How do you set the TRIRIGA session expiration warning in the portal?

The IBM TRIRIGA Application Platform has the ability to notify users on their portal if their session is about to expire. The message will not be displayed on any popups or modal windows, only on the main portal page.

To allow the alert message to be displayed on the portal to a user whose session is about to expire, set SESSION_WARNING_ENABLED=Y in By default, it is N. The default alert timeout threshold is 2 minutes before the session is set to expire, as follows: SESSION_WARNING_THRESHOLD=2.

The session expiration timeout itself can be found in the following locations:

  • WebSphere Liberty:
    • Edit wlp/usr/servers/tririgaServer/server.xml.
    • Update the invalidationTimeout value in seconds.
  • WebSphere:
    • In the Websphere Console, navigate to Servers > Application Servers > Your Server > Web Container > Session Management and/or Applications > Enterprise Applications > Your Application > Session Management.
  • Oracle WebLogic:
    • In the WebLogic Console, navigate to Your Domain > Deployments.
    • Expand the tririga-ibs deployment node. Expand the Modules node.
    • Click on the context root node. (The context root was selected during TRIRIGA install. The default name is “/”.)
    • Select the Configurations tab.
    • Enter a value for Session Timeout (in seconds), and Save.
    • You may be asked to select a location for Plan.xml, which will be generated upon saving.
    • You may need to restart the WebLogic Server.

Continue reading

Recipe: How do you use EnOcean sensors with Watson IoT RTI to create TRIRIGA work tasks?

For example, let’s say that a new System Administrator joins the company and needs to inspect the server room. The System Admin presses the switch on the door of the server room. Based on the pressed action, an event is generated from the switch sensor, which is connected to the IBM Watson IoT Platform. The IBM Watson IoT Real-Time Insights (RTI) analytics server captures the event in real time and alerts the Facility Manager for the server room. Based on the validation, the Facility Manager provides server room access to the System Admin and closes the work task in IBM TRIRIGA.


  • 1. EnOcean sensors.
  • 2. EnOcean smart gateway and software.
  • 3. IBM Watson IoT Platform and Real-Time Insights (RTI).
  • 4. TRIRIGA server (Version 10.5).


  • 1. Set up the EnOcean sensor and configure it with the EnOcean smart gateway.
  • 2. Create the EnOcean sensors as the devices, and the EnOcean smart gateway as the gateway in the IBM Watson IoT Platform.
  • 3. After the devices and gateways are registered, send the event and check the heartbeat of the sensors in the IBM Watson IoT Platform.
  • 4. Configure the Real-Time Insights (RTI) service to capture the EnOcean sensor events and feed the RTI rule for server room permission in TRIRIGA.
  • 5. Configure the custom REST in TRIRIGA using OSLC, Report Query, and Portal Builder.


[Admin: This post is related to the 03.23.16 post about using Real-Time Insights with TRIRIGA work orders to close a fridge door, and the 03.08.16 post about configuring a Watson IoT app on Bluemix to create TRIRIGA work orders. To see other related posts, use the Recipe tag or EnOcean tag.]

Continue reading

IV83117: Note editor allows you to enter HTML that fires an alert

A cross-site scripting (XSS) attack occurs when an attacker uses a web application to inject malicious code in the form of a client-side script (arbitrary JavaScript) to an end user. Here’s one example of many throughout the application:

  • Attack value: <p>123</p><p><input onclick=”alert(1234)” type=”text”/></p>

Steps to replicate:

  • 1. Login to the application.
  • 2. Click on the Help link.
  • 3. Click on the HTML link of the editor to open the HTML source editor.
  • 4. Apply the attack value and click on the Update button.
  • 5. Click on the Save button.
  • 6. Click on the recently added value.

We needed the ability to disable the HTML Editor in Note fields. A new property is added in the called TINYMCE_HTML_EDITOR_ENABLED. This property will determine if the “HTML Editor” button will be displayed in form Note fields. By default, the value of this property is set to true, which will display the button in Note fields. Note fields are vulnerable to attack if the button is enabled.

Continue reading

How do you use the FRONT_END_SERVER setting?

How is the FRONT_END_SERVER setting used? Does it affect all browsers for TRIRIGA I know that workflows and the Associations tab use it, but is it used for standard forms? Do all browsers need to have this set correctly? Or only IE?

I’m not familiar with it being needed for the Associations tab. In general, the main use of FRONT_END_SERVER is for BIRT reporting, Crystal reporting if applicable, and possibly workflow notifications. Maybe Gantt too, but it’s hard for me to tell. Famously, we had to use the FRONT_END_SERVER property in order to address the Microsoft update issue here.

However, this requirement as far as I know only extends to 3.4.1.x and earlier; 3.4.2.x should no longer need this requirement. Maybe someone can confirm this? Multi-browser support starts at 3.4.2, so I think the FRONT_END_SERVER requirement is only for IE and only for 3.4.1.x and earlier releases.

