7.1 Installing the Distributed Authentication User Interface Web Containers

In this section, we will create a non-root user on the two machines that will host the Distributed Authentication User Interface and install Sun Java System Web Server using the non-root user. Use the following list of procedures as a checklist for completing the task.

• To Create a Non-Root User on the Distributed Authentication User Interface 1 Host Machine

• To Install the Web Server for Distributed Authentication User Interface 1

• To Create a Non-Root User on the Distributed Authentication User Interface 2 Host Machine

• To Install Sun Java System Web Server for Distributed Authentication User Interface 2

To Create a Non-Root User on the Distributed Authentication User Interface 1 Host Machine

Create the non-root user using the roleadd command in the Solaris Operating Environment on the Distributed Authentication User Interface 1 (da-1) host machine.

1. As a root user, log in to the da-1 host machine.

2. Use roleadd to create a new user.

   # roleadd -s /sbin/sh -m -g staff -d /export/da80adm da80adm

3. (Optional) Verify that the user was created.

   # cat /etc/passwd root:x:0:0:Super-User:/:/sbin/sh daemon:x:1:1::/: ... nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/: da80adm:x:223830:10::/export/da80adm:/sbin/sh

4. (Optional) Verify that the user's directory was created.

   # cd /export/da80adm # ls local.cshrc local.profile local.login

5. (Optional) Create a password for the non-root user.

   # passwd da80adm New Password: da80a6m Re-ener new Pasword: da80a6m passwd: password successfully changed for da80adm

   ---

   Note –

   If you do not perform this step, you will not be able to switch user (su) when logged in as the non-root user.

   ---

To Install the Web Server for Distributed Authentication User Interface 1

Before You Begin

• This procedure assumes that you have just completed To Create a Non-Root User on the Distributed Authentication User Interface 1 Host Machine and are still logged in as the root user.

• Read the Web Server 7.0 Release Notes to determine the latest patches you might need to install.

1. On the da-1 host machine, install required patches if necessary.

   In this case, the Release Notes indicate that based on the hardware and operating system being used, patch 117461–08, patch 119963–08, and patch 120011–14 are required.

   1. Run patchadd to see if the patches are already installed.

      # patchadd -p | grep 117461–08

      A list of patch numbers is displayed. This machine is already patched with 117461–08.

      # patchadd -p | grep 119963-08

      No results are returned which indicates that the patch is not yet installed on the system.

      # patchadd -p | grep 120011-14

      No results are returned which indicates that the patch is not yet installed on the system.

   2. Make a directory for downloading the patches you need and change into it.

      # mkdir /export/patches # cd /export/patches

   3. Download the patches.

      You can search for patches directly at http://sunsolve.sun.com. Navigate to the PatchFinder page, enter the patch number, click Find Patch, and download the appropriate patch.

      ---

      Note –

      Signed patches are downloaded as JAR files. Unsigned patches are downloaded as ZIP files.

      ---

   4. Unzip the patch files.

      # unzip 119963-08.zip # unzip 120011-14.zip

   5. Run patchadd to install the patches.

      # patchadd /export/patches/119963-08 # patchadd /export/patches/120011-14

      ---

      Tip –

      You can use the -M option to install all patches at once. See the patchadd man page for more information.

      ---

   6. After installation is complete, run patchadd to verify that each patch was added successfully.

      # patchadd -p | grep 119963-08

      A series of patch numbers is displayed, and the patch 119963-08 is present.

      # patchadd -p | grep 120011-14

      A series of patch numbers is displayed, and the patch 120011–14 is present.

2. Create a directory into which you can download the Web Server bits and change into it.

   # mkdir /export/WS7 # cd /export/WS7

3. Download the Sun Java System Web Server 7.0 Update 2 software from http://www.sun.com/download/products.xml?id=45ad781d.

   Follow the instructions on the Sun Microsystems Product Downloads web site for downloading the software.

