About the Configuration Process
The following topics explain the basic concepts and tools necessary when configuring Info*Engine components.
Info*Engine LDAP Directories
The Naming Service uses an LDAP directory (or multiple LDAP directories) for storing the information needed to locate Info*Engine components. The name and location of every Info*Engine servlet, Info*Engine server, task processor, adapter, and gateway must be specified in LDAP directory entries. The properties associated with each component are stored as attributes in the LDAP directory entry for each component. The Naming Service can then provide the property settings of components when there is a request for this information.
Your site can set up site LDAP directory entries using any standard naming convention, such as the civil, organizational, or domain naming convention. For LDAP directories that are used only for storing Info*Engine LDAP entries, your site can set up either a machine-specific directory structure and search base to use components on one machine, or you can set up the search base so that requests are spread randomly between multiple machines with the same components. Entries are made beneath the search base you specify during installation, but they are set up and configured automatically.
The following example shows a machine-specific directory structure and search base that can be used to look on one machine for the JDBC adapter, where “myHost” is a fully-qualified machine name:
The next example shows what a similar directory tree would look like if you set up the search base so that requests are spread randomly between multiple machines with the same components, where “myHost1” is a fully-qualified machine name:
In the previous examples, each site must specify “myHost” and “search base” while the rest of the information is filled in automatically through the installation process. The information populated during installation should not be manually modified. If, at a later time, you need to change certain values, use the Property Administration utility to modify the adapter entry values.
Consider using a domain structure similar to the following:
This domain structure is similar to the structure maintained for email users and is familiar to the general user community. To maintain LDAP entry uniqueness, your site should ensure that each host name is unique across your entire environment. The previous example diagram shows Info*Engine service LDAP entries residing under the “myHost” entry. The ptcServiceName attribute contains the service name defined for the component.
If the Info*Engine search base is set to “dc=myCompany,dc=com,” then Info*Engine entries could also reside under the other host and location entries in the previous example. The following diagram shows additional Info*Engine entries under “dc=aLocation” and “dc=aHost”:
Info*Engine LDAP entries can be located anywhere in the subtree defined by the Naming Service search base. For example, in the previous diagram, additional entries could be defined directly under “dc=myCompany” as well as under other entries in the “myCompany” subtree.
Notice that the service names in Info*Engine LDAP entries in the previous examples use the following naming convention:
domainPath.componentName
In the naming convention, domainPath defines the host of the enterprise domain in which the component executes or resides, and componentName is a unique name relative to the domain path. For example, instead of naming the JDBC adapter service under the “myHost” entry “jdbcAdapter”, the service name is “com.myCompany.myHost.jdbcAdapter.” Then, as long as the component is unique relative to the domain path of “com.myCompany.myHost,” it is unique in the search base.
If Info*Engine receives a request for an Info*Engine service using the service name and there is more than one component with the same LDAP service name, the Naming Service randomly selects which component to use. For example, if there are adapter service entries named “jndi” that are defined below both the “myCompany”and “myHost” branches, and a request for an instance of the JNDI adapter is issued, then the Naming Service randomly selects which “jndi” adapter entry is used.
| If you name multiple service entries with the same name, each entry must be configured exactly alike to ensure consistent results between requests. |
Info*Engine Property Administration
Use the Info*Engine Property Administration utility to configure LDAP entries for Info*Engine components. The Info*Engine installer configures LDAP entries for the Naming Service, Info*Engine servlet, Info*Engine server, and the task processors it installs.
After you install a native adapter, you must configure the properties for the adapter. After you install a non-native adapter, you must configure gateway properties to define a gateway for the non-native adapter.
To view or modify the Info*Engine LDAP entries or to add entries for other components, start the Info*Engine Property Administration utility. The Info*Engine Property Administration utility is located in the infoengine/jsp/admin directory under the JSP root directory. For example, assume that the installation has set up the default “Windchill” alias for the JSP root directory and that Info*Engine is installed using the default port on the local host. Then, enter following URL to start the Info*Engine Property Administration utility:
http://localhost/Windchill/infoengine/jsp/admin/index.jsp
Alternatively, from the Navigator pane in Windchill, select > > .
The Info*Engine Property Administration utility opens displaying a log on page:
The value to set for Base URI is the host where the LDAP directory resides, the LDAP directory level to use when displaying existing service entries, and the default directory level for creating new entries. For example, assume the properties being configured in the Property Administration utility are located on the host named “ldap.company.com” in the “dc=windchill,dc=company,dc=com,cn=config,o=company” subtree of that directory. As a result, the base URI would be the following:
ldap://ldap.company.com/dc=windchill,dc=company,dc=com,cn=config,o=company
The LDAP Server Administrator references an LDAP directory entry that identifies a user with sufficient privileges for creating and modifying Info*Engine entries in the directory, and the Password is the password that is used with the specified administrator.
You can configure a default
Base URI value after your initial log on. For information on these configuration options and other general information about using the Info*Engine Property Administration utility, see
Using the Property Administration Utility.
Info*Engine Component Reconfiguration
During the initial installation, the Windchill installer creates LDAP entries for the Info*Engine servlet, Naming Service, and Windchill adapter. If you specify the same LDAP directory in later installations, the installer updates the existing entries.
To reconfigure any Info*Engine component (including adapters and gateways), use the Info*Engine Property Administration utility. The properties for each component are stored in the LDAP attributes of the component entry. To reconfigure a component, click its name on the Property Administration main page to display the form containing its attributes. For more information, see
Editing Existing LDAP Entries.
Component Names
Each Info*Engine component has a service name and a runtime service name that you define when you create the LDAP entry for the component. By default, the service name and the runtime service name are the same. The service name is the name that identifies the service in the Info*Engine Property Administration utility, and is usually the name specified when webjects or tasks request an instance of the service. The runtime service name is used when starting the component through a Java command argument or a servlet engine initialization parameter. The runtime service name defines the prefix of the properties for the service.
Usually, the service name and the runtime service name are the same. However, to allow for a short, user-friendly service name for easy entry in adapter webject INSTANCE parameters, the administrator can make the service name different from the default name that is specified in both the Service Name and Runtime Service Name fields on an Info*Engine Property Administration service form.
The following table shows the suggested names for Info*Engine components:
Info*Engine Component | Suggested Name |
Servlet | domainPath.servlet |
SOAP RPC Servlet | domainPath.rpc |
Naming Service | domainPath.namingService |
Server | domainPath.server |
JDBC adapter | domainPath.jdbcAdapter |
JNDI adapter | domainPath.jndiAdapter |
Windchill adapter | domainPath.Windchill |
Gateway | domainPath.gateway |
The domainPath that is indicated in each name defines the host of the domain in which the component executes or resides. During installation, the path is set to the Naming Service search base that is entered. For example, if the search base is set to “dc=myLocation,dc=myCompany,dc=com,ou=pIE,l=Pacific,o=myCompany,c=US,” then you could use “com.myCompany.myLocation” as the domainPath, assuming that there is not a similar path anywhere else in your enterprise system that would be used for Info*Engine LDAP entries.
Configuration Properties
Info*Engine components use the attributes stored in LDAP directory entries for defining and maintaining configuration properties. Info*Engine component properties apply to an individual component, start with its runtime service name, and are read when the component is used.
For example, if you have defined a JNDI adapter with a runtime service name of “com.company.Ldap1,” the names of its configuration properties begin with “com.company.Ldap1.” Therefore, entering a value in a JNDI adapter’s Search Base field on the Property Administration form causes the com.company.Ldap1.searchBase property to be set.
| The file paths shown in Info*Engine Property Administration utility examples use the slash (/) as the separator in filepaths even though the back slash (\) is the directory separator used on Windows systems. Info*Engine correctly identifies all system filepaths when you specify the slash. If you prefer to use the back slash for Windows filepaths, you must escape the back slash in the filepath. This means that you enter two back slashes (\\) for each back slash (\) in the path. |
Using the runtime service name as a prefix allows all component properties to be loaded into memory without causing any confusion about which properties apply to which component. If a property with the same prefix is manually set multiple times, the value for the last property read is used. Because Info*Engine does not control the order in which the LDAP entries are read, the resulting value for a property that has been set multiple times is unpredictable.
Usually, you maintain one unique LDAP directory entry for each Info*Engine component. However, you can maintain common properties for multiple components in one LDAP service entry, and then include that LDAP entry in each component you want using the properties. The Info*Engine Property Administration utility provides the Additional Services section on forms for this purpose.
Info*Engine uses configuration properties in two ways:
• The properties are set when the component starts. For most components, you use an ie.properties file. The ie.properties file contains a seeAlso property that specifies LDAP information. This allows access control to be set on the file to avoid sensitive information from being seen through the use of a ps command.
• The properties are read when Info*Engine creates an instance of the component to process requests.
About the ie.properties File
The ie.properties file is located in the /codebase/WEB-INF directory where Info*Engine is installed, and contains a reference to the LDAP branch that contains the Info*Engine properties. This reference also contains validation information to ensure that the services can access the LDAP directory.
The Windchill installer generates the contents of the ie.properties file based on the values that you specify when you enter your LDAP settings. The settings include the following:
• LDAP Server DNS Registered Host Name
• Administrator Distinguished Name
• Administrative Password
• Base Distinguished Name for Product Properties
| The contents of the ie.properties file are generated from entries in your site.xconf file and propagated using the xconfmanager utility. You should not edit this file directly. |
For example, assume that the following values are set:
Administrator Distinguished Name is “cn=Manager.”
Administrative Password is “admin.”
LDAP Server DNS Registered Host Name is the local host is: “host.company.com.”
Base Distinguished Name for Product Properties is: “cn=configuration,cn=Windchill_10,o=Company.”
In this example, the ie.properties file would contain the following:
seeAlso=ldap://cn=Manager:encrypted.ie.ldap.managerPw@host.company.com/
cn=configuration,cn=Windchill_10,o=Company
com.myCompany.myState.myHost.namingService.
directoryProvider=ldap://cn=Manager:encrypted.ie.ldap.managerPw@host.company.com
| While the password for LDAP in the example is “admin,” the ie.properties file does not contain this password in plain text. The actual password is stored in the WTKeystore and retrieved as necessary. |
Using the ie.properties file allows Info*Engine to put the administrator username and password in a relatively secure file and not in the individual startup scripts, which some operating systems may display. Also, it provides an easy way to use a different set of LDAP entries or change the LDAP authentication easily by just changing the contents of this file.
| To change the contents of the ie.properties file, use the xconfmanager utility. For more information, see About the xconfmanager Utility. Otherwise, enter the following command from the command line: xconfmanager --help |