Why should you consider Liberty over traditional WebSphere?

WebSphere Liberty is a lightweight version of traditional WebSphere. It does not have nearly as much overhead, nor does it require a dedicated team to install, run, and support, like its bigger brother. The beauty of Liberty is that comes with TRIRIGA and is very easy to install! Not to mention it does not take long to install compared to traditional WebSphere. The TRIRIGA installer includes Liberty so when you run the TRIRIGA install, you have the option to install Liberty without any additional files. When you select Liberty in TRIRIGA, it makes the process seamless. There is no console to worry about. Liberty has all that TRIRIGA needs to run. After the install is complete, all you do is start up a batch file and you are up and running.

I bet you might be wondering: I need to use traditional WebSphere because we are using SSO and I may not be able to use Liberty. Not so! You are able to configure TRIRIGA 3.4.2 and greater on Liberty with Microsoft IIS and Active Directory. For details on that, let me direct you to this wiki page: TRIRIGA on WebSphere Liberty — SSO with IIS and AD.

Can Liberty be set up as a service like traditional WebSphere? This is a bit more complicated and I encourage you to check out a colleague’s blog entry on this subject: TRIRIGA and the WAS Liberty Profile that does not want to be a service.

In the end, you need to decide what will best suit your needs. In some rare cases, traditional WebSphere may be the way to go, for example, if your company has a dedicated WebSphere team. But in most cases, Liberty will work best. It’s good to have options and know what the benefits are. To help you understand the benefits, you may want to look at this wiki page: Choose Liberty over Traditional WAS.

[Admin: This post is related to the 04.28.16 post about running Liberty profile as a Windows service, and the 03.15.16 post about the best practice for choosing an application server.]

Continue reading

Can anyone provide an example of SSO with Liberty and Apache?

We found this link that shows an example of SSO with Liberty and IIS. Can you provide an example with Liberty and Apache?

The high-level steps are the same:

  1. Install the WebSphere Application Server web server plugins.  The plugins are available in the Supplements package for WebSphere Application Server on IBM Passport Advantage.
  2. Configure the plugin on Apache, and make sure Apache can pass requests over to the Liberty server using the generated plugin.xml file.
  3. Configure Apache with your Directory server or other Single Sign-On solution. For LDAP/Active Directory, use the appropriate LDAP module. For example, for AD…
  4. Then configure the TRIRIGAWEB.properties with various SSO settings to pickup the username from the correct location in the header, using the requestTest.jsp as your guide. 

[Admin: For convenience, here are the meanings of the acronyms: Single Sign-On (SSO), Internet Information Services (IIS), Active Directory (AD), Lightweight Directory Access Protocol (LDAP).]

[Admin: To see other related posts, use the SSO tag.]

Continue reading

What are some tips for adding users via a TRIRIGA integration?

When adding users via a TRIRIGA integration, these points should be taken into consideration:

  • No matter if a user is added via Connector for Business Applications (CBA), Data Integrator, DataConnect, or integration object, the action “Activate” must be used to create the actual user in TRIRIGA.
  • The Boolean field “Active TRIRIGA User” must be set to TRUE.
  • A default password of “password” is set in the workflow “triPeople – Synchronous – Create TRIRIGA User” under the “Set Default Password” task mapping. For more information, see this TRIRIGA forum post: How to change the default password for a newly created TRIRIGA user.
  • When integrating from a directory server (LDAP/AD), it is best to use a data warehouse database to load the users. This way, standard integration object or staging tables with DataConnect can be used without a custom-built connect to the LDAP/AD server.
    • This Microsoft TechNet article describes a way to synchronize AD to an SQL Server instance: Synchronizing Active Directory Objects to SQL Server.
    • Tools like slapcat can generate a LDIF file from an LDAP server. That export file can then be imported into an Oracle or DB2 database via standard database import tools (Oracle: dsadm, DB2: idsldif2db, ldif2db). Then a job can be run to export and import from the LDAP server on a scheduled basis.

[Admin: This post is related to the 02.22.17 post by Watson IoT Support about activating records imported via Data Integrator, and the 01.26.16 post about initializing Active status when using DataConnect. For convenience, here are the meanings of the acronyms: Lightweight Directory Access Protocol (LDAP), Active Directory (AD), LDAP Data Interchange Format (LDIF).]

Continue reading