Set the environment variables that will be required for the setup program:
# export WSHOME=/opt/SUNWappserver91/domains/domain1/applications/j2ee-modules/idm # export JAVA_HOME=/usr/java # export PATH=/usr/java/bin:$PATH |
Start an X server on your local machine, and set the DISPLAY variable on the Application Server host computer.
Run the following commands:
# cd /opt/SUNWappserver91/domains/domain1/applications/j2ee-modules/idm/bin # ./lh setup |
Select MySQL (JDBC Driver) as the Repository Type.
Enter the same password for the waveset user that you set earlier in MySQL.
Click the Next button.
Accept the default setting to setup a demo environment.
Enter information about the demo user.
In this case, enter following credentials:
demoapprover
password
In the next screen, select the option for a Notification File for the Mail Settings.
You may accept the default file or customize it.
In the next screen, click Execute.
The lh program logs the details of the execution steps in the screen. See the Example in the Sample Outputat the end of this chapter.
Click Done.
Change permissions so that Identity Manager can perform certain actions.
Add the following lines to /opt/SUNWappserver91/domains/domain1/config/server.policy:
grant { permission java.lang.RuntimePermission "accessClassInPackage.sun.io"; permission java.lang.RuntimePermission "getClassLoader"; permission java.lang.RuntimePermission "createClassLoader"; permission java.lang.RuntimePermission "accessDeclaredMembers"; permission com.waveset.repository.test.testConcurrentLocking "read"; permission java.net.SocketPermission "*", "connect,resolve"; permission java.io.FilePermission "*", "read"; permission java.util.PropertyPermission "*", "read,write"; }; grant codeBase "file:${waveset.home}/-" { permission java.util.PropertyPermission "waveset.home", "read,write"; permission java.util.PropertyPermission "security.provider", "read,write"; permission java.io.FilePermission "${waveset.home}${/} *", "read,write,execute"; permission java.io.FilePermission "${waveset.home}/help/index/-", "read,write,execute,delete"; permission java.io.FilePermission "$(java.io.tmpdir)$(/)*", "read,write,delete"; permission java.util.PropertyPermission "*", "read,write"; permission java.lang.RuntimePermission "accessClassInPackage.sun.io"; permission java.net.SocketPermission "*", "connect,resolve"; }; |
To enable Identity Manager to connect to OpenSSO Enterprise with the SunAccessManagerRealmResourceAdapter, add the two following policies:
grant { permission java.lang.RuntimePermission "shutdownHooks"; permission java.io.FilePermission "${waveset.home}/WEB-INF/spe/config/spe.tld", "read"; }; |
Restart the Application Server.
# /opt/SUNWappserver91/bin/asadmin stop-domain domain1 # /opt/SUNWappserver91/bin/asadmin start-domain domain1 |
Watch for any errors in the Application Server server.log file.
Verify that you can successfully log in to Identity Manager.
Go to the Identity Manager console at http://ApplicationServerHost:Port/idm/login.jsp
Log in using the following credentials:
configurator
configurator
To minimize security risk, it is a good practice to change the default password for this administrator.
Log out.
Log in using the following credentials:
administrator
administrator
Log out.
Log in using the following credentials:
demoapprover
password
Log out.