of the server. To do this, switch to the Server perspective and double click on your server in the Server Configuration view. Click on the Paths tab. Next to the Class Path list click on Add Folder. Select LogTest/lib.

Test

Add a simple Session EJB called MySession in the LogTestEJB project. Add logging to the bean class MySessionBean.java as follows:

import org.apache.log4j.Logger;

public class MySessionBean implements javax.ejb.SessionBean {
private javax.ejb.SessionContext mySessionCtx;
Logger logger = Logger.getLogger(MySessionBean.class);
//...
public void aMethod() {
logger.debug("ENTRY aMethod");
logger.debug("EXIT aMethod");
}
}

Promote aMethod() to the remote interface and use the EJB from the Servlet. Finally,test the Servlet.

Deploying in WebSphere

Export your application from WSAD as a EAR file. Install the EAR in WebSphere. This will, by default, extract the contents of the EAR in /installedApps/ folder. Copy the log4j.properties file from this folder to the /properties folder. This folder is automatically added to the class path of every application server.

By default, the directory is setup as the working directory of an application server. To create the Log4J log file in the standard /logs directory, open log4j.properties and change the log file name as follows.

log4j.appender.ROOT.File=logs/extranet.log

Conclusion

In this article we explore how to use Log4J from an exclusively web based application as well as a EJB and web based application. Our goal was to simplify the process of development and administration. We achieve this in several ways.

  1. We do not develop any additional code to deal with Log4J initialization.
  2. We make the Log4J JAR file a part of the J2EE application. There is no need to distribute and install this JAR file separate from the application's EAR file.
  3. In case of a pure web based application, there is no additional administration involved. The application will be able find log4j.properties from the WEB-INF/classes folder. For an application that has EJB modules, one will need to configure the application server's classpath to point to the directory where log4j.properties is stored.

Monday, August 24, 2009

Adding Web 2.0 skins

In conventional portal skins, a Control.jsp implements the code to render the decoration around a portlet. With the portal Web 2.0 theme, the portal renders the pages on the client. Therefore, rather than invoke a JSP to render the skin, it requires to execute an XSLT transformation. To achieve this, the portlet needs to register the following at bootstrap time in head_extras.jspf : The skin name and xslt file path in a mapping for use by the CSA aggregator, along with its object ID, that is its internal identifier which it retrieves from the portal model.

At runtime, the page layout model stores the object ID of the assigned skin. The CSA aggregator retrieves the XSLT path of the skin, then load and apply it to render the skin. If the XSLT path is empty or null, the default skin XSLT would be used.

To add a new skin, proceed as follows:

  1. Implement an XSLT to render the desired markup.
  2. Store the XSLT file in the /xslt directory of the theme, with the same name as the skin. For example, for the IBM skin this is xslt/IBM.xsl .
  3. Register the new skin with the CSA aggregator as follows:
    1. Edit the file head_csa.jspf .
    2. In the definition of the bootstrap() function, find the lines shown below and add a new, similar line for your skin:
      portalAggregator.page.addSkin(new
      com.ibm.portal.aggregation.IbmSkin("IBM",skinResourceRoot2Id["IBM"],""),true);
      portalAggregator.page.addSkin(new
      com.ibm.portal.aggregation.Skin("NoSkin",skinResourceRoot2Id["NoSkin"],""),fal

Configuring SSO with LTPA

just wasted a few hours of my life because of some careless mistake made by our computer engineers.
I was tasked to configure single sign on for two servers, a Websphere Application Server v6 and a Websphere Portal Server v6. I configured my application server to use the same LDAP configuration as the portal. Export the LTPA key from Websphere Portal and import it to WAS.
I thought it will work. But it didn't. I thought I configured it wrongly thus tweak here and there. Tried every single thing I could imagine. I was also careless as I forgot to consult the log files. I just thought the LTPA token was not propagated properly.
I finally remembered to read the logs and found the following.
[8/2/07 21:55:35:047 PDT] 0000001d LTPAServerObj W SECJ0371W: Validation of the LTPA token failed because the token expired with the following info: Token expiration Date: Thu Aug 02 08:54:41 PDT 2007, current Date: Thu Aug 02 21:55:35 PDT 2007.
Finally I check the server date time settings. Guess what I found. The Portal server is just beginning to wake up at 6 in the morning. The WAS has the same time as my machine, 9:55 p.m., but it is somewhere in US. The engineer who setup the server didn't change the regional settings back to my country and it is still following US timezone.
I wonder who should I be screaming at when this type of things happens. I guess this is what happens when you are not surrounded by geniuses.

Adding Custom Attributes to WebSphere Portal

Before adding any new attribute, the current attribute configuration should be validated and corrected with proper mappings and removing not required attributes.

How to Validate/Verify the Attribute Mapping ?

Run ConfigEngine.bat wp-validate-standalone-ldap-attribute-config -DWasPassword=secret
After successfully completing the above command, review the ConfigTrace.log file from \ConfigEngine\log Folder.

For Person Account and Group entity types you may see possible problems.

In my case this is the output:

Possible problems for PersonAccount:

The following attribues are defined in Portal but not in LDAP - You should either flag them as unsupported or define an attribute mapping:
[groups, identifier, ibm-jobTitle, entitlementInfo, realm, viewIdentifiers, certificate, stateOrProvinceName, createTimestamp, modifyTimestamp, ibm-primaryEmail, children, parent, c, partyRoles, principalName, countryName, localityName]

The following attributes are flagged as required in LDAP but not in Portal - You should flag them as required in Portal, too:
[sn, cn]

FYI: The following attributes have a diffenrent type in Portal and in LDAP - No action is required:
jpegPhoto: Base64Binary <> 1.3.6.1.4.1.1466.115.121.1.5
password: Base64Binary <> 1.3.6.1.4.1.1466.115.121.1.40{128}
seeAlso: String <> 1.3.6.1.4.1.1466.115.121.1.12

Possible problems for Group:

The following attribues are defined in Portal but not in LDAP - You should either flag them as unsupported or define an attribute mapping:
[modifyTimestamp, groups, members, identifier, displayName, parent, children, entitlementInfo, partyRoles, viewIdentifiers, createTimestamp]

The following attributes are flagged as required in LDAP but not in Portal - You should flag them as required in Portal, too:
[]

FYI: The following attributes have a diffenrent type in Portal and in LDAP - No action is required:
seeAlso: String <> 1.3.6.1.4.1.1466.115.121.1.12

Status = Complete
------

Correct the Attribute Mappings:

Based on the above report I should remove some attributes from personAccount and flag sn and cn] as required.

Modify the wkplc.properties with the following:

standalone.ldap.attributes.nonSupported=groups, identifier, ibm-jobTitle, entitlementInfo, realm, viewIdentifiers, certificate, stateOrProvinceName, createTimestamp, modifyTimestamp, children, parent, c, partyRoles, principalName, countryName, localityName

standalone.ldap.attributes.mapping.ldapName=
mail
standalone.ldap.attributes.mapping.portalName=ibm-primaryEmail


standalone.ldap.attributes.mapping.entityTypes=PersonAccount,Group

The above configuration also maps the ibm-primaryEmail to mail in LDAP.

