D2-Lockbox

D2-Lockbox

Lockbox is a component of the RSA Common Security Toolkit (CST) which securely stores passwords for Documentum D2 in an encrypted file. The stored passwords are put as <key, value> pairs. Lockbox uses keys to store and retrieve the passwords. Documentum D2 uses Lockbox that were earlier present as clear text in the various properties files, such as D2FS.properties, d2fs-trust.properties, D2-JMS.properties, and D2-Config.properties.

The Lockbox configuration for D2 can be done in either of the following ways:

  • Using the new D2 Configurator Utility – Configure the lockbox through the configurator: D2-Configurator-4.5.0.jar file.
  • Manual configuration of D2 Lockbox

On CS

  • Copy LB.jar and LBJNI.jar that are extracted from the D2 installer into <Documentum install path>\<Jboss version>\server\DctmServer_MethodServer\lib folder
  • set PATH=C:\Documentum\D2\Lockbox\win_vc80_x64;%PATH%
  • set CLASSPATH=<D2 install path>\C6-Common-<version>.jar;<lockbox install path>\LB.jar;<lockbox install path>\LBJNI.jar;%CLASSPATH%
  • Generate lockbox file and set D2.passphrase

java.exe –cp “C:\Program Files\EMC\D2\C6-Common-4.5.0.jar;C:\Documentum\D2\Lockbox\LB.jar;C:\Documentum\D2\Lockbox\LBJNI.jar” com.emc.common.java.crypto.SetLockboxProperty C:\Lockbox D2Method.passphrase #1Password

  • We can create a passphrase using java PassphraseGenerator:

java com.emc.common.java.crypto.PassphraseGenerator <length>

On JMS

  • Copy the D2.lockbox file generated in <Documentum-root>/<JBoss-version>/server/DctmServer_MethodServer/deployments/ServerApps.ear/APP-INF/classes/
  • Create emc/d2/lockbox/main folder under <Documentum install path>/<JBoss version>/modules/ & Copy LB.jar and LBJNI.jar files that are extracted by the D2 installer to the main/ folder
  • Create module.xml for these 2 jar entries.
  • Add dependencies in jboss deployment xml file.

On AS

Need to configure the lockboxPath entry both in D2-Config and D2 client applications:

D2 Config

  • In D2-Config application, D2-Config.properties file contains lockboxPath properties entry. The file path of this properties file is located at :

<webapp root>\webapps\D2-Config\WEB-INF\classes\D2-Config.properties

  • Open the above file in a text editor and search for the string “lockboxPath”. By default, this entry would be commented. Uncomment and specify the fully qualified folder path of D2.lockbox file.

D2 Client

  • In D2 application, D2FS.properties file contains lockboxPath properties entry. The file path of this properties file is as under:

<webapp root>\webapps\D2\WEB-INF\classes\D2FS.properties

  • Open the above file in a text editor and search for the string “lockboxPath”. By default, this entry would be commented. Uncomment and specify the fully qualified folder path of D2.lockbox file
  • Lastly Copy lockbox librariesjar and LBJNI.jar into AS webapps.

 Restart Environment

The system hostname key is missing from the Lockbox – Regenerate the lockbox file again by running the installer through admin command line pointing to the supported java.

Deployed LB onto the JMS (D2 Lockbox on Content Server), Set the dll path:

$:\Documentum\D2\Lockbox\win_vc80_ia32\LBJNIWrappers.dll

java Dclb.library.path=C:\Documentum\D2\Lockbox\win_vc80_x64 com.emc.common.java.crypto.SetLockboxProperty C:\Progra~1\EMC\D2\lockbox D2Method.passphrase $Pass123

Comments

Post a Comment

Popular posts from this blog

Using Java reflection to reduce Code and Development time in DFS

  Java reflections are one of the most powerful API’s of Java Language, this can be used to reduce code significantly. Most of the Current Enterprise application consists of different layers and they  use Value objects to transfer data from one layer to another. An inefficient way of using getters and setters of the attributes of Value objects can increase code and development time of application. Effective use of reflection can reduce code and development time significantly. So let’s take a Scenario,  I have an Object type MyObjectType extending from dm_document with 50 additional attributes, so dm_document as of Documentum 6.5 has 86 attributes adding additional 50 attributes that means we have 139 attributes for this object type. Consider a standard Web Application using DFS behind which needs to manipulate (add or edit) instances of this object type, The Service needs to add all these attributes to the  PropertySet    of the  DataObject  repre...
Read more

Virtual Documents in Documentum

Image
  What is a Virtual Document Simplistically speaking Virtual document is a document that can contain another documents . After reading the above statement first question that might arise to all is if it can contain documents how is it different from a folder? Let me make few bullet points about Virtual Document here, which will clear most of the confusions that you might have about virtual documents.   ·   A Virtual Document is a Document which can contain the type or the sub type of SysObjects  with an exception given below ·   A Virtual Document cannot contain any folders or cabinets, or any sub types of these. ·   A Virtual Document object may or may not have a content (dmr_content) attached to it but a folder or a cabinet will never have any content attached to it. Though most of the time a Virtual Document might not be having a Content file attached to it. ·   Any Object type that extents from SysObject can be converted as a Virtual Document. The ...
Read more

Few Important Object Types in Documentum

    Documentum is an Object Oriented Content Management Systems. Everything in Documentum is considered as Objects, This includes all the things that user manipulates, or the content server saves. From the User to Document, everything in Documentum is different type of Object. The whole Object types in Documentum has been structured in a Hierarchal model. Means All the Attributes from the super types are extended to the sub types. In other sense the attributes of Super types are visible and accessible from the Subtypes.   Lets see some of the important and most commonly used object types here.    Note: This is just to give an insight of Documentum Object model. Please read Object Reference Manual for very detailed information on All Object types and its attributes. Persistence Object  This type is the super type of all the object types that are saved in Documentum. Each time user creates an object instance of Persistence object type they are objects stored ...
Read more