Monday, November 7, 2011

Portal 6.1.5 Basic Tuning

WebSphere_Portal Heap Size

Parameter AIX POWER5 Linux Solaris Windows 2003 z/Linux z/OS
Initial and Maximum heap size (Mbytes) 1792 2048 3584 1408 3584 2048

Start with a heap size of 1024 in case the portal application is not too memory intensive. If portlets are caching a lot of data then start with 1200/1400.


In the Session Timeout field, select Set Timeout. Default session timeout is 30.

Parameter AIX POWER5 Linux Solaris Windows 2003 z/Linux z/OS
Session timeout 10 minutes 10 minutes 12 minutes 10 minutes 10 minutes 10 minutes



Web Container Thread Pool Size


Servlet engine thread pool size: Set this value and monitor the results. Increase this value if all the servlet threads are busy most of the time.

Setting the parameters: In the WebSphere Application Server Administration Console, select Servers > Application Servers > WebSphere Portal > Additional Properties: Thread Pools > Web Container.

In the General Properties section, set the thread pool size in the following fields:
Minimum size threads
Maximum size threads.

Parameter AIX POWER5 Linux Solaris Windows 2003 z/Linux z/OS
Web container thread pool size 50 50 50 50 50 50


GC policy is gencon for AIX, and set following property for it:
Servers > Application Servers > WebSphere Portal > Server Infrastructure: Java and Process Management > Process Definition > Java Virtual Machine.

In the Generic JVM Arguments field, add the following: –Xmn256m


Security Attribute Propagation

 

To reduce the Security Attribute Propagation (SAP) overhead, use the following custom property: disable Callerlist. If you do not use SAP, then ensure it is disabled to remove the extra overhead, which improves login performance.

If Subject has not been customized, then there is no need to enable Security Attribute Propagation. Security Attribute Propagation can add extra overhead due to some extra processing that is required. However, there are certain configurations where performance might be better with security propagation enabled due to reduction of remote registry calls. See the WebSphere Portal 6.1 InfoCenter (use the following search terms: security attribute propagation) for a discussion of when propagating security attributes is desirable. If you want to enable SAP for functional reasons, you can improve the performance with CallerList tuning described as follows.
Note: The following settings apply to all platforms.

Setting the parameters: In the WebSphere Application Server Administration Console, select Security > Secure Administration, Applications, and Infrastructure > Custom properties.

Table 2: WebSphere Security Attribute Propagation Settings
Name Value
com.ibm.CSI.disablePropagationCallerList true
com.ibm.CSI.rmiOutboundPropagationEnabled false
com.ibm.CSI.rmiInboundPropagationEnabled false
com.ibm.ws.security.WebInboundPropagationEnabled false

For com.ibm.CSI.disablePropagationCallerList, create a new property. For the other properties, change their values to false.

     
          poolWaitTime="3000" prefPoolSize="10"/>

Table 3: VMM Context Pool Setting
Context Pool Setting Default Value Value
initPoolSize 1 10
prefPoolSize 3 30Number of open connections to maintain to LDAP server.
maxPoolSize 20 0A value of 0 allows the pool to grow as large as needed. If access to the LDAP server is shared by many systems, this setting may allow an excessive number of connections to the LDAP server; in such a case, set the maximum pool size to a value appropriate to your environment.

5/10/20 is a good value to begin with for above values.
Posted by at No comments:

LogAdapter E DCSV9403E: Received an illegal configuration argument. Parameter MulticastInterface, value: 10.96.4.50...

Problem: Following exception is received in the logs and DMGR does not start. 
LogAdapter    E   DCSV9403E: Received an illegal configuration argument. Parameter MulticastInterface, value: 10.96.4.50. Exception is java.lang.Exception: Network Interface 10.96.4.50 was not found in local machine network interface list. Make sure that the NetworkInterface property is properly configured!

