Creating and customizing inbound servers

Use the server create command to create your inbound servers. You must then edit the bootstrap.properties and server.xml files to specify port numbers, the catalog endpoints, and define your security (key store, user registry, and server administration authorization roles). You can also enable inbound connectivity to use either the WebSphere® MQ or the WebSphere Application Server JMS.

About this task

You must list all the host names and client listener ports of the catalog servers in your topology. You must also add details of the SSL key store, registry users, and server administration authorization roles.

Procedure

  1. Open a command window and go to the <InstallDir>/runtime/wlp/bin directory.
  2. Create an inbound server by running the server create command.

    For example on Windows:

     server create cisInbound1 --template=cisInbound

    For example on Linux®: 

     ./server create cisInbound1 --template=cisInbound

    Where:

    cisInbound1 is the name of the server that you want to create.

    cisInbound is the name of the template.

  3. Repeat steps 1 and 2 until all of the inbound servers in your topology are created.
  4. Open the <WLP_USER_DIR>/servers/server_name/bootstrap.properties file in a suitable editor.
  5. Add an entry to declare the host names and client listener ports of the catalog servers in your topology. The declaration takes the form: computer_name:port_number,computer_name:port_number

    For example: 

    ia.bootstrapEndpoints=cisCatalogHost01:2809,cisCatalogHost02:2809
    Note:

    An inbound server uses the ia.bootstrapEndpoint entry as the ia_connectivity catalogServerEndpoint value. For more information, see Connectivity server configuration.

  6. Open the <WLP_USER_DIR>/servers/server_name/server.xml file in a suitable editor.
  7. Enable or disable the application security feature according to your requirements.

    To secure inbound HTTP endpoints to allow only authenticated and authorized users, the application security feature must be enabled. If application security is enabled, inbound HTTP endpoints that are deployed to the server accept HTTPS connections only. Disabling application security allows all inbound HTTP endpoints that are deployed to this server to accept HTTP connections but authorization controls are not applied.

    By default, the appSecurity Liberty feature is enabled in inbound servers: 

    <feature>appSecurity-2.0</feature>
  8. Add the basic or LDAP user registry configuration.

    For example: 

    <basicRegistry id="basic" realm="SimpleRealm">
   <user name="SimpleAdmin" password="abcdefg"/>
   <group name="SimpleAdministratorsGroup">
      <member name="SimpleAdmin"/>
   </group>
</basicRegistry>

    For more information, see Managing users with LDAP.

  9. Configure the authorization roles for server administration.

    For example: 

    <administrator-role>
   <group>SimpleAdministratorsGroup</group>
</administrator-role>
  10. If you are using WebSphere MQ, uncomment the inbound connectivity feature to use WebSphere MQ, and supply the path to the WebSphere MQ Resource Adaptor.

    For example: 

    <featureManager>
   <feature>ia:iaConnectivityInboundJMS-8.10.5</feature>
   <feature>wmqJmsClient-2.0</feature>
</featureManager>

<variable
   name="wmqJmsClient.rar.location"
   value="/opt/mqm/java/lib/jca/wmq.jmsra.rar" />
  11. If you are using WebSphere Application Server, uncomment the inbound connectivity to use WebSphere Application Server JMS.

    For example: 

    <featureManager>
   <feature>ia:iaConnectivityInboundJMS-8.10.5</feature>
   <feature>wasJmsClient-2.0</feature>
</featureManager>