To send all traffic through your WebSeal server, including server to server traffic,
update the LotusConnections-config.xml file.
Procedure
-
Update the values for the dynamicHosts and interService URL attributes in the
LotusConnections-config.xml configuration file:
-
Use the following command to check out the LotusConnections-config.xml
file:
execfile("app_server_root/profiles/DMGR/bin/connectionsConfig.py")LCConfigService.checkOutConfig("working_directory","cell_name")Note: If
you are prompted to specify which server to connect to, type 1.
where:
For example:
LCConfigService.checkOutConfig("c:/temp","foo01Cell01")
-
Update the dynamicHosts values by running the following commands:
-
Enable dynamicHosts:
LCConfigService.updateConfig("dynamicHosts.enabled","true")
-
Enter the WebSEAL host name in the values for the dynamicHosts.href and dynamicHosts.ssl_href
attributes:
LCConfigService.updateConfig("dynamicHosts.href","http://WebSEAL_host")
LCConfigService.updateConfig("dynamicHosts.ssl_href","https://WebSEAL_host")
where WebSEAL_host is the fully qualified host name of the WebSEAL server.
-
(Do not complete this step for Security Access Manager with
SPNEGO) Update the interService URL values by running the following command:
LCConfigService.updateConfig("application_interService_key","https://WebSEAL_host")
where:
- WebSEAL_host is the fully qualified host name of the WebSEAL server
- application_interService_key is the href attribute for the application and
includes the following applications. However, this is not a complete list and the href for all
installed applications must be updated.
- activities.interService.href
- blogs.interService.href
- communities.interService.href
- dogear.interService.href
- files.interService.href
- forums.interService.href
- help.interService.href
- homepage.interService.href
- mobile.interService.href
- moderation.interService.href
- news.interService.href
- personTag.interService.href
- profiles.interService.href
- quickr.interService.href
- sametimeLinks.interService.href
- sametimeProxy.interService.href
- search.interService.href
- wikis.interService.href
-
Check the LotusConnections-config.xml file in by running the following
command:
LCConfigService.checkInConfig()
Note: You can also complete this step by running the connectionsConfig.py
script in the wsadmin client.
-
(Do not complete this step for Security Access Manager with SPNEGO) Add a Security Access
Manager authenticator property by editing the LotusConnections-config.xml file.
-
Configure the custom Authenticator to support server-to-server authentication for Security
Access Manager:
LCConfigService.updateConfig("customAuthenticator.name",
"TAMAuthenticator")
-
Keep the file open until you have completed the next step.
-
(Do not complete this step for Security Access Manager with SPNEGO)
Configure the cookie timeout value for IBM® Connections:
-
Locate the CookieTimeout attribute in the LotusConnections-config.xml
file. If the attribute is not present, add it to the <customAuthenticator
name="TAMAuthenticator"> element.
-
Set the value, in minutes, of the CookieTimeout attribute to be equal to
or less than the maximum timeout and idle timeout values that you configured in Security Access Manager.
Note: When your production environment
is ready, set the AllowSelfSignedCerts parameter to false.
Note: If the parameter does not already exist in the
LotusConnections-config.xml file, create it. Open the file in a text editor and
add the parameter to the customAuthenticator element.
-
Save your changes.
-
Check the LotusConnections-config.xml file back in by running the
following command:
LCConfigService.checkInConfig()
Note: The connectionsAdmin J2C alias that you specified during installation must correspond to a
valid account that can authenticate with ISAM. It may map to a back-end administrative user account
but is not intended to be used as a user account for
IBM®
Connections. This account must be capable of authenticating for single sign-on against ISAM. If you
need to update the userid or credentials for this alias, see the
Changing references to administrative
credentials topic.