Installing Reflection for the Web or Reflection Security Gateway with WebSphere Application Server

This technical note provides steps and suggestions for installing Reflection for the Web or Reflection Security Gateway on an IBM WebSphere Application Server.

Before You Begin

Before installing Reflection for the Web or Reflection Security Gateway (hereinafter referred to as Reflection), you must have all of the following installed and configured on your host.

• WebSphere Application Server 5.0.2 or higher.
• Java Developer Kit 1.5 or higher.
• Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. For details, see Applying the JCE Unlimited Strength Jurisdiction Policy Files.
• The most recent WebSphere cumulative and group program temporary fixes (PTFs) must be applied.
• Reflection requires 220 MB of free disk space in the hosts /tmp file during installation.
• If you want to use security (HTTPS, SSL) with the WebSphere Application Server (WAS), refer to your IBM documentation to properly configure the WAS.

Installing Reflection for the Web

After the WebSphere Application Server has been properly installed and tested, follow the steps below to install Reflection.

Prepare the rweb.war File

Follow these steps to prepare the rweb.war file:

1. Copy the rweb.war file located with the downloaded product files to a temporary folder on your PC. The file location depends on your Reflection product:

2. During download, the rweb.war file may be named rweb.war.zip. If so, rename rweb.war.zip to rweb.war.

Update the WebSphere Server Settings

Follow the steps below to update the WebSphere Server settings:

1. Open the WebSphere Administration Console. By default, this is accessed from http://<myserver>:9060/admin or http://<myserver>: 9060/ibm/console.
2. On the left-navigation bar, expand Applications, and then click Install New Application.
3. In the main window, select the "Local file system” radio button and enter the path to the rweb.war file. For example:

4. Select the “Show me all installation options and parameters” radio button.
5. In the Context root entry field, enter /rweb, and then click Next.
6. Select the "Generate Default Bindings" check box, leave all other values at default, and then click Next.
7. Click Next through the Install New Application dialog box, accepting defaults.
8. Select the rweb.war check box, make sure the Virtual Host is set to default_host, and then click Next.
9. Print the Summary page for your records, and then click Finish.

The new rweb.war application is installed and the Administration Console screen opens. If you expand the Applications menu and select Enterprise Applications, the application state for rweb should be Stopped.

Click Save to update the master configuration.

Update the web.xml File

There are two copies of the web.xml file, located in the following directories:

Note: If this is a WebSphere Application Server Network Deployment, there is an additional web.xml that must be updated:

In both (or all three) files, locate the <param-name>ReflectionData</param-name> section and modify the file to include the data in red below, entering your path to ReflectionData (for example, C:\ReflectionData or /u/local/ReflectionData), and substituting your own sslport value for 443. Note: If the ReflectionData directory does not already exist, you must manually create it.

Reflection stores configuration information in the ReflectionData directory. If this is a UNIX installation, ensure that rights are set so that Reflection can write to the ReflectionData directory.

Note: In Reflection, the sslport parameter is located in the PropertyDS.xml file, which is located in the ReflectionData folder. If you want to use a port other than default port 443; you must edit PropertyDS.xml after Reflection for the Web is started in WebSphere.

Once you have updated and saved both (or all three) of the web.xml files, return to the Administrative Console window and follow the steps below.

1. Expand the Applications menu item, and then click Enterprise Applications.
2. In the Enterprise Applications dialog, select the rweb check box, and then click Start. The application status will change to a started, indicated by a green arrow in the Status field.
3. Update the sslport parameter in the PropertyDS.xml, if you need to. Once updated, restart the Application Server using the WebSphere Administrative Console, performing steps 1 and 2 above.

Reflection is now installed. To access Reflection, open a browser and enter the URL, WAS port, and context root to your server.

Applying the JCE Unlimited Strength Jurisdiction Policy Files

Reflection Security Gateway 2014 R2 and Reflection for the Web 2014 R2 require the Java Cryptography Extension (JCE) Unlimited Strength Policy Files. "Unlimited strength" policy files contain no restrictions on cryptographic strengths, in contrast to the "strong" but limited cryptography policy files bundled in a JRE.

To apply the policy files:

1. Download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files from Oracle or IBM. Be sure to download the correct policy file updates for your version of Java:

• Oracle Java 7 or 8: http://www.oracle.com/technetwork/java/javase/downloads/index.html
• IBM Java: https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=jcesdk

2. Uncompress and extract the downloaded file. The download includes a Readme.txt and two .jar files with the same names as the existing policy files.
3. Locate the two existing policy files local_policy.jar and US_export_policy.jar in the following directory:

4. Replace the existing policy files with the unlimited strength policy files you extracted.

Legacy KB ID

This document was originally published as Attachmate Technical Note 1779.