How to use WebDAV to develop themes in Portal 7.x

Since last few days, I was involved in working with themes in Portal 7.x specifically PageBuilder2 using WebDAV. Must say lot has changed since older version of Portals like 6 & 6.1. With introduction of WebDAV IBM has taken a great leap in managing static and the dynamic resources of themes & skins. There is enough documentation available over the net regarding usage of WebDAV with portal. This post won't give you any extra stuff rather intention is to group all the relevant details at one location. I would demonstrate how to setup and use WebDAV client to work with themes and gradually will take you through more details of themes and skins. Special thanks to my colleague Devendra Dhoot for his technical support in exploring the architecture of new themes & skins.


First let's understand what's WebDAV and what are the entry points provided to connect with Portal.


WebDAV is Web-based Distributed Authoring and Versioning (WebDAV) - an HTTP extension framework with a plug point for the access and management of hierarchical data. WebDAV stores the data in collections and allows you to work with the data in a user interface view that is similar to that of a file system. Various tools are available for integrating WebDAV resources into the client file system, known as WebDAV clients. To use WebDAV you must first download the WebDAV client or there may be inbuilt depending on the OS you have.

Different WebDAV entry points in websphere portal and WCM are listed below.

• To access the Portal Themes

        http://:10039/wps/mycontenthandler/dav/themelist

        http://:10039/wps/mycontenthandler/dav/themelist/all

        http://:10039/wps/mycontenthandler/dav/fs-type1/themes

You can also directly access a specific theme by providing its friendly name, unique name, or object ID to the URL above

Note: Some WebDAV clients don't work with /themelist, for them you need them you need to suffix '/all'.  

• To access the Portal Skins

        http://:10039/wps/mycontenthandler/dav/skinlist

        http://:10039/wps/mycontenthandler/dav/skinlist/all

        http://:10039/wps/mycontenthandler/dav/fs-type1/skins

You can also directly access a specific theme by providing its friendly name, unique name, or object ID to the URL above

• To access the Static Resources

        http://:10039/wps/mycontenthandler/dav/fs-type1

You can access the 'PageBuilder2' theme and other static resources like layouts,common-resources from here.

• Entry point to access the Portal Pages

1. Base portal installation                     http://:10039/wps/mycontenthandler/dav/contentmodel/wps.content.root/
2. virtual portal
1. By host name   http://virtual_portal_host_name:port_number/wps/mycontenthandler/dav/contentmodel/wps.content.root
2. By URL context http://:10039/wps/mycontenthandler/URL_context_of_VP/!ut/p/dav/contentmodel/wps.content.root/

• Entry point to access WCM libraries    http://:10039/portal_context_root/mycontenthandler/dav/content/libraries/

The WebDAV tree containing your Web content items begins at the WebDAV root /libraries/, which displays all libraries to which you have access. All Web content items within the libraries are organized with folders and files. Folder Structure looks like

libraries

   - wcm.library.my_library

       - authoringTemplates

       - components

       - presentationTemplates

       - sites

       - taxonomies

   - wcm.library.contentlibrary

       - components

       - presentationTemplates

       - sites

       - taxonomies

You can use following available WebDAV clients atleast on Windows.

WebFolders
WebFolders are a Windows Explorer extension that allow you to read and open WebDAV resources by using Windows Explorer (file explorer). 

Bitkinex
BitKinex integrates the functionality of an innovative FTP, SFTP and WebDAV client for Windows. 

WebDrive
WebSphere Portal supports the commercial WebDAV client WebDrive. 

AnyClient
WebSphere Portal supports the commercial WebDAV client AnyClient V 2.x. 

I have installed Bitkinex to connect to my WebSphere Portal Server. Here are the steps on how to connect.

Step-1 : Download and setup the Bitkinex as below.

You need to provide portal server host name and the port along with user credentials to connect with portal.

Step-2 : Setup the entry points for WebDAV as shown in the snapshot below.

Step-3 : You can connect to the /themelist/all entry point for theme and view the content.

Step-4 : Connect to the /fs-type1/ entry point to see the static resources.

Step-5 : Connect to the /fs-type1/themes/ and /fs-type1/skins/ entry points to view the static resources for themes & skins.

Step-7 : Now connect to the contentmodel/wps.content.root/ entry point for accessing portal pages. Please keep in mind that you can only change the metadata of page and can not create/delete/move/copy a page.

Step-8 : Connect to the content libraries using content/libraries/ entry point.

Hope this will get you started playing with new theme in WebSphere Portal 7. For more details on WebDAV and how to create theme using it, please find below some useful references.

1. Designing a site using Page Builder themes and skins
2. Using WebDAV file store for the Page Builder theme and mashup integration
3. Some important URL's for working with WebDav

List of Troubleshooting Tools for WebSphere Application Server

There are many diagnostic tools for troubleshooting applications deployed to WebSphere Application Server. Because it can be difficult to find the right tool for the problem at hand this document summarizes the primary tools to choose from when you begin troubleshooting a problem.

Here is a useful technote from IBM.

Troubleshooting tools for WebSphere Application Server

Implementing a Terms of Use (TOU) Acknowledgement in WebSphere Portal

 Here is a really nice article/post from Glenn Kline of Perficient which explains the steps to implement TOU acknowledgement in Portal. This is a common requirement in organizations having portal implementations and in the absence of any out of the box capability this post really comes to rescue.

Implement a Terms of Use Acknowledgement in WebSphere Portal by Glenn Kline

How to enable impersonation in WebSphere Portal

Working on one POC for the prospect and got the use case which is complete fit for the recently added impersonation feature in WebSphere Portal 6.1.x. Before drill down on how to enable this new feature first let's look at what exactly the impersonation means and how it is useful. This blog post provides same steps and info on impersonation as infocenter and Portal wiki but with some useful screenshots for easy understanding.

WebSphere Portal 6.1.5 has a feature called Impersonation that allows a user, such as a support specialist, to access another user's system to test out a new page, portlet, etc. and to see any issues as they occur on the end user system. In this case the support specialist assumes the profile of the end user with security access, user profile attributes, portal pages and portlet customizations.

Now let's see how to enable impersonation service in portal.

• Log on to the WebSphere® Application Server or Network Deployment Administration Console.
• Navigate to Resources -> Resource Environment -> Resource Environment Providers -> WP AuthenticationService -> Custom Properties. 

• Click New.
• Enter logout.explicit.filterchain in the Name field.
• Enter com.ibm.wps.auth.impersonation.impl.ImpersonationLogoutFilter in the Value field.

• Click Apply and then click Save to save the changes directly to the master configuration.
• Navigate to Resources -> Resource Environment -> Resource Environment Providers -> WP  PortletServiceRegistryService -> Custom Properties.
• Click New.
•  Enter jndi.com.ibm.portal.portlet.service.impersonation.ImpersonationService in the Name field.
•  Enter com.ibm.wps.portletservice.impersonation.impl.ImpersonationServiceImpl in the Value field. 

• Click Apply and then click Save to save the changes directly to the master configuration.
• Portal Access Control provides the ability to impersonate other users. For this reason, you must assign the Can Run As User role (WPS7.0) on the USERS virtual resource to the user (eg. wpsadmin) you plan as  impersonator after you enable the impersonation feature.
• Moving ahead with WPS 7.0, you are provided with default impersonation portlet. Login to portal and navigate to the impersonation link at the top of the banner as shown in the below screen.
• 

• In the Impersonation Portlet, search for the user you want to impersonate. For example : Test User

•  Click on the Impersonate button on the portlet and you will be presented with the view of Test User's portal session.

Few known limitations of Impersonation

• Client side aggregation does not support user impersonation. For this reason, ensure you do not activate client side aggregation on any portal pages where the impersonation portlet is deployed.

