Use the server create command to create your inbound servers. You must
then edit the bootstrap.properties and server.xml files to
specify port numbers, the catalog endpoints, and define your security (key store, user registry, and
server administration authorization roles). You can also enable inbound connectivity to use either
the WebSphere® MQ or the WebSphere Application Server JMS.
About this task
You must list all the host names and client listener ports
of the catalog servers in your topology. You must also add details
of the SSL key store, registry users, and server administration authorization
roles.
Procedure
-
Open a command window and go to the
<InstallDir>/runtime/wlp/bin directory.
-
Create an inbound server by running the server create command.
For example on Windows:
server create cisInbound1 --template=cisInbound
For example on Linux®:
./server create cisInbound1 --template=cisInbound
Where:
cisInbound1
is the name of the server that you want to
create.
cisInbound
is the name of the template.
-
Repeat steps 1 and 2 until all of the inbound servers in your topology are created.
- Open the <WLP_USER_DIR>/servers/server_name/bootstrap.properties file in a suitable
editor.
- Add an entry to declare the host names and client listener
ports of the catalog servers in your topology. The declaration takes
the form:
computer_name:port_number,computer_name:port_number
For example:
ia.bootstrapEndpoints=cisCatalogHost01:2809,cisCatalogHost02:2809
Note: An inbound server uses the ia.bootstrapEndpoint
entry as the ia_connectivity catalogServerEndpoint
value. For more information, see Connectivity server configuration.
- Open the <WLP_USER_DIR>/servers/server_name/server.xml file in a suitable editor.
-
Enable or disable the application security feature according to your requirements.
To secure inbound HTTP endpoints to allow only authenticated and authorized users, the
application security feature must be enabled. If application security is enabled, inbound HTTP
endpoints that are deployed to the server accept HTTPS connections only. Disabling application
security allows all inbound HTTP endpoints that are deployed to this server to accept HTTP
connections but authorization controls are not applied.
By default, the appSecurity
Liberty feature is enabled in inbound servers:
<feature>appSecurity-2.0</feature>
- Add the basic or LDAP user registry configuration.
For example:
<basicRegistry id="basic" realm="SimpleRealm">
<user name="SimpleAdmin" password="abcdefg"/>
<group name="SimpleAdministratorsGroup">
<member name="SimpleAdmin"/>
</group>
</basicRegistry>
For more information, see Managing users with LDAP.
- Configure the authorization roles for server administration.
For example:
<administrator-role>
<group>SimpleAdministratorsGroup</group>
</administrator-role>
- If you are using WebSphere MQ, uncomment the inbound connectivity feature to
use WebSphere MQ, and
supply the path to the WebSphere MQ Resource Adaptor.
For example:
<featureManager>
<feature>ia:iaConnectivityInboundJMS-8.10.5</feature>
<feature>wmqJmsClient-2.0</feature>
</featureManager>
<variable
name="wmqJmsClient.rar.location"
value="/opt/mqm/java/lib/jca/wmq.jmsra.rar" />
- If you are using WebSphere Application Server, uncomment the inbound connectivity
to use WebSphere Application
Server JMS.
For example:
<featureManager>
<feature>ia:iaConnectivityInboundJMS-8.10.5</feature>
<feature>wasJmsClient-2.0</feature>
</featureManager>