Chapter 4 Installing Portal Server 7.1 on Web Containers

This chapter explains how to install Portal Server 7.1 on Sun Java System Web Server and Sun Java System Application Server on different scenarios, such as SSL installation and non-root installation. This chapter also explains how to install Portal Server on IBM WebSphere and BEA WebLogic. This chapter includes the following sections:

• Installing Portal Server 7.1 on Web Server 7.0

• Installing Portal Server 7.1 on Application Server 8.2

• Installing Portal Server 7.1 on BEA WebLogic 8.1

• Installing Portal Server 7.1 on an IBM WebSphere Server 5.1.1.6

Installing Portal Server 7.1 on Web Server 7.0

This section contains the following Portal Server 7.1 installation procedures on Web Server 7.0:

• Default installation

• SSL installation and post installation

• Configuring Portal Server 7.1 on 64–bit Web Server 7.0 instance

• Installing Portal Server 7.1 as a non-root user

Installing Portal Server on Sun Java System Web Server

Portal Server can be installed on Sun Java System Web Server using the Java ES installer. Sun Java System Web Server can be selected as component to install. Later you can select Sun Java System Web Server as the web container to install Portal Server using the Java ES installer.

For more information on the default installation procedure, see Chapter 1, Installing Sun Java System Portal Server 7.1.

Installing Portal Server on Sun Java System Web Server 7.0 in the SSL Mode

The secure socket layer (SSL) mode enables a user to access Portal Server using the https protocol. The https protocol ensures secured communication between the user and Portal Server. In this scenario, you need to create a secured Web Server instance. After creating a secured Web Server instance, you direct the Portal Server web container to the secured Web Server instance.

This section describes following procedures:

• Create a new configuration instance

• Create a request certificate

• Generate a server certificate

• Add the Server Certificate to the Certificate Database

• Add root ca to the Certificate Database

• Enable SSL on the Listener

To Create a New Configuration Instance

Before You Begin

Install Web Server 7.0 on Node 1.

1. Log in to the Web Server 7.0 administrator console.

   https://node1.domain-name:8989

2. Select New Configuration under the Configuration Tasks option.

3. Type the following values:

   • Configuration name: node1

   • Server name: node1.domain-name

   • Hosts: node1.domain-name

   • Server user: root

   • Port: 8200

4. Move the node from the Available list box to the Selected list box.

5. Click Finish.

6. Start the server configuration and access it.

   http://node1.domain-name:8200

To Create a Request Certificate

1. Run the following command.

   WebServer_base/SUNWwbsvr7/bin/wadm create-cert-request --user=admin --host=node1.domain-name --port=8989 --echo=true --rcfile=rcfile --config=node1 --token=internal --server-name=node1.domain-name --org=org --locality=locality --state=state --country=country

2. Type the token values.

   • Pin: password

   • Administrator user password: password

   The request certificate is created.

3. Send the request certificate to the Certificate Authority for approval.

To Add the Server Certificate to the Certificate Database

1. Add the Server Certificate, servercert, to the certificate database.

   WebServer_base/SUNWwbsvr7/bin/wadm install-cert --user=admin --password-file=password --host=node1.domain-name --port=8989 --ssl=true --rcfile=rcfile1 --echo=true --token=internal --config=node1 --cert-type=server --file-on-server=true --nickname=servercert WebServer_base/SUNWwbsvr7/bin/servercert

2. Type the token values.

   • Pin: password

   • Administrator user password: password

To Add the Root CA Certificate to the Certificate Database

1. Add the root ca certificate to the database.

   WebServer_base/SUNWwbsvr7/bin/wadm install-cert --user=admin --password-file=ps --host=node1.domain-name --port=8989 --ssl=true --rcfile=rcfile1 --echo=true --token=internal --config=node1 --cert-type=ca --file-on-server=true --nickname=rootca root-CA-file-path

