The Planning, Installing, and Configuring Z and I Emulator for Web guide helps you to plan for, install, and configure the Z and I Emulator for Web program. This book is written for administrators. It contains three major parts.
Planning for Z and I Emulator for Web gives you information about Z and I Emulator for Web for you to consider before installation and deployment. For example, which server platform will you use? Which deployment model will you use? How will you handle security?
Installing, upgrading, and uninstalling Z and I Emulator for Web offers step-by-step procedures based on each operating system.
Configuring Z and I Emulator for Web describes different configuration models to specify how session configuration information is defined and managed, how to dynamically modify session configuration information, how to customize new clients, and how to deploy Z and I Emulator for Web to your users.
After you install and configure Z and I Emulator for Web, use the online help to learn how to define sessions and perform other administrative tasks.
Planning, Installing, and Configuring Z and I Emulator for Web is also available at https://zieweb.hcldoc.com/help/index.jsp.
Most of the documentation is also included on the Z and I Emulator for Web product or Toolkit.
The following typographic conventions are used in Planning, Installing and Configuring Z and I Emulator for Web:
Convention | Meaning |
---|---|
Monospace | Indicates text you need to enter at a command prompt and values you need to use literally, such as commands, functions, and resource definition attributes and their values. Monospace also indicates screen text and code examples. |
Italics | Indicates variable values you need to provide (for example, you supply the name of a file for file_name). Italics also indicates emphasis and the titles of books. |
Return | Refers to the key labeled with the word Return, the word Enter, or the left arrow. |
> | When used to describe a menu, shows a series of menu selections. For example, "Click File > New" means "From the File menu, click the New command." |
When used to describe a tree view,
shows a series of folder or object expansions. For example, "Expand
Config Servlet > Sysplexes > Plex1 > J2EE Servers > BBOARS2" means:
|
|
This graphic is used to highlight notes to the reader. |
|
This graphic is used to highlight tips for the reader. |
This section describes the terminology used throughout this book.
Note the following terms and their use in this document.
HCL Z and I Emulator for Web provides cost effective and secure browser-based and non-browser-based host access to users in intranet-based and extranet-based environments. Z and I Emulator for Web is installed on a Web server, simplifying administrative management and deployment, and the Z and I Emulator for Web applet or application is downloaded to the client browser or workstation, providing user connectivity to critical host applications and data.
Z and I Emulator for Web supports emulation for common terminal types, communications protocols, communications gateways, and printers, including the following:
You can use the Java component-based ZIE Host Access Toolkit to create customized e-business applications. This Toolkit contains a rich set of Java libraries and application programming interfaces: Host Access Class Library (HACL), Host Access Beans for Java, and Java Enterprise Edition (J2EE) connectors. Z and I Emulator for Web also includes Database On-Demand, which provides an interface for sending Structured Query Language (SQL) queries to IBM DB2 databases hosted on IBM System i7 systems.
The following figure and explanation show how a Z and I Emulator for Web system works. Z and I Emulator for Web is a client/server system. Z and I Emulator for Web clients are Java applets that are downloaded from the Web server to a Web browser on a remote computer.
Step 1. The user opens a browser and clicks a hyperlink.
Step 2. HCL Z and I Emulator for Web applet downloads to the client workstation.
Step 3. When the applet is downloaded, HCL Z and I Emulator for Web connects directly to any Telnet server to access host applications.
Session information is configured in the HTML file or Z and I Emulator for Web configuration server. For more information about the configuration server, see Planning for deployment.
Z and I Emulator for Web client applets can be run as Web Start clients. Web Start clients are downloaded from the Web server and stored on the client computer. After the initial download, the client is loaded from the local machine.
Z and I Emulator for Web includes the following administrative components:
In addition, a number of predefined clients are also supplied with Z and I Emulator for Web to demonstrate Z and I Emulator for Web's client functions for users and administrators (for example, emulation, Database On-Demand, and problem determination utilities).
You can reduce maintenance costs and increase your return on investment by installing Z and I Emulator for Web on a Web server, eliminating the need to manage individual user desktops.
Since the applets reside on a server and are downloaded to Web browsers when needed, you no longer have to schedule maintenance and upgrades. Upgrade the software on the server and users can receive the upgrade the next time they access the client applet.
Administrators can centrally define and control all session configuration information available to their users, including connection options, security features, macro definitions, keyboard specifications, and color mappings. Furthermore, administrators have full control over which fields the user can or cannot modify, and can choose where user updates should be stored.
On Windows platforms, the default Z and I Emulator for Web graphical user interface is based on the Nimbus Look and Feel provided by Java 1.8 and later.
With Z and I Emulator for Web, the client applet contains the emulation functionality. With the emulator residing on the client, the middle-tier server, such as IBM Communications Server or a third-party SNA server, can be eliminated. Any performance and security issues introduced with this intermediary piece will also be removed. Once the applet is served to the client, it is easy to connect directly to any standard Telnet server that provides the best access to the required data. You can access many host sessions concurrently. By eliminating the need for a middle-tier server, Z and I Emulator for Web also minimizes capacity restrictions. To see how this works, refer to Figure 1.
The browser-based access of Z and I Emulator for Web gives you a simple way to centrally manage and deploy critical host applications and data. Z and I Emulator for Web uses the power of Java technology to open the doors to your host system whenever you need it, wherever you need it, directly from your browser. Just click on a hyperlink to launch the Z and I Emulator for Web Java applet. This Web-to-host connectivity solution provides secure Web-browser access to host applications and system data through Java-based emulation, so you can take existing host applications to the Web without programming. Because Z and I Emulator for Web is Java-based, its interface has the same look-and-feel across various types of operating environments.
On Windows platforms, the default Z and I Emulator for Web client graphical user interface is based on the Nimbus Look and Feel provided by Java 1.8 and later.
Z and I Emulator for Web servers and clients are supported on a wide variety of platforms and can be used over any TCP/IP network. This gives you a great deal of flexibility in setting up your system and enables Z and I Emulator for Web to be deployed in your computing environment without having to purchase new hardware.
Z and I Emulator for Web is compatible with browsers that support Java standards. In addition, some new features of Z and I Emulator for Web take advantage of capabilities offered only by Java.
Support for Internet Protocol Version 6 requires Java 1.8 or higher. Z and I Emulator for Web Version 2.0 supports Java 1.8 or higher.
An Internet Protocol is a protocol used to route data from its source to its destination through an Internet environment. An IP is an intermediary between higher protocol layers and the physical network.
Internet Protocol Version 6 is the replacement for Internet Protocol Version 4. Internet Protocol Version 6 expands the number of available IP addresses and makes improvements in routing and network configuration. Both Internet Protocol Version 6 and Internet Protocol Version 4 were designed by the Internet Engineering Task Force (IETF).
Most of the Internet currently uses Internet Protocol Version 4. Internet Protocol Version 6 is expected to replace Internet Protocol Version 4 over a period of years.
|
The Z and I Emulator for Web server also supports Internet Protocol Version 6 for the Redirector. For more information, refer to Redirector support for IPv6. |
Z and I Emulator for Web is available in multiple languages, including double-byte character set (DBCS) languages. Support for the European currency symbol, as well as keyboard and code page support for many more languages such as Arabic, Hebrew and Thai, is also provided. All language versions are available on the same media, and multiple language versions can be accessed concurrently.
Using Transport Layer Security (TLS), Z and I Emulator for Web extends secure host data access across intranets, extranets, and the Internet. Mobile workers access a secure Web site, receive authentication and establish communication with a secure enterprise host. With client and server certificate support, Z and I Emulator for Web can present a digital certificate to the Telnet server - such as IBM Communications Server for z/OS - for authentication.
Z and I Emulator for Web can also be configured for use in environments that include firewalls. Firewall ports need to be opened for the functions defined in your Z and I Emulator for Web session definitions. For more information, refer to Using Z and I Emulator for Web with a firewall.
Z and I Emulator for Web includes a Deployment Wizard that you can use to create custom HTML files. With these files you can tailor the content of the client and the function necessary to meet the needs of specific groups of users. For more information about the Deployment Wizard, refer to Configuring Z and I Emulator for Web emulator clients.
Z and I Emulator for Web includes the Java component-based ZIE Host Access Toolkit for creating customized e-business applications. This Toolkit contains a rich set of Java libraries and application programming interfaces, including the Host Access Class Library (HACL), Host Access Beans for Java, and Java Enterprise Edition (J2EE) connectors.
HACL provides a non-visual API for interacting with back-end host machines running applications originally designed for human interaction. Host applications rely on readable character presentation, formatted fields, color-coding, and keyboard responses. HACL provides specialized classes for functionalities needed to mimic traditional interaction with a series of host screen presentations (green screens). HACL contains no GUI (visible component) classes. For example, a Java program could be running on a mainframe as a secondary application. The secondary application program interacts first with another mainframe running a CICS data application, and then with a client browser through dynamically generated HTML pages. The secondary application interprets client inputs into simulated terminal actions which are sent to the CICS machine using the HACL API. The response screens from the CICS machine are captured using HACL APIs, converted into dynamic HTML pages, and sent back to the client.
Z and I Emulator for Web J2EE Connector provides a set of Resource adapters that communicate to 3270, 5250, CICS, and VT hosts. These resource adapters are deployed to a conforming application server, such as IBM Application Server. The users can write Web applications using the APIs provided in Z and I Emulator for Web J2EE Connector via WebSphere Studio Application Developer Integration Edition.
Z and I Emulator for Web can run as a portlet on Portal Server, a component of WebSphere Portal. Portal Server has sophisticated desktop management and security features that offer administrators more control over user access rights and users control over the appearance and arrangement of the portal desktop.
Administrators can create customized Z and I Emulator for Web portlets quickly and easily using the Deployment Wizard and then load them directly into Portal Server.
Database On-Demand is included with Z and I Emulator for Web to provide access to DB2 information stored on IBM System i5 servers using a Java Database Connectivity (JDBC) driver. Database On-Demand is a Java applet that allows you to perform Structured Query Language (SQL) requests to IBM System i5 databases through a JDBC driver. Database On-Demand is a separate applet from the Z and I Emulator for Web applet and is started by a separate HTML file. You can also use the Data transfer support from within an emulator session to perform SQL requests if you need both terminal emulation and support for SQL queries.
Z and I Emulator for Web provides access to host applications from a Web browser. The browser downloads the Z and I Emulator for Web Java applet from the Web server and then connects to any Telnet server to access host applications. The Z and I Emulator for Web applet needs configuration information to determine which host to connect to and other host session properties. This configuration information can be provided to the Z and I Emulator for Web applet from an HTML file that is used to launch Z and I Emulator for Web or by the Z and I Emulator for Web configuration server. The configuration server is a part of that centrally stores session configuration information and user preferences by user and group IDs. Users then access session information and user preferences by contacting the configuration server. The configuration server is managed through the administration client. For information on configuring the Z and I Emulator for Web configuration server, see the online help.
You can create custom client HTML files using the Deployment Wizard. When creating these HTML files, you can choose from three different configuration models to specify how session configuration information and user preferences are defined and managed: the HTML-based model, the configuration server-based model, and the combined model.
These models are described below. For detailed information on each model and benefits and limitations to using each model, see the online help.
If you choose the HTML-based model, all host session configuration information is contained in the HTML file itself, and nothing more is needed to define host sessions. Therefore, you are not required to use the configuration server to specify sessions, which means you do not have to open up a port on your firewall. If you allow users to save changes to the host session configuration information, their changes are stored on the local file system where the browser is running.
You are suggested not using the port 8999 because you do not need to start the ZIE server by using the HTML-based model. In this case the server resource is saved.
This option of defining configuration information in the HTML files is only available in clients that are created using the Deployment Wizard.
In the configuration server-based model, host session information is maintained on the configuration server using the Administration client, and the information is defined using a user and group structure. By default, the configuration server stores its data directly on the Z and I Emulator for Web server machine, though it can be configured to use LDAP instead. Users access their configurations using either custom HTML files created in the Deployment Wizard or by using one of several HTML files that are provided as part of Z and I Emulator for Web. User IDs are defined in the configuration server, and in most cases the user needs to log on to the Z and I Emulator for Web server before viewing his sessions. If administrators allow users to save changes, user preferences are stored in the configuration server by user ID. Because their customizations are saved on the configuration server, this model may be the best choice if users need to access their sessions from multiple machines.
By default, the Web browser communicates directly to the configuration server. If you communicate through a firewall, you need to open the configuration server's port on the firewall. Alternatively, you can use the configuration servlet to eliminate the need to open the configuration server's port on the firewall. The Web browser connects to the configuration servlet over an HTTP or HTTPS connection and the configuration servlet then interacts with the configuration server. See Configuring the configuration servlet for more information about using the configuration servlet.
Z and I Emulator for Web supports a combined model, where the host session information is defined in the configuration server (like the configuration server-based model) and user updates are saved on the user's machine (like the HTML-based model). In addition, like the HTML-based model, users of the combined model do not need to log on to the Z and I Emulator for Web server to view their sessions.
Additionally, for client deployment considerations, you need to decide which version of Java to use (see Planning for Java on the client).
This chapter provides detailed information related to running the Z and I Emulator for Web client on a Java-enabled browser.
With the Java client, you can do the following:
A few Java client types cannot be upgraded in the background. See Limits of support for more information.
Almost all Z and I Emulator for Web Java clients support these improvements. The Java Web Start client also supports these improvements.
The following types of Java clients do not support the improvements to the Java client:
The following sections discuss the limitations in downloading a client with Java.
With the Java client, a user cannot download a Z and I Emulator for Web client component that is not in the original preload list. Consequently, you need to specify all the components that your users might require in the preload list.
This limitation is caused by a conflict between the method used by a client to download components not on the preload list and security restrictions imposed by the Java plug-in.
With Java, the default client HTML files (default_xx.html, where xx is the two-letter language suffix) do not contain the following client components:
These less frequently used components were removed from the preload list of the Java default download HTML files to shorten download time. However, with the Java client, any component not in the preload list cannot be downloaded later.
If you want some or all of these components to be in the preload list, perform one of the following actions:
Z and I Emulator for Web Mac OS X emulator and database clients support Safari , Firefox, and the Mac version of Internet Explorer. Z and I Emulator for Web does not support the administration clients on Mac OS X. Z and I Emulator for Web Version 2.0 supports Java 1.8 or higher.
The Duplicate Key Support feature requires a Java Plug-in of 1.8 or newer on Macintosh clients. However, Z and I Emulator for Web Version 2.0 supports Java 1.8 or higher.
Mac OS X does not support the Java client improvements described in Improvements to the client for Java.
With a Java-enabled browser, the Z and I Emulator for Web client starts a little more slowly (5 to 15 seconds slower, depending on the workstation type). The delay is caused by the system loading the Java plug-in.
Also, with a Java-enabled browser, a host session on the Z and I Emulator for Web client desktop can take a little longer to start.
If you are using a Oracle Java plug-in and Hindi characters are not displayed correctly, make sure your Oracle JRE level is the latest.
If a user runs a customer-supplied applet (that is, an applet written by your company or a third party) with a session (such as 3270 Display) launched from a Java Z and I Emulator for Web client, and if this applet requires any Java permissions, you are suggested taking one of the following actions to meet the security requirements of Java:
If you do not meet the security requirements of Java, the applet silently fails.
Restricted users do not have the authority to install the Java plug-in. A user with administrative authority must install the Java plug-in.
This section discusses issues involved in using Java-enabled browsers and Java plug-ins.
A Java-enabled browser does not have a JVM included with it. It can display HTML files on its own, but it needs a separate Java plug-in installed to launch a Java applet such as the Z and I Emulator for Web client. Examples of Java-enabled browsers are Firefox and Microsoft Internet Explorer with the Java plug-in installed.
When a Java plug-in is properly installed and configured on a Windows client workstation, Microsoft Internet Explorer will function as a Java-enabled browser, depending on how Z and I Emulator for Web chooses to launch the client.
To run a Java applet on Firefox, you need to install a Java plug-in.
Consequently, Z and I Emulator for Web expects you to configure the Java plug-in so that it is the default Java Runtime for Firefox.
Whether you are implementing Z and I Emulator for Web purely within your corporate network, or you are using it to provide access to your host systems over the Internet, security is a concern. This chapter provides an overview of Z and I Emulator for Web security.
TLS is based on the SSL protocol. TLS uses the initial handshake protocol for establishing client/server authentication and encryption. For detailed information on TLS, see the description of The TLS Protocol Version 1.0.
The TLS protocol uses public-key and symmetric-key cryptographic technology. Public-key cryptography uses a pair of keys: a public key and a private key. Information encrypted with one key can be decrypted only with the other key. For example, information encrypted with the public key can be decrypted only with the private key. Each server's public key is published, and the private key is kept secret. To send a secure message to the server, the client encrypts the message by using the server's public key. When the server receives the message, it decrypts the message with its private key.
Symmetric-key cryptography uses the same key to encrypt and decrypt messages. The client randomly generates a symmetric key to be used for encrypting all session data. The key is then encrypted with the server's public key and sent to the server.
TLS provides three basic security services:
|
You can also use secure HTTP (HTTPS) to ensure that a client's security information is not compromised as it is downloaded from a server. |
Security is controlled by digital certificates that act as electronic ID cards. The purpose of a certificate is to assure a program or a user that it is safe to allow the proposed connection and, if encryption is involved, to provide the necessary encryption/decryption keys. They are usually issued by Certificate Authorities (CAs), which are organizations that are trusted by the industry as a whole and whose business is the issuing of Internet certificates. A CA's certificate, which is also known as a root certificate, includes (among other things) the CA signature and a validity period.
Encryption and authentication are performed by means of a pair of keys, one public, one private. The public key is embedded into a certificate, known as a site or server certificate. The certificate contains several items of information, including the name of the Certificate Authority (CA) that issued the certificate, the name and public key of the server or client, the CA's signature, and the date and serial number of the certificate. The private key is created when you create a self-signed certificate or a CA certificate request and is used to decrypt messages from clients.
A TLS session is established in the following sequence:
There are three areas where you can configure security for Z and I Emulator for Web: session security, Web server security, and configuration security.
Z and I Emulator for Web Version 2.0 uses the TLS protocol to provide security for emulator and FTP sessions.
The TLS protocol provides communications privacy across a TCP/IP network. TLS is designed to prevent eavesdropping, message tampering, or message forgery. TLS also provides a framework that allows new cryptographic algorithms to be incorporated easily. Z and I Emulator for Web supports encryption of emulation and FTP sessions and server/client authentication according to TLS Protocol Version 1.0.
Support is provided for the following:
To support TLS services, Z and I Emulator for Web uses six databases:
The CustomizedCAs.class is a Java class file that contains the certificates of unknown CAs and self-signed certificates that are not in the WellKnownTrusted list. If you use a self-signed certificate or a certificate from an unknown authority (CA), you need to update the CustomizedCAs.class file. However, note that you can no longer create or update the CustomizedCAs.class file using the Certificate Management utility on Windows or AIX platforms.
WellKnownTrustedCAs.class and WellKnownTrustedCAs.jks and/or CustomizedCAs.class and CustomizedCAs.jks must be present in the Z and I Emulator for Web publish directory. The Z and I Emulator for Web client uses these files to trust the server's certificate during the TLS handshake.
When you select the TLS protocol for the Z and I Emulator for Web client, a basic TLS session is established. During the TLS negotiation process, the server presents its certificate to the client. With basic TLS enablement, the certificate must be signed by an authority that the client trusts. The client checks WellKnownTrustedCAs.class first, followed by the CustomizedCAs.class. If Z and I Emulator for Web is configured to use JSSE for TLS enablement, WellKnownTrustedCAs.jks and CusomizedCAs.jks files will be used. The client rejects the session if it does not find the signer in these files. If the client finds the signer in these files, the session is established. This is basic Server Authentication. Z and I Emulator for Web allows you to configure a more enhanced form of Server Authentication in its client configuration. Refer to the following section for more information.
|
Web Express Logon offers a type of logon automation that uses client-side certificates. This model is called certificate-based Web Express Logon and is significantly different than Certificate Express Logon. With Certificate Express Logon, client certificates are used to authenticate users to an Express Logon-enabled TN3270 server that is configured to automate the login process. With certificate-based Web Express Logon, however, client certificates are used to authenticate users to a Web server or a network security application, and the login process is automated by a plug-in and a macro. For more information, refer to the Web Express Logon Reference. |
The Telnet server must support TLS-based Telnet security (as described in the IETF Internet-Draft TLS-based Telnet Security) for the Z and I Emulator for Web clients to use Telnet-negotiated security. The Communications Server for z/OS supports TLS-based Telnet security.
For more information regarding Telnet-negotiated security, see the Telnet-negotiated security overview in the online help. Refer to your Telnet server's documentation for more information about configuring TLS on the Telnet server, and refer to the Security topic in the online help for more information about configuring a client to connect to a secure Telnet server.
The security properties of the FTP session are independent of the emulator session's security properties. For an integrated FTP session, you need to configure FTP security information using the new Security tab in FTP session properties. If you configure an emulator session to be secure and the File Transfer Type is set to FTP, the FTP session will not be secured automatically. In this situation, the following message appears when you click the OK button: If a secure file transfer session is desired, configure the security information in File Transfer Defaults.
The TLS based secure FTP function is supported by z/OS V1R2 or later.
Refer to the following examples as situations where you might want to use session security:
You can configure your Web server to use TLS, so that the data stream from your Web server to your browser is encrypted. See your Web server documentation for more information about configuring your Web server for TLS. Once the client is loaded in a browser, however, it communicates directly with the host. You can configure Z and I Emulator for Web to provide TLS security to your host sessions. For more information, see Configuring TLS in the online help.
If you use the HTML model, your session configuration information will be encrypted if you use HTTPS. For all other models, you need to configure Z and I Emulator for Web to use the configuration servlet over HTTPS (after configuring your Web application server) to encrypt the session configuration instead of communicating directly with the configuration server. See Installing the configuration servlet in this guide for more information about installing the configuration servlet, and see configuring the configuration servlet in the online help for more information about configuring clients to use the configuration servlet.
The Redirector is a service that runs on the Z and I Emulator for Web server and that allows a Z and I Emulator for Web client to communicate with a Telnet server by connecting to a Redirector port on the Z and I Emulator for Web server.
Normally, a Z and I Emulator for Web client:
However, when the Redirector is used, the Redirector acts as an intermediary between the client and the Telnet server. The client, instead of connecting directly to the Telnet server, connects to a Redirector port on the Z and I Emulator for Web server. The Redirector then sends to the Telnet server the data received from the client. When the Telnet server replies, the Redirector sends to the client the data received from the Telnet server. This process continues until the session ends.
If your Telnet server does not support TLS, and if you are running the Z and I Emulator for Web server on one of the operating systems on which the Redirector supports secure sessions (see Operating systems supported by the Redirector), you can configure the Z and I Emulator for Web Redirector to provide the TLS support.
|
Many Telnet servers support TLS (for example, IBM Communications Servers on zSeries, IBM System i, AIX, or NT). If your Telnet server supports TLS, we strongly recommend using your Telnet server. If your Telnet server does not support TLS, the Communications Server for AIX Redirector offers a more scalable alternative to the Z and I Emulator for Web Redirector. |
The Redirector acts as a transparent Telnet proxy that uses port remapping to connect the Z and I Emulator for Web server to other Telnet servers. Each defined server can configure a set of local-port numbers. Instead of connecting directly to the target Telnet server, a client connects to the server and port number. The Redirector maps the local-port number to the host-port number of the target and makes a connection.
|
The recommended solution for a Telnet proxy is to use Load Balancer, a feature of WebSphere Application Server's Edge Components, or a similar product that provides address translation as part of the overall firewall solution, instead of the Z and I Emulator for Web Redirector. |
Figure 5 illustrates how the Redirector sends the client data to the Telnet server and sends to the client the responding data from the Telnet server.
The Redirector can be configured in any one of the following four modes:
Before you use the Client-side, Server-side, or Both modes, you need to create the ServerKeyStore.jks (if configured to use JSSE) for the Redirector.
You can use the Pass-through mode when encryption by the Redirector is not necessary, either because the data stream does not need to be encrypted, or because the data stream is already encrypted between the client and the Telnet server. you need to use the Pass-through mode if the Z and I Emulator for Web client is connecting through the Redirector to a host that requires client authentication or Express Logon.
Refer to Adding a host to the Redirector in the online help for more information.
For Redirector load capacity recommendations, refer to the Readme.
The Redirector now supports:
Not every Redirector mode is supported on every operating system. The next two subsections describe Redirector support in more detail. For more information on IPv4 and IPv6 see Support for Internet Protocol Version 6.
For operating systems that support IPv4 the Redirector supports the following:
Table 6 show this information:
Operating Systems | Pass-through: | Client-side: | Host-side: | Both: |
---|---|---|---|---|
Windows | Yes | Yes | Yes | Yes |
AIX | Yes | Yes | Yes | Yes |
Linux | Yes | Yes | Yes | Yes |
All other operating systems | Yes | No | No | No |
Table 7 show the operating systems and the Redirector modes for which the Redirector supports Internet Protocol Version 6 (IPv6):
Operating system: | Pass-through: | Client-side: | Host-side: | Both: |
---|---|---|---|---|
Windows | Yes | Yes | Yes | Yes |
Linux | Yes | Yes | Yes | Yes |
AIX | Yes | Yes | Yes | Yes |
If you are configuring Z and I Emulator for Web to go through a firewall, we recommend that the firewall administrator open only those ports required for the clients to function. Telnet ports allow TLS-encrypted session traffic.
If you are using the configuration server-based or combined models, the Z and I Emulator for Web configuration servlet allows Z and I Emulator for Web clients to communicate with the configuration server across either HTTP or HTTPS.
For Z and I Emulator for Web clients connecting to a host system through open ports in the firewall, see Configuring firewall ports for details. For Z and I Emulator for Web clients connecting to a host system through a Socks or HTTP proxy server, see Connecting to a host system through a proxy server for details.
If you are using the configuration server-based model or the combined model, your Z and I Emulator for Web clients will need to communicate with the configuration server. To allow this through a firewall, you will need to either open the Z and I Emulator for Web Service Manager port or use the Z and I Emulator for Web configuration servlet. The Service Manager listens on port 8999 by default. You can change this default to any other available port number. For details, refer to Changing the Service Manager port in the online help. The Z and I Emulator for Web configuration servlet allows Z and I Emulator for Web clients to communicate with the configuration server across either HTTP or HTTPS. Therefore, the Service Manager port does not need to be open on the firewall. (See Figure 4.) Refer to Installing the configuration servlet and Configuring the configuration servlet in the online help for details on using the configuration servlet.
If you are using the HTML-based model, there is no requirement for Z and I Emulator for Web clients to access the configuration server, and the Service Manager port does not need to be open on the firewall. The clients will still attempt to contact the configuration server for license counting but will fail silently if the Service Manager port is not open.
In addition to the Service Manager port, make sure the firewall administrator opens any ports that are being used for functions your clients use. For example, if you have a TLS session with the Redirector on port 5000, port 5000 must be open for Telnet traffic. The following table summarizes the ports that Z and I Emulator for Web can use.
