配置Portal6.1与Webseal单点登录步骤
来源:互联网 发布:泰安 ug编程培训 编辑:程序博客网 时间:2024/06/11 14:17
1、创建junction
server task default-webseald-abc.ibm.com create -t tcp -h abc.ibm.com -p 80 -A -F "/data1/chemchina.key" -Z passw0rd -j -c all -f /portal
2、查看对象命名空间命令:object list /WebSEAL
结果:/WebSEAL/abc.ibm.com-default
3、创建组
group import wpsadmins "cn=wpsadmins,cn=groups,dc=chemchina,dc=com"
user import wpsadmin "uid=wpsadmin,cn=users,dc=chemchina,dc=com"
user modify wpsadmin account-valid yes
user import wpsbind "uid=wpsbind,cn=users,dc=chemchina,dc=com"
user modify wpsbind account-valid yes
4、portal junction相关ALC命令:
acl create WPS_authenticated_access
acl create WPS_admin_access
acl create WPS_no_access
acl modify WPS_admin_access set user sec_master TcmdbsvaBrxl
acl modify WPS_admin_access set group iv-admin Tcmdbsvarxl
acl modify WPS_admin_access set group webseal-servers Tgmdbsrxl
acl modify WPS_admin_access set group wpsadmins Tr
acl modify WPS_admin_access set any-other T
acl modify WPS_admin_access set unauthenticated T
acl modify WPS_no_access set user sec_master TcmdbsvaBrxl
acl modify WPS_no_access set group iv-admin Tcmdbsvarxl
acl modify WPS_no_access set group webseal-servers Tgmdbsrxl
acl modify WPS_no_access set group wpsadmins T
acl modify WPS_no_access set any-other T
acl modify WPS_no_access set unauthenticated T
acl modify WPS_authenticated_access set user sec_master TcmdbsvaBrxl
acl modify WPS_authenticated_access set group iv-admin Tcmdbsvarxl
acl modify WPS_authenticated_access set group webseal-servers Tgmdbsrxl
acl modify WPS_authenticated_access set group wpsadmins Tr
acl modify WPS_authenticated_access set any-other Tr
acl modify WPS_authenticated_access set unauthenticated T
acl modify WPS_all_access set user sec_master TcmdbsvaBrxl
acl create WPS_all_access
acl modify WPS_all_access set group iv-admin Tcmdbsvarxl
acl modify WPS_all_access set group webseal-servers Tgmdbsrxl
acl modify WPS_all_access set group wpsadmins Tr
acl modify WPS_all_access set any-other Tr
acl modify WPS_all_access set unauthenticated Tr
acl attach /WebSEAL/abc.ibm.com-default/portal/wps/config WPS_admin_access
acl attach /WebSEAL/abc.ibm.com-default/portal/wps/myportal WPS_authenticated_access
acl attach /WebSEAL/abc.ibm.com-default/portal/wps/portal WPS_all_access
acl attach /WebSEAL/abc.ibm.com-default/portal/wps/doc WPS_all_access
acl attach /WebSEAL/abc.ibm.com-default/portal/wps/wps WPS_all_access
5、创建ldif文件:
dn: dc=chemchina,dc=com
changetype: modify
add: aclEntry
aclEntry:group:cn=SecurityGroup,secAuthority=Default:system:rsc:normal:rwsc:restricted:rwsc
aclEntry:group:cn=ivacld-servers,cn=SecurityGroups,secAuthority=Default:system:rsc:normal:rsc
aclEntry:group:cn=remote-acl-users,cn=SecurityGroups,secAuthority=Default:system:rsc:normal:rsc
aclEntry:group:cn=anybody:system:rsc:normal:rsc:restricted:rsc
6、导入Ldif文件:
#./ldapmodify -D cn=root -w passw0rd -f /data1/acl.ldif
7、在WebSeal服务器/Tivoli/PDWeb/www-default/lib目录下,添加dynurl.conf,jmt.conf两个文件,文件的内容分别为:
jmt.conf:
/portal /wps/portal*
/portal /wps/config*
/portal /wps/doc*
/portal /wps/myportal*
dynurl.conf:
/portal/wps/portal /portal/wps/portal*
/portal/wps/myportal /portal/wps/myportal*
/portal/wps/config /portal/wps/config*
/portal/wps/doc /portal/wps/doc*
/portal /wps*
8、备份/Tivoli/PDWeb/etc下的webseald-default.conf文件,编辑修改该文件的参数如下:
ba-auth = none
forms-auth = https
script-filter = yes
dynurl-allow-large-posts = yes
http-timeout = 300
https-timeout = 300
ssl-id-sessions = no
process-root-requests = filter
9、重启Portal服务器的server1,PortalServer,重启Policy Server、WebSEAL
10、至此Portal SSO配置完毕。
11、https://abc.ibm.com/portal/wps/myportal
- 配置Portal6.1与Webseal单点登录步骤
- webseal 单点登录的一个问题
- 单点登录实现步骤
- 单点登录步骤详解
- WebSphere portal与Domino单点登录配置
- CAS单点登录服务端与客户端配置
- 单点登录CAS7-客户端配置单点登录
- CAS单点登录配置
- 单点登录配置问题
- 单点登录配置
- CAS单点登录配置
- CAS单点登录配置
- 单点登录配置
- 单点登录的配置
- Tomcat下配置与使用CAS实现单点登录
- 配置ECC系统与Portal的单点登录
- Xweibo与第三方站点单点登录配置
- CAS_SSO单点登录实例详细步骤(转)、Tomcat ssl(https) 配置
- 如何解决Oracle数据库中汉字长度的问题
- 光纤接口类型介绍
- Java 比较 .Net 谁与正逢 ?
- 执行drop表dual操作后数据库无法起动的解决方法
- TD元素的nowrap属性
- 配置Portal6.1与Webseal单点登录步骤
- 固定行标题和列标题
- Socket编程总结
- mysql字符集校验规则
- Thinkpad 笔记本电源状态指示灯
- Ajax中文参数乱码解决方案
- 基于统一场景的设计: 从概念到实践
- jquery post 乱码问题
- Rational Software Architect 的 UML 对 CORBA 的转换