IBM Websphere Portal Server: 07/01/2014

Thursday 31 July 2014

Change Default browser behavior language fallback in WPS8.5

When user locale is “es” (spainsh)and browser locale list is "es-cl", "en", "es", the portal ignores the entry "es-cl" and falls back to the second entry of "en". It recognizes that " es-cl " does not have a match among the portal defined locales and that the more generic version "es" of this locale is further down in the list after "en". This behavior conforms to the HTTP specification.

Below all labels are in English.

Websphere Portal has built-in language fallback servlet filter supports a mode that extends the language fallback behavior. If you enable this extended language fallback mode, the portal runs a fallback for all entries and removes duplicates of the fallback locales that are later in the list. In the example browser locale list of "es-cl", "en", "es" as given before, the portal recognizes that "es-cl" does not match any of the portal defined locales. Therefore, it runs a fallback to the portal defined locale "es". It uses "es" as the locale of choice and ignores the third entry "es" from the list. The resulting locale list that the portal uses is "es", "en". This fallback mechanism bypasses strict adherence to the HTTP specification of accepting and showing languages and uses the fallback option instead.

Steps to enable language fallback mode

1. Open the WebSphere Integrated Solutions Console.

2. Select the Resource Environment Provider WP ConfigService.

3. In the Custom Properties section, add the property engine.enableExtendedLanguageFallback and set it to the value true.

4. Save your changes.

5. Restart your WebSphere Portal for your changes to take effect.

After restart, system shows labels in Spanish

Tuesday 29 July 2014

Supporting a new language in WebSphere Portal Server 8.5

By default, welsh language is not supported by WPS. To Support welsh follow the below steps:

Copy C:\IBM\WebSphere\PortalServer\doc\xml-samples\CreateLanguage.xml to local directory.

In CreateLanguage.xml, change the content as:

<request xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

type="update"

xsi:noNamespaceSchemaLocation="PortalConfig_8.0.0.xsd">

<title>Welsh</title>

</localedata>

</language>

</portal>

</request>

Run the following XML to create the " Welsh " language by clicking the Administration menu icon in the toolbar, and then going to Portal Settings > Import XML.

Extract the resource bundles from PortalServer_root\ui\wp.ui\shared\app\wp.ui.jar into your local directory.

Copy all files in PortalServer_root\ui\wp.ui\shared\app\wp.ui.jar into local directory.

Files to change in local directory

LocaleNames_en.properties

button_en.properties

commonAdmin_en.properties

engine_en.properties

field_en.properties

pbruntime_en.properties

problem_en.properties

problem_short_en.properties

registration_en.properties

titlebar_en.properties

virtual_principals_en.properties

For welsh(cy) language to display in websphere portal ,change resource bundles file from en to cy in local directory

In engine_cy.properties

Change link.logout = Log Out to link.logout = allgofnodi

Copy all resource bundles from local directory into wp_profile_root/PortalServer/config/nls directory.

Restart Portal server

Monday 28 July 2014

Troubleshooting data for WebDAV with IBM WebSphere Portal 8.5

Enabling trace logging can be done either two ways.

Enabling Static tracing

1. Log into the Integrated Solutions Console as the WebSphere Application Server administrator.

2. Click Troubleshooting->Logs and Trace->WebSphere_Portal->Diagnostic Trace.

3. On the Configuration tab, ensure Enable Log is selected. On this same tab, ensure you increase the Maximum File Size and and Maximum Number of Historical Files as needed to ensure that the tracing of the problem recreation is not overwritten due to the amount of traffic on the system and output of the tracing itself.

4. Click Change Log Level Details and enter the following trace string:

com.ibm.wps.resolver.webdav.*=all:com.ibm.wps.logging.resolver.RequestResponseLogger=all:com.ibm.wps.engine.*=all:com.ibm.ws.security.*=all:com.ibm.ws.wim.*=all:com.ibm.websphere.wim.*=all:com.ibm.wsspi.wim.*=all

5. Click OK and save the changes.
6. Restart the WebSphere_Portal application server.

Enabling dynamic tracing
Dynamic tracing can be used for situations that do not permit a server restart.

