Preparing for remote search service
Get an overview of how you prepare your portal system for remote search service. You can provide remote search service by either using EJB or SOAP.
Before you begin
- For SOAP: If you use SOAP, the following security and performance
considerations apply:
- Application security: If you use SOAP over a secure server, the SOAP service itself is not secure.
- Java 2 security: If you use SOAP, you must disable Java 2 security.
Note: SOAP support for remote search services was deprecated with WebSphere® Portal Version 8.0. EJB is still supported. - For EJB: If you use EJB, complete the following security administration
tasks:
- Prepare security for remote search service in a single-signon domain (SSO).
- Add the signer certification of the remote search service server
into the portal search server. To do this addition, proceed by the
following steps:
- Access the WebSphere Integrated Solutions Console of the portal search server.
- Click Security > SSL
certificate and key management > Key stores and
certificates > NodeDefaultTrustStore > Signer certificates > Retrieve from
port.Cluster note: In a clustered environment, the path is Security > SSL certificate and key management > Key stores and certificates > CellDefaultTrustStore > Signer certificates > Retrieve from port.
- Enter the remote search service server host, its SOAP port, and an alias.
- Click OK.
Procedure
- Copy the files WebScannerSoap.ear, WebScannerEjbEar.ear, and PseLibs.zip to the directory AppServer_root/installableApps on the computer on which you want to install the remote search service. You find these files in the following locations of your portal
installation:
- The files WebScannerSoap.ear and WebScannerEjbEar.ear are in the directory PortalServer_root/search/prereq.webscanner/installableApps
- The file PseLibs.zip is located under directory PortalServer_root/search/wp.search.libs/installableApps
- Depending on the requirements of your environment, install
one of the two applications WebScannerEJbEar.ear or WebScannerSoap.ear on a remote
server. For example, this can be server1. Proceed by the following steps:
- Access the WebSphere Integrated Solutions Console.
- Click Applications > WebSphere Enterprise Application.
- Click Install.
- Browse and select WebScannerEjbEar.ear or WebScannerSoap.ear, depending on whether you are using EJB or web service through SOAP.
- Click Next.
- On the following panels, accept the default settings.
- A message confirms that the application PSEStandalone (for EJB) or the application WebScannerEar (for SOAP) was installed successfully.
- Click Save to Master Configuration.
- Click Save.
- Required: This step is required if you use
Document Conversion Services.
- Install remote document conversion services on the remote server. You do not need to delegate all conversion tasks from the WebSphere Portal to the remote server. You must only install the remote conversion services. For more information, refer to the topic about Enabling remote document conversion.
- Start the WebSphere Integrated Solutions Console and select Environment > Shared Libraries. Create a new shared library that is named PSE with a
class path as follows:
where cell_name is the IBM WebSphere Application Server cell name where DCS is installed.$(APP_INSTALL_ROOT)/cell_name/dcs_war.ear/dcs.war/WEB-INF/lib/convertors.jar $(APP_INSTALL_ROOT)/cell_name/dcs_war.ear/dcs.war/WEB-INF/lib/Export.jar
- Click Apply > Save > Save to save your changes.
- Extract the Portal Search libraries to the remote server
and add them to the class path on the remote server. To do this step,
proceed as follows:
- Create a directory with the name extract under the directory installableApps.
- Locate the file PseLibs.zip in the directory installableApps and extract its content into the directory extract that you created in the previous step.
- Open the WebSphere Integrated Solutions Console.
- Click Environment > Shared Libraries.
- Create or modify the new shared library names PSE. When you create the library, check the option Use an isolated class loader for this shared library.
- Add the libraries extract/lib to the class path by adding a
line to the class path and giving the full path: AppServer_root/installableApps/extract/lib. AppServer_root is
the profile directory of your WebSphere Application
Server installation. For example, this path can
be:
/usr/WebSphere/AppServer/profiles/profile_name
- Click Apply > Save to save your changes to the configuration.
- Add a reference from the application WebScannerEJbEar.ear to the shared library. To add a reference, proceed as follows:
- Access the WebSphere Integrated Solutions Console of the remote server.
- Navigate to Websphere enterprise applications.
- For EJB: Click the application PSEStandalone > Shared library references.
For SOAP: Click the application WebScannerEar > Shared library references. - For EJB: On the window that opens up click the check box for
PSEStandalone, then click Reference shared library.
For SOAP: On the window that opens up click the check box for WebScannerEar, then click Reference shared library. - From the Available list, select PSE.
- Click the appropriate arrow so that PSE displays in the Selected list.
- Click OK > OK.
- Save the configuration.
- For EJB: Restart the application PSEStandalone.
For SOAP: Restart the application WebScannerEar.
- On the WebSphere Integrated Solutions Console, determine the required values for configuring the portlet
parameters, depending on whether you are using EJB or web service
through SOAP:
- For EJB: Determine the value for the port under Servers > Server Types > WebSphere application servers > YourAppServer1 > Communications > Ports > BOOTSTRAP_ADDRESS.