2. Type the token values.

   • Pin: password

   • Administrator user password: password

3. Restart the server configuration.

To Enable SSL on the Listener

1. Access the Web Server 7.0 administrator console.

   https://node1.domain-name:8989

2. Select New Configuration on the Tasks page.

3. Select Edit Configuration.

4. Select Virtual Servers.

5. Select http-listener1.

6. Click the Security tab.

7. Select Security option.

8. Click Apply and Close.

9. Click the Deploy button.

10. Restart the servers.

    WebServer_base/SUNWwbsvr7/bin/stopserv WebServer_base/SUNWwbsvr7/bin/startserv

11. Verify the SSL instance by accessing the following URL.

    https://node1.domain-name:8200

Configuring Portal Server 7.1 on a 64–bit Web Server 7.0 Instance

Portal Server 7.1 supports 64–bit Web Server 7.0 on the following platforms:

• Solaris 10 SPARC

• Solaris 9 SPARC

• Solaris 10 amd64 (Opteron based systems)

While you install Portal Server using the Java ES installer, it is installed in the 32–bit mode. If you need to install Portal Server in 64–bit mode, you need to install it in two sessions:

• In the first session, you need to install the components, such as Web Server 7.0, Directory Server, and Access Manager.

• In the second session, you need to install Portal Server and configure it to support 64–bit mode.

To Configure Portal Server 7.1 on a 64–bit Web Server 7.0 Instance

1. Install Web Server 7.0, Directory Server, and Access Manager using the Java ES installer.

2. Start the Directory Server instance.

3. Ensure that the Web Server 7.0 administrator server is running.

   https://node1.domain-name:8989

4. Ensure that the Web Server instance is running.

   http://node1.domain-name:80

5. Configure Web Server to support 64–bit mode.

   WebServer_base/SUNWwbsvr7/bin/wadm set-config-prop --user=admin --port=8989 --password-file=passfile -config=host_name platform=64 WebServer_base/bin/wadm set-thread-pool-prop -user=admin --port=8989 --password-file=passfile -config=host_name stack-size=261144 WebServer_base/bin/wadm deploy-config -user=admin --password-file=passfile -port=8989 --restart=true host_name

6. Ensure that the web container instance and administrator server are running.

   https://node1.domain-name:8989

   http://node1.domain-name:80

7. Install Portal Server 7.1 in the Configure Now mode using the Java ES installer.

Switching Portal Server Installation From 64–bit Mode to 32–bit Mode

If you have installed Portal Server in 64–bit mode, you can use the following procedure to convert Portal Server to support 32–bit mode. After configuring Portal Server to support 32–bit mode, you need to manually configure the search server.

To Switch Portal Server Installation From 64–bit Mode to 32–bit Mode

1. Start the Directory Server instance.

2. Ensure that the Web Server administrator server is running.

3. Ensure that Web Server instance is running.

4. Configure Web Server to support 32–bit mode.

   WebServer_base/SUNWwbsvr7/bin/wadm set-config-prop --user=admin --port=8989 --password-file=passfile --config=host_name platform=32 WebServer_base/bin/wadm set-jvm-prop --user=admin --port=8989 --password-file=passfile --config=host_name ative-library-path-prefix="/PortalServer_base/SUNWportal/lib

5. Remove all compiled JSPs for the Portal desktop.

   rm -rf /var/opt/SUNWportal/portals/PORTAL_ID/desktop/compiled/_jsps/*

   WebServer_base/bin/wadm deploy-config --user=admin --password-file= passfile --port=8989 --restart=true host_name

6. Stop and start the Web Server instance.

To Configure the Search Setup from 64–bit Mode to 32–bit Mode

1. Go to the Search Server directory.

   cd /var/opt/SUNWportal/searchservers/searchserver_name/db

2. Remove the unwanted files.

   rm -rf _*

3. Edit the search.conf file.

   vi /var/opt/SUNWportal/searchservers/search1/config/search.conf

4. Set the search-platform property to 32.

5. Stop and start the Web Server instance.

Switching Portal Server Installation From 32–bit Mode to 64–bit Mode

If you have installed Portal Server in 32–bit mode, then you can use the following procedure to convert Portal Server to support 64–bit mode. After configuring Portal Server to support 64–bit mode, you need to manually configure the search server.