Run ConfigEngine.bat wp-update-standalone-ldap-attribute-config -DWasPassword=secret

Update the general attribute configuration :

Update wkplc.properties file:

user.attributes.required= sn,cn
user.attributes.nonsupported= groups,identifier,ibm-jobTitle,entitlementInfo,realm,viewIdentifiers,certificate,stateOrProvinceName,createTimestamp,modifyTimestamp,ibm-primaryEmail,children,parent,c,partyRoles,principalName,countryName,localityName

Run ConfigEngine.bat wp-update-attribute-config -DWasPassword=secret

Stop and restart Portal server.

Now if you re verify the attribute config using wp-validate-standalone-ldap-attribute-config, the log should show no problems.

How to Add Custom Attributes?
Before adding custom attributes to VMM, make sure the LDAP schema is extended to support these attributes.

I followed this simle process to add multiple attributes.
First install the attribute installer.
  1. ConfigEngine.bat wp-la-install-ear -DWasPassword=secret
  2. cd ../bin
  3. stopServer.bat server1 -username wpsadmin -password secret
  4. stopServer.bat WebSphere_Portal -username wpsadmin -password secret
  5. startServer.bat server1
  6. startServer.bat WebSphere_Portal
Next, Install one attribute

Edit wkplc.properties with the following info:

la.propertyName=userCompanyId
la.entityTypes=PersonAccount
la.dataType=String
la.multiValued=false

Run ConfigEngine.bat wp-add-property -DWasPassword=secret


After running the above command, a file wimxmlextension.xml will be created in \config\cells\\wim\model folder.

If you want to add any additional attributes, you can directley edit this file (copy existing attributes and modify the values as needed.)

Restart the Portal for changes to take effect.

How to see the current Attribute Configuration?
cd \ConfigEngine
Run ConfigEngine.bat wp-query-attribute-config -DWasPassword=secret

This will create availableAttributes.html report in /ConfigEngine/log

That's what you need...

Configuring WebSphere Portal 6.1 Security using Sun One LDAP

Scenario: Sun One LDAP Version 5.2 is installed on the same machine as WebSphere Portal 6.1. To use a custom LDAP schema as I extended the inetOrgPerson object and created a vPerson Object.

Once the LDAP Server is installed, I created a suffix called dc=mycompany,dc=com and initialized this suffix. All these steps can be done using Sun One Administration Console.

After the LDAP installation, I created the following groups and users.
groups are created under ou=Groups,dc=mycompany,dc=com and
users are created under ou=People,dc=mycompany,dc=com branch.

Groups:
  • cn=wpsadmins,ou=groups,dc=mycompany,dc=com
  • cn=wcmadmins,ou=groups,dc=mycompany,dc=com
  • cn=wpsContentAdminstrators,ou=groups,dc=mycompany,dc=com
People:
  • uid=wpsadmin,ou=people,dc=mycompany,dc=com
  • uid=wcmadmin,ou=people,dc=mycompany,dc=com

You can also use the PortalUsers.ldif and ContentUsers.ldif files from Portal Installation setup. Modify these files and import into LDAP.Once the Sun one LDAP is setup properly, using an LDAP client I did test to bind as wpsadmin making sure it works.

With the portal 6.1 version, the security is enabled by default with file system Realm. Using the ConfigEngine the security can be switched to LDAP.

I did enable the Sun one LDAP in a VMM Stand Alone configuration.

Step 1: Edit the wp_security_sunone.properties file.
The above file is in \ConfigEngine\config\helpers

I did modified the following properties.

standalone.ldap.id=VIJAY
standalone.ldap.host=localhost
standalone.ldap.port=389
standalone.ldap.bindDN=cn=Directory Manager
standalone.ldap.bindPassword=my secret can't guess
standalone.ldap.serverId=uid=wpsadmin,ou=people,dc=mycompany,dc=com
standalone.ldap.serverPassword=another secret
standalone.ldap.realm=RLM_VK
standalone.ldap.primaryAdminId=uid=wpsadmin,ou=people,dc=mycompany,dc=com
standalone.ldap.primaryAdminPassword=another secret
standalone.ldap.primaryPortalAdminId=uid=wpsadmin,ou=people,dc=mycompany,dc=com
standalone.ldap.primaryPortalAdminPassword=another secret
standalone.ldap.primaryPortalAdminGroup=cn=wpsadmins,ou=groups,dc=mycompany,dc=com
standalone.ldap.baseDN=dc=mycompany,dc=com

standalone.ldap.personAccountParent=ou=people,dc=mycompany,dc=com
standalone.ldap.groupParent=ou=groups,dc=mycompany,dc=com

standalone.ldap.gc.name=vPortalGroup


The last property actually specifies the dynamic group attribute. That means user entries in LDAP will contain multiple values for vPortalGroup, depending on what groups you want to place that user in.

If you are using the dynamic groups, make sure wpsadmin is part of wpsadmins group. I actually added the following attributes to uid=wpsadmin,ou=people,dc=mycompany,dc=com in LDAP:
vPortalGroup =cn=wpsadmins,ou=groups,dc=mycompany,dc=com
vPortalGroup =cn=wcmadmins,ou=groups,dc=mycompany,dc=com


I have not changed any of the other properties.

Step 2: Validate the values entered in Step 1.
Open a cmd console
cd to \ConfigEngine
Run ConfigEngine.bat validate-standalone-ldap -DWasPassword=secret -DparentProperties=/ConfigEngine/config/helpers/wp_security_sunone.properties

If the LDAP validation is successfull, the helper file values can be propagated to the wkplc.properties file, this can be done easily by running the above command with -DsaveParentProperties=true.

Run ConfigEngine.bat validate-standalone-ldap -DWasPassword=secret -DparentProperties=/ConfigEngine/config/helpers/wp_security_sunone.properties -DsaveParentProperties=true

Then apply the changes to Portal.
ConfigEngine.bat wp-modify-ldap-security -DWasPassword=secret

Stop and restart the server1 and WebSphere_Portal.

With this configuration I was able to login using wpsadmin and create a test user and login as that user. Checked the LDAP to see if the test user is added to the people branch, yes it is.

In the next article I will list down the steps to configure custom attributes and to map Portal and LDAP attributes.

Friday, August 21, 2009

WCM custom jsp files can be placed as separate ear/war inWebsphere portal 6.1

Now we can get rid of copying the wcm custom jsp files of wcm jsp component or custom rich text editor/ custom jsp for element in authoring template into wcm product wars i.e. wcm.ear, local/remote/authoring portlets of the file system.


