To Install Web Policy Agent 1

Before You Begin

Due to a known problem with this version of the Web Policy Agent, you must start an X-display session on the server host using a program such as Reflections X or VNC, even though you use the command-line installer. For more information about this known problem, see http://docs.sun.com/app/docs/doc/819-2796/6n52flfoq?a=view#adtcd.

1. As a root user, log into to host ProtectedResource–1.

2. Download the Java System Web Policy Agents 2.2 package from the following website:

   http://www.sun.com/download

3. Unpack the downloaded package.

   In this example, the package was downloaded into the directory /temp.

   # cd /temp # gunzip sun-one-policy-agent-2.2-es6-solaris_sparc.tar.gz # tar —xvof sun-one-policy-agent-2.2-es6-solaris_sparc.tar

4. Start the Web Policy Agents installer.

   # ./setup -nodisplay

5. When prompted, provide the following information:

   When you are ready, press Enter to continue. <Press ENTER to Continue>	Press Enter.
   Press ENTER to display the Sun Software License Agreement	Press Enter.
   Have you read, and do you accept, all of the terms of the preceding Software License Agreement [no] y	Enter y.
   Install the Sun Java(tm) System Access Manager Policy Agent in this directory [/opt] :	Accept the default value.
   Enter information about the server instance this agent will protect. Host Name [ProtectedResource-2.example.com]:	Accept the default value.
   Web Server Instance Directory []:	Enter   /opt/SUNWwbsvr/ https-ProtectedResource-1.example.com
   Web Server Port [80]: :	Enter 1080.
   Web Server Protocol [http]	Accept the default value.
   Agent Deployment URI [/amagent]:	Accept the default value.
   Enter the Sun Java(tm) System Access Manager Information for this Agent. Primary Server Host [ProtectedResource-2.example.com] :	For this example, enter the external-facing load balancer host name. Example: LoadBalancer-3.example.com
   Primary Server Port [1080]	Enter the load balancer HTTP port number. For this example, enter 90.
   Primary Server Protocol [http]:	Accept the default value.
   Primary Server Deployment URI [/amserver]:	Accept the default value.
   Primary Console Deployment URI [/amconsole] :	Accept the default value.
   Failover Server Host [] :	Accept the default value.
   Agent-Access Manager Shared Secret:	Enter the amldapuser password that was entered when Access Manager was installed. For this example, enter 4mld4puser .
   Re-enter Shared Secret:	Enter the 4mld4puser password again to confirm it.
   CDSSO Enabled [false]:	Accept the default value.
   Press "Enter" when you are ready to continue.	First, see the next (Optional) numbered step. When you are ready to start installation, press Enter.

6. (Optional) During installation, you can monitor the log to watch for installation errors. Example:

   # cd /var/sadm/install/logs # tail —f var/sadm/install/logs/ Sun_Java_tm__System_Access_Manager_Policy_Agent_install.Bxxxxxxxx

7. Modify the AMAgent.properties file.

   # cd /etc/opt/SUNWam/agents/es6/ config/_opt_SUNWwbsvr_https-ProtectedResource-1.example.com

   Make a backup of AMAgent.properties before setting the following property:

   com.sun.am.policy.am.login.url = https://LoadBalancer-4.example.com:9443/distAuth/UI/Login?realm=users

8. Restart the Web Server.

   # cd /opt/SUNWwbsvr/https-ProtectedResource-1.example.com # ./stop; ./start

   Examine the Web Server log for startup errors.

   # /opt/SUNWwbsvr/https-ProtectedResource-1.example.com/logs # vi errors