Gathering Information to Install the WebLogic Server/Portal 10 Agent
Installing the WebLogic Server/Portal 10 Agent Using the agentadmin Program
Considering Specific Deployment Scenarios for the WebLogic Server/Portal 10 Agent
The version 3.0 agentadmin program includes these installation options:
Default installation (agentadmin --install): The program displays a minimum number of prompts and uses default values for the other options. Use the default install option when the default options, as shown in Table 3, meet your deployment requirements.
or
Custom installation (agentadmin --custom-install): The program displays a full set of prompts, similar to the version 2.2 program. Use the custom install option when you want to specify values other than the default options shown in Table 3, or when you want to install the agent in a WebLogic Portal domain.
Prompt Request |
Description |
---|---|
Startup script location |
Path to the location of the script used to start the WebLogic domain. Applies to both default and custom installation options. Default: /usr/local/bea/user_projects/domains/base_domain/startWebLogic.sh |
WebLogic server instance |
WebLogic Server instance secured by the agent. Applies only to the custom installation option. Default: AdminServer |
WebLogic home directory |
WebLogic Server home directory. Applies to both default and custom installation options. Default: /usr/local/bea/wlserver_10.0 |
OpenSSO Enterprise URL |
URL where OpenSSO Enterprise is running. Applies to both default and custom installation options. For example: http://openssohost.example.com:58080/opensso |
Portal domain |
WebLogic Portal domain Applies only to the custom installation option. Default: false. Specify true only if you are installing the agent on a WebLogic Portal domain. |
Deployment URI for the portal application |
Deployment URI for the portal application that is protected by the agent. Applies only to the custom installation option. Displayed if you answered true to the previous prompt, because your are installing the agent on a WebLogic Portal domain. |
Agent URL |
Agent URL, including the deployment URI. Applies to both default and custom installation options. For example: http://agent.example.com:8090/agentapp |
Encryption Key |
Key used to encrypt the agent profile password. Applies only to the custom installation option. The encryption key should be at least 12 characters long. You can accept the default key or create a new key using the agentadmin --getEncryptKey command. |
Agent profile name |
Agent profile name. A policy agent communicates with OpenSSO Enterprise using the name and password in the agent profile. Applies to both default and custom installation options. For information, see Creating an Agent Profile. |
Agent profile password file |
ASCII text file with only one line specifying the agent profile password. Applies to both default and custom installation options. For information, see Creating a Password File. |
Option to create the agent profile The agentadmin program displays the following prompt if the agent profile previously specified for the Agent Profile Name prompt does not already exist in OpenSSO Enterprise: Enter true if the Agent Profile is being created into OpenSSO Enterprise by the installer. Enter false if it will be not be created by installer. |
To have the installation program create the agent profile, enter true. The program then prompts you for:
Applies only to the custom installation option. |
This section describes how to install the agent in a standalone environment. For information about a cluster, see Installing and Configuring the WebLogic Server/Portal 10 Agent in a Cluster.
Requirements. Before you install the WebLogic Server/Portal 10 agent:
OpenSSO Enterprise server must be installed and accessible.
The WebLogic Server/Portal 10 container must be installed and configured on the server where you plan to install the agent.
You must have downloaded and unzipped the distribution file, as described in Downloading and Unzipping the WebLogic Server/Portal 10 Agent Distribution File.
Login to the server where you want to install the agent.
Important: To install the agent, you must have write permission to the WebLogic Server/Portal 10 agent container files and directories.
Change to the following directory:
PolicyAgent-base/bin
On Solaris and Linux systems, set the permissions for the agentadmin program as follows, if needed:
# chmod 755 agentadmin
Stop the WebLogic Server/Portal 10 container.
Start the agent installation:
Default installation: ./agentadmin --install
or
Custom installation: ./agentadmin --custom-install
On Windows systems, run the agentadmin.bat program.
Enter information as requested by the agentadmin program, or accept the default values.
