Build Forge normally runs its services as an application
in the provided Apache Tomcat application server.
About this task
The following instructions configure Build Forge to use WAS
instead of Tomcat. Follow the instructions in the section
Using WebSphere Application Server instead of Apache Tomcat, with one exception: the
rbf-services.war file
contains a file named
web.xml that you need to extract
and modify to add a security constraint. Before installing this application
under WAS, the
war file will need to be regenerated
after modifying it to use the protected version of this file.
To
do this, follow these instructions:
- Navigate to the directory containing your rbf-services.war file
(the webapps directory in your Tomcat server root). Copy this file to a temporary location, such as C:\rbf.
- Expand the WAR file. From command line, run
the command: %IBM_JAVA_HOME%\jar –xvf rbf-services.war to
expand the contents of the war file.
Note: Java must
be available and the IBM_JAVA_HOME environment variable
must already have been created.
- Save the rbf-services.war file to retrieve
later:
- Windows: copy rbf-services.war rbf-services.war.bak
- UNIX or Linux: cp rbf-services.war rbf-services.war.bak
- Find the web.xml file in the WEB-INF directory
(from the files expanded from the war file). Edit
this file to add a security context. For example, add the following
lines at the end of the file just before the </web-app> tag:
<security-constraint id="SecurityConstraint_1">
<web-resource-collection id="WebResourceCollection_1">
<web-resource-name>/*</web-resource-name>
<url-pattern>/AuthServlet/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint id="AuthConstraint_1">
<description>myconstraint:+:</description>
<role-name>User</role-name>
</auth-constraint>
<user-data-constraint id="UserDataConstraint_1">
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config id="LoginConfig_1">
<auth-method>BASIC</auth-method>
<realm-name>full-qualified-domain</realm-name>
</login-config>
<security-role id="SecurityRole_1">
<role-name>User</role-name>
</security-role>
Note: The <auth-method> can be any J2EE
auth-method supported by WAS. The most common auth-method is FORM,
which requires additional configuration parameters. Refer to your
WebSphere documentation for instructions on configuring FORM in your
application.
- From command line, regenerate the war file
(called from the same directory that it was extracted to) by running
the following command:
%IBM_JAVA_HOME%\jar –cvf rbf-services.war
You
should now have a new version of rbf-services that
has been modified to protect the AuthServlet with J2EE constraints.
Complete the installation instructions for running with WAS and install
this version of the rbf-services.war via Applications->Install
New Application. Make sure that Build Forge is not running
while configuring WAS.
After this is installed, go to Applications->Enterprise
Applications. Click the application name to configure
it. Under Detail Properties, click the link
entitled Security role to user/group mapping.
Select the All Authenticated checkbox for
User. After making this change, be sure to save to the master configuration.
Application Security also needs to be enabled under WAS.
To do this, go to Security->Secure
administration, applications, and infrastructure. Make
sure that Enable application security is checked.
At
this point, restart the WAS server, and then restart the Build Forge
server.
Note: The rbf-services should now start
as part of the WAS startup process, so WAS needs to be started before
Build Forge.