Websphere Portal theme – uncompressed css/js

If you are seeing uncompressed css/js files loading in your theme instead of compressed it could be because of following trace enabled on the server.


When debug is enabled, the modules that contribute to the theme provide their uncompressed Javascript or CSS files if available. Additionally, all the files are retrieved with separate requests. This makes it much easier to find the offending file.


jQuery – Modify Primefaces Radiobutton

Updating Primefaces radiobutton using javascript is tricky.

Below code can be used to enable or clear a particular radio button.


function enableRadioButton(obj)

var a = obj.parent();
obj.prop(“checked”, true);
function clearRadioButton(obj)
var a = obj.parent();
obj.prop(“checked”, false);


Customize Portal Session Timeout Message

Sometimes client would like to customise the default message displayed when WebSphere portal session time’s out.

It can be done by following below steps

  1. Extract the file engine.properties to the portal_server_root/shared/app/nls directory.
  2. Edit engine.properties and change the “error.timeout” parameter to the message that you want to be displayed when session expires.
  3. Save and close engine.properties.
  4. Restart portal server.

For multilingual sites, the file can have a language suffix corresponding to the locale, for example, engine_es.properties for Spanish.

error.timeout = You are too much time away from desk .. your session expired {0}.
error.timeout.answer = If a session is inactive too long, it is terminated for security reasons. Please log in again.

I think there are other ways to do as well which I did not test , like modifying properties  wp.ui.jar in C:\Program Files (x86)\IBM\WebSphere\PortalServer\ui\wp.ui\shared\app


JSF redirect on page load

In JSF 2.0, you can use javax.faces.event.PreRenderViewEvent system event to perform custom logic before JSF page is displayed.

For eg : If user belongs to admin group you would like to redirect the user to Administration page and if its a normal user should be redirected to a different page.

<?xml version=”1.0″ encoding=”UTF-8″?>
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN”
<html xmlns=”http://www.w3.org/1999/xhtml&#8221;

<f:event listener=”#{pageBean.isUserAdministrator}” type=”preRenderView” />


<h:outputText value=”Default Page ..” />




public void isUserAdministrator(ComponentSystemEvent event){
//If logged with admin ID
 if(userBean.getWpsadmin()!=null &amp;amp;amp;amp;&amp;amp;amp;amp; userBean.getWpsadmin().compareTo(Constants.WPSADMIN)==0)
 //Redirect to admin page
//Redirect to normal page
//Redirection ...
public void gotoPage(String pageName) {
 if (pageName != null) {
 FacesContext context = getFacesContext();
 UIViewRoot newView =

WebSphere Portal Security Considerations

Setting headers on IBM HTTP Server

Stop the HTTP server.
Log on to the web server and edit the following file:
Enable below module –

LoadModule headers_module modules/mod_headers.so

<ifModule mod_headers.c>
Header set X-Permitted-Cross-Domain-Policies “none”
Header set X-XSS-Protection “1; mode=block”
Header set X-Frame-Options “DENY”

Restart the HTTP server.

Setting headers on WebSphere Application server – optional

WebSphere Portal offers protection against XSS, enabled with the security.css.protection setting in the Configuration Service.

Above setting should be enabled by default

WebSphere Application Server offers protection against XSS, enabled with the com.ibm.ws.security.addHttpOnlyAttributeToCookies custom property for Global Security. When set, the HTTP-only attribute, HttpOnly, will be set for LTPA tokens. Browsers will not allow scripts access to cookies for which HTTPOnly is set

X-Frame-Options Response Header

Log into WebSphere Integrated Solutions Console as the WebSphere Administrator user.
In the left panel, open Servers, and then open Server Types. Click WebSphere application servers.
In the Application servers table, click the server where InfoSphere Business Glossary is installed.
Under Server Infrastructure, open Java and Process Management, and then click Process definition.
Under Additional Properties, click Java Virtual Machine.
Under Additional Properties, click Custom Properties.
Click New. Complete these steps to create and apply a system configuration property:
In the Name field, type bg.xFrameOptions.
In the Value field, type in the X-Frame-Option HTTP response header that you need (for example: SAMEORIGIN).
Click Apply, and then click OK.
In the Messages window, click Save to save the new property when WebSphere Application Server is restarted.
Stop and restart WebSphere Application Server.

Primefaces input number retun 0 for empty value

Ever experienced p:inputNumber tag with empty value submitted and bean storing them as 0’s instead of null or empty ? Its because of org.apache.el.parser.COERCE_TO_ZERO , see below how we can resolve this issue.

I’m using InputNumber with emptyValue=”empty”. But empty input fields always display zero instead of blank or empty value

<p:inputNumber size=”5″ emptyValue=”empty” id=”MSSONB” value=”#{pageBean.mar.MSSONB}” widgetVar=”MSSONBVar” />

Primefaces : 6.0.8
JSF 2.0
WebSphere Portal 8

Example in primefaces showcase seems to work – http://www.primefaces.org/showcase/ui/i … mber.xhtml
but when we try to test the same code as in showcase it does not work.


Allows for the expression language (EL) that WebSphere Application Server uses to coerce null and empty string integer values to a 0 value or for NOT allowing a coerce to a 0 value and retaining the null or empty string integer. The default is true and permits a null or empty string integer value to be coerced to a 0 value.
Important: To keep a null value from being coerced to a 0 value in a MyFaces application, the following context parameter in the web.xml of the application: should be set to ensure that all possible instances of an empty or null value are inhibited from being coerced to zero.
You set the org.apache.el.parser.COERCE_TO_ZERO property using the administrative console.
Expand Servers, and then select WebSphere Application Servers. Click on the appropriate server from the list.
Under Server Infrastructure, expand Java and Process Management > Click on Process definition.
Under Additional Properties, click Java virtual machine.
Under Additional Properties, click Custom properties.
Click New and add the org.apache.el.parser.COERCE_TO_ZERO property with the value of false if you do NOT want a null value coerced to zero.
Click Save to save the change and restart the WebSphere Application Server to ensure that the change takes place.