Web Server Installation
This section provides the information you need to install a Web Server Security Service Module and the Web Services Security Service Module.
Note: For installation information on other Security Service Modules, see the associated installation guides.
Before you begin this installation procedure, make sure you have done the following:
Note: If you start the installation process from the command line or from a script, you can specify the -log
option to generate a verbose installation log. For instructions on how to generate a verbose log file during installation, see Generating a Verbose Installation Log.
If you start the installation process from the command line or from a script, you can specify the -log
option to generate a verbose installation log. The installation log lists messages about events during the installation process, including informational, warning, error, and fatal messages. This can be especially useful for silent installations.
Note: You may see some warning messages in the installation log. However, unless there is a fatal error, the installation program will complete the installation successfully. The installation wizard will indicate the success or failure of the installation, and the installation log file will include an entry indicating that the installation was successful.
To create a verbose log file during installation, include the -log=path
option on the command line or in the script. For example:
wles422ssm_win32.exe -log=C:\logs\wles_install.log
Where:
wles422ssm_linux32.bin -log=/opt/logs/wles_install.log
The path must be the full path to a file. All folders in the path must exist before you execute the command or the installation program will not create the log file.
The procedure for starting the installation program varies depending the platform on which install BEA WebLogic Enterprise Security. Therefore, separate instructions are provided for each supported platform.
Note: In a production environment, BEA recommends that you install the Security Service Modules on machines other than the machine on which the Administration Server is installed.
To start the installation program, refer to the appropriate section listed below:
Note: Do not install the software from a network drive. Download the software distribution to a local drive on your machine and install it from there. Also, on a Windows platform, the file system used must be NTFS, not FAT. To check the file system format, open Windows Explorer and right-click the hard drive on which you intend to do the installation and select Properties
.
To install the application in a Microsoft Windows environment:
Note: You can only install one Web Server product on a single machine, that is, one IIS Web Server SSM with its supporting Web Services SSM or one Web Services SSM. The Apache Web Server SSM is not supported on the Microsoft Windows platform.
wles422ssm_win32.exe
.The BEA Installer - Security Service Module for Web Server window appears (see Figure 3-1).
If the installation program does not start automatically, open Windows Explorer and double-click the CD-ROM icon.
The BEA Installer - WLES Security Service Module window appears (see Figure 3-1).
Figure 3-1 WLES Security Service Module Window
To run graphical-mode installation, your console must support a Java-based GUI. If the installation program determines that your system cannot support a Java-based GUI, the installation program automatically starts in console-mode.
To install the application in a Solaris environment:
chmod u+x wles422ssm_solaris32.bin
The BEA Installer - WLES Security Service Module window appears (see Figure 3-1).
The BEA Installer - Security Service Module for Web Server window appears (see Figure 3-1).
To run graphical-mode installation, your console must support a Java-based GUI. If the installation program determines that your system cannot support a Java-based GUI, the installation program automatically starts in console-mode.
To install the application in a Linux environment:
chmod u+x wles422ssm_linux32.bin
The BEA Installer - WLES Security Service Module window appears (see Figure 3-1).
chmod u+x wles422ssm_linux32.bin
The BEA Installer - WLES Security Service Module window appears (see Figure 3-1).
The installation program prompts you to enter specific information about your system and configuration, as described in Table 3-1. To complete this procedure you need the following information:
Note: If this is the first WebLogic Enterprise Security product you have installed on this machine, the Service Control Manager is also installed (which requires additional inputs, such as the Service Control Manager directory).
Click Next to proceed or cancel the installation at any time by clicking Exit. |
|
To continue with the installation, you must accept the terms of the license agreement. Read the BEA Software License Agreement, select Yes to indicate your acceptance of the terms of the agreement, and click Next. |
|
Specify the BEA Home directory that serves as the central support directory for all BEA products installed on the target system. If you already have a BEA Home directory on your system, you can select that directory (recommended) or create a new BEA Home directory. If you choose to create a new directory, the installer program automatically creates the directory for you. For details about the BEA Home directory, see BEA Home Directory. |
|
Select the SSM product(s) to install and click Next. Note: If you select the IIS Web Server SSM or the Apache Web Server SSM, the program installs the Web Server SSM component and the Web Services SSM component. If you select the Web Services SSM component, only that component is installed. |
|
Specify the directory in which you want to install the product software, and then click Next. You can accept the default product directory (for example, Note: If you are installing on a machine with existing BEA WebLogic Enterprise products or on a machine that you intend to install other BEA WebLogic Enterprise products (for example, the Administration Application or another Security Service Module) you must select a different directory. For additional information and a description of the resulting directory structure, see Product Installation Directory. If you choose to create a new directory, the installation program automatically creates the directory for you. When you click Next, the installation program begins copying the components you specified to your system. If you have installed other products then you will see "Installation Complete." Otherwise, continue installing the Service Control Manager. |
|
Specify the directory in which to install the Service Control Manager. You can accept the default directory (for example Note: If this machine already has a WebLogic Enterprise Security product installed, you will not be prompted for this information because it was configured on the initial product installation. The same is true of the remaining prompts. |
|
Specify the user names and group names to use for the Service Control Manager (if necessary) and Security Service Module. You can accept the default settings or create a new ones. Note: When installing this product for use in a production environment, BEA recommends that you set these passwords to known values; otherwise you will not be able to modify them later. For example, you may want to modify these passwords to comply with organizational requirements. Admin User (asiadmin)—A local user account used to start the components. Admin Group ( SCM User ( Security Group ( |
|
If the name of the user and group do not yet exist, they are created for you. Verify the values you entered are correct, and then click Next. |
|
Specify the password for the Security Service Module user and Service Control Manager user. You can also choose the default passwords that are randomly generated. Note: If any of the users exist you must enter their passwords; the passwords are not generated randomly. Passwords are case sensitive. If you are installing the product in a production environment, BEA recommends using secure user names and passwords, and not those that are randomly generated. Furthermore, the randomly generated passwords might not meet the password policy requirements of the machine on which you are installing the product. If you are using password policies on this machine, you should enter acceptable passwords. |
|
Select the network interfaces to which to bind the Service Control Manager. This is the IP Address used to listen for requests to provision policy and configuration data. Note: If you are installing the product in a production environment with more than one network card, you want to select a protected (internal) interface; you do not want to expose the Service Control Manager through a public address. |
|
Enterprise Domain Name—The enterprise domain name is used to link all of the WebLogic Enterprise Security components. Note: This is same enterprise domain name that you entered when you installed the BEA WebLogic Enterprise Security Administration Application. SCM Logical Name—The name you assign to the Service Control Manager during this installation. SCM Port—Port used by the Service Control Manager to receive configuration and policy data from the Administration Application; may not be used by any other server. Primary Server URL—The address of your Administration Application. For example: Backup Server URL—If you have a second Administration Application installed for the purpose of failover or backup, enter its address here. This is optional and may be left blank. |
|
Indicates that the installation completed successfully. Click Done to finish the installation. |
Now that you have installed the necessary software, you must enroll and configure the Service Control Manager, create an instance of the Web Services Security Service Module, and start the services. For instructions on how to perform these tasks, see Post Installation Tasks.