This enhancement is part of WPS 6.1 and for custom jsp of wcm can be deployed as separate j2ee ear application on portal. Deployment and update of jsp now can be performed remotely.
also. J2EE resources like jdbc, webservice client,etc can be used without updating wcm product files.

within any other Web application running on portal. When referencing JSP files in another Web application, use the following path: contextPath;jspPath

For example: /wps/customapplication;/jsp/editor.jsp

Considerations before Creating database for Websphere Portal

View some important considerations before setting up Oracle databases to work with WebSphere Portal.

For information about creating databases, refer to the Oracle product documentation. For information on the recommended database architecture and the databases you will need to create, see the Planning for Oracle topic. Be sure that all databases to be used with WebSphere Portal are created as UNICODE character set databases.

If you are using remote Oracle databases, you must also copy the ojdbc14.jar file from the remote Oracle server to the WebSphere Portal machine. The typical location is the oracle_home/jdbc/lib directory. Record the copy location on your local machine for future reference.

When creating Oracle databases for use with WebSphere Portal, you should consider the following information:

  • The Oracle databases must be created manually before configuring WebSphere Portal.
  • All databases must be created using UNICODE Database and National character sets such as UTF8, AL32UTF8, or AL16UTF16.
  • It is recommended that all databases to be used with WebSphere Portal are configured in Dedicated Server Mode.
  • Determine if your Oracle server will be remote or local to the WebSphere Portal installation.
  • If using an earlier version of Oracle (9i), ensure that Oracle JVM is also installed.
  • After installing the database software for WebSphere Portal, you will need to set the buffer pools allocated to the Oracle database in order for WebSphere Portal to communicate with the Java Content Repository database. Use the following recommended values as a guide. Refer to Oracle product documentation for information on how to set the buffer pools. Recommended initial buffer pool sizes:
    db_block_size = 8192
    db_cache_size = 300M
    db_files = 1024
    log_buffer = 65536
    open_cursors = 1500
    pga_aggregate_target = 200M
    pre_page_sga = true
    processes = 300
    shared_pool_size = 200M

