You can create a web server definition in the administrative console when the web server
and the web server plug-in for WebSphere® Application Server are on the same machine and the application
server is on a different machine. This allows you to run an application server on one platform and a
web server on another platform.
Before you begin
With a remote web server installation, WebSphere Application Server can facilitate plug-in administration
functions and generation and propagation of the plugin-cfg.xml file for IBM® HTTP Server for WebSphere
Application Server, but not for other web servers.
Web servers that are not IBM HTTP Server for WebSphere Application Server must reside on the same machine as the WebSphere
Application Server (as a managed node) to facilitate plug-in administration functions and generation
and propagation of the plugin-cfg.xml file.
About this task
You can choose a remote web server installation if you want the web server on the outside of a
firewall and WebSphere Application Server on the inside of a firewall. You can create a remote web server
on an unmanaged node. Unmanaged nodes are nodes without node agents. Because there is no WebSphere
Application Server or node agent on the machine that the node represents, there is no way to
administer a web server on that unmanaged node unless the web server is IBM HTTP Server for WebSphere Application Server. With
IBM HTTP Server, there
is an administration server that will facilitate administrative requests such as start and stop,
view logs, and view and edit the
httpd.conf file.
Important: The
administration server is not provided with IBM HTTP Server for WebSphere Application Server which runs on z/OS® platforms. So, administration
using the administrative console is not supported for IBM HTTP Server for z/OS on an unmanaged node.
The following steps will create a web server definition in the default profile. This procedure
does not apply when setting up a remote web server for an i5/OS web server. For information
about setting up an i5/OS web server, see the topic entitled Selecting a web server topology diagram and
roadmap.
Procedure
-
Install IBM
Installation Manager.
-
Install your WebSphere Application Server product.
-
Install IBM HTTP
Server or another supported web server.
-
Install the web server plug-ins.
-
Install the WebSphere Customization Toolbox.
-
Configure the web server plug-in using the Web Server Plug-ins Configuration Tool.
-
Configure the web server plug-in.
-
Complete the setup by creating the web server definition.
You can use the WebSphere Application Server administrative console or run the plug-in configuration script:
- Using the administrative console:
- Click System Administration > Nodes > Add Node to create
an unmanaged node in which to define a web server in the topology.
- Click Servers > Server Types > Web servers > New to launch the Create new
web server definition tool. You will create the new web server definition using this tool. The
values are as follows:
- Select appropriate node
- Enter web server properties:
- Type: The web server vendor type.
- Port: The existing web server port. The default is 80.
- Installation Path: The web server installation path. This field is
required field for IBM
HTTP Server only.
- WINDOWS Service Name: The Windows operating system
service name of the web server. The default is IBMHTTPServer7.0.
- Use secure protocol: Use the HTTPS protocol to communicate with the web
server. The default is HTTP.
- Plug-in installation location: The directory path where the plug-in is
installed.
- Application mapping to the web server: Whether you want to create a
mapping to existing applications that are currently deployed to the web server. Select
ALL if you want the mapping created; select None if
you do not want the mapping created.
CAUTION:
If you have enterprise applications in
different security domains when you create a web server, the Key Database (KDB) files for your
security configuration might not be created if you have Application mapping to the web
server set to All. To resolve this problem, create the web server
with Application mapping to the web server set to
None. Then map the applications to the web server. All the KDB files for the
web server are then created.
- Enter the remote web server properties. The properties for the IBM HTTP Server administration server
follow:
- Port: The administration server port. The default is
8008.
- User ID: The user ID that is created using the htpasswd script.
- Password: The password that corresponds to the user ID created with the
htpasswd script.
- Use secure protocol: Use the HTTPS protocol to communicate with the
administration server. The default is HTTP.
- Select a web server template. Select a system template or a user-defined template for the web
server you want to create.
- Confirmation of web server creation.
- Run the plug-in configuration script.
-
On the remote web server, run the setupadm script.