To Switch Portal Server Installation From 32–bit Mode to 64–bit Mode

1. Start the Directory Server instance.

2. Ensure that the Web Server 7.0 administrator server is running.

3. Ensure that Web Server instance is running.

   WebServer_base/SUNWwbsvr7/bin/wadm set-config-prop --user=admin --port=8989 --password-file=passfile --config=host_name platform=64 WebServer_base/SUNWwbsvr7/bin/wadm set-thread-pool-prop --user=admin --port=8989 --password-file=passfile --config=host_name stack-size=261144 WebServer_base/SUNWwbsvr7/bin/wadm set-jvm-prop --user=admin --port=8989 --password-file=passfile --config= host_name native-library-path-prefix= "/PortalServer_base/SUNWportal/lib/sparcv9" (amd64 for x86) WebServer_base/SUNWwbsvr7/bin/wadm delete-jvm-options --user=admin --port=8989 --password-file=passfile --config= host_name "-Xms512M -Xmx768M -Xss128k" WebServer_base/SUNWwbsvr7/bin/wadm create-jvm-options --user=admin --port=8989 --password-file=passfile --config= host_name "-Xms512M -Xmx768M -Xss512k"

4. Remove all compiled JSPs for the Portal desktop.

   rm -rf /var/PortalServer_base/SUNWportal/portals/PORTAL_ID/desktop/compiled/_jsps/*

   WebServer_base/SUNWwbsvr7/bin/wadm deploy-config --user=admin --password-file= passfile --port=8989 --restart=true host_name

To Switch the Search Setup From 32–bit Mode to 64–bit Mode

1. Go to the Search Server directory and delete the unwanted files.

   cd /var/SUNWportal/searchservers/searchserver_name/db rm -rf _*

2. Edit the search.conf file.

   vi /var/opt/SUNWportal/searchservers/search1/config/search.conf

3. Set the search-platform property to 64.

4. Stop and start the Web Server instance.

Installing Portal Server 7.1 as a Non-Root User

If you do not have administrator privileges for the machine where you install Portal Server, use the following procedure to install Portal Server.

To Install Portal Server 7.1 as a Non-Root User

1. Install the Directory Server using the Java ES installer.

   During installation, provide the username and group information whenever prompted.

2. As the non-root user, start Directory Server and verify whether it is running.

   ps -aef | grep slapd

3. Install web container as the non-root user using the Java ES installer.

4. Install Access Manager.

   For more information on installation steps, see the Technical Note: Installing Access Manager to Run as a Non-Root User.

5. Install Portal Server in the Configure Later mode.

6. During installation, provide the non-root user information whenever prompted.

7. Change the ownership and access rights of SUNWportal to the User ID and Group of the non-root user.

   chown -R Userid:Group /PortalServer_base/SUNWportal chown -R Userid:Group /etc/SUNWportal chown -R Userid:Group /var/SUNWportal chmod -R 755 /PortalServer_base/SUNWportal chmod -R 755 /etc/SUNWportal chmod -R 755 /var/SUNWportal

8. Restart the web container.

To Create a New Portal Server Instance as a Non-Root User

1. Create a web container instance as a non-root user.

2. Telnet as a non-root user and run the psadmin create-instance command.

3. Telnet as the root user and run the chown -R psuser:portal /var/opt/SUNWportal/portals/myPortal/ command.

4. Telnet as a non-root user and restart the web container instance.

To Create a New Search Server in Web Server Non-Root Install

1. Create a Web Server instance using the Web Server 7.0 administration console as a non—root user.

2. Create a search server.

3. Log in as a root user into the machine and change the search server instance.

   chown -R nonrootuser.nonroot /var/opt/SUNWportal/searchservers/search-server-id

   For the Linux platform, use the following command: chown -R nonrootuser.nonroot /var/opt/sun/portal/searchservers/search-server-id.

4. Change permissions of the search instance.

   chmod -R og+rX /var/opt/SUNWportal/searchservers/search-server-id

   For the Linux platform, use the following command: chmod -R og+rX /var/opt/sun/portal/searchservers/search-server-id

5. Restart Web Server as the non-root user.

Installing Portal Server 7.1 on Application Server 8.2

This section explains how to install Portal Server as Application Server 8.2 as the web container.

Default Installation

You can install Portal Server with Application Server as the web container. You need to select Application Server as a component to install in the Java ES installer, and later select Application Server as the web container for Portal Server. For more information on default installation, see the “To Install the Portal Server Software” in Chapter 1, Installing Sun Java System Portal Server 7.1.

SSL Installation on an Application Server Instance

You can install Portal Server in SSL mode which ensures a secure communication. You need to create a SSL-enabled instance of Application Server. You can install Portal Server using the Java ES installer, and point to the instance of the Application Server as the web container.

To Create an Application Server Instance on SSL Mode

1. Install Application Server and Directory Server using the Java ES installer.

2. Add valid certificates to the Application Server.

   The certificate database is available in the /var/SUNWappserver/domains/domain1/config directory. The database files are key3.db and cert8.db.

3. Change to the config directory.

   cd /var/SUNWappserver/domains/domain1/config

4. Create a password file, password, and specify the password.

5. Create a certificate signing request.

   certutil -R -s "CN=node1.domain-name,OU=People,O=Portal, L=location,ST=state,C=country" -o certreq.pem -g 512 -d /var/SUNWappserver/domains/domain1/config -f password -a

   This command creates a certificate request in the certreq.pem file. The certutil utility is located in the /usr/sfw/bin directory.

   1. Send this certificate request to a Certificate Management Server (CMS) for approval.

   2. After the certificate is approved, paste the contents of the approved certificate in a flat file on the Application Server machine. For example, the servercert.pem file.

   3. Add this certificate to the database.

   4. Change to the config directory of the Application Server.

      cd /var/ApplicationServer_base/SUNWappserver/domains/domain1/config

      ---

      Note –

      The servercert.pem file is also in the config directory.

      ---

   5. Run the command:

      certutil -A -n servercert -t "u,u,u" -d ApplicationServer_base/SUNWappserver/domains/domain1/config -a -i servercert.pem -f password

   6. Add root ca to the database.

      certutil -A -n rootca -t "TCu,TCu,TCuw" -d ApplicationServer_base/SUNWappserver/domains/domain1/config -a -i path_to_root_ca -f password

6. Log in to administrator console of the Application Server.

   https://host.domain-name:4849

7. Select Configuration -> server-config -> HTTP Service -> HTTP Listeners -> http-listener-2.

   Perform the following tasks:

   • Verify whether the security is enabled.

   • Verify whether the certificate nickname is servercert.

   • Enable SSL3.

   • Enable Transport Layer Security (TLS).

   • Select the All Cipher suites checkbox.

8. Restart the Application Server.

   Because the Application Server is SSL enabled, you start the Java ES installer, Portal Server will not communicate with Application Server. You need to install root ca in the Java Development Kit (JDK) keystore of the hostname.

9. Install root ca in the JDK keystore of the hostname.

   cd /usr/jdk/entsys-j2se/jre/lib/security /usr/jdk/entsys-j2se/jre/bin/keytool -keystore cacerts -keyalg RSA -import -trustcacerts -alias hostname -storepass store-password -file root-ca-CA

10. Invoke the Java ES installer and select Access Manager and Portal Server.

11. Specify valid protocol and port values wherever prompted.

To Install Portal Server on a Non-Default Application Server 8.2 Instance

If you install Portal Server on Application Server using the Java ES installer, Portal Server is installed on a default instance of the Application Server on port 8080. This procedure describes to create a non-default Application Server instance and install Portal Server on it.