4. Unpack the software package.

   # gunzip sjsws-7_0u2-solaris-sparc.tar.gz # tar xvf sjsws-7_0u2-solaris-sparc.tar

5. Run setup.

   # cd /export/WS7 # ./setup --console

6. When prompted, provide the following information.

   You will be asked to specify preferences that determine how Sun Java System Web Server 7.0U2 is installed and configured. ... The installation program pauses as questions are presented so you can read the information and make your choice. When you are ready to continue, press Enter (Return on some keyboards).	Press Enter.  Continue to press Enter when prompted.
   Have you read the Software License Agreement and do you accept all terms [no] {"<" goes back, "!" exits}?	Enter yes.
   Sun Java System Web Server 7.0 Installation Directory [/sun/webserver7] {"<" goes back, "!" exits}	Enter /opt/SUNWwbsvr
   Specified directory /opt/SUNWwbsvr does not exist. Create Directory? [Yes/No] {"<" goes back, "!" exits}	Enter yes.
   Select Type of Installation 1. Express 2. Custom 3. Exit What would you like to do? [1] {"<" goes back, "!" exits}	Enter 2.
   Component Selection 1. Server Core 2. Server Core 64-bit Binaries 3. Administration Command Line Interface 4. Sample Applications 5. Language Pack Enter the comma-separated list [1,2,3,4,5] {"<" goes back, "!" exits}	Enter 1,3,5.
   Java Configuration Sun Java System Web Server 7.0 requires Java SE Development Kit (JDK). Provide the path to a JDK 1.5.0_12 or greater. 1. Install Java SE Development Kit (JDK) 1.5.0_12 2. Reuse existing Java SE Development Kit (JDK) 1.5.0_12 or greater 3. Exit What would you like to do? [1] {"<" goes back, "!" exits}	Enter 1.
   Administrative Options 1. Create an Administration Server and a Web Server Instance 2. Create an Administration Node Enter your option. [1] {"<" goes back, "!" exits}	Enter 1.
   Create SMF services for server instances [yes/no] {"<" goes back, "!" exits}	Enter no.
   Host Name [da-1.example.com] {"<" goes back, "!" exits}	Accept the default value.
   SSL Port [8989] {"<" goes back, "!" exits}	Accept the default value.
   Create a non-SSL Port? [yes/no] {"<" goes back, "!" exits}	Enter no.
   Runtime User ID [root] {"<" goes back, "!" exits}	Enter da80adm.
   Administrator User Name [admin] {"<" goes back, "!" exits}	Accept the default value.
   Administrator Password:	Enter web4dmin.
   Retype Password:	Enter web4dmin.
   Server Name [da-1.example.com] {"<" goes back, "!" exits}	Accept the default value.
   HTTP Port [8080] {"<" goes back, "!" exits}	Enter 1080.
   Document Root Directory [/opt/SUNWwbsvr/ https-da-1.example.com/docs] {"<" goes back, "!" exits}	Accept the default value.
   Start Administration Server [yes/no] {"<" goes back, "!" exits}	Enter no.
   Ready To Install 1. Install Now 2. Start Over 3. Exit Installation What would you like to do?	Enter 1.

   When installation is complete, the following message is displayed:

   Installation Successful.

7. (Optional) To verify that Web Server was installed with the non-root user, examine the file permissions.

   # cd /opt/SUNWwbsvr/admin-server # ls -al total 16 drwxr-xr-x 8 root root 512 Jul 19 10:36 . drwxr-xr-x 11 da80adm staff 512 Jul 19 10:36 .. drwxr-xr-x 2 root root 512 Jul 19 10:36 bin drwx------ 2 da80adm staff 512 Jul 19 10:36 config drwx------ 3 da80adm staff 512 Jul 19 11:09 config-store drwx------ 3 da80adm staff 512 Jul 19 10:40 generated drwxr-xr-x 2 da80adm staff 512 Jul 19 10:40 logs drwx------ 2 da80adm staff 512 Jul 19 10:36 sessions

   The appropriate files and directories are owned by da80adm.

8. Start the Web Server administration server.

   # su da80adm # cd /opt/SUNWwbsvr/admin-server/bin # ./startserv

9. (Optional) Verify that the non-root user was able to start Web Server.