Solution: Please check that etc/hosts file has correct entries mapping the physical IP address to the name of the hosts which was configured at the time of installation of the server. This errors occurs when the name of the machine does not map with the entries in the hosts file or if the name or IP address of the machine has changed recently.


Posted by at 2 comments:

Friday, October 21, 2011

New Supported Clients for Mobile Portal Accelerator (MPA)

.*iPhone.*
xdime
pdaview
Apple
Apple iPhone

.*Android.*
xdime
pdaview
Google
Google

.*BlackBerry.*
xdime
pdaview
RIM
RIM

.*iemobile.*
xdime
pdaview
Microsoft
Internet Explorer



Posted by at No comments:
Labels: , , ,

User Agent String for iPad 2

Mozilla/5.0 (iPad; U; CPU OS 4_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8F191 Safari/6533.`8.5


Posted by at No comments:
Labels: , , ,

How to midy Supported Client List using XML Access

There are 3 steps to changing the supported client list using XML Access (xmlaccess) utility:
1. Take export of the entire portal using the following command and input file:  

Command  
xmlaccess -in Export.xml -user userid -password password -url portal.example.com:10039/wps/config -out Result_File.xml  

Export File


<?xml version="1.0" encoding="UTF-8"?>
<request
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:noNamespaceSchemaLocation="PortalConfig_1.4.xsd"
    type="export"
    export-users="false">
    <portal action="export"/>
</request>








2. Create Update_SupportedClients.xml file as follows:  

Import File
 

<?xml version="1.0" encoding="UTF-8"?>
<request xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="PortalConfig_1.4.xsd" type="update">
    <portal action="locate">
        <client action="update" domain="rel" markup="html" name="Default HTML Client" objectid="M_0000000000000000000000C010" ordinal="75">
            <useragent-pattern>.*</useragent-pattern>
        </client>
        <client action="update" domain="rel" markup="xdime" name="Default XDIME Client" objectid="M_VBL70VO20G0000I1D5CPPM3043" ordinal="50" uniquename="mwp.default.xdime.client">
            <useragent-pattern>.*</useragent-pattern>
        </client>
    </portal>
</request>





Change the values of the "objectid" from the file (Result_File.xml) exported in the step 1 above. Change the "ordinal" and any other value as per your requirements.

3. Import the changes into Portal using following command:

Command
xmlaccess -in Update_SupportedClients.xml -user userid -password password -url portal.example.com:10039/wps/config -out Result_File.xml 

If everything went well then you will see success message at the end.
Posted by at No comments:
Labels: , , ,

Wednesday, October 19, 2011

Redirecting all users using Mobile devices to a specific URL

To redirect all the incoming requests from mobile devices to a sub-directory or a specific URL in IBM HTTP Server follow below steps: Open C:\IBM\HTTPServer\conf\httpd.conf file in edit mode. 1. Un-comment following live in the file by removing "#" from the front of the line. #LoadModule rewrite_module modules/mod_rewrite.so 2. Enable rewrite engine by adding following line to the end of the file: RewriteEngine on 3. Add rewrite condition for the detecting mobile devices after the above line using the below example: RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC] 4. Add rewrite rule for redirecting the user to specific URL after the above line using the below example RewriteRule ^(.*)$ http://mobile.example.com/wps/portal [L,R=302] 5. Save the file 6. Restart IBM HTTP Server. Now all user requests will be redirected to "http://mobile.example.com/wps/portal" sub URL.
Posted by at No comments:
Labels: , , , , ,

Enable user redirection in IBM HTTP Server 7.0

To redirect all the incoming requests to a sub-directory or a specific URL in IBM HTTP Server follow below steps: Open C:\IBM\HTTPServer\conf\httpd.conf file in edit mode. 1. Un-comment following live in the file by removing "#" from the front of the line. #LoadModule rewrite_module modules/mod_rewrite.so 2. Enable rewrite engine by adding following line to the end of the file: RewriteEngine on 3. Add rewrite rule after the above line using the below example: RewriteRule ^/$ wps/portal [L,R] 4. Save the file 5. Restart IBM HTTP Server. Now all user requests will be redirected to "wps/portal" sub URL. You can redirect the user to another website also using the same method but in that situation you have to provide full URL starting with Http://...
Posted by at 4 comments:
Labels: , , , ,

