Lotus Connections v2.0.1
Integration with Quickr J 8.1.1/Quickr D 8.2 using Tivoli Access Manager 6.0
Lotus Connections 2.0.1 + iFixes
Lotus Quickr J2EE 8.1.1
Lotus Quickr Domino 8.2
Date of issue:
10th March 2009
Lotus Connections, System Verification Test (SVT)
Lotus Quickr, SVT
Chief Tester, Lotus Connections SVT
1 Configuration diagram for IBM Lotus Connections 2.0.1
Integrated with Lotus Quickr 8.1.1 using Tivoli Access
2 Test drivers
This test setup was used to test the integration points between the products and for a
number of user acceptiblily tests. This configuration was not used for workload tests or long
3 Machine details
The breakdown of the hardware used and its specifications is supplied in the spreadsheet
supplied with this document.
4 Configuration settings
● The Lotus Connections server must be installed and setup as per the infocenter
● The Lotus Quickr server must be installed as per the infocenter instructions -
● The following resouce may also be useful for Quickr install (Readme for upgrading IBM
Quickr 8.1.1 services for IBM WebSphere Portal) -
● The TAM server must be installed and setup as per the instructions available at
S_TACT=105AGX13&S_CMP=EDU - the administrator of the TAM server must create
the TAM junction to which both Connections and Quickr servers will connect to.
● All servers must be connected to the same LDAP and share the same LTPA token for
single sign-on purposes:
lp/c_security_over.html See also ;
The following integration points can be enabled between Lotus Connections and Lotus Quickr:
1. Business Card Link
2. Publish documents from activities to library
3. Integration with communities
All of these integration points are discussed on the Quickr infocenter:
BUSINESS CARD LINK (Quick J2EE)
To enable the business card link on Quickr, please follow the steps below on the Quickr
1. Login in Quickr server admin console (http://yourQuickrservername:10060/ibm/console)
2. Go to Resources > URL Providers > Browse Clusters, click ok.
3. Select the Default URL Provider
4. On this page click URLs link on the right hand side.
5. On this page click New button. Enter following values:
● Name: CONNECTIONS_PEOPLE_CARD
● JNDI name: JNDI_CONNECTIONS_PEOPLE_CARD
● Category: CATEGORY_CONNECTIONS_PEOPLE_CARD
● Specification: http://yourConnectionsServer.ibm.com/profiles/html/businessCard (The
URL of your connections server)
6. Restart Quickr.
ACTIVITIES PUBLISH FEATURE
To enable the publish feature to work the <PublishFile> settings in the file 'oa-config.xml' needs
to be changed. This xml file can be found in the following directory:
Within this file look for the following section and set the parameters as below:
<PublishFile enabled="true" allowCustomServers="false" requireSSO="true">
The parameters are explained in the following table:
allowCustomServers This parameter allows the user to specify any available
Lotus Quickr server when attempting to publish a
requireSSO Setting this value to true requires that Single Sign on is
enabled between the Quickr and Connections servers
– the user will not allowed to enter credentials when
attempting to publish.
<server> As many Quickr servers as required can be specified
within the PublishFile section by using the notation
above and giving a new line to each server specified.
More information on this can be found at the following link:
COMMUNITIES INTEGRATION POINTS
The installation of the Lotus Connections Connector for Quickr ensures the presence of the
Communities integration points. Follow the instructions on installing this from the infocenter:
Note that as this document is based on the installation in a non-clustered environment it is
important to reference the section Installing Lotus Quickr connector in a Network Environment to
ensure that the connector is configured correctly for all nodes in the cluster:
Supporting Lotus Quickr Authenticated Feeds
In order for the feeds from Quickr Wiki/Teamspace to load in the connections environment a
change is required to the 'proxy-config.xml' file. This is discused in the connections InfoCenter
but there is a change beyond this required to load these feeds in Communities due to the
presence of the TAM server -
The TAM session cookie (PD-H-SESSION-ID) need to be added to the section of the proxy
config file below. This ensures that the proper credentials are passed between the two
applications and the TAM server enabling the feeds to load.
<proxy:policy url="http://<tamserver.acme.com>:<port_number>/*" acf="none"
After all of the above changes are made the Lotus Connections server should be restarted – the
Lotus Quickr server may also need to be restarted for changes to take effect.
INTEGRATING LOTUS CONNECTIONS WITH QUICKR DOMINO 8.2
When connecting to a Quickr Domino deployment there are some slight changes to the process
of enabling the business card and enabling communities integration to that of a J2EE Quickr
configuration. While the above discussion is still valid there are some important considerations
to be taken into account to ensure proper functioning of the integration points with the domino
server. Unless stated explicitly below, the integration process for Quickr Domino is the same as
already outlined in this document.
To configure Lotus Connections 2.0.1 with Quickr Domino 8.2 the following process should be
Enable the Business Card
To enable the business card link between the Quickr Domino server and Connections server,
details of the connections server need to be provided in the qpconfig.xml on the Quickr Domino
server, as below:
● Upgrade to LC 220.127.116.11 Fixpack
This fixpack contains many fixes required to integrate with the Quickr Domino server as
well as fixing various other issues present in LC 2.0.1. The fixpack can be found on fix
central, (http://www-933.ibm.com/support/fixcentral/), see the following link for
instructions on how to install fixes to Lotus Connections:
● It is recommended to install the Lotus Connections Connector for Quickr after the
installation of the 18.104.22.168 Fixpack. This is not, however, a requirement and this is
discussed in Question 8 of the troubleshooting section below.
