Sometimes its necessary to synchronize the whole session between two (or more) cluster members. Especially when some important attributes are stored in the session (search,...).
WebSphere offers an option called "Session Replication" to avoid the lost of a session because of a crashed Cluster Member.
First you need to setup a replication domain for the cluster
1.1. Go to Enviroment > Replication domains > New
1.2. Type in the name of the replication domain and click OK
1.3. Save & synchronize changes
Now its possible to setup the session replication
2.1. Go to Application servers > "ClusterMember1" > Web container > Session management > Distributed environment settings
2.2 Click Memory-to-memory replication
2.3 Select your newly created replication domain and "Both client and server" as replication mode
2.4 Click OK
2.5 Save & synchronize changes
Repeat this steps (2.1 -> 2.5) for every Cluster Member.
3. Restart all Cluster Members
Showing posts with label was. Show all posts
Showing posts with label was. Show all posts
Saturday, August 1, 2009
Tuesday, March 24, 2009
Changing Administration(wpsadmin/wpsbind) passwords in IBM WebSphere Portal 6.0
Generally we don't need to change the administration password for the portal once installed and configured properly. But there might be a situations or unavoidable circumstances when you want to change the administration passwords after installation or may be at any point of time when you need it badly. In fact I need it last week.. ;). So here are the steps to do it. These are the steps already mentioned in the websphere portal resources, I just made it easier to access...
IBM WebSphere Portal and IBM WebSphere Application Server use some user account as "Security Server ID" for the WebSphere Application Server JVM, access ID or bind ID for authenticated access to databases and LDAP servers, and WebSphere Application Server and WebSphere Portal administrative ID's.
If the password for any user ID is changed either by Websphere portal edit profile screen or through LDAP directly then the password value stored in the appropriate configuration file must be changed.
Changing the WebSphere Portal administrator password
WebSphere Portal treats wpsadmin (the administrator) as any other user, just with more permission granted. It is possible to change the wpsadmin or equivalent password through the user interface (UI), just like any other user can manage their own password through the UI. However, if the wpsadmin account is also used for more than just the administrator, then additional changes, outlined in other steps in this section, must be made to accommodate the change.
Follow these steps to change the WebSphere Portal administrator password:
1. Log in to WebSphere Portal as the administrator.
2. Click Edit My Profile.
3. Change your password in the appropriate box.
4. Click Continue.
Note: You can also change the WebSphere Portal Administrator password, like any other user password, using an LDAP editor.
Note: The WebSphere Portal configuration tasks that enable security automatically set the Security Cache Timeout to a value specified in the wpconfig.properties file. Old passwords are stored in cache for this amount of time. The default value is 600 seconds.
For the version 6.0.1
After successfully changing your password, you will need to make additional changes to the RunAsRole passwords; see WebSphere Portal requires additional changes to the RunAsRole passwords for the EJBs to support password change for WPSAdmin and WASAdmin users for information.
Changing the WebSphere Application Server administrator password using WebSphere Portal
You can change the password for the IBM WebSphere Application Server administrator user ID using the WebSphere Application Server Administrative Console.
* Confirm that the WebSphere Application Server Administrative Server and Administrative Console are running.
* Log in to the WebSphere Application Server Administrative Console as the administrator.
* Log in to WebSphere Portal as the WebSphere Application Server administrator and select Edit Profile.
* Type a new password and click OK.
* In the WebSphere Application Server Administrative Console do one of the following, depending on the type of security installation:
+ LDAP (non-realm): Click Security > Global Security > User registries > LDAP.
+ LDAP (realm): Click Security > Global Security > User registries > Custom.
Note: As we are have configured LDAP with realm support we will take that scenario for this document.
§ From the command prompt, change to the portal_server_root/config directory.
§ Enter the following appropriate command to encrypt the new password:
WPSconfig.bat -DPassword= wmm-encrypt
§ The script returns a value for the ASCII encrypted string. You can see that in your command prompt.
§ If you have a Base installation, open the portal_server_root/wmm/wmmWASAdmin.xml file with a text editor.
§ Copy the value from the ASCII encrypted string and paste it in the logonPassword field of the wmmWASAdmin.xml file.
§ Adapt the admin logon and uniqueUserid fields to the distinguished name of the new user.
* Change Server User Password to the new value using admin console for application server and save the changes.
* Stop and restart the WebSphere_Portal and server1 servers.
Note: The configuration tasks that enable security automatically set the Security Cache Timeout to a value specified in the wpconfig.properties file. Old passwords are stored in cache for this amount of time. The default value is 600 seconds.
For the version 6.0.1
After successfully changing your password, you will need to make additional changes to the RunAsRole passwords; see WebSphere Portal requires additional changes to the RunAsRole passwords for the EJBs to support password change for WPSAdmin and WASAdmin users for information.
We have successfully implemented these steps. :) If any of you find it hard on your portal environment, just drop a comment, may be I can help you.
IBM WebSphere Portal and IBM WebSphere Application Server use some user account as "Security Server ID" for the WebSphere Application Server JVM, access ID or bind ID for authenticated access to databases and LDAP servers, and WebSphere Application Server and WebSphere Portal administrative ID's.