1. Log in as the Portal administrator.

2. Click Administration->Portal Analysis->Enable Tracing. The Enable Tracing portlet appears.

3. Type the required trace string into the field Append these trace settings:

4. Click the Add icon. Enable Tracing updates the field Current trace settings.
Note: Restarting WebSphere Portal will remove traces that were set by using the Enable Tracing Administration portlet.

Please refer this link

Exporting content from the Webdav in WPS8.5

You can download WebDAV resources as a zip archive using a web browser. To perform this task, enter a URI to the WebDAV resources you want to download as a zip archive into the web browser address bar.

This URI should be in the form of:

http://host:port/wps/mycontenthandler/dav/<entry point>/<path to resources>?mime-type=application/zip

Entry point for a Portal skin:

http://<host>:<port>/wps/mycontenthandler/dav/skinlist/<skin_dir>?mime-type=application/zip

http://localhost:10039/wps/mycontenthandler/dav/skinlist/ibm.portal.85HiddenPlus/?mime-type=application/zip

Entry point for a Portal theme:

http://<host>:<port>/wps/mycontenthandler/dav/themelist/<theme_dir>?mime-type=application/zip

e.g

http://localhost:10039/wps/mycontenthandler/dav/themelist/ibm.portal.85Theme/?mime-type=application/zip

Collect all themes and skins into a single zip file:

http://<host>:<port>/wps/mycontenthandler/dav/fs-type1/themes?mime-type=application/zip

Collect all files in WebDAV into a single zip file:

http://<host>:<port>/wps/mycontenthandler/dav/fs-type1?mime-type=application/zip

webdav-deploy-zip-file task in WebSphere Portal Server 8.5

This task uploads archive or compressed files to portal WebDAV folders.

Syntax: ConfigEngine.bat webdav-deploy-zip-file

Mandatory parameters to be specified on the command line or in the file wkplc.properties:

WasUserid The WebSphere® Application Server user ID
WasPassword The WebSphere Application Server password
PortalAdminId The portal administrator user ID
PortalAdminPwd The portal administrator password

Mandatory parameters to be specified on the command line only:

TargetURI The URI of the WebDAV folder where you want the archive or compressed file to be extracted.
The following two parameters are mutually exclusive:

ZipFilePath The file system path to the archive or compressed file. Do not use this parameter combined with the parameter ZipFileClassPath.
ZipFileClassPath The Java class path to the to the archive or compressed file. Do not use this parameter combined with the parameterZipFilePath.

Optional parameters to be specified on the command line only:

UpdateMode (=replace) The default value for this parameter is replace . If you want to merge the content of the archive or compressed file with the content that already exists at the given URI, set this parameter to the value merge . In this case files that do not yet exist are created, existing files are updated, and no files are deleted.
VirtualPortalContext or VirtualPortalHost Use this parameter to identify the virtual portal. Only pages contained in the specified virtual portal are refreshed. If you omit this parameter, by default no virtual portal page layout is refreshed.

Example:

./ConfigEngine.sh webdav-deploy-zip-file -DTargetURI=dav:themelist/mytheme/

-DZipFilePath=/tmp/mytheme.zip -DUpdateMode=merge

WebDav Theme Administration and Skin Administration in WPS8.5

For working with themes in an administrative perspective (such as creating a new theme, deleting a theme, modifying the title) connect by using the following WebDAV entry URL:

http://<server>:<port>/wps/mycontenthandler/dav/themelist/

If you want a specific theme rather than the full list of themes, you can add the friendly name, unique name, or object ID of the theme to the URL above.

For working with skins in an administrative perspective (such as creating a new skin, deleting a skin, modifying title) connect by using the following WebDAV entry URL:

http://<server>:<port>/wps/mycontenthandler/dav/skinlist/

If you want a specific skin rather than the full list of skins, you can add the friendly name, unique name, or object ID of the skin to the URL above.

Note: You can change title of theme or skin thorugh themelist or skinlist only ,since metadata.properties is found in that url.

dav/fs-type1/themes/Portal8.5/

dav/fs-type1/themes/Portal8.5/skins/Hidden/

dav/themelist/ibm.portal.85Theme/

/dav/skinlist/ibm.portal.85Hidden/

WebDav Cache in WebSphere Portal Server 8.5

By default, all items under the themes ,skins, common-resources,layout-templates folder is cache for 86400seconds(1 day).

Caching information is stored in WP Config Service as key/value

Format is:

filestore.cache.expiration.id.re=regular expression

filestore.cache.expiration.id.seconds=value

theme cache

filestore.cache.expiration.0.re =themes/.*

filestore.cache.expiration.0.seconds=86400

skins cache

filestore.cache.expiration.1.re =skins/.*

filestore.cache.expiration.1.seconds=86400

common-resources cache

filestore.cache.expiration.2.re = common-resources/.*

filestore.cache.expiration.2.seconds=86400

layout-templates cache

filestore.cache.expiration.3.re = layout-templates /.*

filestore.cache.expiration.3.seconds=86400

All items of a certain resource type, such as jpg or gif have an expiration time of 6000 seconds:

filestore.cache.expiration.1.re=.*\.jpg|.*\.gif

filestore.cache.expiration.1.seconds=6000

All css files in the themes folder have an expiration time of 8000 seconds:

filestore.cache.expiration.2.re=themes/.*\.css

filestore.cache.expiration.2.seconds=8000

User folder in webdav

By default only administrative users can perform write operations on specific folders of the WebDAV file store. This affects public and user owned folders. You can enable write access for all authenticated users on WebDAV file stores folders.

To enable this,

REP Name: WP ConfigService REP

Propery name: filestore.writeaccess.allowed

Property value : true

Restart the server.

filestore.writeaccess.allowed applies to the filestore entry points for home directories for each user located at:

http://server_name:WC_default_host/wps/mycontenthandler/dav/fs-type1/users/user_name

Note: By default for administrator home directory is created in webdav. It contains a folder called public .Public folder is shared by all users.

Similar to wpsadmin, for other user public folder is created.

Webdav in WebSphere Portal Server 8.5

The HTTP Basic Authentication Trust Association Interceptor (TAI) must be enabled to use WebDAV in WebSphere Portal. This TAI is enabled by default. The TAI is responsible only if none of the patterns in the black lists match and at least one of the patterns in one of the white lists match. Therefore, if the TAI is configured with empty white lists, it will never authenticate a request. By default in whitelist, /wps/mycontenthandler/* is added.

WebDav root url for theme is :

http://server:port/PortalServer_root/mycontenthandler/dav/fs-type1/

Main predefined root folder

themes -Use this folder to store resources that are associated to themes, such as theme templates. Typically, each subfolder represents one theme.
skins - Use this folder to store global skins. Typically, each subfolder of this folder represents one global skin.
layout-templates - Use this folder to store templates for layouts that can be used by individual themes. Typically, each subfolder represents one layout template.
common-resources - Use this folder to share common resources between different themes, so that they can be managed in a single place.
Iwidgets - Use this folder to place widgets into it.

WebDAV prevents the deletion of these folders. Even users with administrator rights cannot delete these folders and the data in them. All users have view access to all resources in these folders. It includes both anonymous users and authenticated users.To give users write access to resources contained in these folders, assign the users MANAGER role on the virtual resource THEME MANAGEMENT in portal access control. Managers can create, modify, or delete such resources

Before:

After:

Other predefined root folders

Following folders can be accessed using the Remote Model function provided by the Enabler API:

public - All authenticated users have read and write access to this folder.Anonymous users have read access only.
users - All authenticated users have read access only to this folder.Anonymous users have read access only.

internal folder

system - The system folder is reserved for system internal information. Administrators can view this folder in WebDAV. Other portal users cannot view this folder. Portal access control mapping: None.

None of the folders listed here can be deleted, not even by an administrator.

Saturday 19 July 2014

Global administrator in IBM Connection

A user who has all admin role in all ibm connection applications is termed as global administrator. A global administrator can edit and remove objectionable content. The Moderation feature can help this process, but not all components implement Moderation. Also, although some wsadmin commands can be helpful with removing objectionable content, they do not cover all situations. For example, when the only Owner of, for example, an activity or community, leaves the organization or is away for an extended time period, the Global Administrator can add more owners and even replace the original owner. The global administrator role is not supported on mobile devices. Global administrators must use a supported browser.

Application name	What can be done in application	Which role need to set in the application
Activities	Access any activity that is returned by search Open any activity bu using a URL address Modify any activity Delete any activity or entry See private entries. They cannot change privacy settings. Restore any activity or entry from the Trash. Add, remove, and change permissions of activity members. (For a community activity, the administrator must be a community member to make membership changes.)	admin, search-admin
Blogs and Ideation blogs	Configure administration settings Edit any blog or blog entry Delete any blog, entry, or comment	admin
Bookmarks	Remove unwanted links	There is no way to create a comparable administrator for Bookmarks. However, adding a user to the Java EE search-admin role allows that user to see any bookmark in Bookmark search results. Any administrator can use the Bookmarks wsadmin commands to remove unwanted links from the Bookmarks application.
Files	Editor access on all files	admin
Forums	Edit, update, or delete any forum, forum topic, or reply.	admin
Home page	Administer site-wide settings for the Home page from the Home page administration user interface or by using the wsadmin client. Add custom widgets for use on the Home page Enable and disable widgets Enable and disable the My Page view	admin
News	Register a new application or source type so that it is displayed in the IBM Connections user interface. Update, enable, or disable an application registration. Check out/check in News repository configuration files. Remove single or multiple reply-to IDs. Remove all microblog and associated data for a community from the News repository. Synchronize news data with other applications. Return an XML synchronization report of the community resources that are held in the News repository. Return information about a scheduled task. Delete any status update and comment on status updates in the system, including community status updates. Create a status update in any community. Change the status update settings in any community. View the Activity Stream feed from any community	admin
Profiles	Delete photos Edit user About Me and Background information Activate or deactivate any profile Edit core user attributes	admin.
Search	Search in any application returns all content. For example, a search in Communities returns private communities even if you are not a member.	search-admin
Wikis	Search returns all content Create, edit, read, and delete any content Remove a wiki creator from wiki membership	admin
Communities	Access to all communities, public, or restricted.	admin-Communities, Activities, Blogs, Files, Forums, and Wikis. search-admin -Search. communities-config.xml contains the "admin" block of grant statements and is not commented out.

External users can do and cannot do

Can do

Have access to communities and blogs application only.
Collaborate fully as members in communities, for example you can follow communities
View and download files that are shared with you
Edit files in IBM Docs
Join meetings that you are invited to
See an activity stream to which you have access
View business cards of anyone that shares content with you
Share files with people
Edit your profile to update your personal information, including your contact details, tags, and links to other sites. Add other information about yourself in About me, upload a photo, or add a recording of how to pronounce your name.
View other user's business cards. From a business card, you can send an email or download the vcard.

Cannot do

Be a community owner
Be a member of a community group
Create a community
Follow people
See public microblogs
See public or moderated communities
See public files
See or search the company directory (including using type-ahead) to find people
See recommended content or people
Access the Profiles menu.
Access other user profiles
See community metrics
Cannot post a status message on the home page, or see status messages posted outside of communities. Some organization-specific information (such as recommended people and content) may also not display for external users.
Have reduced menu options on the home page; they can only see the Discover top level view and the I'm Following/Tags view
Do not get a sharebox at top of the activity stream.
Cannot post directly to people in the global sharebox. However, external users can post directly to their community.
See a reduced widget set (external users cannot see the recommendations widget).
Cannot search the profiles filter on main search bar.
Since external users do not have a wall, you cannot receive messages from other users.

External users With Communities

For external user to collaborate with communities, community should be created in restricted type with external access enabled. Once created, it cannot be changed to any other type community. Similarly any other type community (Public,Modernated and Restricted without external access) cannot changed to external user collaboration community.

Yellow bar indicates it is external user collaboration community.

External User sees

Setting user roles for external collaboration

By default, internal users cannot create content that is visible to external users. To allow collaboration between internal users and external users, you must assign the EMPLOYEE_EXTENDED role to the internal users. Only users with the EMPLOYEE_EXTENDED role can create content that can be shared with external users. However, the content can be shared by any internal user. To remove the EMPLOYEE_EXTENDED role from a user, assign the EMPLOYEE role or the DEFAULT_ROLE role to that user.

Roles

EMPLOYEE: Assign this role to users who are not allowed to create content that is visible to external users. EMPLOYEE is a constant that resolves to the string "employee".