After you have made your choices, the agentadmin program displays a summary of your responses. For example, for an --custom-install installation:
----------------------------------------------- SUMMARY OF YOUR RESPONSES ----------------------------------------------- Startup script location : /opt/bea/user_projects/domains/base_domain/startWebLogic.sh WebLogic Server instance name : AdminServer WebLogic home directory : /opt/bea/wlserver_10.0 OpenSSO Enterprise URL : http://openssohost.example.com:58080/opensso Agent Installed on Portal domain : false Agent URL : http://agent.example.com:8090/agentapp Encryption Key : 6w2Tb03H0crtOcU2G5JmphiOoY6e42Pn Agent Profile name : WebLogicAgent Agent Profile Password file name : /tmp/wl10agentpw Agent Profile will be created right now by agent installer : true Agent Administrator : agentadmin Agent Administrator's password file name : /tmp/agentadminpw Verify your settings above and decide from the choices below. 1. Continue with Installation 2. Back to the last interaction 3. Start Over 4. Exit Please make your selection [1]:
Verify your choices and either continue with the installation (1, the default), or make any necessary changes.
If you continue, the program installs the agent and displays a summary of the installation. For example:
SUMMARY OF AGENT INSTALLATION ----------------------------- Agent instance name: Agent_001 Agent Bootstrap file location: /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent /Agent_001/config/OpenSSOAgentBootstrap.properties Agent Configuration file location /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent /Agent_001/config/OpenSSOAgentConfiguration.properties Agent Audit directory location: /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent/Agent_001/install-logs/audit Agent Debug directory location: /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent/Agent_001/install-logs/debug Install log file location: /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent/install-logs/audit/custom.log Thank you for using Sun OpenSSO Enterprise Policy Agent 3.0.
After the installation finishes successfully, if you wish, check the installation log file in the following directory:
PolicyAgent-base/install-logs/audit
Restart the WebLogic Server/Portal 10 container.
After you install the WebLogic Server/Portal 10 agent for a specific domain, you cannot use that same agent on the same host for a different domain. To use the WebLogic Server/Portal 10 agent for another domain on the same host, you must install the agent specifically for that domain.
************************************************************************ Welcome to the Sun OpenSSO Enterprise Policy Agent 3.0 for BEA WebLogic 10.0 Platform. ************************************************************************ Enter the path to the location of the script used to start the WebLogic domain. Please ensure that the agent is first installed on the admin server instance before installing on any managed server instance. [ ? : Help, ! : Exit ] Enter the Startup script location [/usr/local/bea/user_projects/domains/base_domain/startWebLogic.sh]: /opt/bea/user_projects/domains/base_domain/startWebLogic.sh Enter the name of the WebLogic Server instance secured by the agent. [ ? : Help, < : Back, ! : Exit ] Enter the WebLogic Server instance name [AdminServer]: Enter the WebLogic home directory [ ? : Help, < : Back, ! : Exit ] Enter the WebLogic home directory [/usr/local/bea/wlserver_10.0]: /opt/bea/wlserver_10.0 Enter the URL where the OpenSSO Enterprise is running. Please include the deployment URI also as shown below: (http://opensso.sample.com:58080/opensso) [ ? : Help, < : Back, ! : Exit ] OpenSSO Enterprise URL: http://openssohost.example.com:58080/opensso Enter true if the agent is being installed on a Portal domain [ ? : Help, < : Back, ! : Exit ] Is the agent being installed on a Portal domain ? [false]: Enter the Agent URL. Please include the deployment URI also as shown below: (http://agent1.sample.com:1234/agentapp) [ ? : Help, < : Back, ! : Exit ] Agent URL: http://agent.example.com:8090/agentapp Enter a valid Encryption Key. [ ? : Help, < : Back, ! : Exit ] Enter the Encryption Key [6w2Tb03H0crtOcU2G5JmphiOoY6e42Pn]: Enter the Agent profile name [ ? : Help, < : Back, ! : Exit ] Enter the Agent Profile name: WebLogicAgent Enter the path to a file that contains the password to be used for identifying the Agent. [ ? : Help, < : Back, ! : Exit ] Enter the path to the password file: /tmp/wl10agentpw WARNING: Agent profile/User: WebLogicAgent does not exist in OpenSSO! Either "Hit the Back button, and re-enter the correct agent profile name/user name", or "Create this agent profile when asked (available only in custom-install)", or "Continue without validating it because agent profile is in sub realm", or "Continue without validating/creating it, and manually validate/create it in OpenSSO Enterprise