Release Notes
Abstract
In order to use Workplace or Workplace XT without SSL or in an SSO/Container Managed configuration with WebSphere Application Server version 8.0.0.x or higher, security settings must be updated. These settings permit non-SSL connections to P8 Content Engine and allow container-managed applications to pass HTTP session information to an applet.
Content
Ensuring consistency for P8 Content Engine and Workplace/Workplace XT SSL Settings
In WebSphere Application Server 8, the default settings for Security > Global Security > RMI/IIOP Security > Inbound and Outbound communications have changed.
The CSIv2 Transport Layer >Transport default setting in WebSphere Application Server 8.0.0.x changed to SSL-Required. Workplace and Workplace XT work with this new setting (if the P8 environment is running SSL communication between the Content Engine and Workplace/Workplace XT server), but also continue to work in the previous default (SSL-supported). The settings between the Content Engine WebSphere Application Server instance and the Workplace/Workplace XT WebSphere Application Server instance must match for a successful sign-in to occur.
If you are not running SSL, ensure that the SSL required option is turned off for both the server and client properties. This option is located at: WebSphereInstall\AppServer\profiles\AppSrv01\properties\sas.client.props
Verify the following setting and restart the application server:
com.ibm.CSI.performTransportAssocSSLTLSRequired=false
These changes should also be made to the Enterprise Records or Records Manager web application in the WebSphere 8 administrative console, if using IBM Enterprise Records.
Enabling Java Applet support
To prevent applet sessions from failing, you must disable the relevant HTTP Only settings for your deployment.
- Enable cookies and disable HTTP Only setting for the deployed application.
- Log in to the WebSphere Application Server admin console.
- Navigate to Applications > Application Types > WebSphere enterprise applications > Workplace XT > Session management.
For Workplace: Navigate to Applications > Application Types > WebSphere enterprise applications > Workplace > Session management.
- Under General properties, check the box Override session management and click Apply.
- Click the Enable cookies link under Session tracking mechanism.
- Under General properties, uncheck the box Set session cookies to HTTP Only to help prevent cross-site scripting attacks and click Apply.
- Navigate to Applications > Application Types > WebSphere enterprise applications > Workplace XT > Manage Modules > Workplace XT > Session Management.
For Workplace: Navigate to Applications > Application Types > WebSphere enterprise applications > Workplace > Manage Modules > Workplace > Session Management.
- Under General properties, check the box Override session management and click Apply.
- Click the Enable cookies link under Session tracking mechanism.
- Under General properties, uncheck the box Set session cookies to HTTP Only to help prevent cross-site scripting attacks and click Apply.
- Disable HTTP Only settings globally for SSO.
Note: This step is required for all Workplace XT deployments. Skip this step for Workplace (Application Engine), unless you are using SSO or a Container Managed configuration.
- Navigate to Security > Global security > Authentication > Web and SIP security > Single sign-on (SSO).
- Under General properties, uncheck the box Set security cookies to HTTP Only to help prevent cross-site scripting attacks and click Apply.
- Enable cookies and disable HTTP Only settings at the server level setting when using SSL.
- Navigate to Servers > Server Types > WebSphere application servers.
- Select the server where Workplace/Workplace XT is deployed.
- Click Session Management.
- Click the Enable cookies link under Session tracking mechanism.
- Uncheck the box Set session cookies to HTTP Only to help prevent cross-site scripting attacks.
- Save the settings to the master configuration.
- Restart the WebSphere Application Server.
[{"Product":{"code":"SSNVNV","label":"FileNet Content Manager"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Workplace XT","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"1.1.5;5.0;5.1.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
swg27023814