1. Run the Java ES installer to install Directory Server and Application Server.

2. Start Directory Server and Application Server.

3. Create a node agent, nodeagent.

   ApplicationServer_base/SUNWappserver/bin/asadmin start-node-agent --user admin --password password --savemasterpassword=true nodeagent

4. Start the node agent.

   ApplicationServer_base/SUNWappserver/bin/asadmin start-node-agent --user admin --password password nodeagent

5. Create the server instance server-instance on port 38080.

   ApplicationServer_base/SUNWappserver/bin/asadmin create-instance --user admin --password password --node agent=nodeagent --port=38080 server-instance

6. Start the server instance.

   ApplicationServer_base/SUNWappserver/bin/asadmin start-instance --user admin --password password server-instance

7. Start the Java ES installer and install Access Manager and Portal Server in the Configure Later mode.

8. Modify the amsamplesilent file and configure Access Manager.

   On Solaris platform, the amsamplesilent file is located at the AccessManager_base/SUNWam/bin directory. In Linux, the file is located at the AccessManager_base/SUN/identity/bin directory.

9. Run the amconfig command.

   See Appendix for more details on the amconfig file.

10. Restart the server instance.

11. Access the administrator console of the Access Manager.

    http://host.domain-name:38080/amconsole

12. Modify the example14.xml file.

    See Appendix for more details on the example14.xml file.

13. Configure the common agent container.

    PortalServer_base/SUNWportal/bin/psconfig --config example14.xml

14. Restart Directory Server, Access Manager, Application Server, and Portal Server.

To Convert Portal Server to the Secure Mode on Application Server 8.2

If you have already installed Directory Server, Access Manager, Web Server, and Portal Server on Application Server 8.2, use this procedure to convert Portal Server installation to the secure mode. In the Secure mode, the communication between the user and Portal Server is through the https protocol.

1. Install Directory Server, Access Manager, Web Server, Portal Server, and Application Server 8.2.

2. Create a password file password and specify the password that has been provided for Application Server.

3. Create a certificate signing request.

   certutil -R -s "CN=HOSTNAME.domain-name,OU=People,O=Portal,L=Location,ST=State,C=Country" -o certreq.pem -g 512 -d /var/opt/SUNWappserver/domains/domain1/config -f password -a

   This command creates a certificate request in the certreq.pem file. The certutil file is present in the /usr/sfw/bin directory.

4. Send the certificate signing request to the CMS.

5. Paste the contents of the approved certificate in an empty file on the Application Server machine.

   For example, the file name is servercert.pem.

6. Add this certificate in the database.

   1. Change to the config directory of Application Server.

      cd /var/opt/SUNWappserver/domains/domain1/config

   2. Run the command the following.

      certutil -A -n servercert -t "u,u,u" -d /var/opt/SUNWappserver/domains/domain1/config -a -i servercert.pem -f password

7. Add the CMS root ca to the database.

   certutil -A -n rootca -t "TCu,TCu,TCuw" -d /var/opt/SUNWappserver/domains/domain1/config -a -i path-to-cert -f password

8. Log in to the administrator console of Application Server.

   https://hostname.domain-name:4849

9. Click Configurations -> server-config -> HTTP Service -> HTTP Listeners -> http-listener-2.

   Perform the following tasks:

   • Verify whether the security is enabled.

   • Verify whether the certificate nickname is servercert.

   • Enable SSL3.

   • Enable TLS.

   • Select Cipher Suites option.

10. Restart the Application Server.

11. Log in to the Access Manager administrator console.

    http://host.domain-name:8080/amconsole

    1. Change success URLs to https://host.domain-name:8181/portal.

    2. In the Service Configuration, change the platform server list from https://host:8080|01 to http://host:8181|01.

12. Open the AMConfig.properties file.

    The AMConfig.properties file is located in the AccessManager_base/SUNWam/lib directory.

13. Change com.iplanet.am.server.protocol to https. Add com.sun.identity.liberty.authnsvc.url= https://host.domain-name:8181/amserver/Liberty/authnsvc.

    com.iplanet.am.server.protocol=https com.iplanet.am.server.host=host.domain-name com.iplanet.am.server.port=8181 com.iplanet.am.console.protocol=https com.iplanet.am.console.host=host.domain-name com.iplanet.am.console.port=8181 com.iplanet.am.profile.host=host.domain-name com.iplanet.am.profile.port=8181 com.iplanet.am.naming.url=https://host.domain-name:8181 /amserver/namingservice com.iplanet.am.notification.url=https://host.domain-name:8181 /amserver/notificationservice com.sun.identity.liberty.interaction.wspRedirectHandler= https://host.domain-name:8181/amserver/WSPRedirectHandler com.sun.identity.loginurl=https://host.domain-name:8181 /amserver/UI/Login com.sun.identity.liberty.authnsvc.url= https://host.domain-name:8181/amserver/Liberty/authnsvc

14. Restart Directory Server, Access Manager, Application Server, and Portal Server.

Installing Portal Server 7.1 on BEA WebLogic 8.1

If you want to install Portal Server on BEA WebLogic, you need to install the components in different session.

• Install Directory Server and Application Server or Web Server using the Java ES Installer in the Configure Now mode.

• Install Access Manager using the Java ES installer in the Configure Later mode.

• Install Portal Server using the Java ES installer in the Configure Now or Configure Later mode

---

Note –

Portal Server administration console does not work with WebLogic.

---

Installing Portal Server on BEA WebLogic 8.1

To Install BEA WebLogic 8.1, Directory Server, and Access Manager

1. Install BEA WebLogic 8.1.

2. Create the WebLogic domain and start the administrator server.

   /usr/local/bea/user_projects/domains/domain1/startWebLogic.sh

3. Access the administrator server of BEA WebLogic.

   http://host.domain-name:7001

4. Install Directory Server, Java DB 10. 2 and Web Server using the Java ES installer in the Configure Now mode.

5. Start Directory Server instance.

To Install Access Manager on a WebLogic Administrator Server

1. Install Access Manager in the Configure Later mode using the Java ES installer.

   1. Customize the amsamplesilent file.

      The amsamplesilent file is located in the following directories:

      • Solaris: /AccessManager_base/SUNWam/bin

      • Linux: /AccessManager_base/sun/identity/bin

      Set the values in the amasamplesilent file as follows:

      • DEPLOY_LEVEL = 1

      • SERVER_NAME =AM_HOSTNAME without FQDN

      • SERVER_HOST = $SERVER_NAME.domain-name

      • SERVER_PORT = 7001

      • ADMIN_PORT = 7001

      • DS_HOST =DS_HOSTNAME with FQDN

      • DS_DIRMGRPASSWD = Directory Manager Password

      • ROOT_SUFFIX = root suffix of Access Manager

      • ADMINPASSWD = AM_PASSWORD

      • AMLDAPUSERPASSWD = LDAP_PASSWORD

      • COOKIE_DOMAIN =.domain-name

      • AM_ENC_PWD =any string of 12 characters

      • NEW_OWNER = root

      • NEW_GROUP = other (root for the Solaris 10 release and linux and other for the Solaris 9 release)

      • PAM_SERVICE_NAME = other

      • WEB_CONTAINER = WL8

      • BASEDIR =Access Manager install directory

      • AM_REALM = disabled

      • WL8_HOME =WebLogic Install Directory., for example, /usr/local/bea.

      • WL8_PROJECT_DIR = user_projects

      • WL8_DOMAIN = Domain name., for example, mydomain)

      • WL8_CONFIG_LOCATION = $WL8_HOME/$WL8_PROJECT_DIR/domains

      • WL8_SERVER =Instance name. For example, myserver

      • WL8_PROTOCOL = $SERVER_PROTOCOL

      • WL8_HOST = $SERVER_HOST

      • WL8_PORT = $SERVER_PORT

      • WL8_SSLPORT = $ADMIN_PORT

      • WL8_ADMIN =Administrator name of WebLogic. For example, weblogic.