Monday, August 17, 2009

IBM Lotus Connections, in plain English

In my opinion, IBM Lotus Connections is primarily social networking software, not collaboration software. The social task management bit, however, is all about collaboration. And arguably, collaboration has spontaneously occurred in the blogs bit more than a few times (e.g., a problem with our internal intranet search was fixed because of a blog entry). And ok, the same could be said for forums inside the communities bit.
But still – it’s about networking, I swear.
There are two ways to use social networking software.
Connect-n-Collaborate
First, I’m not collaborating with you when I look up your past projects or shared bookmarks, or read your blog or your community forum posts. Instead, I’m trying to decide if I should collaborate with you. Are you really competent in what you say you are? Are you nice to work with, or are you a jerk? Usually, you do this by asking people you already trust for recommendations. “Hey, d’you know anybody who…?” But, when you don’t find someone that way, a social networking online environment is the next best thing.
Second, if I participate in the stuff you post – comment on your blog, watchlist your shared bookmarks, respond to your forum posts – you learn that I exist, and hopefully, you’ll look up my stuff and learn more about me. So, why does this matter? I’m trying to develop a trusted working relationship with you. Because I know that all your really good stuff is inside your head, and you’ll probably never blog about it, bookmark it, put it in a file, a wiki, a forum, a profile, a teamsite, or anything else.
But I know that if you trust me, you’ll tell me what you know over the phone, in an email, instant message, or face-to-face. These, by the way, are the four most common collaboration tools on the planet.
Lurk-n-Learn
The other way to use social networking software is to lurk-n-learn. I’m just absorbing your stuff, but will never contact you, never comment on your blog. Maybe I’ll just use what I learn from your stuff to do my job better (try to measure that ROI). Maybe you’ll never know I exist. By the way, this is the most common use of social networking software inside IBM, judging from the number of social contributions vs. the number of reads.
Ok, got it. So, what is Lotus Connections?
First, my own personal marketing blurb. There are more sophisticated marketing blurbs and a cool video if you’re so inclined.
Lotus Connections helps you:
Find the ‘good’ people with whom to collaborate, whether they’ve filled out their profile or not.
Find information that your trusted colleagues think is good, without relying on unsatisfactory search solutions.
Find the knowledge “crowds” that are locked up and hidden away in your company, so that you can lurk-n-learn, or connect-n-collaborate.
Lotus Connections includes five main components:
Profiles
Community directory
Shared bookmarks (known as Dogear)
Blogs
Social task management (known as Activities)
There is an additional component, Homepage, that lets people (I used to call them ‘users’) decide how to view the content from the other five components, plus anything else your IT folks put in a widget:
Homepage
Cross-component searching
Within the Homepage, a person can search across all components. This search finds the following:
Content – blog entries, community posts, bookmarks, activity entries, and profiles. Natch.
Most Active Tags – a cloud of the most active tags from across all components.
Most Active People – a list of the most active people over a period of time.
This is my preferred search method for both people and information. For example, if I’m looking for someone with experience in financial law, or any information about same, I simply search for “financial law”. The beautiful thing is that I’ll get a list of the most active people, even if they’ve never even touched their own profile. Oh, and relevant content, of course.
Find people and their stuff from any application
There is a sub-component available if Profiles is installed, called the Person Card. It is designed to be added to any application in your company that shows a person’s name. When you hover over that name, you’ll see the card:
Person Card
This Person Card can be customized and extended by IT. For example, you could add a sixth link at the top to a person’s shared files wherever they are (Lotus Quickr, SharePoint, whatever), or perhaps you want to add a link to a person’s teamsites. Or patents. Or shared pictures.
The point is that people will be able to quickly find a person’s information and social content, no matter where they find that person’s name, in any application in your organization.
There is also a Community Card that functions similarly:
Out-of-box access from multiple clients
To help folks naturally discover people and their knowledge from the tools they use everyday, some or all of the Lotus Connections components are accessible out of the box from the following clients:
*RIM Blackberry (Profiles, Dogear) – this is built by and supported by RIM. Check their website.
IBM Lotus Notes (Activities, Profiles Person Card, Dogear)
IBM Lotus Sametime (Profiles Person Card, Activities)
IBM WebSphere Portal (all)
IBM Lotus Quickr (Person Card)
Microsoft Office (Activities, Activities To-Do List, Profiles Person Card, Blog using Word)
Microsoft Windows Explorer (Activities)
* available in the next few weeks
And of course, we have rich Web experiences for Firefox and Explorer, for Windows and Mac.
[youtube=http://www.youtube.com/watch?v=VjTExW3nfq4&hl=en]Profiles demo
[youtube=http://www.youtube.com/watch?v=PEG8TQ3xaqM&hl=en]Activities demo
Scenarios
“I just took a new position in my company, and I don’t know how to get plugged in to the people and information relevant to this job. I need to get up to speed ASAP.”
One of my customers has a program that requires each MBA grad to do a “tour of duty” in each of their business units. Another customer follows Six Sigma practices and rotates their black belt folks through different divisions every two years. And then there are the thousands of new hires and current employees moving into new positions every day in every organization.
It’s hard to do your new job with your old network, so you need to get plugged into a new network ASAP.
You could search across all of Connections for your job’s main focus. Let’s say you’ve just joined corporate marketing’s Web team, responsible for all online marketing efforts for your organization’s website. Search Connections for “marketing web”. Find a list of the most active people, most active tags, and the most relevant content (along with the contents’ authors, tags, and descriptions).
Next, pick the first most active person in the list, and see where she sits in the organization by reviewing her profiles. See how others view her contributions by reading the tags they’ve added to her profile. Read her most recommended blog entries and comment on them, skim the sites that she’s bookmarked and copy them into your own shared bookmark area, then find the communities she’s active in and join them. You now have a good idea of what’s going on in her head.
And that’s just in the first two hours in your new job. Coffee break, do it all again with the next most active person (who may not even be on your team). Or, maybe you just reach out to that first person and ask to meet with her.
By the way, this is also a great way to shop for a new position inside your organization.
“I have an idea for one of our products, but I don’t know who the product manager is, or if they will even talk to me.”
True story. I started blogging inside IBM in October 2006, before I had my current job. I blogged about a soon-to-be-announced new product (it was Lotus Connections, obviously). I also found all of the developers by searching for the product’s codename in Dogear, and found and read all their bookmarked sites. Emboldened, I sent them an enthusiastic email about how excited I was about this new product. Not sure if any development team has ever received fan mail before at IBM. In any case, they now knew who I was, and welcomed my enthusiasm.
Anyway. Early in 2007, I received an email from an IBM Research person in Israel, telling me he was working on a research project that would make a great fit for the product I blogged about. He asked if I could introduce him to the developers, who were based in the U.S.
I did, they talked, and his research project is currently in plan for a future release. Would they have found each other without my blog? Perhaps. Did they get connected faster because of it? Absolutely.
“We need to find all the Chinese speakers in our company.”
I spoke to a global retailing company who needed to find all the Chinese speakers in their gigantic organization. They were worried about how to get employees to log into Profiles and add that they could speak Chinese. I explained that they’d probably get greater participation if they simply created a community called “Chinese Speakers”. Why? Because many people perceive that they’ll get more out of joining a group of like-minded people versus filling out a profile. The beauty of this is that this public community is really just a group that anyone could send email to, or engage via the community forum, or whatever other tools the community decides to use.
“I need to find the person who originally created this training video a year ago and have them update it.”
One customer decided to compare what worklife was like before and after Lotus Connections. Their goal was to find the person who created a training video for end users about how to change their intranet password, because the video needed to be updated. The only information they had was that this person worked for the User Experience team. And this wasn’t a department name.
Before Connections, they would search their intranet for “user experience video” and get a bunch of links to “Usability Lab” stuff, which was not the same group. Nothing turned up about the video in question, either.
With Connections, they did the same search, and found the “User Experience Community.” They looked at the Members list, and started hovering over each name to view their Person Card information. They looked at a few profiles, and found one tagged with “video”. A ha! A quick instant message to that person confirmed that they were the person who could update the training video.
A bit hit-and-miss, but isn’t it the same when you use your network the old school way? “Jeri, d’you know who to contact to get this video updated?”… “Um, try Heather.”… “Heather, d’you know…”… “Um, I think Nguyen used to do that.”… “Nguyen…” and so on.
“I’ve got to plan a local ‘how to use power tools’ seminar, but I’m not sure how to go about it.”
Home improvement stores are all over the place, and many of them conduct ‘how to’ seminars for their customers. Let’s say you’ve just been promoted to Lead Associate in the power tools department, and one of your tasks is to plan and execute a how-to seminar. But, you’ve never done one before, and the guy who used to do them is long gone.
You’ve got two choices: Either figure it out from scratch with the help of your local co-workers (not a bad way to go), or find someone else in another store somewhere who does them in their sleep.
You search Lotus Connections for “how-to seminar”, and since it’s the weekend, the busiest part of the retail week, you know better than to try to talk to someone directly. But, there’s an Activity template written by someone from Store #386 (you checked out his profile and found that he’s been with the company for years) in the results page that catches your eye. Click.
This template, or “recipe”, lists step-by-step how to plan for and execute a how-to seminar. It includes to-do’s that you can assign to others and check off when they’re completed; website links to caterers who give your company a discount; PDF sign-in sheet to capture customers’ email addresses; a list of lessons learned so that you can avoid the big “oops” moments; and so on. It’s all arranged by when you do what. And, you discover that you can edit the template to provide your own tips and tricks.
You create a new activity from this template and get to work. You invite a couple folks to the Activity and assign them a couple of to-do’s. They invite a few more people (you can do that in an Activity) to help with the planning. The eventual result is a well-planned, well-executed how-to seminar, with fewer emails zooming around, fewer “what’rewegonnado?” meetings.
“We just acquired a company, but I have no idea who their local sales reps are. We need to coordinate our customer activities ASAP.”
Another true story. IBM acquired Cognos recently. Right away, many Cognos employees started blogging inside IBM. I stumbled upon David’s blog one day, and added a comment, welcoming him to the IBM family. A few days of mutual commenting, and we felt like we really knew each other. He’s a senior software engineer in the UK.
Anyway, a week later, I’m in Texas presenting to a customer, and I overhear the IBM sales guy lament that he has no idea how to find his local Cognos counterparts. They’re all in our Profiles application, but there are no Cognos-identifying marks anywhere.
That night, I pinged (IM’ed) David and asked him to start tagging all his Cognos peeps’ profiles with “cognos”. Word spread, and as of the writing of this post, there are 73 IBMers tagged with “cognos”. Now, I’ve just got to tell that sales guy to search for “cognos”. If he doesn’t find his local rep, he now knows of 73 people who could probably get him connected.
The technicalities
The five components are .ear files that run on IBM WebSphere Application Server (WAS) 6.1. None of them require any of the others, but if they’re installed in the same WAS cell, they are loosely integrated via configuration files. Many languages, hardware platforms, and operating systems, LDAPs and RDBMSs are supported.
A REST-style API using Atom Publishing Protocol (Atompub) and Atom Synchronization Format (ASF) is available for every component.
Lucene search engine is included with every component. There is a separate engine for each component so that you can deploy one, some, or all of them without dependencies on anything else.
The cross-component search feature uses a unified search engine (or, “heterogeneous interrelated entity search”, if you’re not into the whole brevity thing).
Application architecture
Lotus Connections Application Architecture
The directory is usually an LDAP. It is used for authentication to all components, and can be used as a datasource to populate the Profiles database. We support Lotus Domino, Tivoli Directory Server, Microsoft Active Directory, and Sun Java System Directory Server. We also support CA SiteMinder and Tivoli Access Manager for single sign-on purposes. Also, check out how to integrate Lotus Connections (well, WebSphere, really) with Windows SSO using the SPNEGO TAI.
Tivoli Directory Integrator (TDI) is included in the Connections license. It is the data synchronization tool used to populate and update the Profiles database.
Each component maintains a separate database. We support DB2, Oracle, and SQL Server.
The file system – either on the application server or a SAN or some other location – is used to store various things, including full-text indexes, favicons, content from Activities (optional), images uploaded to blogs, etc.
The “Other Enterprise Services” box depicts the optional integration points that IT can configure. For example, if you want to use the notification features throughout Connections, you’ll need to configure an SMTP mail server. If you want to use the integration between Connections Communities and Atlassian Confluence, SocialText, and/or Lotus Sametime broadcast tools, you’ll need to configure that.
All administration is done via the WebSphere administration capabilities, using JMX management beans. Additionally, the Blogs component offers a Web UI for some of the administration options.
The Person Card is in hCard microformat using Javlin (Javascript Live Names).
The navigational header is the banner across the top. It is customizable.
More about Profiles
You can aggregate people data from HR databases, skills databases, LDAP, employee directory, Excel spreadsheets, Microsoft Access and Lotus Notes databases – you name it – into Profiles. This is accomplished with Tivoli Directory Integrator, which is included in the Connections license. You can lock down which fields can be edited by people, and have Directory Integrator write back any updates to the master datastore, if you want.
You can add additional fields to Profiles and customize the Web UI look and feel.
You can also include Atlas for Lotus Connections, an add-on asset not included in the license, that does the following:
Visualize and analyze social networks in an organization
Identify the shortest social path to reach someone
Find expertise across extended networks
Visualize and manage personal networks
Useful links
Customer’s experience with Lotus Connections pilot: Imerys
A blog written by one of our customers
A blog written by our product team
Lotus Greenhouse: Check out Lotus Connections 2.0 Beta 1 (requires registration, and the email of an IBM business contact)
Lotus Connections for Business Partners
Lotus Connections deployment wiki
If you’d like details about deploying Lotus Connections, check out the IBM developerWorks article series written for version 1.x. I recommend starting with Planning and architecture considerations.
Fifty ways to leave your bookmark: An experiment in social authoring: Check out how to add Dogear bookmarking features to just about any application, using just about any programming language.

