test

Deployment Example: Single Sign-On, Load Balancing and Failover Using Sun OpenSSO Enterprise 8.0

ProcedureTo Install the J2EE Policy Agent 1 on Application Server 1

Before You Begin

Set JAVA_HOME to /usr/local/bea/jdk150_06.

  1. As a root user, log into the pr-1 host machine.

  2. Stop the WebLogic Server 1 administration server and the WebLogic Server 1 managed instance.


    # cd /usr/local/bea/user_projects/domains/pr-1/bin
# ./stopManagedWebLogic.sh ApplicationServer-1 t3://localhost:7001
# ./stopWebLogic.sh

  3. Create a directory into which you will download the J2EE Policy Agent bits and change into it.


    # mkdir /export/J2EEPA1
# cd /export/J2EEPA1

  4. Create a text file that contains a password for the Agent Profile created during installation.

    The J2EE Policy Agent installer requires this.


    # cat > agent.pwd

j2eeagent1

Hit Control D to terminate the command

^D

  5. Create a text file that contains the Agent Administrator password.

    This text file should contain the password of the OpenSSO Enterprise administrator (by default, amadmin).


    # cat > agentadm.pwd

ossoadmin

Hit Control D to terminate the command

^D

  6. Download the J2EE policy agent bits for WebLogic Server from http://www.sun.com/download/index.jsp.


    # ls -al

total 18824
drwxr-xr-x   2 root     root         512 Jul 17 16:02 .
drwxr-xr-x   8 root     root         512 Jul 17 15:58 ..
-rw-r--r--   1 root     root          11 Jul 17 15:59 agent.pwd
-rw-r--r--   1 root     root           9 Jul 17 16:01 agentadm.pwd
-rw-r--r--   1 root     root     9623704 Jul 17 16:02 weblogic_v10_agent_3.zip

  7. Unpack the J2EE policy agent bits.


    # unzip weblogic_v10_agent_3.zip

  8. Run the J2EE policy agent installer.


    # cd /export/J2EEPA1/j2ee_agents/weblogic_v10_agent/bin
# chmod 755 agentadmin
# ./agentadmin --custom-install

  9. When prompted, provide the following information.

    The following information is to configure the J2EE Policy Agent against the OpenSSO Enterprise secure port.


    Please read the following License Agreement carefully:

    Press Enter to continue. Continue to press Enter until you reach the end of the License Agreement and the installer's Welcome page is displayed. 

    		 

    Enter startup script location.

    Enter /usr/local/bea/user_projects/domains/pr-1/bin/startwebLogic.sh 


    Enter the WebLogic Server instance 
name: [AdminServer]

    Enter the name of the WebLogic Server instance secured by the agent ApplicationServer-1 


    Enter the WebLogic home directory: 
[/usr/local/bea/wlserver_10.0]

    Enter /usr/local/bea/weblogic10.

    		 

    OpenSSO Enterprise 
URL

    Enter the URL where OpenSSO Enterprise is running (including the URI): https://lb-2.example.com:1081/opensso 


    Is the agent being deployed on a Portal domain [false]

    Accept the default value. 

    		 

    Agent URL:

    Enter the URL where the policy agent is running (including the URI): http://pr-1.example.com:1081/agentapp 


    Enter the Encryption Key 
[+Yr3K4K1/lWFe4H17SBHMNIUzLNRut7H]:

    Accept the default value. 

    		 

    Enter the Agent Profile Name:

    j2eeagent-1 


    Enter the path to the password file:

    Enter the path to a file that contains the password to be used for identifying the policy agent: /export/J2EEPA1/agent.pwd.

    Note –

    A warning message is displayed regarding the existence of the agent profile.

    		 

    This Agent Profile does not exist in 
OpenSSO Enterprise. 
Will it be created by the installer? (Agent 
Administrator name and password are required) 
[true]:

    Accept the default value to create the Agent Profile during installation. 

    		 

    Enter the Agent Administrator's name:

    Enter amadmin 


    Enter the path to the password file 
that contains the password of Agent Administrator:

    Enter /export/J2EEPA1/agentadm.pwd 


    -----------------------------------------------
SUMMARY OF YOUR RESPONSES
-----------------------------------------------
Startup script location :
  /usr/local/bea/user_projects/domains/
  pr-1/bin/startWebLogic.sh
WebLogic Server instance name : 
  ApplicationServer-1
WebLogic home directory : 
  /usr/local/bea/weblogic10
OpenSSO Server URL : 
  https://lb-2.example.com:1081/opensso
Agent Installed on Portal domain : false
Agent URL : 
  http://pr-1.example.com:1081/agentapp
Encryption Key : 
  +Yr3K4K1/lWFe4H17SBHMNIUzLNRut7H
Agent Profile name : j2eeagent-1
Agent Profile Password file name : 
  /export/J2EEPA1/agent.pwd
Agent Profile will be created right now 
  by agent installer : true
Agent Administrator : amadmin
Agent Administrator's password file 
  name : /export/J2EEPA1/agentadm.pwd

Verify your settings and decide from 
the choices below:
1. Continue with Installation
2. Back to the last interaction
3. Start Over
4. Exit
Please make your selection [1]:

    Accept the default value. 

    		 

    ---------------------------------------------
SUMMARY OF AGENT INSTALLATION
-----------------------------
Agent instance name: Agent_001
Agent Bootstrap file location:
/export/J2EEPA1/j2ee_agents/
  weblogic_v10_agent/Agent_001/
  config/FAMAgentBootstrap.properties
Agent Configuration file location
/export/J2EEPA1/j2ee_agents/
  weblogic_v10_agent/Agent_001/
  config/FAMAgentConfiguration.properties
Agent Audit directory location:
/export/J2EEPA1/j2ee_agents/
  weblogic_v10_agent/Agent_001/logs/audit
Agent Debug directory location:
/export/J2EEPA1/j2ee_agents/
  weblogic_v10_agent/Agent_001/logs/debug

Install log file location:
/export/J2EEPA1/j2ee_agents/
  weblogic_v10_agent/installer-logs
  /audit/custom.log

    Accept the default value. 

    When the installer is finished, a new file is in the bin directory called setAgentEnv_ApplicationServer-1.sh.

  10. Modify the startup script setDomainEnv.sh to reference setAgentEnv_ApplicationServer-1.sh with the following sub procedure.

    Tip –

    Backup setDomainEnv.sh before you modify it.

    1. Change to the bin directory.


      # cd /usr/local/bea/user_projects/domains/pr-1/bin

    2. Insert the following line at the end of setDomainEnv.sh.


      . /usr/local/bea/user_projects/domains/pr-1/
bin/setAgentEnv_ApplicationServer-1.sh

    3. Save setDomainEnv.sh and close the file.

  11. Change permissions for setAgentEnv_ApplicationServer-1.sh.


    # chmod 755 setAgentEnv_ApplicationServer-1.sh

  12. Start the WebLogic Server administration server and managed instance.


    # ./startWebLogic.sh &
# ./startManagedWebLogic.sh ApplicationSever-1 t3://localhost:7001

    Watch for startup errors.

  13. Verify that the J2EE Policy Agent 1 was successfully created on the server using the following sub procedure.

    1. Access https://osso-1.example.com:1081/opensso/console from a web browser.

    2. Log in to the OpenSSO Enterprise console as the administrator.

      User Name:

      amadmin

      Password:

      ossoadmin

    3. Under the Access Control tab, click / (Top Level Realm).

    4. Click the Agents tab.

    5. Click the J2EE tab.

      j2eeagent-1 is displayed under the Agent table.

    6. Click j2eeagent-1.

      The j2eeagent-1 properties page is displayed.

    7. Log out of the OpenSSO Enterprise console and close the browser.

  14. Remove the password files.


    # cd /export/J2EEPA1
# rm agent.pwd
# rm agentadm.pwd

  15. Log out of the pr-1 host machine.