White PaperCONFIGURING A CUSTOMIZED SESSIONIDENTIFIER IN AN EMC® DOCUMENTUM® WEBDEVELOPMENT KIT-BASED WEB APPLICATIONS    ...
Copyright © 2012 EMC Corporation. All Rights Reserved.EMC believes the information in this publication is accurate ofits p...
Table of ContentsExecutive summary...........................................................................................
Executive summaryThis white paper explains the end-to-end configuration settings required forconfiguring the customized se...
Perform the following steps at the WDK-based application and application serverlevels to specify the custom session identi...
<application>           ……………………………………….           ……………………………………….   <session_config>                         ……………………………...
</application>   If the application wants to use the custom session identifier as   taskspace_sessionID instead of the JSE...
The weblogic.xml file is available here: <app-root>/WEB-INF/weblogic.xml. The <app-root> folder is the application root lo...
Configuring the CookiePath on the WebLogic application serverThe WebLogic application server inserts the "/" character by ...
Upcoming SlideShare
Loading in …5
×

White Paper: Configuring a Customized Session Identifier in Documentum Web Development Kit-based Web Applications

1,057 views
911 views

Published on

This document explains the process of configuring an application-based custom session identifier for Documentum Web Development Kit-based applications.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,057
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

White Paper: Configuring a Customized Session Identifier in Documentum Web Development Kit-based Web Applications