• When a user who is enabled for impersonation impersonates other users, the people awareness feature is disabled for the entire session for which that user is authenticated.
  
  
  Hope this post helps in understanding this really useful feature from the WebSphere Portal family. Few important references I want to suggest are as below..
  
  Enabling_user_impersonation_exp7
  user-impersonation-in-websphere-portal by codyburleson

Improve LDAP performance in VMM using attribute ibm-allGroups

Guys,

While searching for performance tuning tips, I found this really helpful article from Alex Lang  Portal administration and performance blog.

https://www.ibm.com/developerworks/mydeveloperworks/blogs/portalops/entry/using_ibm_allgroups_in_vmm_to_improve_ldap_performance6?lang=en

Users in nested LDAP group cannot view Portal content due to VMM group configuration properties

Come across this really helpful IBM document while searching for the exact solution. 

Users in a nested group in LDAP log in to the Portal successfully but do not see pages or portlets to which their group has been assigned access.

Here is a solution to that..

 https://www-304.ibm.com/support/docview.wss?mynp=OCSSHRKX&mync=R&uid=swg21496174&myns=swgws

Problem configuring portal 6 with AD 2007 on Windows 2008

It's been long break for me here. Busy with an SSO solution for one of our prestigious client. Will be posting on that as well in next few days.. :) But for now it's something which I encountered recently while enabling security of Portal 6.0 with AD 2007 hosted on Windows 2008.

During the enable-security-wmmur-ldap script, I was getting following error at the Portal server startup task.

Target started: action-configure-content-security

action-configure-content-security:
xmlaccess EJPXB0006I: Connecting to URL http://localhost:10038/wps/config/
xmlaccess EJPXB0002I: Reading input file D:\WPS6\IBM\WEBSPH~1\PORTAL~1\config\work\ContentAdminGroupsPAC.xml
Error 404: Initialization of one or more services failed.
xmlaccess EJPXB0015E: Server response indicates an error.
xmlaccess EJPXB0015E: Server response indicates an error.
xmlaccess EJPXB0006I: Connecting to URL http://localhost:10038/wps/config/
xmlaccess EJPXB0002I: Reading input file D:\WPS6\IBM\WEBSPH~1\PORTAL~1\config\work\ContentUserGroupsPAC.xml
Error 404: Initialization of one or more services failed.
xmlaccess EJPXB0015E: Server response indicates an error.
xmlaccess EJPXB0015E: Server response indicates an error.
Mon Jan 31 21:59:35 IST 2011
Target started: action-init-accesscontrol

action-init-accesscontrol:
echo Calling ContentModelInitializer
Target finished: action-init-accesscontrol
Target finished: action-configure-content-security
Target finished: enable-security-wmmur-ldap

When I checked the sysout.log file I found the following error.

1/31/11 21:54:22:023 IST 0000000a Servlet E com.ibm.wps.engine.Servlet init EJPFD0016E: Initialization of service failed.
com.ibm.wps.ac.DomainAdministratorNotFoundException: EJPSB0107E: Exception occurred while retrieving the identity of the domain adminuser/admingroup cn=wpadmin,cn=users,dc=newmail,dc=com.

When I troubleshooted further, I found that this is because of the password policy implementation in WPS which restricts some special characters to be used as usename and password. In windows 2008 you have certain password policy constraints that prevents a plain password to be entered while creating a user. You atleast need to enter one special character.

I found this link on the infocenter which elaborates on the special characters for username and password.

http://publib.boulder.ibm.com/infocenter/wpdoc/v6r0/index.jsp?topic=/com.ibm.wp.ent.doc/wpf/sec_chars.html

Based on this I have used "Underscore" in the password rather then restrictive special characters in WPS while creating user in AD and then try running the above task and it successfully completed.

Hope this small troubleshooting may help somebody in his hard times with portal integration with LDAP.