Wednesday, 18 May 2011

ConfigEngine on WebSphere Portal 7 - a surprise, albeit a pleasant surprise

I've just run through the process to add new attributes into the WebSphere Identity Manager (WIM) configuration on WebSphere Portal 7.0.0.1.

This is a relatively straight forward process, although there were a few learning curves for me, as I'd not done this before.

In brief terms, you: -

(a) Deploy an enterprise application (EAR) that's normally used for the Property Extension database ( aka LookAside ) via the command: -

$ ./ConfigEngine.sh wp-la-install-ear

( noting that the process is different for a clustered environment, where the EAR gets deployed to the DM rather than to the Portal instance as per this old-but-good Technote )

(b) Add the new attributes into the ConfigEngine properties file - wkplc.properties

(c) Add the attributes into WIM via the command: -

$ /ConfigEngine.sh wp-add-property

(d) Map the attributes from one place to the other ( in our case, the source data has been added to the LDAP schema, so we're mapping it from LDAP, via the Federated Repository, to WIM ) via the command: -

$ /ConfigEngine.sh wp-update-federated-ldap-attribute-config

(e) Validate the new attributes: -

- by eyeballing wimconfig.xml ( located under /opt/IBM/WebSphere/wp_profile/config/cells/<CELLNAME>/wim/config )
- by running the following command: -

$ ./ConfigEngine.sh wp-query-attribute-config

and inspecting the resulting availableAttributes.html file which is placed in the ConfigEngine/log directory 

Hay, Dave \(IBM\)
to:
Dave Hay
18/05/2011 07:48
Hide Details
From: "Hay, Dave \(IBM\)" <Dave.Hay@rbs.co.uk>

To: Dave Hay/UK/IBM@IBMGB,













Default custom expiration date: 17/05/2012
So there was one small "gotcha" which confused me for a while.

When running the wp-add-property command, I couldn't work out why the process appeared to stall midway through it's run, just as the ConfigEngine started to talk across to the Deployment Manager: -

[wplc-add-property]   Instance attributes (Set 1 of 1):
[wplc-add-property]     attribute=[ *** NONE_SPECIFIED *** ]
[wplc-add-property]     nsURI="http://www.ibm.com/websphere/wim"
[wplc-add-property]     customproperty=[ *** NONE_SPECIFIED *** ]
[wplc-add-property]     entityTypes="PersonAccount"
[wplc-add-property]     repositoryId="TDSCollaboration"
[wplc-add-property]     propertyName="ExchangeVersion"
[wplc-add-property]     ignoreDuplicateIDs= *** NOT_SPECIFIED ***
[wplc-add-property]     dataType="string"
[wplc-add-property]     trimSpaces= *** NOT_SPECIFIED ***
[wplc-add-property]     providerURL="corbaloc:iiop:dm.uk.ibm.comt:9809"
[wplc-add-property]     multiValued="false"
[wplc-add-property] [05/18/11 07:47:18.613 BST] Looking up EJB: corbaloc:iiop:dm.uk.ibm.com.net:9809...
[wplc-add-property] [05/18/11 07:47:18.718 BST] security.LoadSCI
[wplc-add-property] [05/18/11 07:47:18.724 BST] security.GettingConfig
[wplc-add-property] [05/18/11 07:47:18.725 BST] security.AuthTarget
[wplc-add-property] [05/18/11 07:47:18.748 BST] Client code attempting to load security configuration
[wplc-add-property] [05/18/11 07:47:18.757 BST] security.ClientCSI
[wplc-add-property] Realm/Cell Name: CollaborationWorkBench
[wplc-add-property] User Identity: 

<STOP>


[wplc-add-property] User Password: 

<STOP>  


[wplc-add-property] [05/18/11 07:48:12.711 BST] EJB ejb/com/ibm/websphere/wim/ejb/WIMServiceHome is found.
[wplc-add-property] [05/18/11 07:48:12.720 BST] Retrieving model schema...
[wplc-add-property] [05/18/11 07:48:12.762 BST] Model schema returned.
[wplc-add-property] [05/18/11 07:48:12.763 BST] Registering model schema...
[wplc-add-property] [05/18/11 07:48:12.797 BST] Model schema registered.
[wplc-add-property] [05/18/11 07:48:12.900 BST] Retrieving model schema...
[wplc-add-property] [05/18/11 07:48:12.939 BST] Model schema returned.
[wplc-add-property] [05/18/11 07:48:12.940 BST] Registering model schema...
[wplc-add-property] [05/18/11 07:48:12.962 BST] Model schema registered.
[wplc-add-property] Status = Complete

Yes, you guessed it ....

The script was waiting for me to enter my user name and password.

I'm sure that, in the past, the script would have simply fallen over because I'd not entered the Deployment Manager credentials on the command line, or elsewhere in wkcplc.properties or soap.client.properties.

So, this is actually good news - the script is prompting me - I wish the text was a bit more clear e.g. Please enter User Identity and press [Enter] but c'est la vie ...

For more information about adding attributes to WIM, please check the Wiki here.

Bonne chance :-)

4 comments:

Shriraj Bhagwan said...

Hi, I have added a database user registry for WP7 and am trying to edit user profile with for e.g users email address, but it fails to do so.
Can you tell me is there any additional configuration to store attribute specific data in database registry?

Dave Hay said...

@Shriraj

Sorry, I've had no experience with database user registries. I suggest that you try the Wiki: -

http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Updating_your_user_registry_on_Linux_wp7

or the older WP 6.1 Information Centre: -

http://publib.boulder.ibm.com/infocenter/wpdoc/v6r1/topic/com.ibm.wp.ent.doc_v6101/security/linux_update_ureg.html

lshake said...

Hey Dave.

If you add the admin credentials to the sas.client.properties, and set com.ibm.CORBA.loginSource=properties, it removes the prompt for these updates. I've been caught out with very slow X11 prompts and no idea why it appears to be hanging.

Lee.

Dave Hay said...

@Lee - cheers for this

Note to self - use kubectl to query images in a pod or deployment

In both cases, we use JSON ... For a deployment, we can do this: - kubectl get deployment foobar --namespace snafu --output jsonpath="{...