Wednesday, August 10, 2011

WCM Contect Access Error using API - WCM_Workspace W IWKCW1005X: The Member: UserX Could not be found in the User Repository. Reason: UserX

[8/10/11 13:48:23:737 CDT] 0000006e WCM_Workspace W IWKCW1005X: The Member: UserX Could not be found in the User Repository. Reason: UserX
[8/10/11 13:48:23:753 CDT] 0000006e SystemOut O exception is- com.ibm.workplace.wcm.api.exceptions.AuthorizationException: IWKPY1015X: Unauthorized access by {PrincipalInformation: {dn: anonymous_user, memberId: anonymous_user_id, displayName: , name: , locale (thread): en_US, isValidUser: true, isUser: Type: User, isUserLazyLoaded: false}, 1, {false, {userAccess={}}, {editorAccess={}}, {managerAccess={}}, [anonymous_user%anonymous_user_id, all_users%all_users_group_id, anonymous_user%anonymous_user_id]}} - IWKPY1016X: Unauthorized access on Company Overview by [anonymous portal user]

Encountered above exception when I was trying to access WCM content using API calls from my portlet. After researching for long and spending multiple nights figuring the reason behind this exception I found that I need to give proper access rights to all the users under "Contributor" tab of the Portal Content > Web Content Libraries > Library Name.

Click on the button with "key" to open the resource permissions for the library. Then click on the button with "key" against "Contributor". Add "All authenticated Portal Users" and "Anonymous Portal Users" to the permissions.

This will resolve the above problem.

More information is available on the below link:

PM42031: REFERENCE PROBLEM IN INLINE EDITING WITH THE JSR-286 WEB CONTENT VIEWER

Posted by at No comments:
Labels: , , , , , , , , , , ,

Wednesday, July 6, 2011

Datasource Isolation Levels in WebSphere Application Server (WAS)

WebSphere Application Server (WAS) 6.0.2 and higher provide a new custom property webSphereDefaultIsolationLevel. This property can take one of the four values as listed below:
a) 8 -> TRANSACTION_SERIALIZABLE -> Repeatable Read (RR)
b) 4(default) -? TRANSACTION_REPEATABLE_READ -> Read Stability (RS)
c) 2 -> TRANSACTION_READ_COMMITTED -> Cursor Stability (CS)
d) 1 -> TRANSACTION_READ_UNCOMMITTED -> Uncommitted Read (UR)
Posted by at No comments:
Labels: , , , , , ,

Thursday, June 9, 2011

WebSphere Application Server (WAS) fails to start with XAException: XAER_RMERR (xa_recover)

This error comes when WebSphere Application Server (WAS) and/or Oracle servers were not shut down properly, then you might see XAException with (xa_recover) in the description of the error then it is very possible that the user which is being used to connect to the Oracle database by the WebSphere Application Server (WAS) does not have select permission on DBA_PENDING_TRANSACTIONS.

Run the following command SQL Plus as SYSOPER or SYSDBA

grant select on DBA_PENDING_TRANSACTIONS to PUBLIC

OR

grant select on DBA_PENDING_TRANSACTIONS to username

This should resolve the issue.
Posted by at No comments:

Wednesday, June 8, 2011

Profile Management on 64 bit WebSphere Application Server (WAS) 7.0.x

WebSphere Application Server (WAS) 7.0.x does not provide Graphical Profile Management Tool like its sister 32 bit version does. Therefore you have to rely on manageprofiles.(bat/sh) command to create/augment/delete a profile.