   1. Access https://da-1.example.com:8989 from a web browser.

   2. Log in to the Web Server console as the administrator.

      User Name:

      admin

      Password:

      web4dmin

      The Web Server administration console opens.

   3. Log out of the console and close the browser.

10. Log out of the da–1 host machine.

To Create a Non-Root User on the Distributed Authentication User Interface 2 Host Machine

Create the non-root user using the roleadd command in the Solaris Operating Environment on the Distributed Authentication User Interface 2 (da-2) host machine.

1. As a root user, log in to the da-2 host machine.

2. Use roleadd to create a new user.

   # roleadd -s /sbin/sh -m -g staff -d /export/da80adm da80adm

3. (Optional) Verify that the user was created.

   # cat /etc/passwd root:x:0:0:Super-User:/:/sbin/sh daemon:x:1:1::/: ... nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/: da80adm:x:227627:10::/export/da80adm:/sbin/sh

4. (Optional) Verify that the user's directory was created.

   # cd /export/da80adm # ls local.cshrc local.profile local.login

5. (Optional) Create a password for the non-root user.

   # passwd da80adm New Password: da80a6m Re-ener new Pasword: da80a6m passwd: password successfully changed for da80adm

   ---

   Note –

   If you do not perform this step, you will not be able to switch user (su) when logged in as the non-root user.

   ---

To Install Sun Java System Web Server for Distributed Authentication User Interface 2

Before You Begin

• This procedure assumes that you have just completed To Create a Non-Root User on the Distributed Authentication User Interface 2 Host Machine and are still logged in as the root user.

• Read the Web Server 7.0 Release Notes to determine the latest patches you might need to install.

1. On the da-2 host machine, install required patches if necessary.

   In this case, the Release Notes indicate that based on the hardware and operating system being used, patch 117461–08, patch 119963–08, and patch 120011–14 are required.

   1. Run patchadd to see if the patches are already installed.

      # patchadd -p | grep 117461–08

      A list of patch numbers is displayed. This machine is already patched with 117461–08.

      # patchadd -p | grep 119963-08

      No results are returned which indicates that the patch is not yet installed on the system.

      # patchadd -p | grep 120011-14

      No results are returned which indicates that the patch is not yet installed on the system.

   2. Make a directory for downloading the patches you need and change into it.

      # mkdir /export/patches # cd /export/patches

   3. Download the patches.

      You can search for patches directly at http://sunsolve.sun.com. Navigate to the PatchFinder page, enter the patch number, click Find Patch, and download the appropriate patch.

      ---

      Note –

      Signed patches are downloaded as JAR files. Unsigned patches are downloaded as ZIP files.

      ---

   4. Unzip the patch files.

      # unzip 119963-08.zip # unzip 120011-14.zip

   5. Run patchadd to install the patches.

      # patchadd /export/patches/119963-08 # patchadd /export/patches/120011-14

      ---

      Tip –

      You can use the -M option to install all patches at once. See the patchadd man page for more information.

      ---

   6. After installation is complete, run patchadd to verify that each patch was added successfully.

      # patchadd -p | grep 119963-08

      A series of patch numbers is displayed, and the patch 119963-08 is present.

      # patchadd -p | grep 120011-14

      A series of patch numbers is displayed, and the patch 120011–14 is present.

2. Create a directory into which you can download the Web Server bits and change into it.

   # mkdir /export/WS7 # cd /export/WS7

3. Download the Sun Java System Web Server 7.0 Update 2 software from http://www.sun.com/download/products.xml?id=45ad781d.

   Follow the instructions on the Sun Microsystems Product Downloads web site for downloading the software.