after installation". Enter true if the Agent Profile is being created into OpenSSO by the installer. Enter false if it will be not be created by installer. [ ? : Help, < : Back, ! : Exit ] This Agent Profile does not exist in OpenSSO Enterprise, will it be created by the installer? (Agent Administrator's name and password are required) [true]: Agent Administrator is the Administrator user that can create, delete or update agent profile. [ ? : Help, < : Back, ! : Exit ] Enter the Agent Administrator's name: agentadmin Enter the path to a file that contains the password of Agent Administrator [ ? : Help, < : Back, ! : Exit ] Enter the path to the password file that contains the password of Agent Administrator: /tmp/agentadminpw ----------------------------------------------- SUMMARY OF YOUR RESPONSES ----------------------------------------------- Startup script location : /opt/bea/user_projects/domains/base_domain/startWebLogic.sh WebLogic Server instance name : AdminServer WebLogic home directory : /opt/bea/wlserver_10.0 OpenSSO Enterprise URL : http://openssohost.example.com:58080/opensso Agent Installed on Portal domain : false Agent URL : http://agent.example.com:8090/agentapp Encryption Key : 6w2Tb03H0crtOcU2G5JmphiOoY6e42Pn Agent Profile name : WebLogicAgent Agent Profile Password file name : /tmp/wl10agentpw Agent Profile will be created right now by agent installer : true Agent Profile type : J2EEAgent Agent Administrator : agentadmin Agent Administrator's password file name : /tmp/agentadminpw Verify your settings above and decide from the choices below. 1. Continue with Installation 2. Back to the last interaction 3. Start Over 4. Exit Please make your selection [1]: Copy amauthprovider.jar to /opt/bea/wlserver_10.0/server/lib/mbeantypes ...DONE. Creating directory layout and configuring Agent file for Agent_001 instance ...DONE. Reading data from file /tmp/wl10agentpw and encrypting it ...DONE. Generating audit log file name ...DONE. Creating tag swapped OpenSSOAgentBootstrap.properties file for instance Agent_001 ...DONE. Configure /opt/bea/user_projects/domains/base_domain/setAgentEnv_AdminServer.sh ...DONE. Configure /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent /config/OpenSSOAgentBootstrap.properties ...DONE. Creating the Agent Profile WebLogicAgent ...DONE. SUMMARY OF AGENT INSTALLATION ----------------------------- Agent instance name: Agent_001 Agent Bootstrap file location: /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent /Agent_001/config/OpenSSOAgentBootstrap.properties Agent Configuration file location /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent /Agent_001/config/OpenSSOAgentConfiguration.properties Agent Audit directory location: /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent/Agent_001/install-logs/audit Agent Debug directory location: /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent/Agent_001/install-logs/debug Install log file location: /opt/agents/weblogic10/j2ee_agents/weblogic_v10_agent/install-logs/audit/custom.log Thank you for using Sun OpenSSO Enterprise Policy Agent 3.0.
Agent instance directory.The installation program creates the following directory for each agent instance:
PolicyAgent-base/Agent_nnn
where nnn identifies the agent instance as Agent_001, Agent_002, and so on for each additional agent instance.
Each agent instance directory contains the following subdirectories:
/config contains the configuration files for the agent instance, including OpenSSOAgentBootstrap.properties and OpenSSOAgentConfiguration.properties.
/install-logs contains the following subdirectories:
/audit contains local audit trail for the agent instance.
/debug contains the debug files for the agent instance when the agent runs in debug mode.
Installing the Agent on Multiple WebLogic Server/Portal 10 Instances on the Same Domain
Installing the Agent on a Different WebLogic Server/Portal 10 Domain
If the agent is installed on a particular domain, you can install the agent on more than one WebLogic Server/Portal 10 instance associated with the same domain by running the agentadmin program again with the -custom-install option. When you are prompted to enter the startup script location and WebLogic Server instance name, enter values for the new instance, so the agent can distinguish between the various instances.
After the agent is installed for a specific WebLogic Server/Portal 10 domain, you cannot use the same agent binary files on the same server for a different domain. If you attempt to use previously installed agent binary files on the same server but on a different domain, the installation will fail. The agent associates a specific set of agent binary files with a particular domain on WebLogic Server/Portal 10.
To install the agent on a different domain, copy the agent distribution file (weblogic_v10_agent_3.zip) to a different location before you install the agent on the second domain.