Category: Business Integration Tips

DataPower Course WB552 Overall Impressions

I have to admit that I was very impressed with DataPower Course WB552. The content of the course covered everything that on would need to know about how to use the box along with security. It also provided a lot of opportunity to go off the beaten path and try modifications on your own. I […]

Read more

WebSphere Business Integration V6.1 Performance Tuning

Draft Redpaper, last updated: Mon, 9 Jun 2008

– Learn valuable tips for tuning
– Get the latest best practices
– Try the example settings

This IBM® Redpaper was produced by the IBM WebSphere® Process Server, WebSphere Enterprise Service Bus, WebSphere Adapters, and WebSphere Business Monitor performance teams in Austin Texas, Böblingen Germany, and Hursley England.

Read more

WB552: Random DataPower Thoughts Part 12

Message set (traffic Pattern) Count monitors increment based on condition. Duration monitors occur when a configured amount of time passes during processing of messages for the condition. Message Count Monitors would be used to limit requests to a certain rate (100/second) Message duration monitors are clock-based. Measure things like average server response. Traffic Definitions are […]

Read more

WB552: Random DataPower Thoughts 11

Tivoli Directory Integration can integrate with multiple LDAP. LDAP Search Attribute is the attribute in the LDAP that you want to look up. Load Balancing Algorithms: First-Alive: Secondary servers are only called when the primary server is down. So the first alive entry is always used. Hash: Hashes the IP address of the client to […]

Read more

WB552: Random DataPower Thoughts Part 10

AAA: Authentication, Authorization and Auditing Authentication can occur without the use of external servers: AAA file, LTPA and a Validation credential object, SAML token (?).  Can use the external Systems: LDAP, SAML, Tivoli, RADIUS When hitting a webpage, a browser artifact on a third party server can be pointed to embedded in the URL of […]

Read more

WB552: Random DataPower Thoughts Part 9

XML Virus scanning uses a filter action sheet: store://Virus-ScanAttachment.xsl. This transform needs to be modified to include the URL of your ICAP server Dictionary Attacks Protection uses count monitoring. SQL injection Protection uses the store://SQL-Injection-Filter.xsl transformation.

Read more

DataPower: Can A Match Action Accept Multiple URLs?

I have a match action which should accept /encrypt and /encrypt_fl . Could I have both of these specified in a single match action? When I tried it, I got a datapower error with the box unable to match. Not sure if this is user-error or what, but I thought I’d give a heads up […]

Read more

WB552: Random DataPower Thoughts Part 8

SSL: Message Confidentiality, Message Integrity and Non-Repudiation Server always authenticates to the client. Client optionally authenticates to the server. During an SSL handshake: Negotiate the level of SSL, decide on cipher suite, authenticate the server, build a secret key to be used for the session. SSL hello contains list of Cipher Suites. Server responds with […]

Read more

WB552: Random DataPower Thoughts Part 7

SSL Connections need Validation or Identification credentials based on which side of the conversation (client or server) the datapower box is. Nonrepudiation: How do you knowwho the party on the other end is? Signature: Encrypt a message with a private key, decrypt with the public key. This allows the receiver to verify the sender. Only […]

Read more

WB552: Random DataPower Thoughts Part 6

Always check the default system log when an error is first encountered. Audit log only occurs on the default domain. Captured IP packets are stored in pcap format. Need a tool to explore the data such as ethereal. The packet capture file is in the temporary directory. Probes and debug level logging will create a […]

Read more

WB552: Random DataPower Thoughts Part 5

Pass-thru: Traffic is passed without execution of the service policy. XML: Check for well-formed XML SOAP: Checked for SOAP Message validity. Non-XML: Treated as a binary and the service policy is executed. Service Level Monitors need a WSDL file to be defined. The validate action only accepts a single XSD definition or WSDL file. The […]

Read more

WB552: Random DataPower Thoughts Part 4

XML Firewall is a superset of the XSL Proxy. Web Service proxy understands more of the requirements to be a web service than the XML Firewall which only treats data as XML documents. Web Service Proxy and Multi-Protocol Gateway are supersets of the XML Firewall. Neither suppors the loopback proxy. Web Application Firewall: Customized XML […]

Read more

WB552: Random DataPower Thoughts Part 3

“Root Certificates” are implicitly trusted. The lookup chain of certificates ends at a root cert. These are stored in the pubcert directory. sharedCert is where certificates that we share with other clients are located. When creating a domain, you should always include default as a visible domain. This allows access to the store:// file system […]

Read more

WB552: Random DataPower Thoughts Part 2

DataPower XA35 (Green): XA = XML Accelerator DataPower XS40 (Yellow): XS = XML Security DataPower XI50 (Blue): XI = XML Integration “SSL Termination” refers to the destination system that recieves an SSL connection. DataPower can not participate in a two-phase commit transaction. Seems to me like this is a feature that needs to be incorporated […]

Read more

WB552: Random DataPower Thoughts Part 1

DataPower will not allow modified firmwares to be uploaded to the machine. They are required to be signed by IBM. By default, the device is ‘completely off’ with a locked down configuration. It’s up to the administrator to enable relevant services. When something is in encrypted storage, there is no UI to get the information […]

Read more

WB552: “Is there an IDE for DataPower?”

Q: “Is there an IDE for DataPower?” Answer: No. The web client is used to access most of the features” I think that there probably should be an investment (or direction) from IBM about how to go about doing the development work for DataPower. What I say this, I mean what is the recommended IDE […]

Read more

WB552: Introductions

Instructor: Greg Dinning, a 10 year educator on the IBM Suite of Integration software. The Attendees were a wide mix of developers wondering how to use the box, people who wanted to understand why they should buy it and people (like me) who are focused on getting the information to pass certification. I’m not going […]

Read more

Use ARM to monitor SCA invocations in IBM WebSphere Process Server

This two-part series shows you how to monitor Service Component Architecture
(SCA) invocations using the Application Response Measurement (ARM) standard in IBM
WebSphere Process Server V6.1. You can use an ARM implementation, such as IBM Tivoli
Composite Application Manager for Response Time Tracking, to generate a graphic view
of SCA invocations. This article, Part 1 of the series, starts by describing ARM and
showing you how to debug synchronous scenarios using Tivoli Composite Application
Manager for Response Time Tracking. In Part 2, you’ll get an introduction to SCA
invocation patterns and learn how to debug asynchronous scenarios.

Read more

WebSphere Adapter for JDBC: SetObjectKeys NullPointer Exception

We had a WebSphere Adapter for JDBC export in our module, and it was throwing the following exception: [5/27/08 17:55:52:315 EDT] 0000006b NUXInResource I PollEventManagerWorker run() CWYBS0011I: Polling has started. UserAction=No action is required. [5/27/08 17:55:53:356 EDT] 0000006d NUXInResource E com.ibm.j2ca.extension.eventmanagement.internal.EventSender getObjectForEvent(Event) EventStore impl (com.ibm.j2ca.jdbc.inbound.JDBCEventStoreWithXid@6eec3b01) threw an unexpected and unchecked exception javax.resource.ResourceException: EventStore impl (com.ibm.j2ca.jdbc.inbound.JDBCEventStoreWithXid@6eec3b01) […]

Read more