FileNet P8 Application Engine, Version 5.2.1       Application server:  WebSphere Application Server     

Editing web.xml for container-managed authentication

You can choose to use WebSphere® Application Server with container-managed authentication. To enable this optional authentication approach, edit the web.xml file on the WebSphere Application Server.

Procedure

  1. Make a backup copy of web.xml.

    AE_install_path/Workplace/WEB-INF/web.xml

  2. Open web.xml for editing, search for the parameter challengeProxyEnabled, and set it to false.
    <param-name>challengeProxyEnabled</param-name>
    <param-value> false </param-value>
  3. Search for the first instance of <web-resource-collection>, and uncomment the <url-pattern> as noted in the file comments.
    <web-resource-collection>
    <web-resource-name>action</web-resource-name>
    <description>Define thecontainer secured resource</description>
    <url-pattern>/containerSecured/*</url-pattern>
    
     <!--
    Uncomment this section if all resources that require credentials must be 
    secured in order to obtain a secured Thread. If using WebSphere, this section 
    must be uncommented. --> Move this commenting tag here from just
    before the </web-resource- collection> closing tag below.
    
    <url-pattern>/containerSecured/*</url-pattern>
    <url-pattern>/</url-pattern>
    <url-pattern>/author/*</url-pattern>
    <url-pattern>/Browse.jsp</url-pattern>
    <url-pattern>/eprocess/*</url-pattern>
    <url-pattern>/Favorites.jsp</url-pattern>
    <url-pattern>/GetPortalSitePreferences.jsp</url-pattern>
    <url-pattern>/GetTokenSignIn.jsp</url-pattern>
    <url-pattern>/GetUserInformation.jsp</url-pattern>
    <url-pattern>/GetUserToken.jsp</url-pattern>
    <url-pattern>/HomePage.jsp</url-pattern>
    <url-pattern>/IntegrationWebBasedHelp.jsp</url-pattern>
    <url-pattern>/is/*</url-pattern>
    <url-pattern>/operations/*</url-pattern>
    <url-pattern>/properties/*</url-pattern>
    <url-pattern>/redirect/*</url-pattern>
    <url-pattern>/regions/*</url-pattern>
    <url-pattern>/Search.jsp</url-pattern>
    <url-pattern>/select/*</url-pattern>
    <url-pattern>/SelectReturn.jsp</url-pattern>
    <url-pattern>/Tasks.jsp</url-pattern>
    <url-pattern>/UI-INF/*</url-pattern>
    <url-pattern>/utils/*</url-pattern>
    <url-pattern>/WcmAdmin.jsp</url-pattern>
    <url-pattern>/WcmAuthor.jsp</url-pattern>
    <url-pattern>/WcmBootstrap.jsp</url-pattern>
    <url-pattern>/WcmCloseWindow.jsp</url-pattern>
    <url-pattern>/WcmDefault.jsp</url-pattern>
    <url-pattern>/WcmError.jsp</url-pattern>
    <url-pattern>/WcmJavaViewer.jsp</url-pattern>
    <url-pattern>/WcmObjectBookmark.jsp</url-pattern>
    <url-pattern>/WcmQueueBookmark.jsp</url-pattern>
    <url-pattern>/WcmSignIn.jsp</url-pattern>
    <url-pattern>/WcmSitePreferences.jsp</url-pattern>
    <url-pattern>/WcmUserPreferences.jsp</url-pattern>
    <url-pattern>/WcmWorkflowsBookmark.jsp</url-pattern>
    <url-pattern>/wizards/*</url-pattern>
    <url-pattern>/Author/*</url-pattern>
    <url-pattern>/axis/*.jws</url-pattern>
    <url-pattern>/Browse/*</url-pattern>
    <url-pattern>/ceTunnel</url-pattern>
    <url-pattern>/CheckoutList/*</url-pattern>
    <url-pattern>/downloadMultiTransferElement/*</url-pattern>
    <url-pattern>/ExternalUrl/*</url-pattern>
    <url-pattern>/findRecordTarget</url-pattern>
    <url-pattern>/formCallback/*</url-pattern>
    <url-pattern>/getAnnotSecurity/*</url-pattern>
    <url-pattern>/getCEAnnotations/*</url-pattern>
    <url-pattern>/getContent/*</url-pattern>
    <url-pattern>/getForm/*</url-pattern>
    <url-pattern>/getISAnnotations/*</url-pattern>
    <url-pattern>/getISAnnotSecurity/*</url-pattern>
    <url-pattern>/getISContent/*</url-pattern>
    <url-pattern>/getMultiContent/*</url-pattern>
    <url-pattern>/getPreview</url-pattern>
    <url-pattern>/getProcessor/*</url-pattern>
    <url-pattern>/getRealms/*</url-pattern>
    <url-pattern>/getUsersGroups/*</url-pattern>
    <url-pattern>/Inbox/*</url-pattern>
    <url-pattern>/integrationCommandProxy</url-pattern>
    <url-pattern>/integrationResponse</url-pattern>
    <url-pattern>/integrationResponseProxy</url-pattern>
    <url-pattern>/integrationWebBasedCommand</url-pattern>
    <url-pattern>/keepAlive</url-pattern>
    <url-pattern>/launch/*</url-pattern>
    <url-pattern>/PublicQueue/*</url-pattern>
    <url-pattern>/putContent/*</url-pattern>
    <url-pattern>/QuickSearch/*</url-pattern>
    <url-pattern>/signingServlet/*</url-pattern>
    <url-pattern>/transport/*</url-pattern>
    <url-pattern>/upload/*</url-pattern>
    <url-pattern>/vwsimsoapservlet</url-pattern>
    <url-pattern>/vwsoaprouter</url-pattern>
    <url-pattern>/Workflows/*</url-pattern>   Move the closing comment tag from 
    here to the location indicated at the beginning of this example.
    </web-resource-collection>
  4. Locate the section <auth-constraint>, comment the wildcard (*) <role-name> as noted in the file comments.
    <auth-constraint>
    <!-- <role-name>*</role-name> -->
    <!-- For WebSphere 6, use
    the role-name line below instead of the wildcard role above.
    -->
    
    <role-name>All Authenticated</role-name>
    
    <!-- For WebSphere 6, add this
    security-role element below the login-config element (below).
     <security-role>
    <description>All Authenticated</description>
    <role-name>All Authenticated</role-name>
     </security-role>
    -->
    </auth-constraint>
  5. Locate the end of the </login-config> element, and add the All Authenticated users role-element after the closing tag.
    <security-role>
    <description>All Authenticated</description>
    <role-name>All Authenticated</role-name>
    </security-role>
  6. Search for the first instance of a <security-constraint> tag, and add the following <security-constraint> tag before that tag.
    Important: Enter the information below as single lines without line breaks.
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>action</web-resource-name>
    <description>Define the non-secured resource</description>
    <url-pattern>/P8BPMWSBroker/*</url-pattern>
    </web-resource-collection>
    </security-constraint>
  7. Save your changes to web.xml and close the file.


Last updated: October 2015
p8pin123.htm

© Copyright IBM Corporation 2013, 2015.