Configuring anonymous access rights
This task is optional and only required if you need to grant anonymous access to FileNet to users who have anonymous access to some communities.
IBM FileNet Collaboration Services (FNCS) implements anonymous access with a designated user that is used only for this purpose. The user should be a system-type user that is not used by a real person. The user ID does not need, and should not have, any particular privileges on the object store beyond what is given in this document. This user's access control records will determine what level of access is given to anonymous users. Consequently, choose a functional ID that is reserved for this purpose and that does not have special access.
Configuring an anonymous user is required if users are accessing Connections communities anonymously. In some cases, such as when desktop single-sign is enabled, or when roles in the communities application have been restricted to limit access to authenticated users, setting up anonymous access for FileNet is optional. Refer to Roles for information on restricting access to anonymous users in communities.
The display name of the user used in this role might appear in some supplemental user interfaces, so a user account or functional ID should be chosen with a suitable display name matching the purpose of this account, for instance, Anonymous User. Do not choose the administrative account ID.
Follow these steps to configure anonymous access:
1. Log into
your FileNet WebSphere Application Server Administration console.
2. Navigate to Applications
> Application Types > WebSphere enterprise applications
> User RunAs roles
Check the Anonymous
role checkbox, fill in your anonymous username
3. Click Apply
4. Click Save
5. Click OK
6. Click Save
Configuring and redeploying FileNet Collaboration Services
1. Edit the fncs-sitePrefs.properties
located in your $FileNet_Collab_Services_root/configmanager/profiles/
2. Add the following properties to the file:
3. Log into your acce console (for example : http://edfx-demo-filenet.edifixio-online.com:9080/acce/
4. In the tree to the left, under your FileNet domain, deply "Object Stores" and click on your IBM Connections dedicated Object Store.
5. Click Search
in the tree to the left.
6. Select Collaboration Configuration
in the Select From Table
drop-down and then click OK
7. Click the result ID.
8. Click the Properties
9. Search for Download Count Anonymous User Ids
10. Click the down arrow
in the third column.
11. Click Display
or edit value
12. Add the SID
of the user granted anonymous access on previous step.
13. Click OK
14. Select the user in the dropdown list
in the Properties
15. Click Save
16. Log into
your FileNet WebSphere Application Server administration console and uninstall
17. Follow 4.1.01_Installing_FileNet_Collaboration_Services
to configure and redeploy the FNCS applicaiton.
Configuring web resources and virus scan properties
When FileNet is on a different WebSphere Application Server cell than IBM Connections, it cannot access the configuration values in LotusConnections-config.xml. Instead, you must create the configuration properties for IBM Connections web resources and virus scans in the connections.xml file
1. Copy the the auth_filter_patch.zip
file located in your $Connections_root_folder/ccm/ccm/ccm/auth_filter_patch
folder on your IBM Connections server to your FileNet server
2. Follow the following steps to update FNCS configuration:
- Log into your FileNet WebSphere Application Server administration console.
- Navigate to Security > Global security > Web and SIP security > General settings.
Select Authenticate only when the URI is protected and check Use available authentication data when an unprotected URI is accessed.
- Click Apply.
- Click Save.
- Navigate to Applications > Application Types > WebSphere Enterprise Applications > FNCS > Security role to user/group mapping.
- Check Authenticated checkbox.
- Click Map Special subjects and select Everyone.
8. Click OK.
9. Click Save.
10. Navigate to Applications
> Application Types > WebSphere Enterprise Applications.
11. Check the FNCS checkbox
and click Update.
12. Select Application Update Options
> Replace, add, or delete multiple files
and fill in the auth_filter_patch.zip
13. Click Next.
14. Click OK
15. Click Save.
16. OPTIONAL :
For antivirus scanning
- In your FileNet Collaboration Services cell, create a new file named connections.xml under the following location $WAS_PROFILE/config/cells/$CELL_NAME
- Add the following content to the file :
$Connections_URL is the URL of your IBM Connections server
$myscanner.host.com is the URL of your antivirus server
$myScannerService is AVSCAN for Symantec, or RESPMOD for McAfee
$/data/tmpvirusfolder is a virus scan temporary directory
- Save the file.
17. Restart FileNet Collaboration Services server.
Validating Anonymous access
To validate the anonymous access good working, open a browser and navigate to the following URL without logging :
Where MyFNCSServer is the URL of your FileNet Collaboration Services server and MyFNCSPort the http port where the server listens on.