Configure Access for Web (CFGACCWEB2)

Where allowed to run: All environments (*ALL)
Threadsafe: No
Parameters
Examples
Error messages

The Configure IBM i Access for Web (CFGACCWEB2) command is used to configure IBM i Access for Web for the following web serving environments:

Before IBM i Access for Web can be used, it must be configured using this command.

Input parameters are conditional based on the value specified for the Web application server type (APPSVRTYPE) parameter.

This command will use the input configuration parameters to add IBM i Access for Web servlet or portlet configuration information to the web application server.

If multiple web application servers are configured and running on the system, IBM i Access for Web can be configured to run within each of those web application servers.

When configuring IBM i Access for Web for multiple web application servers, the new configuration can be created based on an existing configuration. The new configuration can share user-generated data with other configurations or a copy of the existing user data can be made for the new configuration.

This command will create a directory structure for user-generated data. User data will be stored to the following locations, depending on the value specified for the Web application server type (APPSVRTYPE) parameter:

When the command runs, status information will be displayed indicating what the command is processing. As the command runs, detailed status and error information will also be logged to stream file /QIBM/UserData/Access/Web2/logs/cmds.log.

After the command completes, the web application server may have to be ended and restarted. The IBM i Access for Web configuration will need to be started before it can be accessed.

Restrictions:

Top

Parameters

Keyword Description Choices Notes
APPSVRTYPE Web application server type Character value Required, Positional 1
WASPRF Web server profile name Character value, *DEFAULT Optional
APPSVR Application server name Character value, *DEFAULT Optional
INSTANCE Instance name Character value, *ADMIN Optional
WASINSDIR WebSphere install directory Path name, *DEFAULT Optional
TGTSVR Target server Character value, *DEFAULT Optional
AUTHTYPE Authentication type *APP, *APPSVR Optional
AUTHMETHOD Authentication method *FORM, *BASIC, *KERBEROS Optional
WPUSRID WebSphere Portal user ID Character value Optional
WPPWD WebSphere Portal password Character value Optional
WPURL WebSphere Portal config URL Character value Optional
WPDFTPAG WebSphere Portal default pages *CREATE, *NOCREATE Optional
WASUSRID WebSphere user ID Character value, *NONE Optional
WASPWD WebSphere password Character value, *NONE Optional
SRCSVRTYPE Source web server type Character value Optional
SRCSVRINST Source web server instance Character value, *DEFAULT, *WASPRF, *ADMIN Optional
SRCAPPSVR Source application server Character value, *DEFAULT Optional
SRCINSDIR Source install directory Path name, *DEFAULT Optional
SHRUSRDTA Share user data *NO, *YES Optional
Top

Web application server type (APPSVRTYPE)

Specifies which web application server to configure IBM i Access for Web to run under.

This is a required parameter.

*WAS61BASE
WebSphere Application Server V6.1 for i5/OS
*WAS61EXP
WebSphere Application Server - Express V6.1 for i5/OS
*WAS61ND
WebSphere Application Server Network Deployment V6.1 for i5/OS
*WAS70BASE
WebSphere Application Server V7.0 for IBM i
*WAS70EXP
WebSphere Application Server - Express V7.0 for IBM i
*WAS70ND
WebSphere Application Server Network Deployment V7.0 for IBM i
*INTAPPSVR
IBM integrated Web application server for i
*WP61BASE
WebSphere Portal V6.1 running on WebSphere Application Server ("Base edition")
*WP61ND
WebSphere Portal V6.1 running on WebSphere Application Server Network Deployment
Top

Web server profile name (WASPRF)

Specifies which IBM WebSphere Application Server profile to configure to run IBM i Access for Web.

This parameter is only applicable when the Web application server type (APPSVRTYPE) parameter is set to one of the following web application servers

*DEFAULT
When IBM WebSphere Application Server was installed, a default profile was automatically created for the WebSphere installation.

When *DEFAULT is specified, IBM i Access for Web will be configured within the default WebSphere profile.

name
Specify the name of the WebSphere profile to configure to run IBM i Access for Web.
Top

Application server name (APPSVR)

Specifies the existing application server to which IBM i Access for Web is to be configured.

A WebSphere profile can contain one or more application servers. The application server provides the environment in which deployed web applications execute.

