Configuring WebSphere 7.0 Application Server

  1. Stop the WebSphere application server if it is already running. To stop the server, change the directory to <WebSphereInstallDir>\WebSphere\AppServer\profiles\AppSrv01and run the command appropriate for your operating system:

    • For Windows:

      bin\stopServer.bat server1

    • For AIX:

      bin/stopServer.sh server1
  2. Copy the following .jar files from the BMC IT Business Management Suite product file directories to the <WebSphereInstallDir>\WebSphere\AppServer\lib directory:
    • From AR_lib:
      • arapi80_build001.jar
      • arutil80_build001.jar
      • log4j-1.2.14.jar
    • From WebSphere:
      • arsys-login-module.jar
      • itbm-login-module.jar
      • ojdbc6.jar
    • All .jar files from AtriumSSO_lib
  3. Copy the ehcache.xml file from the SHARE_DOCUMENTS/appserver/conf folder to the WebSphere/AppServer/lib/ext folder.
  4. Start the WebSphere application server: change directory to <WebSphereInstallDir>\WebSphere\AppServer\profiles\AppSrv01and run the following command:

    • For Windows:

      bin\startServer.bat server1

    • For AIX:

      bin/startServer.sh server1
  5. In a browser window, specify the following URL:
    • https://<hostName>:<port>/ibm/console
    • hostName: Server on which you installed WebSphere
    • port: Administrative console secure port specified in <WebSphereInstallDir>\WebSphere\AppServer\profiles\AppSrv01\logs\AboutThisProfile.txt
  6. In the WebSphere application logon window, specify the User ID as itmadm.
  7. In the Integrated Solutions console, under the Security left navigation topic, click Global security.
  8. In the Global security window, in Available realm definitions, click Standalone custom registry.
  9. Click Configure.
  10. In the Related items options on the right, click Trusted authentication realms - inbound.
  11. To add itmRealm, click the Add External Realm button; if itmRealm is already present in the list of Realms, skip to step 13.
  12. Specify the external realm name as itmRealm and click OK.
  13. Click Save and return to Global security > Standalone custom registry.
  14. In the General Properties form, specify the Primary administrative user name as itmadm.
  15. Select Server identity that is stored in the repository.
  16. Enter itmadm as the user ID and itmadmin as the password.
  17. Specify the Custom registry class name as com.bmc.security.auth.module.ARWebsphereRegistry.

  18. Ensure that Ignore case for authorization is selected.
    Specify the following properties and values for the custom repository:

    Name

    Value

    ar.application.service.password

    Your AR application service password (may be in the encrypted form)

    ar.host

    Name of the BMC Remedy AR System Server
    (for example, w28-itm-vm.bmc.com)

    ar.tcpport

    0

    debug

    false

    websphere

    true

  19. Click Apply, and click Save.
  20. Select Automatically generated Server identity.
  21. Click OK, and click Save.
  22. In the Global security window, click Available realm definition and select Standalone custom registry, if it is not already selected.
  23. In the Global security window, click Set as current button, click Apply, and click Save.
  24. In the Global security page, click Security Configuration Wizard.
  25. In the Specify extent of protection form, select only Enable application security, and click Next.
  26. In the Select user repository form, select the Standalone custom registry option, and click Next.
  27. In the Configure standalone custom registry form, click Next.
  28. On the Summary page, verify the information and click Finish.
  29. In the Message box at the top of the screen, click Save to commit the changes.
  30. In the Global security window, click Java Authentication and Authorization Service.
  31. In Java Authentication and Authorization Service, click System Logins.
  32. In the resources list, clickthe WEB_INBOUND resource.
  33. In the JAAS login modules table, click the New option.
  34. In the General Properties section, specify the Module class name as com.itmsoft.security.auth.module.ITBMLoginModule.
  35. Select the Use login module proxy check box.
  36. For Authentication strategy, select REQUIRED.

  37. Specify the following custom properties and values:

    Name

    Value

    ar.application.service.password

    Your AR application service password (may be in the encrypted form)

    ar.host

    Name of the BMC Remedy AR System Server
    (for example, w28-itm-vm.bmc.com)

    ar.tcpport

    0

    debug

    false

    websphere

    true

  38. Click Apply.
  39. In the Message box at the top of the screen, click Save to commit the changes.
  40. In the resources list, click the WEB_INBOUND resource.
  41. Click Set Order.

  42. Set the module order as follows:

    com.itmsoft.security.auth.module.ITBMLoginModule

    1

    com.ibm.ws.security.server.lm.ltpaLoginModule

    2

    com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule

    3

  43. Click OK, and click Save.
  44. On the left navigation panel, click Global Security .
  45. Click Apply and Save.
  46. In the main console window, click Users and Groups|Administrative Group Roles in the left navigation pane, and click Add.
  47. Click Search.
  48. From the search list, select ITMAdmin@itmRealm, and click the right arrow.
  49. From the Role list at the top of the page, select Administrator, click OK, and click Save.

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*