Z and I Emulator for Web Function | Ports Used |
Display emulation (3270 and VT) and 3270 Printer emulation | 23 (Telnet), 80 (HTTP), or 443 (TLS) and 8999 (config server)3 |
5250 Display and Printer emulation | 23 (Telnet) or 992 1 (TLS) or 80 (HTTP) or 443 (TLS) and 8999 (config server) 3 |
3270 file transfer | 23 (Telnet), 80 (HTTP), or 443 (TLS) and 8999 (config server)3 |
5250 file transfer - savfile | 80 (HTTP), 8999 (config server)3, 21 (FTP)4, >1024 (FTP)4, 446 (drda)4, 449 (as-svrmap)4, 8470 (as-central)1 2 4, 8473 (as-file)1 4, 8475 (as-rmtcmd)1 4, and 8476 (as-signon)1 4 |
5250 file transfer - database | 80 (HTTP), 8999 (config server)3, 446 (drda)4, 449 (as-svrmap)4, 8470 (as-central)1 2 4, 8473 (as-file)1 4, 8475 (as-rmtcmd)1 4, and 8476 (as-signon)1 4 |
5250 file transfer - stream file | 80 (HTTP), 8999 (config server)1 2 4, 449 (as-svrmap)4, 8470 (as-central)1 2 4, 8473 (as-file)1 4, and 8476 (as-signon)1 4 |
FTP | 21 (FTP), 80 (HTTP), 8999 (config server)1 2 4, and >1024 (FTP)5 |
CICS | 2006 |
Database On-Demand | 80 (HTTP), 8999 (config server)3, 449 (as-svrmap)4, 8470 (as-central)1 2 4, 8471 (as-database)1 4, and 8476 (as-signon)1 4 |
Z and I Emulator for Web clients | 23 (Telnet), 80 (HTTP), and 8999 (config server)3 |
Administration clients | 80 (HTTP) and 8999 (config server)3 |
SSH (the Secure Shell) | 22 |
Notes: | |
1 | You can change the port numbers with the command WRKSRVTBLE . The port numbers listed are the default values. |
2 | The port for as-central is used only if a codepage conversion table needs to be created dynamically (EBCDIC to/from Unicode). This is dependant on the JVM and the locale of the client. |
3 | You can change the config server port. Port 8999 is the default. |
4 | These ports do not need to be opened on the firewall if you are using IBM System i proxy server support. You will need to open the default proxy server port 3470. You can change this port. |
5 | In passive (PASV) mode, the FTP client initiates
both connections to the server, solving the problem of firewalls filtering
the incoming data port connection to the client from the server. When
opening a FTP connection, the client opens two random unprivileged
ports locally (N>1024 and N+1). The first port contacts the server
on port 21, but instead of then issuing a PORT command and allowing
the server to connect back to its data port, the client issues the
PASV command. As a result, the server then opens a random unprivileged
port (P>1024) and sends the PORT P command back to the client. The
client then initiates the connection from port N+1 to port P on the
server to transfer data.
From the server-side firewall's standpoint, to support passive mode FTP, you need to open the following communications ports:
|
If you do not want to open port 8999 on the firewall, you can still allow users to access Z and I Emulator for Web. There are two options:
If you use the configuration server and it is separated from your Web browser by a firewall, you will either need to open the configuration server port on the firewall or run the Z and I Emulator for Web configuration servlet. The configuration servlet allows the browser to communicate with the configuration server across standard Web protocols, such as HTTP or HTTPS. (See Figure 4.)
Z and I Emulator for Web clients can use a proxy server to transparently access host systems from behind a firewall. Two types of proxy servers are supported:
Before you can connect to a host system through a proxy server, you need to find out which protocol the proxy server supports. Decide whether you want to specify the proxy server settings through the Web browser or explicitly identify a proxy server for the session. If you decide to explicitly identify a proxy server, you need to specify the protocol that the proxy server uses, the proxy server name and port number, and other information.
In general, if a Socks proxy server is available, configure Z and I Emulator for Web sessions to use it. Configure sessions to use an HTTP proxy server if that is the only type of proxy server supported at your site.
Many organizations use Socks proxy servers to protect computing resources behind a firewall. Socks is a protocol for TCP/IP-based network proxies. It allows applications on one side of a Socks proxy server to gain full access to hosts on the other side of the Socks proxy server without directly connecting to them. Proxy servers are generally used in conjunction with firewalls. Under the Socks protocol, a client that requests a connection to a host system through a firewall actually connects to a Socks proxy server. The Socks proxy server acts as an intermediary between the client and the host system. It authorizes communication requests, connects to the host on behalf of the client, and relays data between the two systems.
Z and I Emulator for Web supports both version 4 and version 5 of the Socks protocol.
The Java Virtual Machine (JVM) used in most Web browsers supports Socks version 4. A session can access either a Socks version 4 or version 5 proxy server, bypassing the proxy server settings in the Web browser. You can also have the session negotiate a Socks version 4 connection if the proxy server does not support version 5. For more information on Socks proxy server settings, refer to Proxy Server in the online help.
HTTP proxy servers handle HTTP requests through firewalls. They act as intermediaries between private local networks and the Internet. The HTTP proxy server is connected to both the local network and the Internet. Local users configure their browsers to pass HTTP requests through the HTTP proxy server by specifying the proxy server's IP address and TCP port number. The HTTP proxy server accepts these HTTP requests and forwards them to the actual Web servers specified by the URLs entered in the browser.
For Z and I Emulator for Web clients, HTTP proxy servers act as forwarding agents for connections to a host system. The HTTP proxy server opens a connection to the host system and sends data back and forth between the host system and the client. Although an HTTP proxy server usually closes a connection after servicing an HTTP request, Z and I Emulator for Web keeps the connection open for host traffic by using the HTTP Connect method (if it is enabled for the proxy server).
To have a session use a HTTP proxy server, you need to select HTTP proxy as the proxy type and specify the proxy server name and port number. For more information on HTTP proxy server settings, refer to Proxy Server in the online help.
If you have a network security application in place and you are using the configuration server-based model, you can select Web Express Logon in the Deployment Wizard to allow users to access hosts and host-based applications without providing an additional user ID and password. Entering the full URL of the Credential Mapper Server tells Z and I Emulator for Web where to locate the Credential Mapper Servlet, which processes the HTTPS request from the user, performs a lookup, and returns the user's credentials. The credentials are then used to perform a secure, automated Z and I Emulator for Web login.
If you use the configuration server-based model, you can configure your Z and I Emulator for Web users to be natively authenticated. This option allows users to log on to Z and I Emulator for Web using the same password as they would to log on to the operating system (AIX or z/OS) where Z and I Emulator for Web is active. When a user logs on to Z and I Emulator for Web, their password is validated against the operating system password, rather than a separate Z and I Emulator for Web password. This gives the administrator a single point of control for password administration and the user a single password to remember.
Refer to Native Authentication in the online help for more information on enabling this option.
If your users are logged on to a Windows domain, this option (available with the configuration server-based model in the Deployment Wizard) automatically logs users on to Z and I Emulator for Web using their Windows user name. The Z and I Emulator for Web logon window does not appear and the Windows user name is used as the Z and I Emulator for Web user ID. If a Z and I Emulator for Web user ID does not already exist (matching the Windows user name), you can also choose to have a user ID automatically created in the specified Z and I Emulator for Web group.
Refer to Logon Type in the online help for more information about choosing how users access the Z and I Emulator for Web configuration server.
If you are in an environment that mandates or requires that your security components use Federal Information Processing Standards (FIPS)-certified components/modules, consider the following. For secure Telnet and FTP connections, Z and I Emulator for Web uses FIPS-compliant ciphers by default. If your environment requires the connection to an IBM System i host for file transfer or data transfer, ensure that your system meets the following requirements:
When you have a secure connection to an IBM System i host and are accessing the file transfer capabilities, you will be asked to enter the path and the password for the JSSE Trust Store. If you are performing data transfer to an IBM System i host, you will also see additional fields for entering the path and password for the JSSE Trust Store.
Another way to enter the path and password is to use a Run Applet that is provided with Z and I Emulator for Web. To do this, take the following steps:
You only need to configure the JSSE Trust Store oncec. It is a global setting that applies to all sessions. After you have entered the values, they persist until the browser is restarted.
The current version of Z and I Emulator for Web provides a menu option to enable or disable the FIPS mode for each session. By default, FIPS mode is enabled for all the sessions.
Z and I Emulator for Web is provided in multiple languages. The session windows, configuration panels, help files, and the documentation have been translated. In addition, display, keyboard, and processing support are provided in Arabic, Hebrew, Thai, and Hindi. This support is fully explained in the online help.
In Web Client, the UI globalization is reflected on the client side based on the preferred language and the default locale set by the administrator or the user locale set at the browser level; however, the properties set by the administrator takes precedence. If an unsupported locale is set as the browser default language at the client side, then the UI is displayed in English by default.
All the translated versions are provided in the download. When you install Z and I Emulator for Web on i/OS, OS/400, Windows, AIX, Linux, and Solaris using the graphical installation program, you can choose which languages to install. On z/OS, you can choose the language via console mode.
|
National language support is operating-system dependent, so the appropriate font and keyboard support for the language you want to use must be installed in the operating system. For example, if you want to use Korean as the host-session language but do not have the Korean font and keyboard support installed, you may not be able to display the correct characters. |
|
DBCS cannot be used as the HTML file name. |
The languages into which Z and I Emulator for Web has been translated are listed below, along with the language suffixes you can use to load translated versions of the Z and I Emulator for Web clients. For example, HTML pages have language extensions to identify different language installations and different language predefined HTML files, such as ZIEWeb_en.html for English.
Language | Language suffix |
Simplified Chinese | zh |
Traditional Chinese | zh_TW |
Czech | cs |
Danish | da |
Dutch | nl |
English | en |
Finnish | fi |
French | fr |
German | de |
Greek | el |
Hungarian | hu |
Italian | it |
Japanese | ja |
Korean | ko |
Norwegian | no |
Polish | pl |
Brazilian Portuguese | pt |
Portuguese | pt_PT |
Russian | ru |
Slovenian | sl |
Spanish | es |
Swedish | sv |
Turkish | tr |
Catalan | Ca |
Z and I Emulator for Web supports multiple code pages. You can specify these code pages on a session-by-session basis.
The code pages specified below are supported by the 3270 and 5250 emulators. You can select them in the Session Configuration window.
Country or region | Code page | Note |
Arabic Speaking | 420 | |
Austria | 273 | |
Austria (Euro) | 1141 | |
Belarus | 1025 | |
Belarus (Euro) | 1154 | |
Belgium | 037 | |
Belgium (Euro) | 1140 | |
Belgium (Old Code) | 274 | |
Bosnia/Herzegovina | 870 | |
Bosnia/Herzegovina (Euro) | 1153 | |
Brazil | 037 | |
Brazil (Euro) | 1140 | |
Brazil (Old) | 275 | |
Bulgaria | 1025 | |
Bulgaria (Euro) | 1154 | |
Canada | 037 | |
Canada (Euro) | 1140 | |
China (Simplified Chinese Extended) | 1388 | |
Croatia | 870 | |
Croatia (Euro) | 1153 | |
Czech Republic | 870 | |
Czech Republic (Euro) | 1153 | |
Denmark | 277 | |
Denmark (Euro) | 1142 | |
Estonia | 1122 | |
Estonia (Euro) | 1157 | |
Finland | 278 | |
Finland (Euro) | 1143 | |
France | 297 | |
France (Euro) | 1147 | |
FYR Macedonia | 1025 | |
FYR Macedonia (Euro) | 1154 | |
Germany | 273 | |
Germany (Euro) | 1141 | |
Greece | 875 | |
Hebrew (New Code) | 424 | |
Hebrew (Old Code) | 803 | |
Hindi | 1137 | 5250 display only |
Hungary | 870 | |
Hungary (Euro) | 1153 | |
Iceland | 871 | |
Iceland (Euro) | 1149 | |
Italy | 280 | |
Italy (Euro) | 1144 | |
Japan (Katakana) | 930 | |
Japan (Katakana Extended) | 930 | |
Japanese (Katakana Unicode Extended;JIS2004) | 1390 | 3270 only |
Japan (Latin Extended) | 939 | |
1399 Japanese (Latin Unicode Extended;JIS2004) | 1399 | |
Kazakhstan (Euro) | 1166 | |
Korea (Euro) | 1364 | 3270 only |
Korea (Extended) | 933 | |
Latin America | 284 | |
Latin America (Euro) | 1145 | |
Latvia | 1112 | |
Latvia (Euro) | 1156 | |
Lithuania | 1112 | |
Lithuania (Euro) | 1156 | |
Multilingual | 500 | |
Multilingual ISO (Euro) | 924 | |
Multilingual (Euro) | 1148 | |
Netherlands | 037 | |
Netherlands (Euro) | 1140 | |
Norway | 277 | |
Norway (Euro) | 1142 | |
Open Edition | 1047 | |
Poland | 870 | |
Poland (Euro) | 1153 | |
Portugal | 037 | |
Portugal (Euro) | 1140 | |
Romania | 870 | |
Romania (Euro) | 1153 | |
Russia | 1025 | |
Russia (Euro) | 1154 | |
Serbia/Montenegro (Cyrillic) | 1025 | |
Serbia/Montenegro (Cyrillic; Euro) | 1154 | |
Slovakia | 870 | |
Slovakia (Euro) | 1153 | |
Slovenia | 870 | |
Slovenia (Euro) | 1153 | |
Spain | 284 | |
Spain (Euro) | 1145 | |
Sweden | 278 | |
Sweden (Euro) | 1143 | |
Taiwan (Traditional Chinese Extended) | 937 | |
Taiwan (Traditional Chinese Extended; Euro) | 1371 | |
Thai | 838 | |
Thai (Euro) | 1160 | |
Turkey | 1026 | |
Turkey (Euro) | 1155 | |
Ukraine | 1123 | |
Ukraine (Euro) | 1158 | |
United Kingdom | 285 | |
United Kingdom (Euro) | 1146 | |
United States | 037 | |
United States (Euro) | 1140 |
Notes:
Language | Code page |
Arabic | ASMO 708 and ASMO 449 |
British | 1101 |
DEC Greek | |
DEC Hebrew | |
DEC Multinational Replacement Character Set | 1100 |
DEC Technical | |
Dutch | 1102 |
Finnish | 1103 |
French | 1104 |
French Canadian | 1020 |
German | 1011 |
Hebrew NRCS | |
ISO Greek Supplemental (ISO Latin-7) | 813 |
ISO Hebrew Supplemental | |
ISO Latin-1 | 819 |
Italian | 1012 |
Norwegian/Danish | 1105 |
PC Danish/Norwegian | 865 |
PC International | 437 |
PC Multilingual | 850 |
PC Portugese | 860 |
PRC GBK | 936 |
PC Spanish | 220 |
Spanish | 1023 |
Swedish | 1106 |
Swiss | 1021 |
United States | 1100 |
Code page | Character set |
000 | Auto Detect (default) |
437 | Latin-1 |
813 | ISO Greek (8859_7) |
819 | ISO Latin 1 (8859_1) |
850 | Latin 1 |
852 | Latin 2 |
855 | Cyrillic |
856 | Hebrew |
857 | Latin 5 |
864 | Arabic |
866 | Cyrillic |
869 | Greek |
874 | Thai |
912 | ISO Latin 2 (8859_2) |
915 | ISO Cyrillic (8859_5) |
920 | ISO Latin 5 (8859_9) |
The JIS2004 support can now be enabled by selecting the existing host code pages 1390 Japanese (Katakana Unicode Extended) and 1399 Japanese (Latin Unicode Extended). The following features are supported:
Functions not included due to Unicode formats not currently supported in ZIEWeb:
For double-byte character set (DBCS) languages, you can use customized user-defined character (UDC) mapping in your session (3270, 5250, 3270 host print) instead of the default mapping. You can create a UDC translation table using the UDC mapping editor to store customized mapping for your session. For instructions for how to use the UDC mapping editor to change your character mapping, see Using the user-defined character (UDC) mapping editor in the online help.