This parameter is only applicable when the Web application server type (APPSVRTYPE) parameter is set to configure IBM i Access for Web for one of the following web application servers:

*DEFAULT
When the WASPRF parameter is set to *DEFAULT, this value will be set to 'server1'.

When the WASPRF parameter is set to something other than *DEFAULT, this value will be set to the value specified for the WASPRF parameter.

name
Specify the name of the application server within the WebSphere profile that is to be configured.
Top

Instance name (INSTANCE)

Specifies which IBM integrated Web application server for i instance to configure to run IBM i Access for Web.

This parameter is only applicable when the Web application server type (APPSVRTYPE) parameter is set to

*ADMIN
When the INSTANCE parameter is set to *ADMIN, IBM i Access for Web will be configured within the 'Admin' IBM integrated Web application server instance.
name
Specify the name of the IBM integrated Web application server for i instance to configure to run IBM i Access for Web.
Top

WebSphere install directory (WASINSDIR)

Specifies the directory in the IBM i integrated file system where WebSphere Application Server is installed.

Newer versions of WebSphere Application Server can be installed to multiple locations in the integrated file system. This value tells IBM i Access for Web which WebSphere Application Server installation to configure.

This parameter is only applicable when the Web application server type (APPSVRTYPE) parameter is set to one of the following web application servers

*DEFAULT
When *DEFAULT is specified, the path used will be based on the value specified in the Web application server type (APPSVRTYPE) parameter.
  • *WAS61BASE - /QIBM/ProdData/WebSphere/AppServer/V61/Base
  • *WAS61EXP - /QIBM/ProdData/WebSphere/AppServer/V61/Express
  • *WAS61ND - /QIBM/ProdData/WebSphere/AppServer/V61/ND
  • *WAS70BASE - /QIBM/ProdData/WebSphere/AppServer/V7/Base
  • *WAS70EXP - /QIBM/ProdData/WebSphere/AppServer/V7/Express
  • *WAS70ND - /QIBM/ProdData/WebSphere/AppServer/V7/ND
  • *WP61BASE - /QIBM/ProdData/WebSphere/AppServer/V61/Base
  • *WP61ND - /QIBM/ProdData/WebSphere/AppServer/V61/ND
path-name
Specify the installation path of WebSphere Application Server.
Top

Target server (TGTSVR)

Specifies the system to which IBM i Access for Web is to connect.

This parameter allows IBM i Access for Web to be configured on a central system to provide a gateway-like function to allow access to another system in the network.

A web application server such as WebSphere Application Server and IBM i Access for Web may not need to be installed or configured on the system specified in this parameter.

The IBM i Access Family product (5770-XW1) must be installed and licensed correctly on the system specified in this parameter.

*DEFAULT
IBM i Access for Web will connect to and serve data from the system to which it has been installed.
name
Specify the fully qualified domain name for the target system you want IBM i Access for Web to access data from. The domain name can be determined by accessing the TCP/IP configuration information on the target system.
Top

Authentication type (AUTHTYPE)

Specifies whether the application or the application server authenticates the user.

This parameter is only applicable when the Web application server type (APPSVRTYPE) parameter is set to one of the following web application servers

*APP
IBM i Access for Web will authenticate with IBM i using a user profile and password.

This option uses HTTP basic authentication to prompt for the user profile and password. To secure authentication information during transmission, HTTPS (secure HTTP) should be used.

*APPSVR
WebSphere Application Server will authenticate with the active user registry. IBM i Access for Web uses Enterprise Identity Mapping (EIM) to map the authenticated WebSphere user identity to an IBM i user identity.

This option enables IBM i Access for Web to participate in WebSphere single sign-on (SSO) environments.

This option requires global security be enabled for the WebSphere Application Server profile being configured.

Other requirements are based on the value of the AUTHMETHOD parameter specified.

For additional information, please refer to the IBM i Access for Web InfoCenter information http://www.ibm.com/systems/i/infocenter/

Top

Authentication method (AUTHMETHOD)

Specifies the method used by the application server to identify the user.

This parameter is only applicable when the AUTHTYPE parameter is set to a value of *APPSVR.

*FORM
This method uses an HTML form to prompt for the WebSphere user ID and password. The information is transmitted in clear text. To secure authentication information during transmission, HTTPS (secure HTTP) should be used.

This option requires the EIM Identity Token Connector be installed in the WebSphere Application Server profile being configured.

*BASIC
This method uses HTTP basic authentication to prompt for the WebSphere user ID and password. To secure authentication information during transmission, HTTPS (secure HTTP) should be used.

This option requires the EIM Identity Token Connector be installed in the WebSphere Application Server profile being configured.

*KERBEROS
This method uses Integrated Windows authentication to enable use of Windows domain login information. To secure authentication information during transmission, HTTPS (secure HTTP) should be used.

This option requires the WebSphere Application Server trust association interceptor (TAI) that uses the Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) to securely negotiate and authenticate HTTP requests.

For additional information, please refer to the IBM i Access for Web InfoCenter information http://www.ibm.com/systems/i/infocenter/

Top

WebSphere Portal user ID (WPUSRID)

Specifies the IBM WebSphere Portal administrative user ID that will be used to configure IBM i Access for Web within WebSphere Portal.

Changes to the WebSphere Portal configuration require a user ID be specified to make the changes. This is the same administrator level user ID that would be used to login to the WebSphere Portal user interface to perform administrator level functions.

This value is sent to the system unencrypted using an HTTP connection. If the connection could be compromised, this command should only be run within a protected intranet environment.

A parameter value is required when configuring IBM i Access for Web for WebSphere Portal.

character-value
Specify the administrative user ID.
Top

WebSphere Portal password (WPPWD)

Specifies the password for the IBM WebSphere Portal administrative user ID specified for the WPUSRID parameter.

This value is sent to the system unencrypted using an HTTP connection. If the connection could be compromised, this command should only be run within a protected intranet environment.

A parameter value is required when configuring IBM i Access for Web for WebSphere Portal.

character-value
Specify the password for the IBM WebSphere Portal administrative user.
Top

WebSphere Portal config URL (WPURL)

Specifies the universal resource locator (URL) to access the WebSphere Portal configuration servlet. This servlet will add the necessary IBM i Access for Web configuration information to WebSphere Portal.

This URL is comprised of the following elements:

An example for this value would be 'system_name.your_company.com/wps/config'.

A parameter value is required when configuring IBM i Access for Web for WebSphere Portal.

character-value
Specify the URL to access the WebSphere Portal configuration servlet.
Top

WebSphere Portal default pages (WPDFTPAG)

When configuring for WebSphere Portal default WebSphere Portal pages can be created and populated with IBM i Access for Web portlets.

*CREATE
Create a default IBM i Access for Web WebSphere Portal page containing multiple sub-pages. The sub-pages will be populated with IBM i Access for Web portlets.
*NOCREATE
Default IBM i Access for Web WebSphere Portal pages will not be created and IBM i Access for Web portlets will not be deployed to any WebSphere Portal pages.
Top

WebSphere user ID (WASUSRID)

If the WebSphere application server profile specified in the WASPRF and APPSVR parameters has security enabled, this parameter is required.

When this command runs it will make changes to the WebSphere profile configuration or the running state of the IBM i Access for Web web application. When WebSphere security has been enabled for a profile, authentication information must be supplied to make those changes.

The WASUSRID and WASPWD parameters provide the required authentication information.

To determine what value to specify for this parameter, refer to the Authentication Mechanisms and User Registries settings under the Security configuration in the WebSphere administration console.

This parameter does not apply to the WebSphere Portal or IBM integrated Web application server for i environments.

character-value
Specify the user ID.

For additional information, please refer to the WebSphere Security information in the IBM i InfoCenter information http://www.ibm.com/systems/i/infocenter/

Top

WebSphere password (WASPWD)

If the WebSphere application server profile specified in the WASPRF and APPSVR parameters has security enabled, this parameter is required.

When this command runs it will make changes to the WebSphere profile configuration or the running state of the IBM i Access for Web web application. When WebSphere security has been enabled for a profile, authentication information must be supplied to make those changes.

The WASUSRID and WASPWD parameters provide the required authentication information.

To determine what value to specify for this parameter, refer to the Authentication Mechanisms and User Registries settings under the Security configuration in the WebSphere administration console.

This parameter does not apply to the WebSphere Portal or IBM integrated Web application server for i environments.

character-value
Specify the password for the user ID.

For additional information, please refer to the WebSphere Security information in the IBM i InfoCenter information http://www.ibm.com/systems/i/infocenter/

Top

Source web server type (SRCSVRTYPE)

Specifies an existing web application server that has been configured to run IBM i Access for Web. The new IBM i Access for Web configuration will be created based on this existing IBM i Access for Web configuration.

