Shut down the Access Manager instance on am1.
You shut down the Access Manager instance by shutting down the Application Server instance in which it runs.
# /opt/SUNWappserver/appserver/bin/asadmin stop-domain
The response should resemble the following:
Domain domain1 stopped.
Add the required Java Archive (JAR) files to the web container classpath.
Start a browser.
Go to the following URL:
https://am1.pstest.com:4849
The Application Server login page opens.
Log in to the Application Server Admin Console by typing the following values and clicking Login.
Input Field |
Value |
---|---|
User ID |
admin |
Password |
app-server-admin-password |
The Application Server Admin Console opens.
Click on the small triangle next to Configurations on the Common Tasks panel.
The configurations are expanded.
Click on the small triangle next to server-config.
The pscluster configuration is expanded.
Click on JVM Settings.
The frame on the right shows the configuration options.
In the right frame, select the Path Settings tab.
The JVM Classpath Settings panel opens.
Add /usr/share/lib/imq.jar and /usr/share/lib/jms.jarto the Classpath Suffix list.
Click Save.
Create a Message Queue user for Access Manager session failover.
This user will be used internally to send and retrieve session information. To use the imqusermgr utility in the following steps, you must first create a default user repository, which is done automatically the first time you start the Message Queue broker.
Start the Message Queue broker to be used for session failover.
# bash
This opens the bash shell, which supports background processes.
# /usr/bin/imqbrokerd -name aminstance -port 7777 &
Before using port 7777, check that it is not being used by some other process.
The output should resemble the following:
[25/Oct/2007:16:17:00 MEST] ================================================================================ Sun Java(tm) System Message Queue 3.7 Sun Microsystems, Inc. Version: 3.7 UR2 (Build 3-b) Compile: Mon May 7 22:37:30 PDT 2008 Copyright (c) 2007 Sun Microsystems, Inc. All rights reserved. SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. This product includes code licensed from RSA Data Security. ================================================================================ Java Runtime: 1.5.0_12 Sun Microsystems Inc. /usr/jdk/instances/jdk1.5.0/jre [25/Oct/2007:16:17:00 MEST] IMQ_HOME=/ [25/Oct/2007:16:17:00 MEST] IMQ_VARHOME=/var/imq [25/Oct/2007:16:17:00 MEST] SunOS 5.10 sparc am1(24 cpu) root [25/Oct/2007:16:17:00 MEST] Max file descriptors: 65536 (65536) [25/Oct/2007:16:17:00 MEST] Java Heap Size: max=174784k, current=35328k [25/Oct/2007:16:17:00 MEST] Arguments: [25/Oct/2007:16:17:00 MEST] [B1060]: Loading persistent data... [25/Oct/2007:16:17:00 MEST] Using built-in file-based persistent store: /var/imq/instances/aminstance/ [25/Oct/2007:16:17:01 MEST] [B1039]: Broker "aminstance@am1:7777" ready. |
Change the default Message Queue administrative user password.
# /usr/bin/imqusermgr update -i aminstance -u admin -p MQ-admin-psssword
The response should resemble the following:
User repository for broker instance: aminstance Are you sure you want to update user admin? (y/n) y User admin successfully updated. |
Add a new Message Queue user to be used for Access Manager session failover..
# /usr/bin/imqusermgr add -i aminstance -u am-svr-usr -p am-svr-usr-password
The response should resemble the following:
User repository for broker instance: aminstance User amSvrUsr successfully added. |
Delete the default guest user.
# /usr/bin/imqusermgr update -i aminstance -u guest -a false
The response should resemble the following:
User repository for broker instance: aminstance Are you sure you want to update user guest? (y/n) y User guest successfully updated. |
Shut down the Message Queue broker.
# imqcmd shutdown bkr -b am1:7777 -u admin
When prompted, type the MQ-admin-password.
Check the installation directories in the amsessiondb file.
Generate an encrypted password file.
# /opt/SUNWam/bin/amsfopassword -f /opt/SUNWam/.password -e am-svr-usr-password
os.name=SunOS SUCCESSFUL |
Edit the amsfo.conf file.
Open the amsfo.conf file in a text editor.
The file, which is used to configure Access Manager session failover, is located at:
/opt/SUNWam/lib/amsfo.conf
Type the following values:
Parameter |
Value |
---|---|
AM_HOME_DIR |
/opt/SUNWam |
AM_SFO_RESTART |
true |
CLUSTER_LIST |
am1.pstest.com:7777,am2.pstest.com:7777 |
DATABASE_DIR |
/tmp/amsession/sessiondb |
LOG_DIR |
/tmp/amsession/logs |
START_BROKER |
true |
BROKER_INSTANCE_NAME |
aminstance |
BROKER_PORT |
7777 |
USER_NAME |
am-svr-usr |
lbServerPort |
80 |
lbServerProtocol |
http |
lbServerHost |
am.pstest.com:80 |
SiteID |
10 |
JAVA_HOME |
/usr/jdk/entsys-j2se |
Run the amsfo script:
# /opt/SUNWam/bin/amsfo start
The script starts the Message Queue broker on am1, the Access Manager session database on am1, and initializes the Message Queue and Access Manager session database clients needed to implement session persistence.
Verify that the Message Queue connections are working.
Open the following log file:
/tmp/amsession/logs/amsessiondb.log
Check for errors in the file.
Restart the Access Manager instance on am1.
You start the Access Manager instance by starting the Application Server instance in which it runs.
# /opt/SUNWappserver/appserver/bin/asadmin start-domain --user admin domain1
When prompted, type the app-server-admin-password.