If the password for any user ID is changed either by Websphere portal edit profile screen or through LDAP directly then the password value stored in the appropriate configuration file must be changed.
Changing the WebSphere Portal administrator password
WebSphere Portal treats wpsadmin (the administrator) as any other user, just with more permission granted. It is possible to change the wpsadmin or equivalent password through the user interface (UI), just like any other user can manage their own password through the UI. However, if the wpsadmin account is also used for more than just the administrator, then additional changes, outlined in other steps in this section, must be made to accommodate the change.
Follow these steps to change the WebSphere Portal administrator password:
1. Log in to WebSphere Portal as the administrator.
2. Click Edit My Profile.
3. Change your password in the appropriate box.
4. Click Continue.
Note: You can also change the WebSphere Portal Administrator password, like any other user password, using an LDAP editor.
Note: The WebSphere Portal configuration tasks that enable security automatically set the Security Cache Timeout to a value specified in the wpconfig.properties file. Old passwords are stored in cache for this amount of time. The default value is 600 seconds.
For the version 6.0.1
After successfully changing your password, you will need to make additional changes to the RunAsRole passwords; see WebSphere Portal requires additional changes to the RunAsRole passwords for the EJBs to support password change for WPSAdmin and WASAdmin users for information.
Changing the WebSphere Application Server administrator password using WebSphere Portal
You can change the password for the IBM WebSphere Application Server administrator user ID using the WebSphere Application Server Administrative Console.
* Confirm that the WebSphere Application Server Administrative Server and Administrative Console are running.
* Log in to the WebSphere Application Server Administrative Console as the administrator.
* Log in to WebSphere Portal as the WebSphere Application Server administrator and select Edit Profile.
* Type a new password and click OK.
* In the WebSphere Application Server Administrative Console do one of the following, depending on the type of security installation:
+ LDAP (non-realm): Click Security > Global Security > User registries > LDAP.
+ LDAP (realm): Click Security > Global Security > User registries > Custom.
Note: As we are have configured LDAP with realm support we will take that scenario for this document.
§ From the command prompt, change to the portal_server_root/config directory.
§ Enter the following appropriate command to encrypt the new password:
WPSconfig.bat -DPassword=
§ The script returns a value for the ASCII encrypted string. You can see that in your command prompt.
§ If you have a Base installation, open the portal_server_root/wmm/wmmWASAdmin.xml file with a text editor.
§ Copy the value from the ASCII encrypted string and paste it in the logonPassword field of the wmmWASAdmin.xml file.
§ Adapt the admin logon and uniqueUserid fields to the distinguished name of the new user.
* Change Server User Password to the new value using admin console for application server and save the changes.
* Stop and restart the WebSphere_Portal and server1 servers.
Note: The configuration tasks that enable security automatically set the Security Cache Timeout to a value specified in the wpconfig.properties file. Old passwords are stored in cache for this amount of time. The default value is 600 seconds.
For the version 6.0.1
After successfully changing your password, you will need to make additional changes to the RunAsRole passwords; see WebSphere Portal requires additional changes to the RunAsRole passwords for the EJBs to support password change for WPSAdmin and WASAdmin users for information.
We have successfully implemented these steps. :) If any of you find it hard on your portal environment, just drop a comment, may be I can help you.
Sunday, March 15, 2009
Replace a SSL Certificate
After i explained how to disable the auto generation of certificates in this post, i now want to explain how to replace an certificate manually.
1. In the administrative console go to Security > SSL certificates and key management > Manage endpoint security configurations
2. Select the node where you want to repleace the ssl certificate (under Inbound)
3. Click "Manage certificates"
4. Select the default certificate and click "Create a self-signed certificate"
5. Fill out the General properties values (compare with expired certificate)
6. Click "OK" and Save the changes
6. Go to Security > SSL certificates and key management > Manage endpoint security configurations > Select the node where you want to replease the ssl certificate (under Inbound) > Manage certificates
7. Select default and click "Replace"
8. You can now choose which certificate will replace the old certificate, normally its the newly created one. Do not select "Delete old certificate after replacement" and "Delete old signers".
9. Click "OK"
10. Select the old certificate and delete it (click "Delete")
11. Click "OK" and save the changes
1. In the administrative console go to Security > SSL certificates and key management > Manage endpoint security configurations
2. Select the node where you want to repleace the ssl certificate (under Inbound)
3. Click "Manage certificates"
4. Select the default certificate and click "Create a self-signed certificate"
5. Fill out the General properties values (compare with expired certificate)
6. Click "OK" and Save the changes
6. Go to Security > SSL certificates and key management > Manage endpoint security configurations > Select the node where you want to replease the ssl certificate (under Inbound) > Manage certificates
7. Select default and click "Replace"
8. You can now choose which certificate will replace the old certificate, normally its the newly created one. Do not select "Delete old certificate after replacement" and "Delete old signers".
9. Click "OK"
10. Select the old certificate and delete it (click "Delete")
11. Click "OK" and save the changes
Subscribe to:
Posts (Atom)