4. Unpack the software package.

   # gunzip sjsws-7_0u2-solaris-sparc.tar.gz # tar xvf sjsws-7_0u2-solaris-sparc.tar

5. Run setup.

   # cd /export/WS7 # ./setup --console

6. When prompted, provide the following information.

   You will be asked to specify preferences that determine how Sun Java System Web Server 7.0U2 is installed and configured. ... The installation program pauses as questions are presented so you can read the information and make your choice. When you are ready to continue, press Enter (Return on some keyboards).	Press Enter.  Continue to press Enter when prompted.
   Have you read the Software License Agreement and do you accept all terms [no] {"<" goes back, "!" exits}?	Enter yes.
   Sun Java System Web Server 7.0 Installation Directory [/sun/webserver7] {"<" goes back, "!" exits}	Enter /opt/SUNWwbsvr
   Specified directory /opt/SUNWwbsvr does not exist. Create Directory? [Yes/No] {"<" goes back, "!" exits}	Enter yes.
   Select Type of Installation 1. Express 2. Custom 3. Exit What would you like to do? [1] {"<" goes back, "!" exits}	Enter 2.
   Component Selection 1. Server Core 2. Server Core 64-bit Binaries 3. Administration Command Line Interface 4. Sample Applications 5. Language Pack Enter the comma-separated list [1,2,3,4,5] {"<" goes back, "!" exits}	Enter 1,3,5.
   Java Configuration Sun Java System Web Server 7.0 requires Java SE Development Kit (JDK). Provide the path to a JDK 1.5.0_12 or greater. 1. Install Java SE Development Kit (JDK) 1.5.0_12 2. Reuse existing Java SE Development Kit (JDK) 1.5.0_12 or greater 3. Exit What would you like to do? [1] {"<" goes back, "!" exits}	Enter 1.
   Administrative Options 1. Create an Administration Server and a Web Server Instance 2. Create an Administration Node Enter your option. [1] {"<" goes back, "!" exits}	Enter 1.
   Create SMF services for server instances [yes/no] {"<" goes back, "!" exits}	Enter no.
   Host Name [da-2.example.com] {"<" goes back, "!" exits}	Accept the default value.
   SSL Port [8989] {"<" goes back, "!" exits}	Accept the default value.
   Create a non-SSL Port? [yes/no] {"<" goes back, "!" exits}	Enter no.
   Runtime User ID [root] {"<" goes back, "!" exits}	Enter da80adm.
   Administrator User Name [admin] {"<" goes back, "!" exits}	Accept the default value.
   Administrator Password:	Enter web4dmin.
   Retype Password:	Enter web4dmin.
   Server Name [da-2.example.com] {"<" goes back, "!" exits}	Accept the default value.
   HTTP Port [8080] {"<" goes back, "!" exits}	Enter 1080.
   Document Root Directory [/opt/SUNWwbsvr/ https-da-2.example.com/docs] {"<" goes back, "!" exits}	Accept the default value.
   Start Administration Server [yes/no] {"<" goes back, "!" exits}	Enter no.
   Ready To Install 1. Install Now 2. Start Over 3. Exit Installation What would you like to do?	Enter 1.

   When installation is complete, the following message is displayed:

   Installation Successful.

7. (Optional) To verify that Web Server was installed with the non-root user, examine the file permissions.

   # cd /opt/SUNWwbsvr/admin-server # ls -al total 16 drwxr-xr-x 8 root root 512 Jul 19 10:36 . drwxr-xr-x 11 da80adm staff 512 Jul 19 10:36 .. drwxr-xr-x 2 root root 512 Jul 19 10:36 bin drwx------ 2 da80adm staff 512 Jul 19 10:36 config drwx------ 3 da80adm staff 512 Jul 19 11:09 config-store drwx------ 3 da80adm staff 512 Jul 19 10:40 generated drwxr-xr-x 2 da80adm staff 512 Jul 19 10:40 logs drwx------ 2 da80adm staff 512 Jul 19 10:36 sessions

   The appropriate files and directories are owned by da80adm.

8. Start the Web Server administration server.

   # su da80adm # cd /opt/SUNWwbsvr/admin-server/bin # ./startserv

9. (Optional) Verify that the non-root user was able to start Web Server.

   1. Access https://da-2.example.com:8989 from a web browser.

   2. Log in to the Web Server console as the administrator.

      User Name:

      admin

      Password:

      web4dmin

      The Web Server administration console opens.

   3. Log out of the console and close the browser.

10. Log out of the da–2 host machine.