● After upgrading to the 22.214.171.124 Fixpack and installing the connector please download and
install the following iFix from ibm fix central (http://www-933.ibm.com/support/fixcentral/):
○ IFix ID: LO40261
Change to httpd.conf to ensure proper functioning of the Lotus Quickr Picker
When using a remote http server in front of Lotus Connections server the following parameter
should be added to the end of the httpd.conf:
● 'AllowEncodedSlashes On'
This should be added to both the SSL and non SSL section of the httpd.conf. This is outlined in
the following technote http://www-01.ibm.com/support/docview.wss?
Note: For information on how to integrate Quickr Domino with TAM see the following article on
the Lotus Quickr Wiki:
This document explains the steps required to enable Lotus Connections to integrate with Lotus
Quickr when using the Tivoli Access Manager for login and single sign on purposes. The steps
1. Install Lotus Connections, Quickr and Tivoli Access Manager
2. Create the TAM Junction and share LTPA tokens between the applications
3. Decide which integration points are required and make the changes described above.
4. Seek help from troubleshooting section below for the most common issues with this
Once successfully setup you will now be able to log onto connections/quickr via the following
address - http://tam-server/<component_name> where component_name is one of the
Connections components or lotusquickr. The following screenshots show how the configuration
will now look:
1. Login Page
2. Business Card Link in Quickr
3. Publish Document from Activities:
4. Communities Integration Points
Including Quickr Places:
Quickr Places / Feeds on Community Overview Page:
TROUBLESHOOTING – FREQUENTLY ASKED QUESTIONS
1. Communities with Quickr places are not creating correctly due to an authorization
The above error can occur for a number of reasons – the most common are:
● Firewall preventing the application server from communicating with TAM server
correctly. Ensure that the Connections application server will not be challenged for
credentials when attempting to make changes on the Quickr application server. Make a
rule on your firewall if necessary to achieve this.
● The following API's are not configured to allow basic authetication:
If this is the case please configure this seeting on the TAM server.
● Single sign on is not correctly configured between the products. Repeat the steps for
single sign on described in this document. Ensure that:
- the same LTPA token is shared between all components of the configuration
- ensure that the system clocks are within 5 minutes of each other on all machines
2. I want to change the properties relating to Quickr Server but I do not want to
uninstall/re-install the Connector again. How do I do this?
When the connector is installed it creates the following file containing the properties of the
Quickr server – communities-quickr-config.xml. This is created in the following folder:
In the config discussed in this docment a portal server is used to host Quickr and hence the
above section of this file contains the information pertaining to the intergration between the
communities and quickr servers. The above parameters are explained in the following table:
comm:host This is the host where Lotus Quickr can be found on the TAM server. This
is specified during the installation of the Connector.
comm:port This is the port for http traffic on the TAM server – typically this will be
port 80. This is specified during the installation of the Connector.
comm:sslport This is the port for secure communications between the Connections
server and TAM server – typically port 443. This is specified during the
installation of the Connector.
comm:useSSL This parameter determines whether SSL should be used when
communicating with the specified host.
comm:authentry This is the user specified for managing Lotus Quickr. This user property
can be found in the admin console under 'security → secure,
administration, applications and infrastructure → JAAS – J2C
comm:useSSO This parameter specifies if SSO is to be used between the products – if
set to false then the user will be prompted for credentials when
attempting to use communities/quickr integration.
comm:serverType This parameters specifies the type of application server which is being
connected to. This should not be changed. There are other sections in
this document for other server types.
3. I am seeing an authentication error in place of a Quickr feed on my community
This is caused because not all of the correct cookies or headers are passed between the
application servers and TAM server. In the section in this article dealing with this topic only the
cookie PD-H-SESSION-ID was added to the default values. However if SSL was being used
between Quickr and TAM then the following properties would also need to be added:
<proxy:cookie>PD-S-SESSION-ID</proxy:cookie> This is the secure cookie for the TAM server.
To be used when there will be SSL
communications between the Connections
and TAM servers
4. Clicking on the different components in the navigation bar re-directs me to the HTTP
Server instead of the TAM server.
This would occur because the links to which the navigation bar points to has not been updated
to direct the user to the TAM server. Follow the steps in the infocenter at the following link
again, this time ensuring that all href and ssl_href properties are pointing to the url of the TAM
server and not the http server or any other values.
Once complete restart all instances of the Connections application server.
5. I am using a clustered deployment of Lotus Connections. Is this much different to
In a clustered topology the Lotus Connections Connector for Quickr must be installed on all of
the nodes individually. All of the above steps should then be performed on the deployment
manager before synchronising all of the nodes in the deployment.
6. How to configure TAM logout screen to return to TAM login screen
See the following resource:
Note: If you don't do this then when you logout, after a TAM login session, you will be returned
to the standard Quickr Login screen; you will then need to exit the browser and restart the
browser to login via TAM login
7. Connections has been upgraded to fixpack 126.96.36.199 but now communities integration is
When upgrading to V188.8.131.52 Fixpack of Lotus Connections an issue can occur where managed
applications (such as Lotus Quickr connector) are removed. There is an iFix to address this
● iFix number: LO40261. This iFix should be installed after the upgrade to V184.108.40.206 is complete.
When the Quickr Connector was not installed prior to the upgrade to V220.127.116.11, the connector should be
installed after the upgrade followed by this iFix.
More information and release notes for fixpack LC 18.104.22.168 can be found at the following link: