Installing Access Manager to Run as a Non-root User With Web Server 7.0

Follow the next procedure to install and configure Access Manager 7.1 with Sun Java System Web Server Enterprise Edition 7.0 as the web container. This procedure uses webservd as the non-root user in examples.

This procedure runs the Java ES installer twice:

1. You first run the installer with the Configure Now option to install and configure Web Server 7.0.

2. You run the installer with the Configure Later option to install Access Manager 7.1. Then you run the amconfig script to configure the Access Manager 7.1 instance.

For more information about Web Server 7.0, see the following documentation collection:

http://docs.sun.com/coll/1308.3

To Install and Configure Access Manager with Web Server 7.0 as the Web Container

Before You Begin

Consider these preliminary tasks:

• The non-roon user and group must already exist. See Creating Non-root Users.

• Directory Server must be installed and running. See Installing Sun Java System Directory Server 6.0.

1. On the server where you want to install Web Server 7.0 and Access Manager 7.1, log in as or become superuser (root).

2. As superuser (root), install Web Server 7.0 by running the Java ES installer with the Configure Now option.

   Set the installation values as required for your Web Server 7.0 deployment. The specific values that you must set for a non-root user include:

   • On the Specify Common Server Settings page, specify the non-root user (webservd) for System User and non-root group (webservd) for System Group.

   • On the Web Server: Specify Administration Server Settings page, change the Runtime User ID to the non-root user (webservd).

   • On the Web Server: Specify Instance Settings page, change the Runtime UNIX User ID to the non-root user (webservd)

3. After the Java ES installer has finished installing Web Server 7.0, login as or become the non-root user (webservd).

4. Start the Web Server 7.0 administration server and the Web Server instance using the startserv script.

   Note: In the current release, if you try to start the Web Server instance using the wadm start-instance command, the command returns an error.

   All processes should be owned by the non-root user (webservd).

5. Login as or become superuser (root) and restart the Java ES installer to install Access Manager 7.1.

   On the Choose a Configuration Type page, select the Configure Later option.

6. After the Java ES installer has finished, depending on your platform, change the ownership of the following directories from root and other to the non-root user (webservd) and non-root group (webservd):

   • Solaris systems: /opt/SUNWma and /etc/opt/SUNWma

   • Linux systems: /opt/sun/mobileaccess and /etc/opt/sun/mobileaccess

   For example, on Solaris systems:

   # chown -R webservd:webservd /opt/SUNWma /etc/opt/SUNWma

7. As superuser (root), change to the Access Manager 7.1 /bin directory, depending on your platform:

   • Solaris systems: /opt/SUNWam/bin

   • Linux systems: /opt/sun/identity/bin

8. As superuser (root), make a copy of the amsamplesilent file to use to configure Access Manager 7.1. For example:

   # cp -p amsamplesilent ws7nonroot_config

9. As superuser (root), edit the ws7nonroot_config file to configure Access Manager 7.1 with Web Server 7.0 as the web container:

   • Set the NEW_OWNER variable to the non-root user (webservd) and the NEW_GROUP variable to the non-root group (webservd).

   • Set WEB_CONTAINER=WS to specify Web Server 7.0 as the web container. For a description of other Web Server 7.0 variables, see Web Container Configuration Variables.

   • Set other Access Manager 7.1 variables, as required by your deployment. For a description of these variables, see Access Manager Configuration Variables.

10. As superuser (root), run the amconfig script with the edited ws7nonroot_config file to configure Access Manager 7.1.

    For example, on Solaris systems:

    # cd /opt/SUNWam/bin 
    # ./amconfig -s ./ws7nonroot_config

11. Access the Web Server 7.0 Administration Console in a browser and login as the Web Server administrator.

12. Select the instance on which you deployed Access Manager 7.1 and click Manage.