Quick hit JVM heap size change

if you tasked to change the JVM heap size in approximately 2,500 servers today.

#
# Update the Heap size
#
# ./wsadmin.sh -lang jython -f updateJVM.py
#

as = AdminConfig.getid('/Cell:YOUR_CELL_NAME/Node:YOUR_NODE_NAME/Server:YOUR_SERVER_NAME/')
jvm = AdminConfig.list('JavaVirtualMachine', as)
AdminConfig.modify(jvm, [['initialHeapSize', '512'], ['maximumHeapSize', "768"]])
AdminConfig.save()
# set the newly saved config to variables to place entries in logging
i = AdminConfig.showAttribute(jvm, "initialHeapSize")
m = AdminConfig.showAttribute(jvm, "maximumHeapSize")
print "The initial heap size is now" + i
print "The max heap size is now" + m

Of course, you can change the heap to whatever size you would like.

wsadmin rotate jvm log files

Simple, working, rotates logs at 10mb saving max 5 files.

# rotateWasLogEPRN.py
# Setup WAS Log file rotations
# for yourserver
#
# Implement:
# ./wsadmin.sh -lang jython -f $FILE_LOCATION/rotateWasLogEPRN.py >> $TO_LOG_FILE
#
# You can add this as you have other scripts in the deployment script
# if you need help please let me know.
#
#

print "Changing the SystemOut & SystemErr log file rotation settings"
var1 = AdminConfig.getid('/Cell:yourcell/Node:yournode/Server:yourserver/')

log = AdminConfig.showAttribute(var1, 'outputStreamRedirect')
log2 = AdminConfig.showAttribute(var1, 'errorStreamRedirect')

AdminConfig.modify(log, '[[rolloverSize 10] [maxNumberOfBackupFiles 5]]')
AdminConfig.modify(log2,'[[rolloverSize 10] [maxNumberOfBackupFiles 5]]')

AdminConfig.save()

print "New SystemOut settings 9-10-08"
AdminConfig.show(log).split("\n")
print "New SystemErr settings 9-10-08"
AdminConfig.show(log2).split("\n")

Apache or IBM HTTP Server access_log rotation script

We didn't have anything in place until one day, our access_log grew to over 2gig, OUCH :). Anyway, here is a simple cron script you could setup to execute nightly.

#The script below creates a numbered copy of the log and then clears it
#The date tag at the end of the copied log rotates from 0-6 so we never keep more than 7 days of logs
#crontab is setup to run /usr/IHS/webserver*/bin/rotateaccess.sh once per day

#variables
ACCESS_HOME={path/to/your/webserver/logs}
date_tag=$(( `date +%j` % 7 ))
stdout=access_log

# rotate log
cd $ACCESS_HOME
cp $stdout $stdout.$date_tag
cp /dev/null $stdout
chown root $stdout
chgrp system $stdout
chown root $stdout.$date_tag

You could even add further compression to conserve space but I think it's not really needed at this time.

Create J2C authentication alias and assign to database

Here you can create a J2C authentication alias and then assign it to a database.

# create a new J2C authentication entry
# set the security object
set security_root [$AdminConfig list Security]
# set the attributes for the new object
set auth_alias [list alias "$alias"]
set auth_descr [list description "Login for 4.0 Application"]
set auth_userId [list userId "$username"]
set auth_password [list password "$password"]
# put the new object together
set auth_entry [list $auth_alias $auth_descr $auth_userId $auth_password]
# create the new object
$AdminConfig create JAASAuthData $security_root $auth_entry
# saving the configuration
$AdminConfig save
puts "Created J2C Authentication Alias for $application"


# sets the new auth alias to TheDatabase

set ds_arg $YourDatabaseName
set alias_arg $YourDatabaseAlias
set datasources [$AdminConfig list DataSource]
foreach datasource $datasources {if {[regexp $ds_arg $datasource]} { set datasource_root $datasource; break }}
set datasource_root
$AdminConfig modify $datasource_root [list [list authDataAlias $alias_arg]]
$AdminConfig save
puts "Set the J2C Authentication Alias for $YourDatabaseName"

Stopping and Starting a Cluster using wsadmin and jython for 5.1

A simple jython script that accepts two incoming arguments to stop a cluster within a cell. This script is built with global use in mind, meaning you can create multiple shell scripts to pass the arguments to stopCluster.py. This can easily be manipulated to start the cluster too!