- For SOAP: Determine the value for the
port number for the SOAP URL parameter. The appropriate port number
for the SOAP URL parameter is the port on which the application server
runs, in other words, the HTTP transport on which the remote server
is configured to run. Determine the correct port number from Application servers > server1 > Ports > WC_defaulthost. The WC_defaulthost value
is 10014; therefore, if you did not change the default, you can use
this value. Make sure that the port number that is set in the following
file matches this port:
AppServer_root/installedApps/cell/WebScannerEar.ear/WebScannerSoap.war/ wsdl/com/ibm/hrl/portlets/WsPSE/WebScannerLiteServerSOAPService.wsdl
Replace the variables as follows:- AppServer_root is the profile directory of your WebSphere Application
Server installation. For example, this directory can
be:
/usr/WebSphere/AppServer/profiles/profile_name
- cell is the cell name of your remote search computer.
- WebScannerEar.ear is the name that you gave to the Enterprise Application when you installed the WebScannerSoap.war file.
In the example the port is your_port_no. The default value for the WC_defaulthost is 10014.<soap: address location="http://localhost:your_port_no/WebScannerSOAP/servlet/rpcrouter"/> .
- AppServer_root is the profile directory of your WebSphere Application
Server installation. For example, this directory can
be:
- In the WebSphere Integrated Solutions Console, go to Resources > Asynchronous beans > Work managers, create a new Work manager who is named PSEWorkManager with
the following attributes: WebSphere Application Server V9: If you upgraded to IBM® WebSphere Application Server Version 9.0, the WebSphere Integrated Solutions Console path is Resources > Concurency > Work managers.
Name: PSEWorkManager JNDI Name: wps/searchIndexWM Minimum Number of Threads: 20 Maximum number of Threads: 60 Growable = True (Ensure that the Growable check box is selected.) Service Names: Application Profiling Service, WorkArea, Security, Internationalization
- Click Apply > Save to save your changes to the configuration.
- Start the application:
- Open the WebSphere Integrated Solutions Console.
- Click Applications > Application Types > WebSphere enterprise applications.
- Scroll to PSEStandalone or WebScannerEar. You can use the filter feature to search for these names.
- Click the check box and click Start. A message confirms that the application started successfully.
- Required: This step is required only if you work with EJB on a secure server: Setting the search user ID.
- Required: This step is required only if you disabled security or set the search user ID by one of the optional previous steps: Restart the WebSphere Application Server.
- In the portal server enable CSIv2 identity assertion. To
complete this step, proceed as follows: Cluster note: In a clustered environment, complete these steps on the Deployment Manager WebSphere Integrated Solutions Console.
- Enable CSIv2 Identity Assertion on the outbound connection:
- Access the WebSphere Integrated Solutions Console of the portal server.
- Navigate to Security > Global Security > RMI/IIOP security > CSIv2 outbound communications.
- Check Use identity assertion.
- When you are done, restart the portal server.
- Enable CSIv2 Identity Assertion on the inbound connection:
- Access the WebSphere Integrated Solutions Console of the remote server.
- Navigate to Security > Global Security > RMI/IIOP security > CSIv2 inbound communications.
- Check Use identity assertion.
- Under Trusted identities, enter either an asterisk (*) or the identity of the portal server.
- When you are done, restart the remote server.
- Enable CSIv2 Identity Assertion on the outbound connection:
- On the portal server, configure HTTPs for the Seedlist
servlet. The Seedlist servlet requires HTTPs by
default. Therefore, when you access the servlet through HTTP, then WebSphere Application
Server redirects you
to HTTPs. Proceed by the following steps:
- Open the following file with an editor: PortalServer_root/search/wp.search.servlets/seedlist/servletEAR/installableApps/wp.search.seedlist.ear/wp.search.servlets.seedlist.war/WEB-INF/web.xml Cluster note: In a clustered environment, complete this step on the primary node and all secondary nodes.
- Update the following code: Cluster note: In a clustered environment, complete this step on the primary node and all secondary nodes.
Replace it by the following code:<user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint>
<user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint>
- Save the file. Cluster note: In a clustered environment, complete this step on the primary node and all secondary nodes.
- Run the following portal ConfigEngine script: Cluster note: In a clustered environment, complete this step on the primary node only.
./ConfigEngine.sh action-update-ear-wp.search.servlets/seedlist/servletEAR
- Restart all servers in your configuration for your updates to take effect.
- Open the following file with an editor: PortalServer_root/search/wp.search.servlets/seedlist/servletEAR/installableApps/wp.search.seedlist.ear/wp.search.servlets.seedlist.war/WEB-INF/web.xml
- Back on your portal, configure Portal Search for remote
search service. Cluster note: In a clustered environment, complete this step on the primary node only.