      • WL8_PASSWORD =WebLogic administrator password.

      • WL8_JDK_HOME = $WL8_HOME/jdk142_05 for 8.1 sp4 or $WL8_HOME/jdk/142_08 for 8.1sp5

   2. Run the AccessManager_base/bin/amconfig -s amsamplesilent script.

      The amsamplesilent file is located in the following directories:

      • Solaris: /AccessManager_base/SUNWam/bin

      • Linux: /AccessManager_base/sun/identity/bin

   3. Edit the startweblogic.sh and startManagedweblogic.sh scripts and add the following to the classpath: /opt/SUNWjavadb/lib/derbyclient.jar.

      For Linux, the derbyclient.jar file is located at the /opt/sun/javadb/lib directory.

   4. In the startweblogic.sh and startManagedweblogic.sh scripts, remove the following classpaths: AccessManager_base/SUNWam/lib/jaxrpc_1.0/jaxrpc-api.jar and AccessManager_base/SUNWam/lib/jaxrpc_1.0/jarpc-ri.jar.

   5. In the startweblogic.sh and startManagedweblogic.sh scripts, add the following classpaths: AccessManager_base/SUNWam/lib/jaxrpc-api.jar, AccessManager_base/SUNWam/lib/jaxrpc-impl.jar, and AccessManager_base/SUNWam/lib/jaxrpc-spi.jar.

   6. (Optional) For Linux, remove the following classpaths: AccessManager_base/identity/lib/jaxrpc_1.0/jaxrpc-api.jar and AccessManager_base/identity/lib/jaxrpc_1.0/jarpc-ri.jar from the startweblogic.sh and startManagedweblogic.sh scripts.

   7. For Linux, add the following classpaths: AccessManager_base/identity/lib/jaxrpc-api.jar, AccessManager_base/identity/lib/jaxrpc-impl.jar, and AccessManager_base/identity/lib/jaxrpc-spi.jar

2. Restart WebLogic and access the following URL.

   http://host.domain-name:7001/amconsole

To Install Portal Server on a WebLogic Administrator Server in the Configure Now Mode

1. Install Portal Server in the Configure Now mode using the Java ES installer.

2. Choose WebLogic as the web container for Portal Server.

   ---

   Note –

   In the Portal Server web container panel, ensure that the Managed Server option is not selected. Also, ensure that both the administrator and server ports are 7001.

   ---

3. Restart WebLogic server after the successful installation of Portal Server.

Post Installation Steps

1. Access the WebLogic administrator console.

   http://hostname.domain-name:7001/console

2. Deploy the portal web applications.

3. Deploy the portal.war, communityportlets.war, search.war, and the remaining web applications.

4. Restart the WebLogic server.

To Install Portal Server on a WebLogic Administrator Server in the Configure Later Mode

1. Install Portal Server in the Configure Later mode using the Java ES installer.

2. Complete the Portal Server installation.

3. Change the example files based on the requirements.

   ---

   Note –

   You can use the example15.xml file to configure Portal Server and search server on WebLogic. In the example15.xml file, make sure both the Port and web container administrator port are set to 7001 and web container managed server is set to false.

   ---

4. Configure the common agent container.

   PortalServer_base/bin/psconfig --config example15.xml

   The psconfig utility is located in the PortalServer_base/SUNWportal/bin directory on the Solaris platform. For Linux, it is in the /PortalServer_base/sunportal/bin directory.

   The example files are located in the PortalServer_base/samples/psconfig directory for the Solaris platform and PortalServer_base/samples/psconfig directory for Linux.

Post-Installation Steps

1. Access the WebLogic administrator console.

   http://hostname.domain-name:7001/console

2. Deploy the portal web applications.

3. Deploy portal.war, communityportlets.war, search.war, and the remaining web applications.

4. Restart the WebLogic server.

Installing Portal Server 7.1 on a BEA WebLogic 8.1 Managed Server

You can create a managed server in WebLogic and use the managed server as the web container of Portal Server. You can install Access Manager on a managed server or administrator server of WebLogic.