[Admin: This post is related to the 03.13.15 post about the Workflow Builder alert, and the 07.27.15 post about the FRONT_END_SERVER requirement.]

Continue reading

Do you recommend any TRIRIGA performance monitoring tools?

We are planning to upgrade to the 3.4.1 platform soon and are interested in any tools that have been used for monitoring TRIRIGA performance over the different components. We are already aware of the performance monitoring available from the Admin Console but we are more interested at any tools (third party, freeware, commercial, etc…) that anyone here has used and find effective in helping to pinpoint where different components of the infrastructure are being hit hardest by certain processes, such as whether a bottleneck is at the client machine, network, database, or application server level.

We have followed recommendations set in the Performance Best Practices guide and are looking for tools to help to further tune our system, or at least determine if a bottleneck is not in our control. Any feedback from your experiences will be greatly appreciated!

Glad you’ve taken a look through the best practices! As far as end-to-end monitoring, we’ve seen others use Dynatrace as a holistic system tracing tool to help identify bottlenecks. It provides great information and can get very granular. Here’s some more info on it…

There are several tools that can do system monitoring. We don’t recommend one over another. These monitoring tools can be set up to monitor several single instance variables within TRIRIGA. In the Administrator Console, there is a Performance Monitor tab. You can pull the URLs that will retrieve the current value of your system. For example, you can set up alerts to warn you if free memory exceeds a certain threshold, or if a system has a high number of users logged in. Here are the properties we can monitor…

Continue reading 

Alert: Microsoft KB3032359 issue prevents iframe display within TRIRIGA Workflow Builder

Cumulative Security Update for Internet Explorer (KB3032359) causes iframe functionality to fail to display when using Workflow Builder. This prevents the developer from creating or editing workflows in the TRIRIGA Application. Further, none of the content in task properties displays for existing workflow templates, and the actions in the properties panel fail to function. Corrective patches are not available at this time, either from the browser developer or from IBM TRIRIGA. Potential remediation/workaround is to remove that KB item.

[Updated 03.31.15]

Ryan Koppelman: Quick update: Microsoft now has multiple cases of this issue being reported to them, and it is being moved to an escalation engineer to determine the next steps. We will have another update by the end of the week.

[Updated 04.07.15]

Ryan Koppelman: Microsoft has taken a business impact statement and are pursuing the escalation process to make a patch available for users; we do not yet know how this patch will be offered, if approved. It may be some time before the Microsoft team makes a decision on this. In the meantime, a code workaround has been suggested on our end and is being tested internally. Assuming testing continues to go well, we plan to include this workaround fix in our upcoming and fix packs that are targeted for the May time frame. We do not have plans currently to include this in release streams prior to 3.3.2.x. Please contact IBM support for questions on this, as well as any requests for earlier limited availability fix packs on 3.3.2 or 3.4.1.

[Updated 06.11.15]

A client has identified the latest IE patch breaking TRIRIGA Workflow. For those who cannot upgrade TRIRIGA yet, and while having the latest KB# is helpful, it seems to be a moving target delivered each month with the monthly Cumulative security update for Internet Explorer that breaks the Workflow Builder and that they should look for. Based on the install dates (below), the client expects a new one for June within the next week. Until they can install the fix pack or upgrade to 3.4.2, they will keep looking for the latest IE cumulative security update to uninstall.

  • KB3032359 MS15-018: Cumulative security update for Internet Explorer: March 10, 2015
  • KB3038314 MS15-032: Cumulative security update for Internet Explorer: April 14, 2015
  • KB3049563 MS15-043: Cumulative security update for Internet Explorer: May 12, 2015
  • KB3058515 MS15-056: Cumulative security update for Internet Explorer: June 9, 2015 [Added 06.15.15 by Admin]

[Updated 06.15.15]

As of today there are 4 different updates that break the functionality. The KB article numbers are listed as the names of the updates vary depending on which version of Internet Explorer is installed. However, the KB Article number is in the name. They are also listed by release date. The first was in March’s patch Tuesday release, followed by April, May, and June’s.

  • KB3032359 (March 2015)
  • KB3038314 (April 2015)
  • KB3049563 (May 2015)
  • KB3058515 (June 2015)

[Updated 07.16.15]

Technote: After Microsoft Security patches KB3032359, KB3038314 and KB3049563 deployment, IBM TRIRIGA Workflow Builder will fail to render task properties. This has been identified as a product defect under APAR IV71104 due to the Microsoft Security Patch change (KB3032359, KB3038314, and KB3049563), regarding Adobe SVG run. Future MS security patches may also cause this issue.

[Admin: Here’s the original alert, plus related posts by Ryan and Melanie. Additional contributors have reported similar issues with KB3038314, KB3042553, KB3045685, and KB3045999.]

Continue reading