Thursday, September 24, 2009

How to restore WebSphere Portal back to the out-of-the-box security configuration


Question
Sometimes you may encounter a problem when you configure IBM WebSphere Portal security (standalone or federated). This problem can cause the system configuration files to be in an inconsistent state. Can you revert back to the original file registry configuration if the security task fails?

Answer

It is now possible to revert back to the out-of-the-box security configuration for WebSphere Portal 6.1.0.1 You must populate the wkplc.properties file with the parameters stated below and then run the wp-restore-default-repository-configuration task.

NOTE: If you are on WebSphere Portal 6.1.0 you need to install PK73815 and update the Portal configuration per the APAR details for this task to work properly. This APAR is included in WebSphere Portal 6.1.0.1 or later, but if you originally installed WebSphere Portal 6.1.0 and then upgraded to 6.1.0.1 or later, you still need to reference the APAR details for the instructions necessary to use the task successfully.

The wp-restore-default-repository-configuration task allows you to return to the default VMM setup with a federated file repository. The task will create a new realm, delete all existing repositories, and configure a file repository in VMM. The file repository itself must exist (fileRepository.xml) before calling this task.

A new user and a new user group will be created and set to the WebSphere Portal and WAS administrators.

If you want the admin user to be added to the admin group, this must be done manually after restarting the portal by calling the wp-restore-default-repository-add-group-member task. This task will use the admin user and group set for wp-restore-default-repository-configuration in the wkplc.properties file.

Parameters in wkplc.properties:
#########################################################
##
##
## Restore VMM security
##
## wp-restore-default-repository-configuration
##
#########################################################
#########################################################

# The realm name to be used. A realm with this name will be created.
restore.file.realm=federatedRealm
restore.file.delimiter=/

# Portal and WAS admin UID (short name) and password
restore.file.primaryAdminId=adminUID
restore.file.primaryAdminPassword=adminPWD

# CN of portal admin group (short name)
restore.file.primaryPortalAdminGroup=adminGroupCN

#########################################################
##
##
## Restore VMM security
##
##
#########################################################
#########################################################