Sun Java System Access Manager 7.1 Postinstallation Guide

Deploying a Distributed Authentication UI Server WAR File

Deploying a Distributed Authentication UI server WAR file involves these steps:

You can also deploy a Distributed Authentication UI server using the Java ES installer and amconfig script. For more information, see Installing and Configuring a Distributed Authentication UI Server Using the Java ES Installer.

Getting the `amauthdistui.war` File

The amauthdistui.war file is in the amDistAuth.zip file, which is part of the Access Manager 7. 1 ZIP file.

To Get the `amauthdistui.war` File:

Create a new directory to download and unzip the Access Manager 7. 1 ZIP file.

Download the Access Manager 7. 1 ZIP file to the new directory you created in Step 1 from “Identity Management > Access Manager” on the following web site:

http://www.sun.com/download/index.jsp

Unzip the Access Manager 7. 1 ZIP file.

The amDistAuth.zip file contains the amauthdistui.war file as well as other files required to configure the WAR file.

For the layout of the Access Manager 7. 1 ZIP file, see Table 12–2.

Copying and Unzipping the `amDistAuth.zip` File

If you downloaded and unzipped the Access Manager 7. 1 ZIP file on the host server where Access Manager server is (or will be) deployed, you must copy the amDistAuth.zip file to the server where you plan to deploy the amauthdistui.war file.

To Copy and Unzip the `amDistAuth.zip` File:

On the server where you plan to deploy the WAR file, create a directory for the ZIP file.

Copy the amDistAuth.zip file to the new directory you created in Step 1.

Unzip the amDistAuth.zip file.

Table 11–2 shows the amDistAuth.zip file layout. The directory where you unzip the file is represented by zip_root.

Layout of the `amDistAuth.zip` File

Table 11–2 Layout of the amDistAuth.zip File


Directory	Description
`zip_root`	`README.distAuthUI` describes the contents of the ZIP file. `amauthdistui.war` is the Distributed Authentication UI server WAR file. Setup scripts are used to build the properties files and Distributed Authentication UI server web application: Solaris and Linux systems: `setup.sh` Windows systems: `setup.bat`
`zip_root/lib/`	`setup.jar` is a JAR file used by the setup scripts.
`zip_root/WEB-INF/classes/`	`AMConfigTemplate.properties` is the configuration template file used to update the `AMConfig.properties` file in the `amauthdistui.war` file. Important: Do not edit this file manually.

Building the `amauthdistui.war` File

Before you can deploy the amauthdistui.war file, you must run the setup script to add the configuration values to the AMConfig.properties configuration file in the amauthdistui.war file. The setup script uses the WEB-INF/classes/AMConfigTemplate.properties file to generate the AMConfig.properties file.

Note –

Before you run the setup script, make sure that your JAVA_HOME environment variable is set to the JDK installation directory for the version of the JDK that you are using.

To Build the `amauthdistui.war` File:

Change to the directory on the server where you copied and unzipped the WAR file.

Change the permissions on the appropriate setup script to allow the script to execute:
- Solaris and Linux systems: setup.sh
- Windows systems: setup.bat

Invoke the appropriate setup script, depending on your platform.

For example, on Solaris systems:
```
# ./setup.sh
```

When the setup script prompts you, enter values for the following items:
- Debug directory where the debug files will be created
- Application user name and password
- Access Manager server protocol. For example: http or https
- Access Manager server fully qualified host name
- Access Manager server port
- Access Manager server deployment URI. For example: amserver. Do not specify the slash (/).
- Access Manager server naming URL to get the naming service
- Distributed Authentication UI server protocol
- Distributed Authentication UI server fully qualified host name
- Distributed Authentication UI server port
- Distributed Authentication UI server deployment URI. For example: distauth. Do not specify the slash (/).
- Notification URL where notifications will be sent
After you provide these values, the setup script updates the AMConfig.properties file in the amauthdistui.war file.

WAR File Name

Some web containers require the WAR file name to use the same name as the deployment URI. If so, rename the amauthdistui.war file to the Distributed Authentication UI server deployment URI that you provided when you ran the setup script in the previous Step 4.

Deploying the Distributed Authentication UI Server WAR File

Deploy the Distributed Authentication UI server WAR file (amauthdistui.war, or the name you are using for the WAR file, if you changed the name), to one of the following web containers:

Sun Java System Web Server 7
Sun Java System Application Server Enterprise Edition (EE) 8.2
BEA WebLogic Server
IBM WebSphere Application Server

For the supported web container versions, see the Sun Java System Access Manager 7.1 Release Notes.

To Deploy the Distributed Authentication UI Server WAR File:

Before You Begin

Before you deploy the WAR file, the web container must be installed and running on the server where you plan to deploy the WAR file.

Deploy the amauthdistui.war file (or the name you are using for the WAR file, if you changed the name) using either the web container administration console or CLI command.

Example 11–2 Deploying the Distributed Authentication UI Server WAR File

The following examples use the web container CLI commands. You can also deploy the WAR file using the web container administration console.

Web Server 7

If Web Server 7 is the web container, use the wadm command to deploy the WAR file. For example, on Solaris systems:

# cd /opt/SUNWwbsvr7/bin
# ./wadm add-webapp --user=admin --host=dist-auth-server-host
--port=dist-auth-port --config=web-server-configuration-name
--vs=web-server-virtual-server --uri=/dist-auth-deploy-uri
zip_root/amauthdistui.war

# ./wadm deploy-config --user=admin --host=dist-auth-server-host
--port=dist-auth-port --restart=true web-server-configuration-name

Enter the Web Server 7 administration password when you are prompted.

Application Server EE 8.2

If Application Server EE 8.2 is the web container, first create a password file to be used when you deploy the WAR file. For example: /tmp/pwdfile.

Set the following variable in the password file:

AS_ADMIN_PASSWORD=application-server-admin-password

Then, use the asadmin deploy command to deploy the WAR file. For example, on Solaris systems:

# cd /opt/SUNWappserver/appserver/bin
# ./asadmin deploy --user appserver-admin
--passwordfile /tmp/pwdfile --port 4849
--contextroot dist-auth-deploy-uri --name dist-auth-deploy-uri
--target dist-auth-server-host 
zip_root/amauthdistui.war

Deploying a Distributed Authentication UI Server WAR File

Getting the amauthdistui.war File

To Get the amauthdistui.war File:

Copying and Unzipping the amDistAuth.zip File

To Copy and Unzip the amDistAuth.zip File:

Layout of the amDistAuth.zip File

Building the amauthdistui.war File

To Build the amauthdistui.war File: