IBM Connections is installed as a series of enterprise applications hosted on a WebSphere Application Server server. In a full IBM Connections installation, you have a list of all IBM Connections applications under the "Enterprise Applications" menu. You can only use the "Start" and "Stop" menu items on this screen to manage the applications. Starting and stopping an application do not start or stop the server that hosts the application and therefore, server configuration changes do not be picked up by an application restart.
In some instances, during a patch upgrade, you might be required to update the application itself. This comes in the form of an "ear" file that is updated from this screen. This, however, is not usual practice in a standard deployment.
On the Enterprise Application panel, you can see which applications are successfully started (right pointing green arrow), stopped (red X), or unavailable (question mark). An application is shown as "unavailable" or "unknown" if the application’s host server cannot be queried. In an IBM Connections installation, the initial server has a DefaultApplication installed. You do not need this and it can be left not running.
You do sometimes needs to go into each application to work with the configuration of the application itself. This is different from the server configuration that is controlled by WebSphere. The application configuration is controlled by the designers of the application itself. An application installed on multiple servers is only listed once and uses the same configuration on each server where it runs.
If you select a particular application, there are two options that you primarily work with:
- Manage Modules - where you tell the application which server it is hosted on and which web server it is to route traffic to
- Security role to use group mapping - this is the application security written by the application designers.
The Manage Modules menu takes us inside the design of each application where we can see the components that comprise the application. Each component should always be mapped to the same server and this mapping is automatically created during install of Connections. If the web server is installed after these applications or the web server is relocated post install, you might need to go in here and re-map the applications to a new server.
In the figures below, you can see that each module is mapped to a specific server, cluster, and web server instance.
Security Role to user and group mapping
The options for security roles are defined per application by the application designers to meet the requirements of that application. They are not 100% consistent across each application so it is important to review the documentation and understand the purpose of each role before making changes here.
It is possible to select multiple roles and map users and groups to those roles in one step. The list of groups or users are taken from your configured LDAP directory.
- Everyone means all users who can access the application, even anonymous ones.
- All Authenticated in Application’s Realm means all users who can login and be validated by your defined LDAP servers.
In a Connections environment there are some applications that do not support anonymous access (such as Profiles or Activities) because the application’s functionality is based around a user being logged in.