Let the script begin
##########################################################

# This program may be used, executed, copied, modified and distributed
# without royalty for the purpose of developing, using, marketing, or distribution
#
#-----------------------------------------------------------------
# Global stopCluster
#-----------------------------------------------------------------
#
# The purpose of this example is to demonstrate the invocation
# of stopping a cluster passing args through a shell script.
#
# This script can be included in the wsadmin command invocation like this:
#
# ./wsadmin -lang jython -f stopCluster.py clusterName cell
#
# Simply create a shell script with the following
# #!/bin/sh
# # Change the directory to your WAS_HOME/bin
# cd /opt/websphere/bin
# # issue the wsadmin command with the two arguments
# # make sure your path to stopCluster.py is correct
# # in the example below it is located in WAS_HOME/bin
# # clusterName below = your cluster name found via the admin console
# # cell below = your cell name found via the admin console
# ./wsadmin.sh -lang jython stopCluster.py clusterName cell
#
# The script expects one parameter:
# arg1 - cluster Name
# arg2 - cell Name
#
#-----------------------------------------------------------------
#
import sys

def x(arg1, arg2):

#--------------------------------------------------------------
# set up globals
#--------------------------------------------------------------
global AdminApp
global AdminControl
global AdminConfig
global Help

#---------------------------------------------------------
# First, list the existing cluster(s)
#---------------------------------------------------------
cluster = AdminConfig.list('ServerCluster')
print "----------------------------------------------------------"
print "Clusters found: "
print cluster
print "----------------------------------------------------------"


#---------------------------------------------------------
# Second, get the cell information
#---------------------------------------------------------
printcellname = AdminConfig.list('Cell')
print "----------------------------------------------------------"
print "Cell(s): "
print printcellname
print "----------------------------------------------------------"


#---------------------------------------------------------
# Here is the cluster we'll be dealing with...
#---------------------------------------------------------
clusterwork = arg1
print "----------------------------------------------------------"
print "The cluster we are going to perform action STOP on:"
print clusterwork
print "----------------------------------------------------------"

#---------------------------------------------------------
# Here is the cell we'll be dealing with...
#---------------------------------------------------------
cellwork = arg2
print "----------------------------------------------------------"
print "The cell we are working with:"
print cellwork
print "----------------------------------------------------------"

#---------------------------------------------------------
# Creating the stopcluster variable
#---------------------------------------------------------
stopcluster = AdminControl.completeObjectName('cell='+arg2+',type=Cluster,name='+arg1+',*')
#---------------------------------------------------------
print "----------------------------------------------------------"
print "Successfully completed the object name and the cluster that will stop is:"
print stopcluster
print "----------------------------------------------------------"

#---------------------------------------------------------
# A very simple stop command
# to run start cluster simply change below command to
# AdminControl.invoke(stopcluster, 'start')
#---------------------------------------------------------
print "----------------------------------------------------------"
print "A simple stop command....."
print AdminControl.invoke(stopcluster, 'stop')
message = "Tail the app server logs to confirm they have stopped"
print message
print "----------------------------------------------------------"


#-----------------------------------------------------------------
# Main
#-----------------------------------------------------------------
if len(sys.argv) != 2:
print "x: this script requires 2 parameters: "
print " cluster name, and cell name"
print ""
print "e.g.: wsadmin -lang jython -f stopCluster.py REMCluster u060rem11Network"
else:
x(sys.argv[0], sys.argv[1])

Saturday, August 15, 2009

Restricting authentication based on group membership when configured for standalone LDAP

How do you configure IBM WebSphere Portal so that only members of a specific group can log in if WebSphere Portal security is configured to use a standalone LDAP?



The same general steps will be taken for each supported LDAP although the specific userFilter will differ depending on the LDAP brand and/or version.

First, check with your LDAP administrator to confirm that your LDAP implements an attribute whereby group membership is specified within each user record. The IBM® Redbooks® publication, "IBM WebSphere Portal V6 Self Help Guide", lists the default attributes used for memberOfAttributeName support in several supported LDAPs in table 5-15 on page 155.

If your LDAP implements one of these attributes, verify that it can be used to properly identify the subset of users who should be allowed to authenticate to the Portal server. Check the userFilter in the wkplc.properties file: (This assumes the userFilter in wkplc.properties was not edited since originally enabling security. You can likewise refer to the ConfigEngine helper files for your LDAP to help construct your userFilter.)

standalone.ldap.userFilter=(&(cn=%v)(objectclass=inetOrgPerson))

Test the search filter using ldapsearch prior to making any changes to the WebSphere Portal configuration. Your ldapsearch might look something like:

ldapsearch -x -v -D -w -h -p -b (&(objectclass=inetOrgPerson)(groupMembership=))

(This example uses Novell eDirectory's groupMembership attribute.)

If the search succeeds, add the (cn=%v) back to the userFilter, then back up and update wkplc.properties as follows:

standalone.ldap.userFilter=(&(cn=%v)(objectclass=inetOrgPerson)(groupMembership=))

( is a distinguished name and might be something like cn=portalgroup,o=yourOrganization.)

Update the WebSphere Portal and WebSphere Application Server security configurations by running wp-modify-ldap-security as described in the Information Center v6.1:

WebSphere Portal > Installing WebSphere Portal > Setting up WebSphere Portal > Setting up a (standalone/clustered) production server > Configuring WebSphere Portal to use a user registry > Configuring WebSphere Portal to use a user registry on (your OS) > Choosing your user registry model on (your OS) > Configuring a stand-alone LDAP user registry on (your OS)

Users should now be authenticated only if they belong to the group identified by above.

How to restore WebSphere Portal back to the out-of-the-box security configuration


Question
Sometimes you may encounter a problem when you configure IBM WebSphere Portal security (standalone or federated). This problem can cause the system configuration files to be in an inconsistent state. Can you revert back to the original file registry configuration if the security task fails?

Answer

It is now possible to revert back to the out-of-the-box security configuration for WebSphere Portal 6.1.0.1. You must populate the wkplc.properties file with the parameters stated below and then run the wp-restore-default-repository-configuration task.

The wp-restore-default-repository-configuration task allows you to return to the default VMM setup with a federated file repository. The task will create a new realm, delete all existing repositories, and configure a file repository in VMM. The file repository itself must exist (fileRepository.xml) before calling this task.

A new user and a new user group will be created and set to the WebSphere Portal and WAS administrators.

If you want the admin user to be added to the admin group, this must be done manually after restarting the portal by calling the wp-restore-default-repository-add-group-member task. This task will use the admin user and group set for wp-restore-default-repository-configuration in the wkplc.properties file.

Parameters in wkplc.properties:
#########################################################
##
##
## Restore VMM security
##
## wp-restore-default-repository-configuration
##
#########################################################
#########################################################

# The realm name to be used. A realm with this name will be created.
restore.file.realm=federatedRealm
restore.file.delimiter=/

# Portal and WAS admin UID (short name) and password
restore.file.primaryAdminId=adminUID
restore.file.primaryAdminPassword=adminPWD

# CN of portal admin group (short name)
restore.file.primaryPortalAdminGroup=adminGroupCN

#########################################################
##
##
## Restore VMM security
##
##
#########################################################
#########################################################

NOTE: This procedure has been tested on a 6.1.0.1 install (not an upgrade from 6.1.0). This section will be included in the next refresh for the WebSphere Portal 6.1.0.1 Information Center.