This parameter is not applicable and will be ignored when the Web application server type (APPSVRTYPE) parameter is set to a version of WebSphere Portal.

*NONE
The new IBM i Access for Web configuration is not based on an existing IBM i Access for Web configuration.
*WAS50
WebSphere Application Server V5.0 for iSeries
*WAS50EXP
WebSphere Application Server V5.0 - Express for iSeries
*WAS51
WebSphere Application Server V5.1 for iSeries
*WAS51EXP
WebSphere Application Server V5.1 - Express for iSeries
*WAS60
WebSphere Application Server V6.0 for OS/400
*WAS60ND
WebSphere Application Server Network Deployment V6.0 for OS/400
*WAS61BASE
WebSphere Application Server V6.1 for i5/OS
*WAS61EXP
WebSphere Application Server - Express V6.1 for i5/OS
*WAS61ND
WebSphere Application Server Network Deployment V6.1 for i5/OS
*WAS70BASE
WebSphere Application Server V7.0 for IBM i
*WAS70EXP
WebSphere Application Server - Express V7.0 for IBM i
*WAS70ND
WebSphere Application Server Network Deployment V7.0 for IBM i
*INTAPPSVR
IBM integrated Web application server for i
*ASFTOMCAT
Apache Software Foundation (ASF) Tomcat
Top

Source web server instance (SRCSVRINST)

This parameter specifies the name of a WebSphere instance/profile, an integrated Web application server instance, or an ASF Tomcat server name where IBM i Access for Web is already configured.

The new IBM i Access for Web configuration will be based on this existing configuration.

The WebSphere instance/profile name, integrated Web application server instance name, or ASF Tomcat server name specified with this parameter must be configured within the web application server specified for the Source web server type (SRCSVRTYPE) parameter.

This parameter is not applicable and will be ignored when the Web application server type (APPSVRTYPE) parameter is set to a version of WebSphere Portal.

*DEFAULT
When the web application server was installed, a default instance/profile may have been automatically created. When *DEFAULT is specified, IBM i Access for Web will be configured based on an instance/profile named 'default'.
*WASPRF
When *WASPRF is specified, the value specified in the WASPRF parameter will be used.
*ADMIN
When *ADMIN is specified, the 'Admin' instance of the integrated Web application server will be used. The Source web server type (SRCSVRTYPE) parameter should be set to *INTAPPSVR.
name
Specify the name of the WebSphere instance/profile, integrated Web application server instance, or ASF Tomcat server that has already been configured to run IBM i Access for Web.
Top

Source application server (SRCAPPSVR)

The application server provides the environment in which deployed web applications execute. This parameter specifies the name of an application server within a WebSphere instance/profile where IBM i Access for Web is already configured.

The new IBM i Access for Web configuration will be based on this existing configuration.

This parameter is only applicable when the Web application server type (APPSVRTYPE) parameter is not set to a version of WebSphere Portal and the Source web server type (SRCSVRTYPE) parameter is set to one of the following web application servers:

*DEFAULT
The following applies when the SRCSVRTYPE parameter is set to *WAS50/*WAS51/*WAS60/*WAS60ND/*WAS61BASE/*WAS61EXP/*WAS61ND/*WAS70BASE/*WAS70EXP/*WAS70ND:
  • When this parameter is set to *DEFAULT and the SRCSVRINST parameter is set to *DEFAULT, this parameter will be set to 'server1'.
  • When this parameter is set to *DEFAULT and the SRCSVRINST parameter is set to something other than *DEFAULT, this parameter will be set to the value specified for the SRCSVRINST parameter.

The following applies when the SRCSVRTYPE parameter is set to *WAS50EXP/*WAS51EXP:

  • When this parameter is set to *DEFAULT and the SRCSVRINST parameter is set to *DEFAULT, this parameter will be set to 'default'.
  • When this parameter is set to *DEFAULT and the SRCSVRINST parameter is set to something other than *DEFAULT, this parameter will be set to the value specified for the SRCSVRINST parameter.
name
Specify the name of the application server within the WebSphere instance/profile that the new configuration will be based on.
Top

Source install directory (SRCINSDIR)

A version of WebSphere Application Server has already been configured to run IBM i Access for Web. This parameter specifies the directory in the IBM i integrated file system where that version of WebSphere Application Server was installed.

Newer versions of WebSphere Application Server can be installed to multiple locations in the integrated file system. This value tells IBM i Access for Web which WebSphere Application Server installation has already been configured to run IBM i Access for Web.

This parameter is only applicable when the Source web server type (SRCSVRTYPE) parameter is set to one of the following web application servers

*DEFAULT
When *DEFAULT is specified, the path used will be based on the value specified in the Source web server type (SRCSVRTYPE) parameter.
  • *WAS61BASE - /QIBM/ProdData/WebSphere/AppServer/V61/Base
  • *WAS61EXP - /QIBM/ProdData/WebSphere/AppServer/V61/Express
  • *WAS61ND - /QIBM/ProdData/WebSphere/AppServer/V61/ND
  • *WAS70BASE - /QIBM/ProdData/WebSphere/AppServer/V7/Base
  • *WAS70EXP - /QIBM/ProdData/WebSphere/AppServer/V7/Express
  • *WAS70ND - /QIBM/ProdData/WebSphere/AppServer/V7/ND
path-name
Specify the installation path of WebSphere Application Server.
Top

Share user data (SHRUSRDTA)

When configuring based on an existing IBM i Access for Web configuration this parameter specifies whether the new configuration will share user-generated data with the existing configuration.

A parameter value is required when a value other than *NONE is specified for the SRCSVRTYPE parameter.

*NO
The new configuration will start with a copy of the existing configuration's user-generated data.
*YES
The new configuration will share the user-generated data with the existing configuration.
Top

Examples

Example 1: Configuring WebSphere Application Server - Express V6.1 for i5/OS

CFGACCWEB2   APPSVRTYPE(*WAS61EXP)  WASPRF(iwa61exp)
             APPSVR(iwa61exp)

This command will configure IBM i Access for Web for a user created WebSphere profile named iwa61exp. This profile contains an application server named iwa61exp.

Example 2: Configuring WebSphere Application Server - Express V7.0 for IBM i

CFGACCWEB2   APPSVRTYPE(*WAS70EXP)  WASPRF(iwa70exp)
             APPSVR(iwa70exp)
             SRCSVRTYPE(*WAS61EXP)  SRCSVRINST(iwa61exp)
             SRCAPPSVR(iwa61exp) SHRUSRDTA(*NO)

This command will configure IBM i Access for Web for a user created WebSphere profile named iwa70exp. This profile contains an application server named iwa70exp. This example also shows that this new configuration will be based on a configuration that was performed in a previous example. User-generated data will be copied from the source configuration to this new configuration.

Example 3: Configuring WebSphere Portal

CFGACCWEB2   APPSVRTYPE(*WP61BASE) WASPRF(iwawps61)
             WPUSRID(wpsadmin) WPPWD(wpspassword)
             WPURL('mysystem.mydomain.com/wps/config')
             WPDFTPAG(*CREATE)

This command will configure IBM i Access for Web for WebSphere Portal V6.1 running on WebSphere Application Server ("Base edition"). WebSphere Portal has been configured in a WebSphere profile named iwawps61. This example inputs the WebSphere Portal administrator user ID and password, the URL to the portal configuration servlet, and tells the command to create the default IBM i Access for Web WebSphere Portal pages and populate the pages with portlets.

Example 4: Configuring WebSphere Application Server Network Deployment V6.1 for i5/OS

CFGACCWEB2   APPSVRTYPE(*WAS61ND)  WASPRF(iwa61nd)
             APPSVR(iwa61nd)
             SRCSVRTYPE(*WAS60) SRCSVRINST(IWATOMCAT)
             SHRUSRDTA(*NO)

This command will configure IBM i Access for Web for a user created WebSphere Network Deployment profile named iwa61nd. This profile contains an application server named iwa61nd. This profile has not been federated to the Network Deployment environment. This example also shows that this new configuration will be based on an existing WebSphere Application Server V6.0 for OS/400 configuration. User-generated data will be copied from the source configuration to this new configuration.

Top

Error messages

*ESCAPE Messages

IAW0001
Configure IBM i Access for Web command failed.
IAW000A
The SHRUSRDTA parameter is required.
IAW000B
Value specified for parameter APPSVRTYPE is not valid.
IAW000C
Value specified for parameter SRCSVRTYPE is not valid.
IAW0011
The WPUSRID, WPPWD, and WPURL parameters are required.
Top