See Unicode Support for i/OS and OS/400.
This chapter discusses installing the following three Z and I Emulator for Web components:
You need the IBM Installation Manager to install Z and I Emulator for Web. IBM Installation Manager needs to be installed first in Administrator Mode on the system where Z and I Emulator for Web is planned to install. Then you can use the Installation Manager to install the Z and I Emulator for Web.
IBM Installation Manager Version 1.8.3 or higher is required to install Z and I Emulator for Web.
Refer to the instructions from the Installing or Updating Installation Manager for installing the Installation Manager. For more information about IBM Installation Manager, refer to the IBM Installation Manager Knowledge Center.
Ensure the machine on which the installation takes place meets all prerequisites.
To know more about the Detailed System Requirements for Z and I Emulator for Web, refer to the Product Documentation for ZIEWeb.
Check the list below for the preparation:
You can install Z and I Emulator for Web using the IBM Installation Manager on all the supported platforms. Using the Installation Manager (IM), you can install in using the IM GUI, command mode or Console Mode. Most platforms support the Installation Manager GUI except z/OS. To install on z/OS, you can use Console Mode or running BPXBATCH jobs.
Installation Manager GUI:
The publish directory must be available to clients. You can designate the path of the publish directory. Perform the following steps:
Uncheck the check box if you do not plan to use Configuration Servlet.
If you plan to use Configuration Servlet, select the application server from the list detected. The installation program automatically deploys the configuration servlet on the Web application server you designate, and it configures your clients to access the Service Manager through the servlet.
The Deployment Wizard is automatically installed as part of the Windows Z and I Emulator for Web server installation. It is also available separately for those customers who do not wish to install the entire Windows Z and I Emulator for Web server.
For z/OS and iSeries, the Deployment Wizard install package can be found on the ZIE server in the <install directory>/ZIEWeb/depwiz directory called DW.zip. This file can be downloaded to a Windows workstation and installed as a separate package.
On Windows platforms, the Deployment Wizard is installed automatically when Z and I Emulator for Web is installed.
To install and run the Deployment Wizard, perform the following tasks:
The Deployment Wizard image is shipped on all Z and I Emulator for Web server platforms, and it can be downloaded from the server and installed on any Windows machine.
There are two ways to download the Deployment Wizard from a Z and I Emulator for Web server, access via dashboard_xx.html page, where xx is your two-letter language suffix or ftp directly from the server. Downloading via dashboard_xx.html downloads through the web server. Here are the steps:
To download via ftp, follow these steps:
The ZIE Host Access Toolkit is installed separately for those customers who want to write their own Z and I Emulator for Web application.
Perform the following basic steps to install the ZIE Host Access Toolkit on a Windows system:
This chapter contains instructions of using Installation Manager console mode to install Z and I Emulator for Web on platforms that do not support a Graphical User Interface.
Linux, UNIX, and z/OS systems that do not support a graphical user interface (GUI), administrators can use the console-based interface of Installation Manager to install Z and I Emulator for Web.
Using console mode of IBM Installation Manager, you can work on the installation packages to complete the following tasks:
To start Installation Manager console mode, use the imcl utility available in the Installation Manager tools directory.
These installation steps cover a typical installation scenario by using console mode. During the installation session, console mode prompts are displayed specific to the package being installed. You can follow the options as they appear on the console screen to proceed with the installation.
The Installation Manager console mode interface uses these conventions:
The Installation Manager can be installed using the information given in the Installation Manager documentation Installing or updating Installation Manager.
In order to install Z and I Emulator for Web, the Installation Manager must be installed in Administrator mode. For more information about downloading Installation Manager see System Requirements for IBM Installation Manager and Packaging Utility, minimum level is 1.8.3 in order to install Z and I Emulator for Web.
For more information about using Installation Manager, refer to the IBM Installation Manager Knowledge Center.
Installation of Z and I Emulator for Web on IBM iSeries platforms is supported through the console mode of Installation Manager. The GUI mode of installation is not available on IBM iSeries.
Additional notes before Z and I Emulator for Web installation on IBM iSeries are listed below:
To begin the installation, you need to perform the following tasks:
To install ZIEWeb in the Console Mode, perform the following tasks:
imcl -c
.
On different operating systems, for example:
/opt/HCL/InstallationManager/eclipse/tools/imcl -c
/QHCL/ProdData/InstallationManager/eclipse/tools/imcl -c
\Program Files\HCL\Installation Manager\eclipse\tools\imcl.exe -c
/InstallationManager/bin/eclipse/tools/imcl -c
For more details on starting Installation Manager in console mode, refer to Starting console mode.
Typically, the Z and I Emulator for Web configuration menu has the following entries:
Port 8999 is the default port for Z and I Emulator for Web. Check with your system administrator to see if this port is occupied. If it is in use, you can change the port during the installation or later. For more information about changing the Service Manager port, see Changing the Service Manager's configuration port in the online help.
Enter the number associated with any of these options to change the respective settings. Refer to the remaining options on the screen to navigate.
The Deployment Wizard is automatically installed as part of the Windows Z and I Emulator for Web server installation. It is also available separately for those customers who do not wish to install the entire Windows Z and I Emulator for Web server. Users can select only Deployment Wizard Option during Installation.
Refer to Installing in the Console Mode for more details.
The ZIE Host Access Toolkit is automatically installed as part of the Windows Z and I Emulator for Web server installation. It is also available separately for those customers who do not wish to install the entire Windows Z and I Emulator for Web server. Users can select only ZIE Host Access Toolkit option during Installation.
Refer to Installing in the Console Mode for more details.
Installing Z and I Emulator for Web in silent mode enables you to use a script for the installation. You need to create a response file first before starting the Installation Manager using the response file.
For information about installing packages silently using Installation Manager version V1.8.3, refer to the following topics in the Installation Manager Information Center:
This section contains instructions of installing ZIEWeb in Silent Mode.
Perform the following tasks to install ZIEWeb in Silent Mode:
C:\Program Files (x86)\HCL\Installation Manager\eclipse>IBMIM.exe -record e:\recordResponse.xml
imcl.exe input response_file -log log_file
./imcl input response_file -log log_file
For more
details, see Installing a package silently
by using a response file.Similarly, for silent installation in an environment where Websphere Application Server is located, record the response file on a system where a similar Websphere Application Server setup is available.
If a response file recorded in an environment where Websphere Application Server is not installed, it is recommended to be used in environments where Websphere Application Server is not installed.
During the Z and I Emulator for Web installation, you can choose to have the configuration servlet installed and configured on i/OS, OS/400, Windows, AIX, Linux, and Solaris for IBM Application Server.
|
All Web servers and servlet engines are configured differently. Check your Web server and servlet engine documentation for servlet configuration details on your operating system. |
Installing the configuration servlet is necessary only if both of the following statements are true for your Z and I Emulator for Web deployment:
By default, the Z and I Emulator for Web clients use port 8999 to access configuration information from the Service Manager. If any of your clients are outside the firewall, the firewall administrator needs to open port 8999 both internally and externally. However, you can avoid opening this port by customizing your clients to use the configuration servlet to access configuration information.
During Z and I Emulator for Web installation on Windows, AIX, Linux, and Solaris, the install utility searches your system for an instance of WebSphere Application Server. If it detects an instance, the install utility can automatically install and configure the configuration servlet on WebSphere Application Server Versions 5.1, 6.0, 6.1 and 7.0.
For platforms that do provide an installation program such as System z and others, you will need to manually install the configuration servlet. Refer to your WebSphere Application Server documentation for steps on installing enterprise applications. You can also go to http://www.ibm.com/software/webservers/ and navigate to the WebSphere Application Server support page, where you can find a link to the documentation of your version.
The Z and I Emulator for Web configuration servlet EAR file, cfgservlet.ear, is located in the lib directory of your Z and I Emulator for Web installation.
|
For WebSphere Application Server 5: After you save your deployment settings in the administrative console, you need to start the Z and I Emulator for Web configuration servlet in the Enterprise Applications window of WebSphere Application Server. Then go to the Environment window and select Update Web Server Plug-in. |
After the configuration servlet is installed, you can configure your clients to use the configuration servlet instead of directly accessing the Service Manager. You can use the Deployment Wizard to build customized HTML client pages. The wizard sets the applet parameters in the HTML based on your input, so you do not have to learn the syntax and valid parameter values. HCL recommends that you use the Deployment Wizard to set the ConfigServerURL parameter in the client HTML to ZIEConfig/ZIEConfig/zieweb.
For more information regarding configuration servlet parameters, configuration and examples, see Configuring the configuration servlet in the online help.
You can use the Installation Manager GUI to uninstall the Z and I Emulator for Web Version 2.0. Follow the steps below for the uninstallation:
You can use console mode to uninstall packages. To uninstall, the user must be the administrator or log in with the administrator privilege.
Perform the following tasks to uninstall ZIEWeb in the Installation Manager Console Mode:
: imcl -c
and press EnterAfter installing Z and I Emulator for Web, you need to create HTML files and configure Z and I Emulator for Web sessions for your users.
|
Z and I Emulator for Web provides a sample HTML file
of ready-to-use 3270, 5250, VT, and FTP emulator sessions pre-configured
with Java auto-detection components. These
sessions use the HTML-based configuration model and are provided to
allow you to get Z and I Emulator for Web up and running and access your host
systems quickly. To use these emulator sessions, take the following
steps:
|
The best way to create and set up your HTML files for Z and I Emulator for Web is to use the Deployment Wizard. The Deployment Wizard allows you to easily create custom HTML files that contain all of the Z and I Emulator for Web features tailored for your environment. The following is a list of some of the many features that can be configured using the Deployment Wizard:
|
To use the Web Start client, you need to use the Deployment Wizard. Predefined files for this client type are not provided. |
In addition to setting up your HTML files, you need to define sessions for your users. If you are using the HTML-based model, then you configure your sessions in the Deployment Wizard at the same time that you create the HTML files. Otherwise, if you are using the configuration server-based model or the combined model, or using one of the predefined clients, you will need to create groups, users, and sessions in the configuration server using one of the administration clients.
There is a full range of options available to you when you are configuring your sessions, regardless of whether you need to use the Deployment Wizard or one of the administration clients:
The Deployment Wizard runs on Windows and Linux platforms. To start the Deployment Wizard, select one of the following ways:
The Deployment Wizard Welcome window appears.
The Deployment Wizard guides you through configuration choices and provides comprehensive help for the features. When you have finished selecting features, the Deployment Wizard creates the HTML and supporting files for you. These files need to be placed on the Z and I Emulator for Web server in a directory known to your Web server; usually, this directory is your Z and I Emulator for Web server's publish directory.
If your Z and I Emulator for Web server is on a Windows or IBM System i platform, you might be able to write your Deployment Wizard HTML and configuration files directly to your Z and I Emulator for Web server's publish directory. On the final screen of the Deployment Wizard, you can select where to write the generated files. You may select any local or network drive accessible by the machine where your Deployment Wizard is running. In this case, you would direct the Deployment Wizard output to a publish directory on the Z and I Emulator for Web server and specify an output format of HTML. Assuming that you have already defined your sessions, the HTML page is then ready to be accessed by your users.
Otherwise, if your Deployment Wizard cannot directly write to your Z and I Emulator for Web server, then you should select to have the Deployment Wizard generate a zip file for the output format. The Deployment Wizard will then produce a single zip file containing all of the HTML and supporting files. You will need to move the zip file to the Z and I Emulator for Web server and use DWunzip to explode the zip file into the desired publish directory. Assuming that you have already defined your sessions, the HTML page is then ready to be accessed by your users.
Z and I Emulator for Web supplies several predefined clients for administering Z and I Emulator for Web and creating new user accounts. Before accessing an emulator client or a Database On-Demand client that uses the configuration server-based or combined deployment models, you need to add users and configure sessions for them with one of the administration or full administration clients.
To load an administration or new user client, do one of the following:
http://server_name/zie_alias/client_name.html
where server_name is
the host name or IP address of the Z and I Emulator for Web server, zie_alias is the alias (or path) of the publish
directory, and client_name is the HTML file
name of the administration or new user client.
To log on as the administrator the first time after the initial installation:
Administration clients enable you to perform the following tasks for data stored on the configuration server:
Administration clients run on all Z and I Emulator for Web client platforms except the Macinstosh operating system. If you are creating HTML files in the Deployment Wizard using either the configuration server-based or combined models, you need to configure sessions on the configuration server using an administration client. Refer to Basic Configuration Steps in the online help for more detailed information about configuring the Z and I Emulator for Web configuration server.
Z and I Emulator for Web supplies the following predefined administration and full administration clients:
The Directory Utility is a Java application the administrator can use to manage user, group or session configuration information. This information is stored either in the Z and I Emulator for Web default data store, or in an LDAP directory. This utility is only useful in the environment where the Configuration Server-based model is in use. The Directory Utility enables you to add, delete, or update large numbers of users, groups, or sessions in a batch mode environment instead of using the Administration client. The Directory Utility reads an XML ASCII file that contains the following actions to be performed on users, groups, or sessions defined to the Configuration Server:
|
Searches performed with the list action are either user-based (returning user-specific information) or group-based (returning group-specific information). LDAP environments, however, support only user-based searches. |
For more information, see Using the Directory Utility in the online help.
If the administrator has enabled Allow users to create accounts in the Users/Groups window, users can use the predefined new user clients to create new accounts. See the Enabling users to create accounts topic in the online help for more information about this client.
The following new user clients are supplied with Z and I Emulator for Web:
This chapter discusses issues that you need to be aware of when configuring and using Z and I Emulator for Web terminal emulator clients.
|
Z and I Emulator for Web provides a sample HTML file of ready-to-use 3270, 5250, VT, and FTP emulator sessions pre-configured with Java auto-detection components. These sessions use the HTML-based configuration model and are provided to allow you to get Z and I Emulator for Web up and running and access your host systems quickly. For more information, refer to Configuring Z and I Emulator for Web emulator clients. |
To load a Z and I Emulator for Web emulator client, a user starts a Web browser and enters in the Address field the URL of a Z and I Emulator for Web HTML file. The Z and I Emulator for Web HTML file must be one of the following:
HCL recommends the first option. For more information on the Deployment Wizard, see the Deployment Wizard topic in the online help.
|
If your emulator client is deployed with the configuration server-based or combined deployment model, you need to add users and configure sessions with the administration client before you can use the emulator client. |
To launch HTML files generated by the Deployment Wizard, specify the full URL of the HTML file in your browser:
http://server_name/zie_alias/client_name.html
where server_name is the host name or IP address of the Z and I Emulator for Web server, zie_alias is the alias (or path) of the publish directory, and client_name is the HTML file name of the client. For example, if you created an HTML file in the Deployment Wizard called 3270sessions.html, you can load it by specifying a URL such as the following:
http://host.yourcompany.com/zieweb/3270sessions.html
To launch a predefined HTML file included with Z and I Emulator for Web, point your browser to dashboard_xx.html file, where xx is your two-letter language suffix, to view links to all the available predefined clients. dashboard_xx.html is located in the publish directory.
When you access a client, a security warning appears to notify you that Z and I Emulator for Web was created by HCL Technologies Ltd. Users must grant Java security privileges for this session or any future sessions by clicking the appropriate buttons in order for Z and I Emulator for Web to work properly.
The types of Z and I Emulator for Web clients that you use depend on your computing environment and your personal preferences.
Web Start clients are stored locally and load faster (unless an updated version of the client is being downloaded from the Web server). You can use them equally well over network and dial-up connections. Web Start clients take up more local disk space , but on most machines this is not a problem.
The Web Start client allows users to run Z and I Emulator for Web sessions without a browser. Users start Z and I Emulator for Web sessions from the Java Web Start Application Manager. If a user closes the Z and I Emulator for Web desktop and there are active sessions running, the user is prompted to make sure he wants to close all sessions.
You can use Web Start in the same Z and I Emulator for Web environment.
To use the Web Start client, you need to use the Deployment Wizard to generate your HTML file.
The Java Web Start client allows users to start Z and I Emulator for Web without a browser. You need to use the Deployment Wizard to generate a HTML file for the Web Start client. The HTML file generated by the Deployment Wizard points to a Java Network Launch Protocol (JNLP) file. The JNLP file defines a Java Application, including parameters passed to the application and the archives that contains class files used by the application. The JNLP file and the associated archives are stored on a Web server.
When a user points to the JNLP file, the browser launches the Web Start application on the client computer. It downloads the associated archives, checks to insure that the minimum required JRE is present (if specified), stores the archives on the user's machine, sets up icons to represent the application, and launches the application.
Users can start Z and I Emulator for Web sessions from the Java Web Start Application Manager. By using the Java Web Start Application Manager, Z and I Emulator for Web sessions do not depend on a browser. Therefore, closing a browser does not end a Z and I Emulator for Web session. If the user attempts to close the Z and I Emulator for Web desktop and there are active sessions running, the user is prompted to make sure he wants to close all sessions. If so, the sessions are terminated cleanly to prevent problems that occur when there are sessions running in the browser and the browser is abruptly closed.
After the initial launch of the application, you can either point the Web browser at the JNLP file again, or click the mouse on the icons created on the client machine. After Web Start is restarted, it checks the Web server for updates to the archives and downloads any updated files.
Java Web Start is bundled with JRE 1.8 or higher versions of the Java Runtime Environment. For more information about Java Web Start, refer to http://www.javasoft.com. Z and I Emulator for Web Version 2.0 recommends Java 1.8 or higher.
The ZIEWeb Web Start client has the following requirements:
There are two ways to install the Web Start client. Typically, users install it from a Z and I Emulator for Web server over the network, either with or without using a Web browser. Alternatively, users can install it from a LAN or DVD drive, although this requires a small additional download over the network. Regardless of how users install the Web Start client, once it is installed and in the Java Web Start Application Manager, they can start it by clicking the appropriate icon in the Application Manager.
Users can install the Web Start client from the Z and I Emulator for Web server either with or without using a browser.
To install the Web Start client using a Web browser, users can perform the following steps:
The Web Start client begins installing immediately. A window shows the progress of the installation. The upper progress bar of this window shows the status of individual files as they download, while the lower progress bar shows the status of the overall installation.
For Windows users, distribute the JNLP file that was generated from the Deployment Wizard (for example, myzieweb.jnlp) to your end users. Once the file is distributed, users can type start myzieweb.jnlp to start the Web Start application and begin installing the Z and I Emulator for Web client. Since the file extension '.jnlp' will be registered to the Web Start application, the Web Start application will start, read the file, and download all the appropriate archive files from the Z and I Emulator for Web server that was specified in the Deployment Wizard-generated JNLP file. The Z and I Emulator for Web Web Start client will start when the download completes.
If you have not distributed the JNLP file to Windows users or your clients are running platforms other than Windows, users can still download the Web Start client without a Web browser by starting the Java Web Start Application Manager directly and pointing to the JNLP file on the Web server.
For Windows clients, users can perform the following steps:
For Linux clients, a user can type /javaws http://ZIEServer/ZIEAlias/myzieweb.jnlp to install and run the Z and I Emulator for Web session. A Z and I Emulator for Web icon appears in the Java Web Start Application Manager. Users can double-click this icon to launch Z and I Emulator for Web.
In order to reduce network traffic and minimize download times, some companies wish for users to install the Web Start client from a LAN or DVD. The Web Start client requires an additional component that must be installed directly from the Z and I Emulator for Web server over a network.
Installing the Web Start client involves two steps for the administrator followed by two steps for the end user.
First, the administrator should perform the following two steps:
Second, once you have published your HTML file, users should perform the following two steps:
The administrator must register the JNLP extension as a mimetype with the Web server so the browser knows to launch the Web Start application. For example, the following sections describe how to configure Apache HTTP Server, IBM HTTP Server, and Microsoft IIS.
To configure the Apache HTTP Server or IBM HTTP Server for Web Start, add the following line to mime.types:
AddType Application/x-java-jnlp-file .jnlp
To configure Microsoft IIS for Web Start, complete the following steps:
After the initial install of the Web Start client, if users point their browsers to the HTML file generated by the Deployment Wizard and updates are available on the Z and I Emulator for Web server, Z and I Emulator for Web prompts users to update. If users want to update, Java Web Start downloads the updated archive files and launches Z and I Emulator for Web. If users decline to upgrade, Z and I Emulator for Web prompts them again the next time they launch the HTML file.
If users request a function that is not installed on the Java Web Start client, Z and I Emulator for Web prompts them to install the additional components required for that function. If they choose to install the additional components, they must restart the Z and I Emulator for Web client to use them.
Since the Web Start client runs outside of a browser, bookmarking is disabled since bookmarking is a browser feature. Administrators can create Web Start clients that give users the same look as running an embedded bookmarked session by doing the following:
If you want to use HTTPS with the Web Start client, the certificate authority used for your secure HTTP connection should come from a well known root authority. When you use Z and I Emulator for Web as an applet and use an HTTPS connection, you are given the opportunity to trust the certificate used for the HTTPS connection if the root authority is not known by the browser. Since Java Web Start runs as an application, this browser facility is not available. The Java Virtual Machine used by Java Web Start contains several root authorities that it trusts. If the certificate that comes from the HTTPS connection has a root authority of one of these authorities known by the JVM, the secure connection can be established. If you want to use a certificate authority other than ones known by the JVM by default, for example, a self-signed certificate, you need to import the certificate into the keystore of the JVM for each of the clients accessing this Java Web Start client. This is required to establish the secure HTTP connection.
To remove the Web Start client, complete both of the following steps:
Customer-supplied Java classes and archives are Java class files and archive files that are not included either as part of the Z and I Emulator for Web client or as part of the Java Runtime Environment. Examples of such files are Java classes or archives that you yourself have implemented or that you have obtained from third parties.
You would want to deploy such classes or archives for use with the emulator client in the following situations:
|
For Java limitations on running customer-supplied applets, see Limitations with customer-supplied applets and Java. |
Although several methods are available for deploying these files, each method works only under certain circumstances. The possible methods are:
The deployment method you choose depends on:
The three methods available for deploying customer-supplied Java archives and classes are described in the following sections. In addition, Hints and tips for archive files provides more information about using archive files.
You can use this method when you want to deploy Java archives to a Z and I Emulator for Web server. This method works for the Web Start client.
Java archives must be Java .JAR files.
The advantage of using the AdditionalArchives HTML parameter is that it causes your Java archives to be downloaded to the user's workstation automatically when one of your users connects with the client HTML file on your Z and I Emulator for Web server.
The disadvantage of this method is that these Java archives or class files will be downloaded again every time a user connects to that HTML file . The reason for downloading the archives every time your user connects is to ensure that the Z and I Emulator for Web client has the latest versions of your archives or class files. As a result, this method works best when the Java archives or class files are relatively few and relatively small, so that your users do not have to wait a long time for these files to be downloaded, and so that downloading these files to your users does not place a heavy load on your Web server.
To use this method, perform the following steps:
myCustomA,myCustomB,MyCustomC
For more information, see AdditionalArchives in the online help.
This method works in the following situation:
To use this method, place the archives in your Z and I Emulator for Web publish directory. The default publish directory is the subdirectory ZIEWeb in your Z and I Emulator for Web server's install directory, such as c:\Program Files\HCL\ZIEForWeb\ZIEWeb\.
The following hints and tips might provide helpful information about using archive files:
The Database On-Demand client is a Java applet that allows an end user to build SQL statements and File Upload statements, to send these SQL statements and File Upload statements to a remote database server, and to retrieve the results of SQL queries (SQL Select statements) from the remote database server.
The user can communicate with a database server running on an IBM System i server or other platform, so long as the proper Java Database Connectivity (JDBC) driver is installed on the Database On-Demand client workstation. For more information refer to Obtaining and installing a JDBC driver in this manual.
Features of Database On-Demand include:
The Database On-Demand client is available only through one of three predefined client HTML files (see Database On-Demand predefined clients). You cannot use the Deployment Wizard to create a Database On-Demand client.
However, as an alternative to the Database On-Demand client, you can now use database functions in Z and I Emulator for Web emulation clients and in macros (see Database functions in Display Emulation clients and in macros).
For more information see Overview of database access in the Z and I Emulator for Web online help.
The Database On-Demand client exists in a Java version. Therefore:
This Database On-Demand client can take advantage of the advanced capabilities of the Java plug-in.
As an alternative to the Database On-Demand client, almost all of the functions that are available in the Database On-Demand client are now also available in the display emulation client, including the following session types:
You can also use SQL statements and File Upload statements in macros in display emulation client sessions (see the SQLQuery action and the File Upload action in the Macro Programming Guide).
For example, while you are connected to a remote host in a 3270 Display session, you can launch a macro that automatically reads data from the 3270 Display session window and writes the data into a table in a database that is located on another remote host. Similarly, you can launch a macro that automatically reads data from a table in a remote database and writes the data into the 3270 Display session window.
For more information see Overview of database access in the Z and I Emulator for Web online help.
To start a Database On-Demand client on the client workstation, use one of the following two methods:
http://server_name/zie_alias/client_name.html
where server_name is the host name or IP address of
the Z and I Emulator for Web server, zie_alias is
the alias of the publish directory, and client_name
is the name of the HTML file. For example, assuming that www.myZIEServer.com
is your Z and I Emulator for Web server and that zieweb is the
alias of the publish directory, then the URL for the download version
of the Database On-Demand client is:
http://www.myZIEServer.com/zieweb/database.html
http://server_name/zie_alias/dashboard_xx.html
where server_name and zie_alias have the same meanings as above. In
the name of the file dashboard_xx, the xx is a two-letter mnemonic for the language that
you want to use. For example, for English, the file is named dashboard_en.html,
and the full URL is (assuming the same server and alias as above):
http://www.myZIEServer.com/zieweb/dashboard_en.html
The Database On-Demand client is available through any one of three predefined client HTML files. You cannot use the Deployment Wizard to create a Database On-Demand client HTML file. The predefined clients are described below.
"Download" means that all the client code is downloaded to the client workstation each time the end user starts the Database On-Demand client.
|
Use the problem determination client only if you are working with HCLto resolve a problem with your Z and I Emulator for Web installation. |
To configure Database On-Demand for users, follow these steps:
If you want to create predefined SQL statements and File Upload statements for users and groups, follow these steps:
To connect to a database server running on a remote host, the end user needs a Java Database Connectivity (JDBC) driver installed on the client workstation.
The Z and I Emulator for Web client and the Database On-Demand client already include a JDBC driver from the IBM AS/400 Toolbox for Java. This driver allows a client to access a DB2/400 database on a properly configured IBM System i or AS/400 host system. You do not need to register or deploy this driver.
If you need a different JDBC driver:
The end user selects a file type for an SQL statement or a File Upload statement on the Output tab of the SQL Wizard window or on the File tab of the File Upload window.
For information on file formats, see File formats for database access in the Z and I Emulator for Web online help.
If you wish to use multiple code pages with Database On-Demand, you need to add jar or cab files to your HTML file. Only those code pages that correspond to the language of the HTML file are automatically loaded. For example, if you are running from a French computer, but you want to access a Dutch host, you need to make these modifications.
Edit the CommonJars.js file. Use jar file names, even if your clients will be using Internet Explorer (the names will be converted to cab file names later).
The following table lists the supported Database On-Demand client code page languages, the corresponding .jar file names, and the component names:
Code page language | .JAR file name | Component name |
Arabic | hacpar.jar | HACPAR |
Czech, Hungarian, Polish, Slovenian | hacpce.jar | HACPCE |
Danish, Finnish, Dutch, Norwegian, Swedish | hacp1b.jar | HACP1B |
German, Spanish, French, Italian, Portuguese, Brazilian Portuguese | hacp1a.jar | HACP1A |
Greek | hacpgr.jar | HACPGR |
Hebrew | hacphe.jar | HACPHE |
Japanese | hacpja.jar | HACPJA |
Korean | hacpko.jar | HACPKO |
Russian | hacpru.jar | HACPRU |
Simplified Chinese | hacpzh.jar | HACPZH |
Thai | hacpth.jar | HACPTH |
Turkish | hacptr.jar | HACPTR |
Traditional Chinese | hacptw.jar | HACPTW |
Server macro libraries are available for the HTML model pages and Config model users. For the HTML page, users can use Deployment wizard to customize the server macro library; for the Config model, users can use the Z and I Emulator for Web admin console. GUI based configuration allows the administrator to configure for each session. For the administrator to configure for all the sessions defined, use the HTML parameter SetServerMacroLibraryPath.
The value of SetServerMacroLibraryPath is share path or relative path. You can use the values to create and maintain a central repository of macros for users to access from their Z and I Emulator for Web sessions. These macros are downloaded to the user's machine only when it is needed. When you make changes to a server macro, users automatically get your updates the next time when they access the macro.
Server macro libraries have several benefits:
Server macro libraries can reside on a Web server or on a shared network drive. For both types of libraries, you can control which macros are available to particular Z and I Emulator for Web sessions. If you use a Web-based macro library, you need to create a text file that identifies the specific macros that you want to be available for the session that you are configuring. If you use a shared drive-based macro library, then all the files in the specified directory will be available to the session. Users will not be allowed to write to a Web-based macro library, but they may update a shared drive-based macro library if they have write-access.
macro1.mac
macro2.mac
macro3.mac
Be sure to note the following rules:
When users open their sessions, they can use the Play Macro or Available Macros windows to see the macros specified in the list that you created for their session. These macros are available when users select Server library as their macro location. The Server library location is only available if you have configured the session to use a server macro library.
When users open their sessions, they can use the Play Macro or the Available Macros windows to see a list of the macros in the directory. These macros are available when users select Server library as their macro location. The Server library location is only available if you have configured the session to use a server macro library.
Z and I Emulator for Web sessions are defined by the administrator and retrieved by the Z and I Emulator for Web client when a user accesses a Z and I Emulator for Web HTML file. The session properties a user sees are fixed values and consist of a combination of the administrator's initial configuration and any user updates. However, there may be times when it would be useful with some HTML files, or with certain session properties, to dynamically set a value at the time that the HTML is accessed. This type of control allows you to set particular session property values based on information such as the IP address of the client or the time of day.
In order to dynamically set session properties at the time the HTML is accessed, the administrator must write a program that runs on the Web server and effectively modifies the HTML just before it is sent to the client. Even though the initial session properties are not defined in the HTML, Z and I Emulator for Web provides the capability to override many of the session properties in the HTML. These override values are always used by the client and take precedence over both the initial session properties setup by the administrator, as well as any updates for the property made by the user. The HTML override value is never stored, so the client will return to using prior settings for the property whenever the administrator removes the override. Also, the overridden property is locked so a user cannot change it.
There are many ways in which an administrator could write a program to dynamically set one or more session properties using the HTML overrides, such as using Java Server Pages (JSP), servlets, Perl, REXX, or Active Server Pages (ASP). This chapter takes you through a couple of examples that focus on common administrator issues. These examples are meant to demonstrate the syntax and technique of overriding particular properties. These mechanisms apply to whichever programming approach the administrator may choose.
The initial HTML file should be created using the Deployment Wizard, which will allow you to set up the features that are important to you, such as the size of the downloaded code and the functions available to your users. The following sections describe the HTML parameters you will need to include. However, keep in mind that the exact format required for these parameters will vary depending on the format of the HTML. Note that in Z and I Emulator for Web , some of the HTML is generated using JavaScript, and HTML parameters are specified within a JavaScript array or using JavaScript document.write statements.
To set the code base when creating an HTML using the Deployment Wizard, do the following:
The HTML file is now located in the same directory with the Z and I Emulator for Web's archive files.
Code base refers to the installed Z and I Emulator for Web publish directory and not the directory where Deployment Wizard files are published. Although you can enter a fully qualified URL in the Code base field, we strongly recommend that you enter the relative path /zieweb/ for the default publish directory when modifying session properties dynamically. If you enter a fully qualified URL, any users who specify the host name in a different manner than you specified as the Code base will not be able to access the files, even if the DNS entries resolve to the same IP address.
Add a parameter to the HTML file called ConfigBase. Similar to defining /zieweb/ as the Codebase in Setting the Code base, the ConfigBase parameter is necessary because you will eventually deploy your JSP file to a location that is different than the default publish directory, and the Z and I Emulator for Web applet needs to know how to find the session configuration files located in the zieforweb/ZIEWeb/ZIEWebData directory. These files are created at the same time you save your Deployment Wizard HTML file to the publish directory. Unlike Codebase, the ConfigBase parameter requires a fully qualified URL. ConfigBase is a term that is specific to Z and I Emulator for Web.
|
For more information, refer to Developing JavaServer Pages files with WebSphere extensions. |
There are several steps you need to follow in order to dynamically set session properties (the examples shown later in this chapter will help clarify how some of these parameters should be specified):
The following table describes the session properties that can be overridden and gives the acceptable values for each parameter:
Parameter name | Description | Valid values |
---|---|---|
Host | Host name or IP address of the target server. Appears as "Destination address" on property panels. Applies to all session types. | Host name or IP address. |
HostBackup1 | Host name or IP address of the backup1 server. Appears as "Destination address" of backup1on property panels. Applies to all session types. | Host name or IP address. |
HostBackup2 | Host name or IP address of the backup2 server. Appears as "Destination address" of backup2on property panels. Applies to all session types. | Host name or IP address. |
Port | The port number on which the target server is listening. Appears as "Destination port" on property panels. Applies to all session types. | Any valid TCP/IP port number. |
PortBackup1 | The port number on which the backup1 server is listening. Appears as "Destination port" of backup1 on property panels. Applies to all session types. | Any valid TCP/IP port number. |
PortBackup2 | The port number on which the backup2 server is listening. Appears as "Destination port" of backup2 on property panels. Applies to all session types. | Any valid TCP/IP port number. |
CodePage | The codepage of the server to which the session will connect. Appears as "Host Code-Page" on property panels. Applies to all session types except FTP. | The numeric portion (for example, 037) of the supported host codepage listed in the session property panel. |
SessionID | The short name you want to assign to this session (appears in the OIA). It must be unique to this configuration. Appears as "Session ID" on property panels. Applies to all session types. | One character: A-Z. |
LUName | The name of the LU or LU Pool, defined at the target server, to which you want this session to connect. Appears as "LU or Pool Name" on property panels. Applies to 3270 Display and 3270 Printer session types. | The name of an LU or LU Pool. |
LUNameBackup1 | The name of the LU or LU Pool, defined at the backup1 server, to which you want this session to connect. Appears as "LU or Pool Name" of backup1 on property panels. Applies to 3270 Display and 3270 Printer session types. | The name of an LU or LU Pool. |
LUNameBackup2 | The name of the LU or LU Pool, defined at the backup2 server, to which you want this session to connect. Appears as "LU or Pool Name" of backup2 on property panels. Applies to 3270 Display and 3270 Printer session types. | The name of an LU or LU Pool. |
WorkstationID | The name of this workstation. Appears as "Workstation ID" on property panels. Applies to 5250 Display and 5250 Print session types. | A unique name for this workstation. |
ScreenSize | Defines the number of rows and columns on the screen. Appears as "Screen Size" on property panels. Applies to 3270 Display, 5250 Display, and VT Display session types. |
|
SLPScope | Service Location Protocol (SLP) Scope. Appears as "Scope" under "SLP Options" on property panels. Applies to 3270 Display, 3270 Printer, 5250 Display, and 5250 Printer session types. | Contact your administrator to get the correct value for this field. |
SLPAS400Name | Connects a session to a specific IBM System i. Appears as "iSeries Name (SLP)" on property panels. Applies to 5250 Display and 5250 Printer session types. | The fully-qualified SNA CP name (for example, USIBMNM.RAS400B). |
FTPUser | Specifies the user ID the session uses when connecting to the FTP server. Appears as "User ID" on property panels. Applies to FTP session types. | A valid user ID. |
FTPPassword | Specifies the password the session uses when connecting to the FTP server. Appears as "Password" on property panels. Applies to FTP session types. | A valid password. |
UseFTPAnonymousLogon | Enables the session to log in to an FTP server using anonymous as the user ID. Appears as "Anonymous Login" on property panels. Applies to FTP session types. | Yes or No. |
FTPEmailAddress | Specifies the e-mail address to use when connecting to the FTP server while using Anonymous Login. Appears as "E-mail Address" on property panels. Applies to FTP session types. | A valid e-mail address. |
PromptForDestinationAddress | Specifies whether to prompt the user for the destination address to use when connecting to the FTP server. Appears as "Destination Address" on property panels. Applies to FTP session types. | yes or no |
CICSInitialTransEnabled | Enables an initial transaction to be started when a CICS Gateway session is established. | true or false |
CICSInitialTrans | Specifies the name of the initial transaction to be started upon connection to a CICS host. Applies to CICS Gateway sessions only. The CICSInitialTransEnabled parameter must be set to true for the specified transaction to be started. | Valid transaction identifiers are strings of between 1 and 128 characters. The string identifies the initial transaction and any parameters to be run upon connection to the server. The first four characters, or the characters up to the first blank in the string are taken as the transaction. The remaining data is passed to the transaction on its invocation. |
Netname | The name of the terminal resource to be installed or reserved. If this field is blank, the selected terminal type is not predictable. Applies to CICS sessions only. | A valid terminal resource name. |
Any errors encountered in processing the HTML parameters are displayed in the Java Console.
Administrators may want to avoid specifying LU names directly in session definitions. This example shows a simple way of using the IP address of the client to look up an LU name listed in a text file and use it as an override value in a session.
This example is written using JSP. The Deployment Wizard was used to create an HTML file that contains two sessions named 3270 Display and 5250 Display. Note that in Z and I Emulator for Web 7 and later, some of the HTML is generated using JavaScript, and HTML parameters are specified within a JavaScript array or using JavaScript document.write statements. Also, the format of the HTML varies according to the client .
This example uses a cached Java page to start from with the needed changes for HTML overrides in bold. When the Deployment Wizard is used to generate a cached Java2 page it generates the following files:
A Macintosh client makes use of the Example_J2.html page.
A file (c:\luname.table) is read that contains IP address/LU name pairs. The IP address of the client is used to look up the proper LU name, which is overridden in the "3270 Display" session. See the comments in the example for more detail. The lines added to the Deployment Wizard output are displayed in bold.
<!doctype html public "-//W3C//DTD HTML 3.2 Final//EN">
<%
// Read the luname.table file into a properties variable.
// The luname.table file contains lines in the following format:
// ipaddress=luname
Properties lunames = new Properties();
lunames.load(new FileInputStream("c:\\luname.table"));
%>
<HTML>
<HEAD>
<META http-equiv="content-type" content="text/html; charset=UTF-8">
<!-- TITLE Begin -->
<TITLE>Example1 page title</TITLE>
<!-- TITLE End -->
<!-- SUMMARY Begin -->
<!--
Configuration Model
What configuration model would you like to use?
-HTML-based model
Host Sessions
-3270 Display
-5250 Display
Additional Options
-Cached = Cached client
-Java Type = java2
Disable Functions
Preload Options
-5250 Sessions = True
-Change Session Properties = True
-3270 Sessions = True
Web Start Options
Basic Options
-Debug = False
-Height (in pixels) = 250
-Width (in pixels) = 550
Upgrade Options
-Percent of users who can upgrade by default = 100
-Prompt user (user decides foreground or background)
Advanced Options
HTML parameters
-None
Code base
- /zieweb/
HTML templates
-Default
Problem determination
-Debug = False
User updates
-Persist user updates? = True
Appearance
-Standard Z and I Emulator for Web Client
Server connection
Language
-Locale = Use the system Locale
Maximum sessions
- 26
-->
<!-- SUMMARY End -->
</HEAD>
<CENTER>
<P>
<SCRIPT LANGUAGE="JavaScript">
function writeAppletParameters()
{
return "";
}
</SCRIPT>
<SCRIPT LANGUAGE="JavaScript" SRC="/zieweb/ziewebversion.js"></SCRIPT>
<SCRIPT LANGUAGE="JavaScript" SRC="/zieweb/CommonJars.js"></SCRIPT>
<SCRIPT LANGUAGE="JavaScript" SRC="/zieweb/CommonParms.js"></SCRIPT>
<SCRIPT LANGUAGE="JavaScript" SRC="/zieweb/CommonJ2Parms.js"></SCRIPT>
<SCRIPT LANGUAGE="JavaScript">
var db = parent.location;
var zie_Locale = '';
var zie_AppName ='';
var zie_AppHgt = '340';
var zie_AppWid = '550';
var zie_CodeBase = '/zieweb/';
var zie_Comps = 'HABASE;ZIEBASE;ZIEIMG;HACP;HAFNTIB;HAFNTAP;HA3270;ZIECFG;HA5250';
var zie_Archs = 'habasen.jar,ziebasen.jar,zieimg.jar,hacp.jar,hafntib.jar,hafntap.jar,
ha3270n.jar,ziecfgn.jar,ha5250n.jar';
var zie_URL = new String(window.location);
var zie_DebugOn = false;
var hZie_AppletParams = new Array;
hZie_AppletParams[1] = '<PARAM NAME="ShowDocument" VALUE="_parent">';
hZie_AppletParams[3] = '<PARAM NAME="ParameterFile" VALUE="ZIEWebData\\Example1\\params.txt">';
hZie_AppletParams[4] = '<PARAM NAME="JavaScriptAPI" VALUE="false">';
hZie_AppletParams[5] = '<PARAM NAME="BookmarkPage" VALUE="Example1.html">';
// The next 2 lines are required in order to override session properties.
// The first line turns on the processing for this function and does not
// need to be modified. The second line identifies the sessions that you
// want to change. In this example, there are 2 sessions identified
// named: "3270 Display" and "5250 Display".
hZie_AppletParams[6]='<PARAM NAME="EnableHTMLOverrides" VALUE="true">';
hZie_AppletParams[7]='<PARAM NAME="TargetedSessionList" VALUE="3270 Display,5250 Display">';
// The following line changes the LUName session parameter for the session named
// "3270 Display". In this example, the LUName is being set to the value
// contained in the c:\luname.table for the IP address of the client.
// When you are initially testing your changes, you may want to use a constant
// value to verify that the syntax is correct before you insert your
// calculations.
hZIe_AppletParams[8]='<PARAM NAME="Luname" VALUE="3270
Display=<%=lunames.get(request.getRemoteAddr())%>">';
//hZie_AppletParams[x] = '<PARAM NAME="DebugCode" VALUE="65535">';
var pg = buildJ2Page(db);
pg += writeAppletParameters();
pg += '</APPLET>';
if(zie_DebugOn) alert('J2 page complete, result = \n' + pg);
document.write(pg);
</SCRIPT>
</CENTER>
</BODY>
</HTML>
Administrators may also want to use HTML forms to specify override values rather than calculating them. The following example displays a simple form for entry of a host name. The form posts to a JSP program which uses the host name specified in the form to override the host name in the 3270 Session.
This example is written using JSP. The Deployment Wizard was used to create an HTML file that contains two sessions named "3270 Display" and "5250 Display." Note that in Z and I Emulator for Web 2.0, some of the HTML is generated using JavaScript, and HTML parameters are specified within a JavaScript array or using JavaScript document.write statements.
When using forms, the form data needs to be retained across requests to the program. This is because Z and I Emulator for Web HTML files reload themselves for Java detection and for bookmarking support when using configuration server-based model pages. If Java 1 is selected and bookmarking support is disabled if using the configuration server-based model, the page will not need to reload and there is no need to retain the form data. This example uses a JSP session to store the form data across reloads.
Here is a simple HTML form that allows for entry of a host name. The form posts to the JSP program (example2.jsp):
<form method="POST" action="zieweb/example2.jsp">
Hostname <input name="form.hostname"><br>
<input type="submit">
</form>
Here is the modified output from the Deployment Wizard. See the comments in the example for more detail. The lines added to the Deployment Wizard output are displayed in bold.
<HTML>
<%
// Get a session or create if necessary and store the hostname
// entered in the form in the session.
HttpSession session = request.getSession(true);
String hostname = request.getParameter("form.hostname");
if (hostname!=null) {
session.putValue("session.hostname", hostname);
}
%>
<!-- ZIEWeb WIZARD HTML -->
<!-- Deployment Wizard Build : 8.0.0-B20030605 -->
<HEAD>
<META http-equiv="content-type" content="text/html; charset=UTF-8">
<TITLE>Example 2 page title</TITLE>
<SCRIPT LANGUAGE="JavaScript" SRC="/zieweb/CommonJars.js"></SCRIPT>
<SCRIPT LANGUAGE="JavaScript" SRC="/zieweb/HODJavaDetect.js"></SCRIPT>
<SCRIPT LANGUAGE="JavaScript" SRC="/zieweb/CommonParms.js"></SCRIPT>
<SCRIPT LANGUAGE="JavaScript">
//---- Start JavaScript variable declarations ----//
var zie_Locale = '';
var zie_jsapi=false;
var zie_AppName ='';
var zie_AppHgt = '80%';
var zie_AppWid = '80%';
var zie_CodeBase = '/zieweb/';
var zie_FinalFile = 'z_example2.html';
var zie_JavaType = 'java2';
var zie_Obplet = '';
var zie_jars = 'habasen.jar,ziebasen.jar,zieimg.jar,hacp.jar,ziesignn.jar,ha3270n.jar,
ziecfgn.jar,ha5250n.jar';
var zie_URL = new String(window.location);
var zie_DebugOn = false;
var zie_SearchArg = window.location.search.substring(1);
var zie_AppletParams = new Array;
zie_AppletParams[0] = '<PARAM NAME="ParameterFile" VALUE="ZIEWebData\\example2\\params.txt">';
zie_AppletParams[1] = '<PARAM NAME="ShowDocument" VALUE="_parent">';
zie_AppletParams[2] = '<PARAM NAME="JavaScriptAPI" VALUE="' + zie_jsapi + '">';
zie_AppletParams[3] = '<PARAM NAME="PreloadComponentList" VALUE="HABASE;HODBASE;HODIMG;
HACP;HAFNTIB;HAFNTAP;
HA3270;HODCFG;HA5250">';
// The next 2 lines are required in order to override session properties.
// The first line turns on the processing for this function and does not
// need to be modified. The second line identifies the sessions that you
// want to change. In this example, there are 2 sessions identified
// named: "3270 Display" and "5250 Display".
// Be careful to increment the array index correctly.
zie_AppletParams[4] = <PARAM NAME="EnableHTMLOverrides" VALUE="true">;
zie_AppletParams[5] = <PARAM NAME="TargetedSessionList" VALUE="3270 Display,5250 Display">;
// The following line changes the Host or Destination Address session parameter
// for the session named "3270 Display". In this example, the Host is being set
// to the value saved in the JSP session from the HTML form.
// When you are initially testing your changes, you may want to use a constant
// value to verify that the syntax is correct before you insert your
// calculations.
// Here we override the host for the 3270 session to the value saved in the
// jsp session from the html form.
zie_AppletParams[6] = <PARAM NAME="Host" VALUE="3270
Display=<%=session.getValue("session.hostname")%>">;
//zie_AppletParams[x] = '<PARAM NAME="DebugCode" VALUE="65535">';
//---- End JavaScript variable declarations ----//
function getZIEMsg(msgNum) {
return ZIEFrame.zieMsgs[msgNum];
}
function getZIEFrame() {
return ZIEFrame;
}
var lang = detectLanguage(zie_Locale);
document.writeln('<FRAMESET cols="*,10" border=0 FRAMEBORDER="0">');
document.writeln('<FRAME src="/zieweb/ziedetect_' + lang + '.html" name="ZIEFrame">');
document.writeln('</FRAMESET>');
</SCRIPT>
</HEAD>
</HTML>
This chapter describes how to set up separate read/write private and publish directories for configuring Z and I Emulator for Web on a zSeries system.
The purpose of this configuration scenario is to provide instructions for common zSeries configuration tasks.
When Z and I Emulator for Web is installed, files in the /usr/lpp/ZIEWeb/zieforweb/private directory are updated in an execution environment, not just by manufacturing refresh releases. Because this directory is now updated during the Z and I Emulator for Web software's execution, you are recommended to mount a separate (non-service) File System. You can do this in one of the following ways:
ln -s /etc/ZIEWeb/private /usr/lpp/ZIEWeb/zieforweb/private
If you are using LDAP and native authentication, manually copy the HODrapd and the /keys directory to the system-specific /private directory.
When the system-specific /private directory is mounted, it overlays but does not destroy the master /private directory. When maintenance releases are applied, use the master /private directory. If these files are changed, copy them to the system-specific /private directory.
Files generated from the Deployment Wizard can be placed in a user-defined directory that is separate from the Z and I Emulator for Web publish directory. This makes it easier to apply future Z and I Emulator for Web upgrades. This solution keeps the Z and I Emulator for Web publish directory read only and provides a separate writeable location for deploying Deployment Wizard files.
For instructions on deploying Deployment Wizard files in a separate user publish directory and for information on other user-modified files that can be placed outside the publish directory, refer to migration instruction of deployment wizard.
You can create and mount a separate file system for the user-defined publish directory. The generated Deployment Wizard zip file are to be transferred to this directory and unzipped by the DWUnzip utility. The Web server needs to include an alias statement specific to the user-defined publish directory.
You can access the page through the URL that specifies the alias of the user-defined publish location. For example, if the publish directory is /usr/lpp/ZIEWeb/publish, and the alias is userpublish, then the URL to access the client page would be http://<servername>/userpublish/<pagename>.html.
The Deployment Wizard normally locates on a Windows machine during the installation of the product. On z/OS, a download is provided for you to install the Deployment Wizard on Windows so you can generate client pages for the z/OS ZIE server. Refer to the following steps for installing the Development Wizard from the z/OS server:
Once the Development Wizard is installed, you can launch it. Go to Start > All Programs > HCL Z and I Emulator for Web Deployment Wizard.
After you install Z and I Emulator for Web on the IBM System i platform, configure the software as follows:
The following commands can be used from the IBM iv7r1 or OS/400 command line.
You can use the NCServiceManager-OS400.sh script file to configure Service Manager. NCServiceManager-OS400.sh is located in the following directory on the IBM System i:
ZIE_install_directory>/lib/samples/NCServiceManager/.
To configure the Service manager settings, perform the following tasks:
Update the value of the JAVA_ENGINE to the complete path or location of the jre installed on the system. It must be Java V6 or higher. It must point to <java_installation>/bin/java in the Java installation directory.
Verify, and update if necessary, the value of MY_ZIEWeb_DIRECTORY to the complete path of the Z and I Emulator for Web installation directory. It must be the installation directory of Z and I Emulator for Web and the directory contains /bin, /lib and other folders of Z and I Emulator for Web. Generally, this value is updated once at the time of installation. For example, /QHCL/ProdData/ZIEForWeb.
Verify, and update if necessary, the value of MY_PUBLISHED_DIRECTORY to the complete path of the Z and I Emulator for Web Publish directory. Generally, it is the <ZIEWeb_Installation>/ZIEWeb directory, where <ZIEWeb_Installation> is the Z and I Emulator for Web installation directory.
To start the Z and I Emulator for Web Service Manager, run NCServiceManager-OS400.sh so that it starts and continues to run in the background.
One way to achieve this on IBM i Series is to submit a job by invoking the IBM PASE for System i to run the script. Contact your IBM i Series administrator for the details on best ways to submit a job suitable to your i Series setup and requirements.
An example command that submits a job:
sbmjob cmd(call pgm(qp2shell) parm('/QOpenSys/usr/bin/-sh' '/QHCL/ProdData/Z and I Emulator for Web/lib/samples/NCServiceManager/NCServiceManager-OS400.sh'))
To stop the service manager, end the job on Iseries. Contact your Iseries administrator for details on a suitable method for stopping the service.
One way to do this is with the following example steps:
To determine whether the Service Manager is running, it needs to be checked whether the Java program NCServiceManager , which is started by the script NCServiceManager-OS400.sh, is running or not. Therefore, the method to check the server status might vary according to the method used to start the service manager.