EMPLOYEE_EXTENDED: Assign this role to users who are allowed to create content that is visible to external users. EMPLOYEE_EXTENDED is a constant that resolves to the string "employee.extended".

DEFAULT_ROLE: Equivalent to EMPLOYEE.

Steps to follow add/change the role:

1. In Cmd,C:\IBM\WebSphere\AppServer\profiles\Dmgr01\bin>wsadmin.bat -lang jython -user lc

admin -password passw0rd_123 -port 8879

2. wsadmin>execfile("profilesAdmin.py")

3. ProfilesService.setRole("connectionadmin@atech.com", EMPLOYEE_EXTENDED) à setRole Command processed user role 'employee.extended' for user connectionadmin@atech.com

In fig,External Access is available for

4. In EMP_ROLE_MAP table,employee role_id is mapped as employee.extended

Map a standard LDAP attribute using JavaScript for external users

1. In map_dbrepos_from_source.properites, comment out this line: displayName=cn

2. In map_dbrepos_from_source.properites, Add/uncomment out this line:

mode= {func_check_employee_type}

displayName={func_decorate_displayName_if_visitor}

displayNameLdapAttr=cn

decorateVisitorDisplayName= - External User

3. Add {func_check_employee_type} function in profiles_functions.js.

function func_check_employee_type (fieldName) {

var retval = "internal" ;

//get employeeNumber - must be LDAP attr

var empType = work.getString( " employeeType " );

if (empType!=null)

{

if (empType=="external")

retval = "external" ;

}

return retval;

}

4. Run sync_all_dns.bat

5. In EMPLOYEE table, PROF_EMPLOYEE_TYPE is mapped as external/internal

Map a standard LDAP attribute for external users

1. To a ldap attribute(say employeeType) ,map the user type value as external.

2. In map_dbrepos_from_source.properites, comment out this line: displayName=cn

3. In map_dbrepos_from_source.properites, Add/uncomment out this line:

mode= employeeType

displayName={func_decorate_displayName_if_visitor}

displayNameLdapAttr=cn

decorateVisitorDisplayName= - External User

4. Run sync_all_dns.bat

5. In EMPLOYEE table, PROF_EMPLOYEE_TYPE is mapped as external/internal

Friday 18 July 2014

Registering external users with Profiles

There are three ways to register a user. All methods set the value of mode to external to denote an external user. Choose the method that is appropriate for how your LDAP and environment are set up. Once you register a user as either internal or external, you cannot change it. If you must update an external user so that they are registered as internal, then you must delete the external user and re-create that user as an internal user. External users must be populated into your organization's LDAP before they can be populated into Profiles. If you update Tivoli Directory Integrator to enable external users, then by default the string - External User is appended to the display name of an external user. This string makes it possible to identify which users are external users, and can be customized.

1. Map a standard LDAP attribute for external users
Register an external user by editing the value of the mode property using 1:1 mapping.

2. Map a standard LDAP attribute using JavaScript
Register an external user by deriving the value of the LDAP property that is mapped to mode from a JavaScript function (complex mapping).

3. Use an LDAP branch to store external users
If your external users are stored in a separate LDAP branch, you can use that branch to populate the Profiles database with those users.

Connection notes

Since intergration between ibm products are becoming relatively large,learning of those technology is necessary.In this blog ,i am starting to write about connections too.

Thursday 10 July 2014

Redirect to different page after login in Wps8.5

In the theme the login link points to a protected URL to the home page of the default portal installation. If you remove this page, or if you want your users to be directed to a different page after login, modify the theme by the following procedure.

1. Open the file PortalServer_root/theme/wp.theme.themes/default85/installedApps/DefaultTheme85.ear/DefaultTheme85.war/themes/html/dynamicSpots/commonActions.jsp .

2. Locate the line: <portal-navigation:urlGeneration allowRelativeURL="true" keepNavigationalState="false" contentNode="wps.content.root" home="protected" >

3. Change wps.content.root to the unique name of the page(com.sample.testpage) to which you want your users to be directed after logging in.

Informative message in WebSphere Portal Sever 8.5

If a user is not authorized to view a portlet,if you want to show an informative message,follow the steps

Click the Administration menu icon in the toolbar.

Click Portal Settings > Global Settings.

Choose portlet is not displayed and Click Save.