Step 4: Deploying the Rule Execution Server management WAR

Deploy the WAR file to use Rule Execution Server on the Liberty profile.

About this task

Also, you control access to Rule Execution Server and enforce security by defining user groups and associated roles.

The main groups and their associated default user and password are summarized in the following table.

Group Use Default user/password
resAdministrators
Gives a user full administrator rights to:

  • Access and use the Rule Execution Server console to populate the database schema

  • Deploy, browse, and modify RuleApps

  • Monitor the decision history, purge and back up the history

  • Run diagnostics and view server information

 resAdmin/resAdmin
resDeployers
Gives a user the rights to:

  • Deploy, browse, and modify RuleApps

  • Test rulesets

 resDeployer/resDeployer
resMonitors
Gives a user the rights to:

  • View RuleApps

  • Monitor decision history and access Decision Center reports

 resMonitor/resMonitor

Use the following procedure to deploy the Rule Execution Server console management WAR, and create groups and users.

Note: For more information about configuring a data source in the Liberty profile, see the IBM® WebSphere® Application Server Liberty Core documentation.

Procedure

  1. If you want to create a new Liberty profile server, run the server command from the runtime <WLP_HOME>/bin directory. For example: server create odm
  2. Copy the file <InstallDir>/executionserver/applicationservers/WLP855/res.war to <WLP_HOME>/usr/servers/<SERVER_NAME>/apps.
    Note: The .war file supports versions 8.5.5.9 and 16.0.0.4 of Liberty.
  3. Copy the database driver to a directory of your choice, that you must specify in the server.xml file when you declare the data source. For example, the Derby embedded database driver is derby.jar, which can be downloaded from the web or is available in <InstallDir>/shared/tools/derby/lib. Copy the driver to the <WLP_HOME>/usr/shared/resources/derby directory for example.
  4. Open <WLP_HOME>/usr/servers/<SERVER_NAME>/server.xml.
  5. In the server configuration file, add the following pieces of code:
    1. To enable the required features: 
      <!-- Enable features -->
<featureManager>
    <feature>servlet-3.1</feature>
    <feature>appSecurity-2.0</feature>
    <feature>jsp-2.3</feature>
    <feature>jdbc-4.1</feature>
    <feature>concurrent-1.0</feature>
</featureManager>
      Note: You may need to enable the version of these features by running a command such as: <WLP_HOME>/bin/installUtility install servlet-3.1 jsp-2.3 jdbc-4.1 appSecurity-2.0.
    2. To specify the address and port number on which the server listens: 
      <httpEndpoint id="defaultHttpEndpoint"
                  host="*"
                  httpPort="9081"
                  httpsPort="9443"/>
    3. To define the data source: 
      <!-- RES data source --> 
<jdbcDriver id="DerbyEmbedded" libraryRef="DerbyLib"/>
<library id="DerbyLib" filesetRef="DerbyFileset"/>
<fileset id="DerbyFileset" dir="${shared.resource.dir}/derby" includes="derby.jar"/>
<dataSource id="jdbc/resdatasource" jndiName="jdbc/resdatasource" jdbcDriverRef="DerbyEmbedded">
    <properties 
        databaseName="${shared.resource.dir}/data/resdb" 
        createDatabase="create" 
        user="resdbUser" 
        password="resdbUser"
    />
</dataSource>
    4. To declare the users and groups for the web application: 
      <!-- Web application security -->
<basicRegistry id="basic" realm="customRealm">
    <user name="resAdmin" password="resAdmin"/>
    <user name="resDeploy" password="resDeploy"/>
    <user name="resMonitor" password="resMonitor"/>
    <group name="resAdministrators">
                <member name="resAdmin"/>
    </group>
    <group name="resDeployers">
                <member name="resDeploy"/>
    </group>        
    <group name="resMonitors">
                <member name="resMonitor"/>
    </group>
</basicRegistry>
    5. To declare the Rule Execution Server console: 
      <!-- RES console -->
<application type="war" id="res" name="res" location="${server.config.dir}/apps/res.war">
        <application-bnd>
            <security-role name="resAdministrators">
                    <group name="resAdministrators"/>
            </security-role>
            <security-role name="resDeployers">
                    <group name="resDeployers"/>
            </security-role>
            <security-role name="resMonitors">
                    <group name="resMonitors"/>
            </security-role>
        </application-bnd>
</application>
  6. Save the file.
  7. Start the Liberty profile server by running the server start command from the runtime <WLP_HOME>/bin directory: for example, server start odm.
  8. Open the Rule Execution Server console in your browser by entering res with the root URL on the host machine: http://localhost:9080/res

    If your browser is not running on the same host as the application server, replace localhost with the address of the machine. If the web application is mapped to a host with a different port number, change the port number from 9080 to the host port number.

    The log for the Rule Execution Server console is written to the <WLP_HOME>/usr/servers/<SERVER_NAME>/logs/res-console.log file.

Parent topic: Configuring Rule Execution Server on the Liberty profile