The administration server requires read and write access to configuration files and
authentication files to perform web server configuration data administration. You can find the
setupadm script in the
<IHS_install_root>/bin directory. The administration
server has to launch
adminctl restart as root to perform successful restarts of
IBM HTTP Server. In
addition to the web server files, you must manually change the permissions to the targeted plug-in
configuration files.
The
setupadm script prompts you for the following input:
- User ID - The user ID that you use to log on to the administration server. The script creates
this user ID.
- Group name - The administration server accesses the configuration files and authentication files
through group file permissions. The script creates the specified group through this script.
- Directory - The directory where you can find configuration files and authentication files.
- File name - The following file groups and file permissions change:
- Single file name
- File name with wildcard
- All (default) - All of the files in the specific directory
- Processing - The setupadm script changes the group and file permissions of
the configuration files and authentication files.
In addition to the web server files, you must change the permissions to the targeted plug-in
configuration files. See the topic on setting permissions manually for instructions.
-
On the remote web server, run the htpasswd script.
The administration server is installed with authentication enabled and a blank
admin.passwd password file. The administration server will not accept a
connection without a valid user ID and password. This is done to protect the IBM HTTP Server configuration file from
unauthorized access.
Launch the htpasswd utility that is shipped with the administration server.
This utility creates and updates the files used to store user names and password for basic
authentication. Locate
htpasswd in the
bin directory.
- htpasswd -cm <install_dir>\conf\admin.passwd
[login name]
- ./htpasswd -cm
<install_dir>/conf/admin.passwd [login name]
where
<install_dir> is the IBM HTTP Server installation directory
and
[login name] is the user ID that you use to log into the administration
server. The [login name] is the user ID that you entered in the user ID field for the remote web
server properties in the administrative console.
-
Start IBM HTTP
Server.
Refer to the topic on starting and stopping the IBM HTTP Server Administration server for instructions.
What to do next
For a non-IBM HTTP Server web server on an unmanaged node, you can generate a plug-in
configuration, based on WebSphere Application server repository changes. However, the following
functions are not supported on an unmanaged node for a non-IBM HTTP Server web server:
- Starting and stopping the web server.
- Viewing and editing the web server configuration file.
- Viewing the web server logs.
- Propagation of the web server plugin-cfg.xml file.
You can configure non-IBM HTTP Server web servers as a local web server on a
managed node. For a non-IBM HTTP Server web server on a managed node, the following functions are
supported:
- Generation of the plug-in configuration, based on WebSphere Application Server repository changes.
- Propagation of the plugin-cfg.xml file, based on using node synchronization
with the WebSphere Application Server node. Node synchronization is necessary in order to propagate
configuration changes to the affected node or nodes.
Note: When WebSphere Application Server is
installed using a stand-alone profile on one machine and IBM HTTP Server is installed on a different machine as root user
using the administrative server, to ensure that propagation functions correctly, the root user must
manually change the permissions of the plugin-cfg.xml file to the nonroot user running IBM HTTP Server from the
administrative server. The username and group needed to start the administrative server are located
in the HTTPServer/config/admin.conf file.
The
plugin-cfg.xml file is
propagated to the application server node repository tree from the deployment manager repository.
Important: The plugin-cfg.xml file is propagated to the
application server node repository tree. This is not the default plugin-cfg.xml
file installation location. Changes may have to be made to non-IBM HTTP Server web server
configuration files to update the location of the plugin-cfg.xml file that is
read by the plug-in module.
For example, Internet Information Services (IIS) has a file name
called
plugin-cfg.loc, which is read by the IIS plug-in modules to determine
the location of the
plugin-cfg.xml file. The
plugin-cfg.loc file has to be updated to reflect the
plugin-cfg.xml
file location in the application server node repository.
Other non-IBM HTTP Server web servers
have different methods to specify the location of the plugin-cfg.xml file for
the plug-in module. However, in order for propagation to work, update the location to reflect the
location in the application server node repository.
For a non-IBM HTTP Server Web server that is configured as a local web server on
a managed node, the following functions are not supported:
- Starting and stopping the web server.
- Viewing and editing the configuration file.
- Viewing the web server logs.