Below command creates Deployment Manager Profile on the same server on which WebSphere Portal is installed.

manageprofiles -create -profileName DmgrDev01 -profilePath E:/IBM/WebSphere/DmgrDev01 -templatePath E:/IBM/WebSphere/AppServer/profileTemplates/management -serverType DEPLOYMENT_MANAGER -nodeName nodeo1 -cellName cello1 -hostName portal.pankaj.com -validatePorts -defaultPorts

This command has to be executed from \bin directory. The node name and cell should be different from the ones used while installing Portal Server.
Posted by at No comments:
Labels: , , ,

Custom Authentication Filter 

package com.pankaj.filters;

import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.ibm.portal.auth.ExplicitLoginFilter;
import com.ibm.portal.auth.ExplicitLoginFilterChain;
import com.ibm.portal.auth.FilterChainContext;
import com.ibm.portal.auth.exceptions.AuthenticationException;
import com.ibm.portal.auth.exceptions.AuthenticationFailedException;
import com.ibm.portal.auth.exceptions.PasswordInvalidException;
import com.ibm.portal.auth.exceptions.SystemLoginException;
import com.ibm.portal.auth.exceptions.UserIDInvalidException;

/**
 * @author Pankaj Gupta
 * build path dependency
 * 1. C:/IBM/WebSphere/PortalServer/base/wp.auth.base/shared/app/wp.auth.base.jar
 * 2. C:/IBM/WebSphere/PortalServer/base/wp.auth.cmd/shared/app/wp.auth.cmd.jar
 *
 */
public class CustomExplicitLoginFilter implements ExplicitLoginFilter {

 Context context = null;
 PumaHome pumaHome = null;

    public CustomExplicitLoginFilter() {
        super();

    }

    public void init(SecurityFilterConfig filterConfig) throws SecurityFilterInitException {
        System.out.println("Entering com.pankaj.filters.CustomExplicitLoginFilter.init(...)");
     try{
      context = new InitialContext();
   pumaHome = (PumaHome) context.lookup(com.ibm.portal.um.PumaHome.JNDI_NAME);
     } catch (Exception exp){
      exp.printStackTrace();
     }
        System.out.println("Exiting com.pankaj.filters.CustomExplicitLoginFilter.init(...)");
    }

    public void login(HttpServletRequest req, HttpServletResponse resp, String userID, char password[],
            FilterChainContext portalLoginContext, Subject subject, String realm, ExplicitLoginFilterChain chain)
            throws LoginException, WSSecurityException, PasswordInvalidException, UserIDInvalidException,
            AuthenticationFailedException, AuthenticationException, SystemLoginException,
            com.ibm.portal.auth.exceptions.LoginException {

     long startTime = System.currentTimeMillis();

     long subTaskTime = startTime;

     System.out.println("Entering CustomExplicitLoginFilter.login() ... Time Taken : " + (System.currentTimeMillis() - startTime) + " milli seconds");

     chain.login(req, resp, userID, password, portalLoginContext, subject, realm);

     System.out.println("User Authenticated ... Time Taken : " + (System.currentTimeMillis() - subTaskTime) + " milli seconds");
     subTaskTime = System.currentTimeMillis();

     List groupList = this.getUserGroups(req);

     System.out.println("User groups retrieved ... Time Taken : " + (System.currentTimeMillis() - subTaskTime) + " milli seconds");
     subTaskTime = System.currentTimeMillis();

     if(this.isUserGroupAvailable(req, groupList, "wpsadmins") || this.isUserGroupAvailable(req, groupList, "wpadmins")){
            System.out.println("Group Checked ... Time Taken : " + (System.currentTimeMillis() - subTaskTime) + " milli seconds");
            subTaskTime = System.currentTimeMillis();
      portalLoginContext.setRedirectURL("/wps/myportal/Administration");
            System.out.println("URL created ... Time Taken : " + (System.currentTimeMillis() - subTaskTime) + " milli seconds");
            subTaskTime = System.currentTimeMillis();
     }
        System.out.println("Exiting CustomExplicitLoginFilter.login(...) ... Time Took : "
          + (System.currentTimeMillis() - startTime) + " milli seconds");
    }


