IBM BS029ML Self Help Guide - Page 116
Problem determination, 4.3.1 General problem determination recommendations, Customizations
![]() |
View all IBM BS029ML manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 116 highlights
- Updates "WP AuthencationService" to enable the JAAS login module Portal_Login. As of the writing of this Redpaper, portal development is testing a new configuration task for supporting TAI++, with which we no longer create callbackheaderslist.properties and the requirement of the JAAS Login module Portal_Login. Check the portal support Web site for the APAR. action-esm-tam-update-vaultservice: WebSphere Portal comes with a default vault adapter for storing the credential vaults used in portal applications. The vaults are stored in the portal database. Alternatively, you can configure TAM's Global Sign On (GSO) lockbox to store the credential vaults. That is when you need to configure TAM vault adapter, which is done by running action-esm-tam-update-vaultservice. This task basically takes the parameters and sets up the four custom properties in WP VaultService: - vault.AccessManager.vaultadapter=com.ibm.wps.services.credentialvault.AccessManag er41VaultAdapter - vault.AccessManager.config=accessmanagervault.properties - vault.AccessManager.manageresources=true - vault.AccessManager.readonly=false Customizations The configuration tasks are limited to general configurations applicable to most customer scenarios. If the steps documented in WebSphere Portal infoCenter are followed, you should have a working system after running the tasks. If there are special customizations required on the junctions created from the TAM side, or special requirements on the TAI from the WebSphere side (for example, TAI++), manual steps are required. If you are configuring an LTPA junction on WebSEAL, you should not configure TAI on WebSphere Application Server. That means you should not run any of the configuration tasks above. Instead, you should create the junction through the TAM PD admin interface to the HTTP server. You should make sure the LTPA key is generated from the WebSphere Application Server and shared among the SSO participating servers. With the LTPA junction, when the requests are passed to WebSphere Application Server, the LTPA is already associated with the requests, so WebSphere Application Server would treat the requests as being authenticated. It would then retrieve the user info from the token and build up the security context. In order to configure TAI++ to take advantage of this new WebSphere feature, manual steps are required as of the writing of this Redpaper. Refer to WebSphere Application Server InfoCenter for details 4.3 Problem determination In this section, we are not going to discuss the step-by-step process of debugging different scenarios. There are millions of reasons something can go wrong. Here we only present some general principles and guidelines to help users of WebSphere Portal to understand the general procedures in troubleshooting their problems. 4.3.1 General problem determination recommendations Here we discuss some general problem determination recommendations. 102 IBM WebSphere Portal V6 Self Help Guide
![](/manual_guide/products/ibm-bs029ml-self-help-guide-6d3dd71/116.png)