Set up NAWT for use by graphical Java™ programs running under WebSphere® Application Server. When you use WebSphere Application Server and NAWT, you need to enable secure communications between the Virtual Network Computing (VNC) server and WebSphere Application Server.
Before reading the following information, make sure that you understand how to install and use the Native Abstract Windowing Toolkit (NAWT) on your iSeries™ server. In particular, you need to know how to use NAWT with the version of the Java 2 Software Development Kit (J2SDK) and i5/OS™ release that you use.
Ensuring secure communications
A method called X authority checking ensures secure communications between WebSphere Application Server and the VNC server.
The process of starting the VNC server creates an .Xauthority file that contains encrypted key information. Secure communications between WebSphere Application Server and VNC REQUIRES that both WebSphere Application Server and VNC have access to the encrypted key information in the .Xauthority file.
Using X authority checking
Use one of the following methods to use X authority checking:
Run WebSphere Application Server and VNC using the same profile
One way that you can ensure secure communications between WebSphere Application Server and the VNC server is by running WebSphere Application Server from the same profile that you use to start the VNC server. To run WebSphere Application Server and VNC the with same profile, you must change the user profile under which the application server runs.
To switch the user profile for the application server from the default user (QEJBSVR) to a different profile, you must perform the following actions:
- Use the WebSphere Application Server administrative console to change the application server configuration
- Use iSeries Navigator to enable the new profile
For information about using the WebSphere Application Server administrative console and iSeries Navigator, see the following documentation:
Manage users and groups with Management Central
Run WebSphere Application Server and VNC using different profiles
When you want WebSphere Application Server and VNC to use different profiles, you can ensure secure communications by having WebSphere Application Server use the .Xauthority file.
To enable WebSphere Application Server to use the .Xauthority file, complete the following steps:
- Create a new .Xauthority file (or update an existing .Xauthority file)
by starting the VNC server from your user profile. From an i5/OS control
language (CL) command line, type the following command and press ENTER:
CALL QP2SHELL PARM('/QOpenSys/QIBM/ProdData/DeveloperTools/vnc/vncserver_java' ':n')where n is the display number (a numeric value in the range of 1-99).Note: The .Xauthority file resides in the directory for the profile under which you are running the VNC server.
- Use the following CL commands to grant the profile under which you run WebSphere Application
Server the authority to read the .Xauthority file:
CHGAUT OBJ('/home') USER(WASprofile) DTAAUT(*RX) CHGAUT OBJ('/home/VNCprofile') USER(WASprofile) DTAAUT(*RX) CHGAUT OBJ('/home/VNCprofile/.Xauthority') USER(WASprofile) DTAAUT(*R)where VNCprofile and WASprofile are the appropriate profiles under which you are running the VNC server and WebSphere Application Server.Note:
You should only follow these steps when the VNCprofile and WASprofile are
different profiles. Following these steps when VNCprofile and WASprofile are
the same profile can cause VNC to not function correctly.
- From the WebSphere Application
Server administrative console, define the DISPLAY and XAUTHORITY environment
variables for your application:
- For DISPLAY, use either: system:n or localhost:n
where system is the name or IP address of your iSeries system and n is the display number that you used to start the VNC server.
- For XAUTHORITY, use: /home/VNCprofile/.Xauthority
where VNCprofile is the profile that started the VNC server.
- For DISPLAY, use either: system:n or localhost:n
- Pick up the configuration changes by restarting WebSphere Application Server.
For information about using the WebSphere Application Server administrative console, see the following documentation: