IBM Lotus Quickr is a Web 2.0 based team collaboration software that can help you access and interact with the people, information and project materials you need to get your work done.
IBM Lotus Quickr Service for WebSphere Portal is a set of Lotus Quickr Services running opon WebSphere Portal. In the following sections, IBM Lotus Quickr Service for WebSphere Portal is abbreviated to “Quickr for Portal”
Quickr for Portal support external web servers such as IBM HTTP Server, Apache Web Server, Domino Web Server and so on. SSL(Secure Socket Layer) is also supported for the web server and Quickr for Portal Server Connections. Configuring Lotus Quickr for SSL adds security to the client-portal exchange. It encrypts all traffic between the client browser and the server, so that no one can "eavesdrop" on the information that is exchanged over the network between the client browser and Lotus Quickr. In addition, assuming that the WebSphere Application Server is also configured to accept (or even require) SSL connections, the LTPA Token and other security and session information can be completely protected against hijack and replay attacks.
Configuring Lotus Quickr for SSL is a multi-step process that involves configuring the following components:
∙ Web (HTTP) server running in front of WebSphere Application Server
∙ WebSphere Application Server
∙ Lotus Quickr
Therefore, it is a little complex and hard to configure Lotus Quickr for SSL. There are more than 10 steps to configure Lotus Quickr for SSL in Quickr infocenter: http://publib.boulder.ibm.com/infocenter/lqkrhelp/v8r0/topic/com.ibm.lotus.quickr.admin.wpv81.doc/wpf/ssloverview.html. The configuration steps are performed on Web Server, WebSphere Application Server, WebSphere Portal and Lotus Quickr. The whole process requires knowledge on these products. Furthermore, it is very time-consuming.
The ANT target is provided to ease and speed up the configuration progress of Quickr for Portal for SSL. It may take more then 4 hours for a technical people to configure Quickr for Portal for SSL. While, with the ANT target, a common user is able to complete the configuration in 30 minutes without any problems.
ANT Target
An ANT target is a set of pre-defined operations in the ANT build file. For further descriptions, please refer to ANT project in Apache.org: http://ant.apache.org/
WPSconfig Commandline Tool
WPSconfig commandline tool refers to the command WPSconfig.bat or WPSconfig.sh under < Quickr >/PortalServer/config directory. It is Apache-ANT based build tool, addition with some enhancements by IBM WebSphere Portal. WPSconfig commandline tool is one of the main configuration tools for WebSphere Portal and Quickr for Portal products.
Generally an ANT target is invoked by WPSconfig in this way:
Windows:
Unix:
1. Configuring your http server for SSL connections
This involves setting up the Web server to accept inbound connections from client browsers over SSL. Depending on the Web server you want to use, other software may have to be installed on the Web Server machine, for instance Microsoft® Internet Information Server and Microsoft Certificate Service. The Web server must have a port defined (usually 443), and the necessary certificates and keys must be installed. Go to Setting up the Secure Sockets Layer protocol for information on how to enable SSL on an IBM HTTP Server.
Note: See the Security planning overview section of the WebSphere Application Server information center for details on digital certificates planning and configuration.
If this is a production environment, you must obtain a certificate from a certificate authority. For testing purposes, you can use IKEYMAN to generate a self-signed certificate. Refer to the Managing digital certificates section of the WebSphere Application Server information center.
2. Configure the WebSphere Application Server plugin for the Web server to forward Lotus Quickr traffic that is received over SSL to WebSphere Application Server (which will then forward the traffic to Lotus Quickr ). Go to Configuring the Web server plug-in for Secure Sockets Layer for information on how to configure the plug-in. This topic discusses the configuration for the IBM HTTP Server; however, the Web server-related configuration in this situation is not specific to any distributed platform Web server
3. Open the wpconfig.properties file with a text editor. The file is located in
4. Extract the attached jacls.zip to < Quickr >/PortalServer/config/template.
Note: Make sure the jacls.zip file is NOT in < Quickr >/PortalServer/config/template directory before you proceed with next steps, otherwise the configuration task will fail.
5. Copy the attached ssl_cfg.xml file to < Quickr >/PortalServer/config/includes
6. Open a command prompt(or unix shell window), change to < Quickr >/PortalServer/config directory, and run the following command:
Windows: WPSconfig.bat enable-http-ssl –DWasPassword=passwordforyourwasuser -DPortalAdminPwd=passwordforyourportaladmin
Unix: ./WPSconfig.sh enable-http-ssl –DWasPassword=passwordforyourwasuser -DPortalAdminPwd=passwordforyourportaladmin
7. You still need to propagate the HTTP Server Plug-in configuration file (plugin-cfg.xml file).
If your HTTP Server is installed on same machine with Lotus Quickr, you may propagate the plugin file in Quickr Administrative Console:
● login to WebSphere Administrative Console
● Go to Servers> Web servers
● check the select box of you web server
● click Propagate Plug-in button
if you are using remote web server, you have to copy the plugin-cfg.xml file to the machine where the web server is installed, then restart the web server.
8. Restart Quickr for Portal Servers.
The SSL configuration steps for Lotus Quickr have been completed. Now you may access Lotus Quickr for Portal Server through securied URL: https://hostname.domainname/lotus/quickr
Note: There is a tiny difference in the step 7 of the configuration guide in Quickr Infocenter. There users are required to set UseSecureLoginActionUrl parameter for Login portlet to “true” via Quickr Administration UI. While in this WPS Configuration task, we just set the vaule for the portlet instance of Login portlet in Quickr Login Page. If you see the UseSecureLoginActionUrl value for Login Portlet is still “false” in Portlet Management portlet, that is as design and no impact to the SSL configuration.
1. Open a command prompt(or unix shell window), change to < Quickr >/PortalServer/config directory, and run the following command:
Windows: WPSconfig.bat disable-http-ssl –DWasPassword=passwordforyourwasuser -DPortalAdminPwd=passwordforyourportaladmin
Unix: ./WPSconfig.sh disable-http-ssl –DWasPassword=passwordforyourwasuser -DPortalAdminPwd=passwordforyourportaladmin
2. Configure the web server to accept non-ssl requests again if you’ve configured to accept SSL request only. Then restart web server
3. Restart Lotus Quickr Servers
1. The configuration task has been tested on Windows and Redhat. It should be working well on Aix and HP-UX too. But it is not tested on these Unix Systems.
2. This configuration task can only be running on a Lotus Quickr Services for WebSphere Portal single server. Support for cluster is in plan and will be available in a newer version.
本文来源:https://www.2haoxitong.net/k/doc/fdada322e87101f69f319508.html
文档为doc格式