CR# 6564877: Access Manager 7 patch installation overwrites SAML v2 files

If the SAML v2 plug-in is installed and you install a new SAML v2 plug-in patch or Access Manager 7 patch, the patch installation overwrites the existing SAML v2 related files, and you must reconfigure your SAML v2 deployment.

Workaround: Run the saml2setup installer with the update option to update a previously configured staging directory with new files from a patch installation directory and to regenerate a modified WAR file for redeployment. The update option prevents the unconfigure and configure routine, which removes your existing SAML v2 files.

Note: The saml2setup installer with the update option is available in the SAML v2 Plug-in for Federation Services patch 1 or later. Therefore, you must add the SAML v2 plug-in patch 1 or later to use this option. Although the update option was first available in patch 1, Oracle recommends that you always install the latest patch. The patch IDs are:

• Solaris SPARC systems: 122983

• Solaris x86 systems: 122984

• Linux: 122985

To use the saml2setup installer with the update option, follow these steps:

1. Install the new Access Manager or SAML v2 patch.

2. If you installed an Access Manager patch in Step 1:

   1. Run amconfig to generate a new amserver.war.

   2. Update the SAML v2 staging directory with the new amserver.war.

   3. Reapply any necessary customizations for your deployment.

3. Run the saml2setup installer with the update option as follows:

   saml2setup update -s installation-configuration-properties-file

4. Redeploy the modified WAR file.

5. Restart the Access Manager or Federation Manager web container.

6. Do any postinstallation tasks required for the Access Manager or Federation Manager instance.

For information about the saml2setup installer, see Chapter 2, Installing the SAML v2 Plug-in for Federation Services, in Sun Java System SAML v2 Plug-in for Federation Services User’s Guide.