  1. 1. White PaperCONFIGURING A CUSTOMIZED SESSIONIDENTIFIER IN AN EMC® DOCUMENTUM® WEBDEVELOPMENT KIT-BASED WEB APPLICATIONS Abstract This document explains the process of configuring an application-based custom session identifier for Documentum Web Development Kit-based applications. June 2012
  2. 2. Copyright © 2012 EMC Corporation. All Rights Reserved.EMC believes the information in this publication is accurate ofits publication date. The information is subject to changewithout notice.The information in this publication is provided “as is”. EMCCorporation makes no representations or warranties of any kindwith respect to the information in this publication, andspecifically disclaims implied warranties of merchantability orfitness for a particular purpose.Use, copying, and distribution of any EMC software described inthis publication requires an applicable software license.For the most up-to-date listing of EMC product names, see EMCCorporation Trademarks on EMC.com.Part Number H10778 Configuring a customized session identifier in an Documentum Web Development Kit-based web applications 2
  3. 3. Table of ContentsExecutive summary.................................................................................................. 4 Audience ............................................................................................................................ 4Introduction ............................................................................................................ 4Configuring the Custom Session Identifier in a WDK-based Client Application ........... 5 Webtop application........................................................................................................ 5 TaskSpace application ................................................................................................... 6 Other WDK-based applications....................................................................................... 7Configuring the Custom Session Identifier on the Application Server......................... 7 Configuring the custom session identifier on the WebLogic application server ................... 7 Configuring the custom session identifier on the IBM WebSphere application server ......... 8 Configuring the CookiePath on the WebLogic application server......................................... 9 To avoid concurrent session timeout errors: ................................................................... 9Conclusion.............................................................................................................. 9 Configuring a customized session identifier in an Documentum Web Development Kit-based web applications 3
  4. 4. Executive summaryThis white paper explains the end-to-end configuration settings required forconfiguring the customized session identifier instead of using JSESSIONID. This whitepaper is intended to explain the configuration settings of Documentum WebDevelopment Kit-based applications to support custom session identifiers specifiedin the application servers. This paper also explains how you can use configurationsettings to configure a custom session identifier in WDK-based client applicationsinstead of using JSESSIONID.As part of the effort to improve and enhance the performance and capabilities of itsproduct line, EMC, from time to time releases revisions of its hardware and software.Therefore, some functions described in this guide may not be supported by allrevisions of the software or hardware currently in use. For the most up-to-dateinformation on product features, refer to your product Release Notes document.If a product does not function properly or does not function as described in thisdocument, please contact your EMC representative.Note: We vouch that the content in this document is accurate at the time ofpublication. However, as information is added, new versions of this document may bereleased to the EMC online support website. Check the website to ensure that you areusing the latest version of this document.AudienceThis white paper is intended for personnel who are responsible for the configurationand administration of the application server production environment with regard toWDK-based client applications. This document is intended for internal EMCpersonnel, partners, and customers.IntroductionAs per the policy of one of the customers of EMC, every web application must have analternative session identifier besides the default JSESSIONID session identifier.Perhaps this customer uses other applications in the infrastructure to enforce securityrestrictions where a request must have a specific session identifier. In this case,customers can set the customized session identifier to applicationname_sessionidor to any other value based on the customer’s business needs, instead of usingJSESSIONID.The requirement to use an alternative session identifier is not restricted only to theWebtop application. It can be used in other WDK-based applications also. Thisdocument is authorized for version 6.7 of Documentum products. This feature hasbeen implemented in version 6.7 of Documentum WDK-based products.WDK-based applications can use the custom session identifier instead of usingJSESSIONID. By default, WDK-based applications use the jsessionid as a sessionidentifier. Configuring a customized session identifier in an Documentum Web Development Kit-based web applications 4
  5. 5. Perform the following steps at the WDK-based application and application serverlevels to specify the custom session identifier: Configuring the custom session identifier in WDK-based application Configuring the custom session identifier in application serverSpecify the same customized session identifier at the WDK-based application and theapplication server levels.Configuring the Custom Session Identifier in a WDK-based ClientApplicationModify the application-related app.xml file as follows to configure the custom sessionidentifier for the relevant WDK-based application.Webtop application1. Modify the <app-root>/wdk/app.xml file. The <app-root> folder is the application root folder where the Webtop application is installed or deployed.2. Configure the custom session identifier value in the <http_session_identifier> tag in the <session-config> section element. If the <http_session_identifier> tag does not contain a value, the application will use the default session identifier, JSESSIONID. <application> ………………………………………. ………………………………………. <session_config> …………………………… …………………………… <!-- Configurable session identifier instead of JSESSIONID (default value) (Has to be the same as in app server container) --> <http_session_identifier></http_session_identifier> </session_config> ……………………………………… ……………………………………… </application> If the application uses the webtop_sessionID custom session identifier instead of the JSESSIONID session identifier, you must specify the custom session identifier value in the <http_session_identifier> tag in the <session-config> element. You must specify the same session identifier value in the application server container also. Configuring a customized session identifier in an Documentum Web Development Kit-based web applications 5
