Thursday, October 9, 2008

Deploy Liferay 5.1.2 to IBM WebSphere 6.1.x


Install a new IBM WebSphere Application Server (WAS) 6.1 to c:\was61 by running launchpad.exe
No need to install sample applications
Do not enable admin security for simplicity


Create a MySQL database (Only for demo purposes, Liferay can also work with existing databases)
- Download non-installer version of MySQL 5.0.67 from www.mysql.com (http://dev.mysql.com/get/Downloads/MySQL-5.0/mysql-noinstall-5.0.67-win32.zip/from/http://mysql.mirror.ac.za/)
- Extract mysql-noinstall-5.0.67-win32.zip to c:\mysql
- start mysql by running "c:\mysql\bin\mysqld"
- Create lportal database by running "c:\mysql\bin\mysql -h localhost -u root -p", then run "create database lportal;"
Obtain MySQL JDBC driver
- Copy mysql-connector-java-5.0.8-bin.jar to c:\was61\lib\ext (Later version can also be used)
Start WAS using Start -> Programs -> IBM WebSphere -> Profiles -> AppSrv001 -> Start the server
Go to admin console using Start -> Programs -> IBM WebSphere -> Profiles -> AppSrv001 -> Administrative Console
When a browser starts, click "Log in" button while leaving User ID blank
Delete all application to avoid context root conflict with Liferay
- Click Applications -> Enterprise Applications
- Select all listed applications and then click Uninstall
- Click on Save when prompted
Create a MySQL data source for Liferay runtime
- While on Administrative Console, click Resources -> JDBC -> JDBC Providers
- Choose ...server1 for scope from the dropdown list box
- Click New
- Select "User-defined" for Database Type
- Enter (No quotes) "com.mysql.jdbc.jdbc2.optional.MysqlConnectionPoolDataSource" for Implementation class name
- Set Name to "MySQL JDBC Provider"
- Click Next
- Clear the text box for Class path
- Click Next and then Finish
- On the left hand navigation, click JDBC Providers
- Choose "MySQL JDBC Provider"
- Click "Data sources" under Additional Properties on the right hand side
- Click New
- For Data source name, type "LiferayDataSource"
- For JNDI name, type "jdbc/LiferayPool"
- Click Next, click Next, click Finish
- Click Data sources from the breadcrumbs (which should be JDBC providers > MySQL JDBC Provider > Data sources > LiferayDataSource)
- Click Custom properties under Additional Properties on the right side
- Delete all property items by selecting them and clicking Delete
- Click New
- Type user for Name, and root for Value, click OK
- Click New, type serverName for Name and localhost for Value, click OK
- Click New, type databaseName for Name and lportal for Value, click OK
- Save when prompted
- Click LiferayDataSource from the breadcrumbs, click Test connection button to test
Create a mail session for Liferay runtime
- Click Resources -> Mail -> Mail sessions
- For Scope, choose ...Server=server1
- Click New
- Set Name to LiferayMail
- Set JNDI name to mail/LiferayMailSession
- Click OK, click Save when prompted
Deploy Liferay 5.1.2
- Obtain liferay-portal-5.1.2.war from Liferay.com or Sourceforge.net
- Still in the Admin Console, click Applications -> Install New Application
- Browse for the war file that was downloaded earlier
- Type / for Context root
- Click Next, click Next
- Choose LiferayDataSource and LiferayMailSession
- Click Next and Finish
- Wait until the deployment is complete and save when prompted
Install Liferay 5.1.2 dependency files
- Obtain liferay-portal-dependencies-5.1.2.zip
- Extract this ZIP file to c:\was61\lib\ext
- Make sure all jars are immediately under c:\was61\lib\ext since Winzip keeps them in a folder by default
Copy icu4j.jar to c:\was61\java\jre\lib\ext
- icu4j.jar should be able to be found somewhere in installedApps folder
- Copy to c:\was61\java\jre\lib\ext
Move portlet.jar to c:\was61java\jre\lib\ext
- Locate portlet.jar at c:\was61\lib\ext
- Move it to c:\was61java\jre\lib\ext (You may have stop the server first)
Copy commons-annotation.jar to c:\was61\lib\ext
- Obtain commons-annocation.jar, preferrably from Spring 2.5.5 distribution
- Copy it to c:\was61\lib\ext
Change memory settings
- Go back to Admin Console
- Click Servers -> Application Servers -> server1 -> Java and Process Management -> Process Definition -> Java Virtual Machine
- Type 256 for Initial Heap Size
- Type 512 for Maximum Heap Size (Windows might have a restriction of 1024, more than this could prevent WAS from restarting)
- Click OK and save as required
restart WAS
- Start -> Programs -> IBM WebSphere -> Profiles -> AppSrv001 -> Stop the server
- Start -> Programs -> IBM WebSphere -> Profiles -> AppSrv001 -> Start the server
Test by go to http://localhost:9080 and login as test@liferay.com and password test

Posted by at 3 comments:

Tuesday, September 30, 2008

How to Integrate Liferay with OpenSSO on Tomcat

I have recently been testing Liferay and OpenSSO integration. I wanted to share my experience with you.

Part 1 Install OpenSSO on Tomcat

Assumption: Tomcat 6.0.18 + OpenSSO V1 Build 4.5 on Windows XP Professional.

  1. Download and install JDK 1.6 to C:\java\jdk1.6.0_07;
  2. Download Tomcat 6.0.18 and extract to C:\tomcat;
  3. Edit C:\tomcat\bin\catalina.bat and add the following to the beginning of the file:
    set JAVA_HOME=C:\java\jdk1.6.0_07
    set CATALINA_OPTS="-Xms512m -Xmx1024m"
  4. Download openSSO and extract to C:\Temp;
  5. Copy C:\temp\opensso\deployable-war\opensso.war to C:\tomcat-6.0.18\webapps;
  6. Start Tomcat by running C:\tomcat\bin\startup.bat;
  7. Go to http://opensso.host.domain:8080/opensso;
  8. Click on "Create Default Configuration"
  9. Fill in passwords and click Create... (IE6 may have issues with this screen, use Firefox instead);
  10. Login as amadmin and the password specified above;

Part 2 Setup Liferay

Assume you have a liferay 5.1.1 running at http://portal.host.domain:8080/. If you don't, it is time now to set up one.

Install Liferay from a bundle

  1. Download a Liferay + Tomcat bundle from http://www.liferay.com/;
  2. Extract to a directory (say c:\liferay);
  3. Edit c:\liferay\bin\catalina.bat to add CATALINA_OPTS and JAVA_HOME such as step 3 above;

Create an account in OpenSSO:

  1. Go to http://opensso.host.domain:8080/opensso
  2. Login as amadmin, access control -> opensso -> subjects -> New
  3. ID: joebloggs, Last Name: Bloggs, Full Name: joebloggs, Password: welcome1
  4. Click OK
  5. Click on joebloggs, add email address: test@liferay.com
  6. Click Save

Configure Liferay

  1. Login to liferay as admin: test@liferay.com and password test
  2. Go to My Places -> My Community -> Private Pages (2)
  3. In the Enterprise Admin section, click Organizations -> Settings -> Authentication -> OpenSSO...
  4. Check Enabled
  5. Login URL: http://opensso.host.domain:8080/opensso/UI/Login?goto=http://portal.host.domain:8080/c/portal/login
  6. Logout URL: http://opensso.host.domain:8080/opensso/UI/Logout?goto=http://portal.host.domain:8080/portal/logout
  7. Service URL: http://opensso.host.domain:8080/openssoSave
  8. Click Save
  9. You are now asked to login to opensso, login as joebloggs and password is what you specified above
  10. To test: go to http://portal.host.domain:8080/, you should be prompted for OpenSSO login, login as joebloggs/welcome1, you should be logged in to Liferay without asking for another password

But Wait! Something Not Quite Right

You may notice that once you have provided OpenSSO credentials for OpenSSO, it does not redirect you to Liferay. This is more obvious in Firefox, where it errors out indicating a dead loop.

Liferay 5.1.1 has an issue in its code com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil class. The fix is to change the following line in method _setCookieProperty:

  • from: sb.append(cookieValue);
  • to: sb.append("\"" + cookieValue + "\"");

And then you need to recompile and deploy portal-impl.jar.

Posted by at 6 comments:

Wednesday, September 3, 2008

Do Not Reinvent Portal from Scratch

Today I had a meeting with our "Portal Development Team" at work to discuss the techinical architecture they are pursuing. It turns out that they are actually trying to build a Portal themself from ground up. And, this is not the first time I hear technical people, knowingly or unknowingly, making the mistake by reinventing the wheel.

Among other things, Portal is defined as an application framework that provides content aggregation, personalization and Single Sign-On. Open source or commercial, they are maturely and readily available. It does a lot of things right out of box.

The senior technical resource explained to us his vision. He wanted to put his entire new application in a portlet (debatable), and use Apache Tiles to assemble this and other portlets to form Web pages.

Why would one reinvent the wheel if a technology is readily available and has been proven by the community?
Posted by at No comments:

Saturday, June 21, 2008

Government of Canada ePass and Oracle Portal Interoperability


As one of UPSS (Unified Portal Software Solution) implementation, we have successfully implemented an Oracle Portal 10.1.4 for CIC (Citizenship and Immigration Canada). As part of the e-services project, MyCIC has demonstrated a creative way of integrating Oracle Portal with ePass. MyCIC has gone live since June 24th 2008 with first rollout to institutions and students who want to apply for off-campus work permit online.

While ePass is the de facto standard for Internet facing web applications within Government of Canada, its architecture design is not Portal friendly. As it is unlikely we can make epass work better with Oracle Portal, we had to work around the limitations.

Rumors are that epass is becoming mandatory for Government online services, this success means a lot to GoC departments and agencies who want to use Oracle Portal as their single point of entry with epass. Other applications become Portal's partner applications, thus take advantage of the Single Sign-On and other benefits Portal offers.

What is important with MyCIC Portal implementation is that our solution is not invasive to Portal. We didn't have to tweak Portal too much, rather, we added some configuration around Portal. So the result is a serviceable, maintainable Portal. In addition, the Single Sign-On function is technology-agnostic, your application can use .NET, PHP or anything besides Java. Security related functions (such as signature verification) can be incorporated into the app easily.

Well, how you use Portal is up to you. But for MyCIC, Portal provides an one-stop shop for CIC clients. Once enrolled, you can view your application status, start a new application and much more. What is interesting is that every CIC client will have a common ID with all programs and services across the department. Other typical use cases include personalized news, notifications, subscribed updates etc.
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Comments (Atom)