    public void destroy() {
        // This is an empty implementation. No code required!!!
    }

    private List getUserGroups(HttpServletRequest request) {
     List groupList = null;
     try {
      PumaProfile pumaProfile = pumaHome.getProfile(request);
      com.ibm.portal.um.User user = pumaProfile.getCurrentUser();
      PumaLocator pl = pumaHome.getLocator(request);
      groupList = pl.findGroupsByPrincipal(user, false);
     } catch(Exception exp){
      exp.printStackTrace();
     }

     return groupList;
    }

 private boolean isUserGroupAvailable(HttpServletRequest request, List groupList, String userGroup) {
  boolean groupFlag = false;
     try {
      List attribs = new ArrayList();
      attribs.add("cn");
      PumaProfile pumaProfile = pumaHome.getProfile(request);
      for(Iterator group_itr = groupList.iterator();group_itr.hasNext();){
       Group group = (Group) group_itr.next();
       Map group_attribs = pumaProfile.getAttributes(group, attribs );
       String group_cn = (String) group_attribs.get((Object)"cn");
       System.out.println("group cn: " + group_cn);
       if(group_cn.equals(userGroup)){
         groupFlag = true;
         break;
       }
      }
     }
     catch (Exception exp) {
   exp.printStackTrace();
     }
  return groupFlag;
    }
}
Posted by at No comments:
Labels: , , , ,

Step-by-step guide to Portal clustering

Installing and Clustering WebSphere Application Server (WAS) 7.0.0.5 and WebSphere Portal 6.1.5

Below are the major steps required to perform for Installing and clustering WebSphere Application Server and WebSphere Portal:

1. Install WebSphere Application Server Network Deployment 7.0.0.0 on the machine.
a. Select "None" during the step of creating a profile. WebSphere Portal will create its own WebSphere Application Server Profile later.
2. Update WebSphere Application Server to 7.0.0.5 level by installing respective fix pack. You can go to a higher version as well if available. Apply all available fixes as well. This is the minimum required. Apply both WAS and SDK fix packs.
3. Install Portal. Select "Full" install to install everything or "Administrative install" to install blank portal with only Administration Portlets. Apply any fix packs and fixes available to make sure that portal version is current and update with all the fixes.
4. Install Deployment Manager or create a new profile using "Profile Management Tool". Select "Management" and "Deployment Manager" in the profile sections. Install all fix packs and fixes as have been applied to WebSphere Application Server in the previous section to make sure that Deployment Manager and Application Server are on the same level if you are installing a fresh copy of Application Server for deployment manager.
5. Configure Deployment Manager, create a group called "wpsadmins", create exactly the same user as you have provided during the Portal installation and add this user to "wpsadmins" group.
6. Configure Portal for federation.





Following link provides a step-by-step guide to Portal clustering.

https://www-304.ibm.com/support/docview.wss?uid=swg21413946
Posted by at No comments:
Labels: , , ,

Thursday, May 26, 2011

Fixpack and Fix download location for IBM Products

Use the following location to find and download fixes for different IBM products:

IBM Products Fixcentral
Posted by at No comments:
Labels: , ,

Version Details of WebSphere Portal, WebSphere Application Server (WAS) and Java SDK

To find the version of WebSphere Portal Server use the following command:

On Windows : run %WPS_HOME%\bin\WPVersionInfo.bat (e.g) c:\IBM\WebSphere\PortalServer\bin\WPVersionInfo.bat

On Unix : run $WPS_HOME/bin/versionInfo.sh (e.g) /opt/IBM/WebSphere/PortalServer/bin/WPVersionInfo.sh

To find the version of WebSphere Application Server use the following command:

On Windows : run %WAS_HOME%\bin\versionInfo.bat (e.g) c:\IBM\WebSphere\AppServer\versionInfo.bat

On Unix : run $WAS_HOME/bin/versionInfo.sh (e.g) /opt/IBM/WebSphere/AppServer/bin/versionInfo.sh