  6. 6. <application> ………………………………………. ………………………………………. <session_config> …………………………… …………………………… <!-- Configurable session identifier instead of JSESSIONID (default value) (Has to be the same as in app server container) --> <http_session_identifier> webtop_sessionID </http_session_identifier> </session_config> ……………………………………… ……………………………………… </application>TaskSpace application1. Modify the <app-root>/taskspace/app.xml file. The <app-root> folder is the application root folder where the TaskSpace application is installed or deployed.2. You must configure the custom session identifier value in the <http_session_identifier> tags under the <session-config> section element.3. If the <http_session_identifier> tag does not contain a value, the TaskSpace application will use the default JSESSIONID session identifier.4. If the TaskSpace application does not have the <http_session_identifier> element, you must explicitly add this tag under the <session-config> element. <application> ………………………………………. ………………………………………. <session_config> …………………………… …………………………… <!-- Configurable session identifier instead of JSESSIONID (default value) (Has to be the same as in app server container) --> <http_session_identifier></http_session_identifier> </session_config> ……………………………………… ……………………………………… Configuring a customized session identifier in an Documentum Web Development Kit-based web applications 6
  7. 7. </application> If the application wants to use the custom session identifier as taskspace_sessionID instead of the JSESSIONID session identifier, you must specify this value in the <http_session_identifier> tag under the <session-config> element. You must specify the same session identifier in the application server container. The same we will cover in the next section. <application> ………………………………………. ………………………………………. <session_config> …………………………… …………………………… <!-- Configurable session identifier instead of JSESSIONID (default value) (Has to be the same as in app server container) --> <http_session_identifier> taskspace_sessionID </http_session_identifier> </session_config> ……………………………………… ……………………………………… </application>Other WDK-based applicationsFor other WDK-based such as Web Publisher, Digital Asset Manager and so on, modifythe application-related app.xml file to specify the <http_session_identifier> valueunder the <session-config> element to support the custom session identifier.Configuring the Custom Session Identifier on the ApplicationServerYou must specify the same custom session identifier configured in the WDK-basedapplication at the application server level to reflect the altered session identifier inthe WDK-based application.This section discussed the process of configuring the custom session identifier on theWebLogic and WebSphere application servers.Configuring the custom session identifier on the WebLogic application serverYou must configure the custom session identifier configured in the WDK-basedapplication app.xml file, in the weblogic.xml file. Configuring a customized session identifier in an Documentum Web Development Kit-based web applications 7
  8. 8. The weblogic.xml file is available here: <app-root>/WEB-INF/weblogic.xml. The <app-root> folder is the application root location where the WDK-based application isinstalled or deployed.<weblogic-web-app> ………………………………………. ………………………………………. <session-descriptor> <session-param> <param-name>CookieName</param-name> <param-value> webtop_sessionID </param-value> </session-param> </session-descriptor> ……………………………………………………. ……………………………………………………</weblogic-web-app>Configuring the custom session identifier on the IBM WebSphere applicationserverIf you are using the WebSphere application server, specify theSessionRewriteIndentifier property to configure the custom session identifier. TheSessionRewriteIdentifier property is used to support the application server using adifferent session identifier other than the JSESSIONID session identifier.You can specify additional settings for session management by setting customproperties.The following steps enable you to set custom properties for session management.You must create the SessionRewriteIndentifier custom property, and set its value aswebtop_sessionID. The webtop_sessionID custom session identifier is created for theWDK-based application instead of the JSESSIONID session identifier.To configure a custom session identifier on the IBM WebSphere application server:1. In the administrative console select Servers > Application Servers > server_name > Web Container Settings > Web container.2. Under Additional Properties select Custom Properties.3. Click New.4. Enter the property to configure in the Name field (SessionRewriteIndentifier) and the value in the Value field (webtop_sessionID).5. Click Apply or OK.6. Click Save to save the configuration changes.7. Restart the server. Configuring a customized session identifier in an Documentum Web Development Kit-based web applications 8
  9. 9. Configuring the CookiePath on the WebLogic application serverThe WebLogic application server inserts the "/" character by default, as the cookiepath for the session tracking cookie. If you run two web applications on the same IPaddress, you must set the correct cookie path in both web application configurationsto ensure that neither of the applications interferes with the cookies.ExampleYou open two applications, Documentum Webtop and Documentum Administrator intwo separate browser instances, and log in to each application. The Session timeoutmessage is displayed in the first application into which you logged in. You cannot login to two WDK-based applications concurrently, although they are invoked in separatebrowser windows.To avoid concurrent session timeout errors: Make sure that the cookie path is set for all your applications. For example, add the following configuration settings in <app-rrot>/WEB- INF/weblogic.xml for Webtop and all other WDK-based client applications: <weblogic-web-app> <description>Weblogic Webapp</description> <session-descriptor> <session-param> <param-name>CookiePath</param-name> <param-value>/<app-root> </param-value> </session-param> </session-descriptor> </weblogic-web-app>Note: The WDK-based application such as Digital Asset Manager, Webtop, orTaskSpace is installed or deployed in the <app-root> application root location.ConclusionThis white paper provides information about configuring a customized sessionidentifier instead of the JSESSIONID for WDK-based applications such as Webtop andTaskSpace.This white paper also provides instructions to set the same session identifier in theWebLogic application server and WebSphere application server to reflect the alteredsession identifier in the WDK-based application. Configuring a customized session identifier in an Documentum Web Development Kit-based web applications 9

×