If you are on WebSphere Portal 6.1.0 or have upgraded to Portal 6.1.0.1 and want more information about this task, please contact IBM Product Support.


Allowing multiple login attributes in a non-realm environment

Question If you enable security with non-realm support, is it possible to allow users to log in with one of several possible attributes?
Answer Yes. You must update the userFilter in the LDAP settings in the WebSphere® Application Server administrative console. For example, given the case where administrative users have "uid" but not "cn", and non-administrative users have "cn" but not "uid", you can allow both sets of users to log in by updating the userFilter to accommodate both attributes:

    (&(|(cn=%v)(uid=%v))(objectclass=inetOrgPerson))

Check with your LDAP administrator to verify the userFilter.

NOTE: By using multiple attributes for login, this will force the requirement of uniqueness across both attributes. If UserA's cn value is identical to UserB's uid value, problems could occur during login.

Wednesday, August 12, 2009

JSR 168 Portlet Specifications

Agenda

What are JSR and JCP?
• What is a Portlet as per JSR 168?
• JSR168 Specifications
  1. Portlet Lifecycle Methods
  2. Portlet Modes
  3. Portlet Window States
  4. Portlet Data Models
  5. Dispatching requests
  6. Caching and Security.
• A sample Portlet.


What are JSR and JCP?

JCP – Java Community Process

The international Java community develops and evolves Java™ technology specifications using the Java Community Process (JCP).The community is involved in the definition of future versions and features of the Java platform. Since its introduction in 1998 as the open, participative process to develop and revise the Java™ technology specifications, reference implementations, and test suites, the Java Community Process (JCP) program has fostered the evolution of the Java platform in cooperation with the international Java developer community.

JSR-Java Specification Request

A JSR is a Java Specification Request. This is the document submitted to the PMO (The Program Management Office is the group within Sun designated to oversee the Java Community Process and manage the daily running of the program. The actual development of the specification occurs within the Expert Groups.) by one or more members to propose the development of a new specification or significant revision to an existing specification.

Courtesy- http://www.jcp.org/en/introduction/faq
http://en.wikipedia.org/wiki/Java_Community_Process

What is a Portlet as per JSR 168?

General Perception
– A portal is a webpage with many different links to various applications.

• Programmer’s View
– “A portal is a web based application that –commonly- provides personalization, single-sign on, content aggregation from different sources and hosts the presentation layer of Information Systems.”- JSR 168 spec

Now we must come across a series of questions..for better understanding.

A series questions (3W and 1H)
1. What is a Portlet?
2. What is Portal Page?
3. What is the difference between a portal page with many links and a portal page with portlets?
4. How is it different from a page with lots of links?

Portlet

• “A portlet is a Java technology based web component, managed by a portlet container, which processes requests and generates dynamic content.”
-- JSR 168 spec
• A portlet is itself an application having its own lifecycle.

Portlets and relationship with Portals

• “Portlets are used by portals as pluggable user interface components that provide a presentation layer to Information Systems.”
--JSR 168 spec
• So now we know how its entirely different from a website containing a lots of links apparently called portals

So it’s obvious that portlets are the basic building block of a successful web Portal where each portlet is assigned to do some specific task and the user is able to gather maximum information on a single page. The portal itself provides the user management capability and users have the facility to single sign on to use all the facilities provided by the entire portal. Personalization is also one of the most important features a portal provides. All these things are much more difficult and developed separately on a traditional portal page which is just a page with bunch of links. Ease of “plug in and run” concept and ease of removal from the portal page gives a new age portal a winning edge over traditional portals

JSR168 Specification
• Portlet Lifecycle Methods
• Portlet Modes
• Portlet Window States
• Portlet Data Models


Portlet Lifecycle Methods

This life cycle of a portlet is expressed through the init (), processAction(),
Render() and destroy() methods of the Portlet interface. The Portal calls the init() method to instantiate the portlet. Then the browser requests are handled by the portlet using ProcessAction() method if the request involves some kind of data processing. Else the render method takes care of it by rendering the page using either doView(),doEdit() or doHelp().Remember the render method is called whenever

a. the processAction() method is called by action request.

b. the renderRequest() comes into picture which doesn’t involve data processing.

c. any other portlet on the same portal page calls the render() method.

Portlet Modes
Generally a portlet has three modes
a. View mode –normal mode to show the content.

b. Help Mode –to show a help page about the application.

c. Edit mode –to show edit page for editing the portlet preferences.

d. But a portal can also have a “custom mode” if the manufacturer wishes to have.

Portlet Window States

• NORMAL

• MAXIMIZED

• MINIMIZED

• CUSTOM –based on manufacturer discretion.

Portlet Data Models

• Portlet to store view information in the “render parameters.”

• Session related information in “portlet session”

• User persistent data in the “portlet preferences”

Portlet Request Dispatcher

• It dispatches the request to other portlets or servlets using the Portlet request Dispatcher with the only Include () method.

Caching and Security

• Portlets that want their content to be cached using expiration cache must define the duration (in seconds) of the expiration cache in the deployment descriptor.
• Security constraints are a declarative way of annotating the intended protection of portlets. A constraint consists of the following elements:
  1. Portlet collection
  2. User data constraint

Can We Design a sample Portlet with the basic knowledge about portlets….???

Some Portal Servers

List of Portal servers
• Liferay - Liferay deploy portlets that adhere to the Portlet API (JSR 168).Its one of the most popular and most talked upon potal server in the recent market. It has lots of portlets bundled with the portal (Mail,Workflow, Document Library, Calendar, Message Boards,Wiki, to name a few) and can be used to develop for adding your own custom portlets.The Ext environment in the portal server is used for extending the portal towith custom generated portlets and make it compatible with newer additions of incremental development.

• Exo - The eXo platform is a one of the major Open Source - JSR 168 compliant - enterprise portal built from various modules.It provides virtualization of the work space through an advanced WebOS interface.

• Pluto - Reference Implementation of the JSR168.It now supports JSR286 also. Apache Pluto is a subproject of the Apache Portals Project.

• JA-SIG uPortal - uPortal is a free, sharable portal under development by institutions of higher-education. Community tools, such as chat, forums, survey, and so on, build relationships among campus constituencies. uPortal is an open-standard effort using Java, XML, JSP and J2EE.

• ByLine - Byline is an open source (LGPL) content management, portal, and collaboration system built on top of a sophisticated web development framework. Byline includes content authoring, versioning, workflow, categorization, and lifecycle management capabilities. Byline has been used to build sophisticated content and document management systems for customers such as the APLAWS consortium, FranceTV (www.france2.fr), Deutsche Post, the United Nations, and many others. Byline has been used to power systems that have over 400GB of data, thousands of content contributors, and tens of thousands of content visitors.