In the example above, the Service Manager is started by submitting a job to run the NCServiceManager-OS400.sh script. Hence, the you can perform following two ways to check the status:
WRKACTJOB
This provides a list of
active jobs.In the example of Start, the script NCServiceManager-OS400.sh is executed by invoking the IBM PASE for System i (qp2shell) in the SBMJOB command. Hence, in this case, the following steps can also help to check the status :
call qp2term
.ps -ef | grep NCServ
.
If the command detects that the Service manager is running, it will provide an output that would look like the following :
$ > ps -ef | grep NCServ kushald 3146 1 0 15:23:30 - 0:00 /QHCL/ProdData/OS400/Java400/jFr omPASE java -classpath .:sm.zip:ibmjndi.jar:jndi.jar:jsdk.jar:ods.jar:jt400.j ar -Djava.net.preferIPv4Stack=true -DFIPS=on com.ibm.eNetwork.HODUtil.service s.admin.NCServiceManager /QHCL/ProdData/Z and I Emulator for Web $
In the event that you need to contact the HCL Center for assistance, the already available Information Bundler script file can be used to gather information about your Z and I Emulator for Web configuration.
For usage information, refer the section Running the Information Bundler of the ZIEWeb V1 document.
Create a custom printer definition table for Z and I Emulator for Web 3270 printer sessions. In order to use this function, please refer the section under Compiling a PDT on an iSeries server section.
A custom printer definition might be necessary if you have a special paper form or if the printer is not supported. The following options are not available on ZIEWeb V2.0:
To use the Deployment Wizard to deploy screens to an IBM System i-based Z and I Emulator for Web server, do the following:
Follow the steps below to configure a CustomizedCAs keyring:
java -classpath .:your_install_dir/lib/sm.zip com.ibm.hod5sslight.tools.P12Keyring CustomizedCAs connect myServer.raleigh.hcl.com:702
.
This command can take a few minutes to complete. If you are asked
for a password, type zieweb and
press Enter.To view the contents of the CustomizedCAs keyring, perform the following steps:
java -classpath .: your_install_dir/lib/sm.zip com.ibm.hod5sslight.tools.P12Keyring CustomizedCAs list
.The following list provides a high-level overview of the steps needed to install and configure Z and I Emulator for Web with TLS:
Visit IBM System i Knowledge Center and search on TLS to learn the steps you need to take to enable TLS. You might need to repeat the steps for each IBM System i7 system that you want to use secure connections with.
Perform the following steps to configure a CustomizedCAs keyring:
java -classpath .:your_install_dir/lib/sm.zip com.ibm.hod5sslight.tools.P12Keyring CustomizedCAs connect myServer.raleigh.hcl.com:702
This
command can take a few minutes to complete. If you are prompted for
a password, type zieweb and press Enter.To view the contents of the CustomizedCAs keyring, do the following:
java -classpath .: your_install_dir/lib/sm.zip com.ibm.hod5sslight.tools.P12Keyring CustomizedCAs list
.
|
If you have multiple IBM System i machines and would like to create a single certificate that all the machines can use, consider cross certification. Refer to Managing Security, Cryptographic Services APIs, and Application System/400 Cryptographic Support/400 Version 3 for additional information about cross certification. |
For additional security, consider TLS with client authentication to tightly control who can Telnet to your system over the Internet. For example, you can configure the Telnet server to only allow authentication if the client certificate was issued by your IBM System i (through Digital Certificate Manager).
The client certificates have a limited validity period (for example, 90 days). When the certificate expires, the user must perform the Client Certificate Download process in order to continue. This process requires a valid IBM System i user ID and password.
|
Not all Telnet client software is capable of client authentication. When enabled, all TLS-enabled Telnet connections to the IBM System i require a user certificate. |
Refer to the IBM System i Web site for more information.
The OS/400 proxy can be configured to encrypt file transfer and Database On-Demand connections. To do this, the following additional software must be installed on each target IBM System i:
You need to control authorization of the users to the files. To help you to meet the TLS legal responsibilities, you need to change the authority of the directory that contains the TLS files to control user access to the files. In order to change the authority, do the following:
The Z and I Emulator for Web server uses the Web server to download program objects to the browser. This information can be encrypted, but with a considerable performance impact.
The default port for secure web serving is 443. If that port is not enabled, port 80 is used. To enable secure web serving, perform the following steps:
STRTCPSVR SERVER(*HTTP) HTTPSVR(*ADMIN)
ENDTCPSVR SERVER(*HTTP) HTTPSVR(DEFAULT)
STRTCPSVR SERVER(*HTTP) HTTPSVR(DEFAULT)
For more information on a wide variety of IBM System i topics, see IBM i PDF files and manuals.
In a 5250 Display session, Z and I Emulator for Web supports the display of Unicode data located in fields tagged with Coded Character Set Identifiers (CCSIDs). For more information see Unicode support for i/OS and OS/400 using Coded Character Set Identifiers.
For host programming information, refer to the IBM System i Website.
This chapter describes how to set up Z and I Emulator for Web for the IBM Eclipse-Plugin.
Eclipse-Plugin is the foundation for next-generation, network-centric computing. Built on the Eclipse rich client platform, it provides additional features for managing and deploying applications easily to end users.
On Eclipse-Plugin, all applications are packaged as Eclipse "features", which consist of "plugins" and "fragments". Eclipse features are usually installed from an "update site", which is a directory on a machine that is web-accessible.
To build the Z and I Emulator for Web plugin for Eclipse-Plugin, Z and I Emulator for Web provides a Java applet called "Update Site Utility". The Update Site Utility converts Z and I Emulator for Web jar files into Eclipse plugins and fragments and places them in a new or an existing update site directory.
Procedures to install features from an update site are different depending on Eclipse-Plugin platforms, such as Workplace Managed Client (WMC) or WebSphere Everyplace Deployment (WED). When WMC is used, extra configuration steps are required on its server counterpart, Workplace Collaboration Service (WCS). The Update Site Utility generates an XML file, which eases the configuration steps on WCS.
To create and deploy these Z and I Emulator for Web plugins to run in Eclipse-Plugin, do the following:
For example, if you want to use the Java plugin that is shipped by Z and I Emulator for Web server for Linux, use export command to set the LD_LIBRARY_PATH environment variable as follows:
export LD_LIBRARY_PATH=/opt/hcl/Z and I Emulator for Web/zieweb_jre/jre/bin:
$LD_LIBRARY_PATH
Z and I Emulator for Web plugin | Plugin itself. File name is given in the form: com.ibm.eNetwork.HOD.wct_(plugin version).jar |
Z and I Emulator for Web code fragment | Z and I Emulator for Web runtime code. File name is given in the form: com.ibm.eNetwork.HOD.wct.(function name)_(plugin version).jar |
Config fragment | Fragment that stores configuration information. File name is given in the form: com.ibm.eNetwork.HOD.wct.configs.(deployment wizard output file name)_(feature version).jar |
For information about installing the plugin on the client, refer to documents that come with your Eclipse-Plugin platforms.
On the Eclipse-Plugin platform, HTML overrides cannot be used in order to dynamically set session properties because no HTML files are used for running the Z and I Emulator for Web plugin. If you need to have the similar functionality, do the following steps:
public String setHodHtmlFileName()
public Properties getHodHtmlParameters()
Following is an example of such Java classes:
package com.ibm.eNetwork.HOD.wct.samples;
import java.util.Properties;
import com.ibm.eNetwork.HOD.wct.IHODConfigFactory;
public class ConfigOverride implements IHODConfigFactory {
/* (non-Javadoc)
* @see com.ibm.eNetwork.HOD.wct.IHODConfigFactory#getHodHtmlFileName()
*/
public String getHodHtmlFileName() {
return "hodwmc";
}
/* (non-Javadoc)
* @see com.ibm.eNetwork.HOD.wct.IHODConfigFactory#getHodHtmlParameters()
*/
public Properties getHodHtmlParameters() {
Properties p = new Properties();
p.put("EnableHTMLOverrides", "true");
p.put("TargetedSessionList", "3270 Display");
p.put("host", "3270 Display=hostname");
return p;
}
var showUserClass="true";
When you are using a separate user publishing directory other than the Z and I Emulator for Web publish directory, you need to specify the directory on Update Site Utility with the following procedure:
var showAlternatePublishDirectory ="true";
Following is the list of view IDs used by Z and I Emulator for Web plugin. You are suggested knowing them when you configure page layout on WCS manually.
ID | Description |
---|---|
com.ibm.eNetwork.HOD.wct.SessionsView | Configured Sessions |
com.ibm.eNetwork.HOD.wct.SessionLabelsView | Active Sessions |
com.ibm.eNetwork.HOD.wct.TerminalView | Terminal (Display, Printer, FTP, etc.) |
Following are limitations not mentioned above on using Z and I Emulator for Web in an Eclipse-Plugin environment:
The Z and I Emulator for Web Server is used to manage configuration data for the configuration server-based and combined models. For the default operational mode of the Z and I Emulator for Web Server, this data is saved in a non-shared private data store. Some enterprise customers need to manage their configuration information between multiple Z and I Emulator for Web servers. If these customers use the non-shared private data store, then their administrators must manage the data for each Z and I Emulator for Web Server separately. A Lightweight Directory Access Protocol (LDAP) server directory provides the ability to share user and group configuration information over different instances of the Z and I Emulator for Web configuration server.
Using an LDAP directory server to manage and share your definitions across multiple Z and I Emulator for Web servers is an option that must be carefully planned and executed. Migration from the private data store, in particular, has implications on the configuration data. LDAP enables the customer to manage the configuration information by arranging users into a hierarchical tree of groups. If existing users are members of more than one group, then some information will be lost. Note that the configuration data in the private data store is not changed when a migration to LDAP occurs. Refer to implications of migrating to LDAP in the Z and I Emulator for Web online help for more detailed information.
|
Users and groups that are already defined in LDAP for other purposes are not used by Z and I Emulator for Web. Users and groups for Z and I Emulator for Web must be defined separately by either migrating the configuration information from the private data store or by setting up the users and groups in Z and I Emulator for Web after enabling LDAP. |
|
If you are using the IBM LDAP server on Windows
and AIX platforms, and you are creating a large number of users, make
sure that DB2 is configured with the proper value for APP_CTL_HEAP_SZ.
While the value for this variable is dependent on individual installations,
setting APP_CTL_HEAP_SZ to 512 is a good starting value.
To configure DB2 heap size in a Windows or AIX environment, issue these commands:
Also, be sure that STMTHEAP is large enough. The size for these parameters are dependent solely on individual customer configurations and the number of Z and I Emulator for Web users that are being migrated to LDAP. |
The Z and I Emulator for Web extensions to the LDAP directory schema are provided in several files that are located in the LDAP subdirectory of the publish directory (for example, your_install_directory\ZIEWeb\ldap, where your_install_directory is your Z and I Emulator for Web installation directory). These files contain extensions to the LDAP schema and are stored in the standard slapd format. The schema extensions must be in effect before Z and I Emulator for Web can store configuration information in an LDAP server. Contact your LDAP administrator to have these schema extensions installed.
Refer to the Program Directory for instructions on installing the schema extensions for the zSeries.
|
Your LDAP administrator may have already installed these schema extensions for use by another IBM product. If so, skip these steps. If you are using the IBM Directory Server Version 3.1.1 or later, the schema is pre-installed, so you can skip these steps also. |
To install the Z and I Emulator for Web schema extensions on a Netscape LDAP Directory server:
Netscape.IBM.at
Netscape.IBM.oc
userat "<Netscape LDAP config directory>/Netscape.IBM.at"
useroc "<Netscape LDAP config directory>/Netscape.IBM.oc"
To install the Z and I Emulator for Web schema extensions on an IBM LDAP Directory server:
V2.1.IBM.at
V2.1.IBM.oc
include /etc/V2.1.IBM.at
include /etc/V2.1.IBM.oc
|
The Redirector configuration is not migrated to the directory server. |
|
If you have a problem connecting to LDAP and migrating, try to connect to LDAP first. Then, after successfully connecting, try to migrate. |
When you are asked to authenticate with the LDAP directory for the first time, specify a user ID of "admin" and a password of "password". You can change this password after the first log on. Even though you might have changed your password for the private data store, that ID and password continues to be valid for the private data store only. For the LDAP directory, a separate user ID and password are required. To avoid confusion, you can change your LDAP directory password to be the same as your private data store password.
Changes made on this panel are effective immediately. Once you have switched to the LDAP server, subsequent user-related changes will be made only on the LDAP server, including administrative changes to groups, users, or sessions, and changes such as new passwords, macros, keyboard changes, etc., by either the administrator or a user.
This information was developed for products and services offered in the U.S.A.
HCL may not offer the products, services, or features discussed in this document in other countries. Consult your local HCL representative for information on the products and services currently available in your area. Any reference to an HCL product, program, or service is not intended to state or imply that only that HCL product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any HCL intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-HCL product, program, or service.
HCL may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to:
HCL
330 Potrero Ave.
Sunnyvale, CA 94085
USA
Attention: Office of the General Counsel
HCL TECHNOLOGIES LTD. PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you.
This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. HCL may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.
Any references in this information to non-HCL Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this HCL product and use of those Web sites is at your own risk.
HCL may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.
Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact:
HCL
330 Potrero Ave.
Sunnyvale, CA 94085
USA
Attention: Office of the General Counsel
Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee.
The licensed program described in this document and all licensed material available for it are provided by HCL under terms of the HCL Customer Agreement, HCL International Program License Agreement or any equivalent agreement between us.
Information concerning non-HCL products was obtained from the suppliers of those products, their published announcements or other publicly available sources. HCL has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-HCL products. Questions on the capabilities of non-HCL products should be addressed to the suppliers of those products.
HCL, the HCL logo, and hcl.com are trademarks or registered trademarks of HCL Technologies Ltd., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM® or other companies.