To find the version of Java SDK installed with WebSphere Application Server use the following command:

On Windows : run %WAS_HOME%\java\bin\java -fullversion (e.g) c:\IBM\WebSphere\AppServer\java\bin\java -fullversion

On Unix : run $WAS_HOME/java/bin/java -fullversion (e.g) /opt/IBM/WebSphere/AppServer/java/bin/java -fullversion
Posted by at No comments:
Labels: , , , , ,

Removing Windows Service for WebSphere Application Server (WAS)

WASService.exe can be used to remove the Windows Service created for WebSphere Application Server. Following command can be used to remove the windows service:

WASService.exe -remove service_name

Here service name is the name which you see when you look at the properties of a service. The name is the last part of the service name. Complete name will be something like "IBMWAS70Service - HostNameNode01". Here the service name is "HostNameNode01". You should issue the command as:

WASService.exe -remove HostNameNode01

Note: You need to be logged in as Administrator and with a user having administrator rights. Also right click on the command console window and from the context menu choose "Run as Administrator".
Posted by at No comments:
Labels: , ,

Monday, January 31, 2011

Custom TAI Interceptor for WAS 6.1.x and upwards

package com.pankaj.test;

import java.util.Properties;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.ibm.websphere.security.WebTrustAssociationException;
import com.ibm.websphere.security.WebTrustAssociationFailedException;
import com.ibm.wsspi.security.tai.TAIResult;
import com.ibm.wsspi.security.tai.TrustAssociationInterceptor;

public class PortalCustomTAI implements TrustAssociationInterceptor {


public void cleanup() {
//TODO ... Perform any cleanup here.
}

public String getType() {
return "Custom TAI ... " + this.getClass().getName();
}

public String getVersion() {
return "1.0";
}

public int initialize(Properties prop) throws WebTrustAssociationFailedException {
System.out.println("Portal Custom TAI Initialized ... ");
//TODO Perform any initialization operations here.
return 0;
}

public boolean isTargetInterceptor(HttpServletRequest req) throws WebTrustAssociationException {
System.out.println("Portal Custom TAI isTargetInterceptor ... sessionId : " + req.getRequestedSessionId());
boolean isTAIHandlingRequired = false;
// isTAIHandlingRequired = .... ; //Perform the appropriate operation here to check if this is the right TAI to invoke.
System.out.println("Portal Custom TAI isTargetInterceptor ... : " + isTAIHandlingRequired);
return isTAIHandlingRequired;
}

public TAIResult negotiateValidateandEstablishTrust(HttpServletRequest req, HttpServletResponse res) throws WebTrustAssociationFailedException {
TAIResult taiResult = null;
System.out.println("1. Portal Custom TAI negotiateValidateandEstablishTrust ... sessionId : " + req.getRequestedSessionId());
String userId = "testUser"; //Perform the appropriate operation here to obtain the user id which needs to be authenticated without password.
if(userId != null && !userId.trim().equals("")){
taiResult = TAIResult.create(HttpServletResponse.SC_OK, userId);
}
System.out.println("2. Portal Custom TAI negotiateValidateandEstablishTrust userId: " + userId);
return taiResult;
}

}
Posted by at No comments:
Labels: , , , , , , ,

Reuse the old session ID in WAS 6.1.x

Navigate to following:

Application servers > WebSphere_Portal > Process Definition > Java Virtual Machine > Custom Properties

Add a "New" custom property

Name: HttpSessionIdReuse
Value: true
Description: It instructs JVM to reuse the session ID when user session changes from unauthenticated to authenticated.
Posted by at No comments:
Labels: , , , ,

Enable anonymous session in WAS 6.1.x

Navigate to following:

Resource environment providers > WP NavigatorService > Custom properties

Add a "New" custom property:

Name: public.session
Value: true
Description: This property is used to enable anonymous user session.
Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)

Sponsor Advertisement