• Jakarta Jetspeed 2 Enterprise Portal - Jetspeed-2 is the next-generation enterprise portal at Apache. Jetspeed-2 offers several architectural enhancements and improvements over Jetspeed 1.0. First, Jetspeed-2 is conformant to the Java Portlet Standard and provides a standard mechanism for the deployment of portlets. Second, Jetspeed-2 has matured to a more scalable architecture featuring multi-threaded functionality. Third, Jetspeed-2 is decoupled from several legacy open source projects. Fourth, Jetspeed-2 is based on a component architecture.

• JBoss Portal - JBoss Enterprise Portal Platform provides an integrated open source platform for hosting and serving a portal's web interface, aggregating, publishing, and managing its content, and personalizing its experience.

• Websynergy-project WebSynergy SB 2 is the next-generation web aggregation and presentation platform from SunTM Microsystems. This platform includes developer tools and an enterprise-grade presentation runtime based on Liferay Portal Server, GlassFishTM version 3, and MySQLTM software.

• Portals in Cocoon - The portal framework is a portal server that runs inside Cocoon - or to be more precise inside the Cocoon servlet. It contains a portlet container that is called coplet container. Coplet stands for Cocoon Portlet and is the Cocoon equivalent to portlet.Due to the highly extensible nature of Cocoon, the portal is configurable and extensible as well and provides many hooks and switches to easily adapt the portal for specific needs. As the portal is integrated in Cocoon it has the advantage that all features of Cocoon can easily be used. Cocoon is very strong in fetching data from various source and delivering it in the various output formats requested by different clients (like HTML, WML, PDF etc.).

Portal and Portlets

Traditional Web Application
• Shortcomings of traditional Web Application
• What is needed?
• What are Portlets? Portals?....
• The New Generation answer …..


Traditional Web Application


The “W W W” --The world wide web ,subset of internet is responsible for information sharing.

The Website Approach ---each application is developed separately like a website and deployed singly on a server.

The Client Server --the usual client server architecture involves synchronous request response paradigm.

The Users' Perspective --the user access the
website ,using the browser and can work with a single website at a time.A single application to interact with.A single repository of information.

The Developers' Perspective --separation of work and single handed workaround with no plug and play feature.A huge effort is required to maintain,re-enginee
r or add a new application to an existing one.

The Business ….Market….Bottom-line --
a huge cost incurred as the project is nearly developed from scratch (or even if component reuse ).In these hard times market and bottom line are the deciding factors for the fate of the project,people and even the company.

Traditional Web Application -Drawbacks

• Lack of Personalized Matter --the content is hard to personalize,lack of personalized matter means lack of edge on the business for traditional web application.

• Segregated Approach --the development is done in separation,a foreign developer body cant collaborate and no plug and play features included,developed by an external developer.

• Difficult for technology up gradation --a technology update in an existing web application is difficult to inherit.

• Single Handed Approach --a traditional web application i
s developed singlehandedly by a certain community of users and are deployed on a web/application server with no specific way to incremental upgradation.

• Difficult to Maintain --as the development goes on and one it becomes very hard to maintain and at a time the entire application can collapse for a simple and difficult to trace fault.

• Difficult to Re-engineer --very difficult to re-engineer and maintain stuff.

• Separate User Management --the entire user management is separately developed and no inbuilt support is given by the web server.

We Need…..

• Personalized Matter
• Integrated Approach….
• Ease of technology Upgradation….
• Community and collaboration framework ……
• Application Repository……
• Easy to Re-engineer…….
• Painless User Management….
• Hassel Free Maintenance

What are Portlets? Portals?....






















What did u understand from the
above image. Look closely at the image and u can find that each and every application is associated with a portlet window which can be minimized , maximized, closed or removed form the portal page . It means that each and every portlet is a small application which can be arranged on the portal page as we like and also it has inbuilt support of personalization and user management.The entire thing is asynchronous also also conforms to web2.0.....its like magic!
a close look at the skeleton of a portal page along with portlets which show contents called fragments











The New Generation answer …..
what is the new generation answer to the drawbacks of traditional web applications its Portlets and Portals..

How to write Alphablox JSR168 Portlet in WebSphere Environment

Alphablox is used to present consolidated information and analytical capabilities in rich diagrams and reports. Here I am going to show you how to write a simple Alphalox JSR168 Portlet by presenting an example.

Working Environment

· Developement Tool: RAD 6.0.1.1 + Interim Fix 003 // Alphablox Toolkit is not supported in RAD7.0 currently

· WebSphere Application Server v 6.0.2.11

· WebSphere Portal Server v5.1.0.3

· Alphablox V8.4.0 is installed on top of WPS V5.1.0.3

Alphalbox Portlet (JSR168) Sample

This sample uses the default data source which is automatically installed with Alphablox.

Lines marked with red are important points of writting an JSR168 Alphalbox Portlet.

<%@ page contentType="text/html" import="java.util.*,java.io.*"%>

<%@ taglib uri="bloxtld" prefix="blox"%>

<%@ taglib uri="http://java.sun.com/portlet" prefix="portlet" %> //This line indicates we are using JSR168 API specification

<%
String bloxName = renderResponse.getNamespace() + "chartBlox0";

%>

<head>

<blox:header />

head>

<blox:chart id="chartBlox" bloxName="<%= bloxName %>">

<blox:data dataSourceName="Canned" />

blox:chart>

Some Words about Alphablox and its Portlet

You may see a lot of Alphablox advantages on internet but not its shortcoming, here, based on my limited experience, I list some inconvenience of using it and hope they will be noticed and enhanced in the future.

1. Alphalbox support standard J2EE model, but it is not compatible with SOA architecture.

As I experienced, Alphablox does not provide any interfaces to support SOA, which means, it is impossible in Alphablox to invoke service which returns data sets in XML format.

There are two ways to access datasource in Alphablox (please refer to my next blog: Tow different ways of accessing Datasource in Alphablox for more information)
a). work directly with sql statement
b). work with java.sql.ResultSet

2. It is impossible for an Alphablox Portlet to be a source portlet

For instance, this is a report alphalbox portlet. You want to get the detail information in a target portlet of a product that you selected in source, however, this scenario can not be realized.

However, it is possible for a Alphablox Portlet to be a target portlet. In this case, there is one thing you need to pay attention. Normally, you want the target Alphablox Portlet will change itself according to the different selection on the source portlet, if so, in the above blox code, the bloxName attribute should be different each time so that Alphablox Server knows this is a new one, otherwise, the blox will remain unchanged. To achieve this, one possible way is to use random value.

Random r = new Random();
int i = r.nextInt();
if (i<0) i="i*(-1);" style="font-weight: bold;">

String bloxName = renderResponse.getNamespace() + "standingRankingSeasonBox_"+i;

3. Unfriendly JSP Page

As we have seen on the above sample code, all Alphablox code should be written on the jsp, sometimes even the business logic which increased the complication of jsp page.