Installation of Sample Application

CourierApp Sample

Follow the steps in this section to locate and install the CourierApp Sample application on WebSphere® Application Server Version 6.1.x. If <install_root> is the directory where the feature pack is installed in the case of WebSphere Application Server (for example, the directory where WebSphere Application Server is installed) and <WASCEFEP_HOME> is the directory where IBM WebSphere Application Server Community Edition Version 2.0 Plug-in for Web 2.0 Version 1.0 is unzipped.

Importing the CourierApp sample into an Eclipse-based IDE:

When the import process completes, a new project exists in the Eclipse Project Explorer: CourierApp from which the application source code can be accessed.

Importing the HelloWorld sample into an Eclipse-based IDE:

When the import process completes, three new projects exist in the Eclipse Project Explorer: HelloWorldEJB, HelloWorldWAR and HelloWorld. The application source code can be accessed from the HelloWorldEJB project.


Installing the sample on WebSphere Application Server V6.1.x

Note: The host name and ports might vary according to your server configuration.

HelloWorld Sample

The steps to install HelloWorld sample application is same as CourierApp. Follow the instructions previously mentioned to install and deploy the application. There is no need for the specification of a context root in this case. Browse to http://localhost:9080/helloworld to bring up welcome page of sample. The Context root is helloworld.

Note: The host name and ports might vary according to your server configuration.

Securing the CourierApp Sample application

Complete the following steps to implement J2EE security in the CourierApp Sample application on WebSphere Application Server Version 6.1.x. Also, complete the following steps to enable security for the sample.

WebSphere Application Server V6.1.x

To test Courier application (with security enabled), do the following steps:

If access is granted to a role other than one that is authenticated in the previous step, RPC adapter might deny access to the corresponding service and return an "Invalid Access" error. In the examples shown previously, only the "non-Admin" role has access to the DestinationLookup service. If the user has not been authenticated or has been authenticated in a different role, access to this service is denied by the RPC adapter.
<pojo> <name>DestinationLookup</name> <role>non-Admin</role> <!-- optional --> <implementation>com.ibm.courier.DestinationLookup</implementation> <methods filter="whitelisting"> <method> <name>getDestination</name> <description>get destination</description> <http-method>GET</http-method> <parameters> <parameter> <name>destinationId</name> </parameter> </parameters> </method> </methods> </pojo>

A snap shot of web.xml that shows the url '/RPCAdapter/*' is secured is shown below. To access the methods in this pattern, one has to pass the correct credentials.

<login-config> <auth-method>BASIC</auth-method> <realm-name>Sample Security Realm</realm-name> </login-config> <security-role id="SecurityRole_1"> <role-name>admin</role-name> </security-role> <security-constraint id="SecurityConstraint_1"> <web-resource-collection id="WebResourceCollection_1"> <web-resource-name>administrator</web-resource-name> <description>Protection area for RPCAdapter Servlet.</description> <url-pattern>/RPCAdapter/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint id="AuthConstraint_1"> <description>RPCAdapter Servlet Security:+:All Authenticated users for RPCAdapter Servlet.</description> <role-name>admin</role-name> </auth-constraint> <user-data-constraint id="UserDataConstraint_1"> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint>

Note: The host name and ports might vary according to your server configuration.