To install Portal Server on a managed server of WebLogic, you need to:

• Create a managed server.

• Install Portal Server on the managed server in the Configure Now or Configure Later mode.

To Install Portal Server on a WebLogic Managed Server

Before You Begin

Install Access Manager on the administrator server of WebLogic 8.1.

1. Start the WebLogic administrator server.

2. Add the IP address of the machine, which has the administrator server of the domain in the BEAWebLogic_base/weblogic81/common/nodemanager/nodemanager.hosts file.

   By default, the nodemanager.hosts file is located at the WebLogic_base/usr/local/bea directory.

3. Start the WebLogic node manager with the IP address of the host as the first argument and the port number on which you want the node manager to run as the second argument.

   For example, WebLogic_base/weblogic81/server/bin/startNodeManager.sh 192.192.10.12 7878

4. Log in to the WebLogic administrator console.

5. Select Machines.

6. Select Configure a New Machine.

7. Type a machine name and click Create.

8. Select the Node Manager tab.

9. Specify the IP address of the host in the listen address and specify the port on which the Node Manager is running.

10. Select Servers in the left pane to create a new managed server.

11. Select Configure a New Server.

12. Specify the server name and machine name and specify the listen port of the managed server.

13. Start the managed server from the WebLogic administration console.

To Install Portal Server on a Managed Server in the Configure Now Mode

Before You Begin

• Install Access Manager in the WebLogic administrator server.

• Install Directory Server.

1. Install Portal Server in the Configure Now mode using the Java ES installer.

2. Select the WebLogic container in the WebLogic container panel.

3. Specify the administrator port as 7001 and the server port as the port of the managed server instance.

4. Select Managed Server option.

5. Restart WebLogic server after the successful installation of Portal Server.

To Install Portal Server on a Managed Server in the Configure Later Mode

Before You Begin

• Install Access Manager in the WebLogic administrator server.

• Install Directory Server.

1. Install Portal Server in the Configure Later mode using the Java ES installer.

2. Complete the Portal Server installation.

3. Change the example files depending on your requirements.

   For WebLogic, you can use the example15.xml file to configure Portal Server and Search Server. In the example15.xml file, ensure that the Port is set to port of the managed server, web container administrator port is set to 7001, and web container managed server is set to true.

4. Configure the common agent container.

   PortalServer_base/bin/psconfig --config example15.xml

   The psconfig utility is located in the PortalServer_base/bin directory. It is located in the PortalServer_base/SUNWportal directory. For Linux, this utility is located in the PortalServer_base/sun/portal directory. It is located in the PortalServer_base/samples/psconfig directory for Solaris. It is located in the PortalServer_base/samples/psconfig directory for Linux.

   ---

   Note –

   For more information on the appropriate sample, see the PortalServer_base/samples/psconfig/README.txt file.

   ---

5. Restart WebLogic server after the successful installation of Portal Server.

To Install Access Manager on a BEA WebLogic Managed Server

In this section, you install Access Manager on a managed server of BEA WebLogic.

1. Install BEA WebLogic 8.1 using the installer.

2. Create WebLogic domain and start administrator server.

   /usr/local/bea/user_projects/domains/domain1/startWebLogic.sh

3. Access the administrator server of BEA WebLogic.

   http://host.domain-name:7001

4. Create a managed server.

5. Start the Java ES installer. Install Directory Server, Java DB 10. 2 and Web Server in the Configure Now mode.

6. Start the Directory Server instance.

7. Install Access Manager in the Configure Later mode.

8. Customize the amsamplesilent file.

   The amsamplesilent file is located in the following directories:

   • Solaris platform: /AccessManager_base/SUNWam

   • Linux platform: /AccessManager_base/sun/identity

   Set the values in the amasamplesilent file as follows:

   • DEPLOY_LEVEL = 1

   • SERVER_NAME =AM_HOSTNAME without FQDN

   • SERVER_HOST = $SERVER_NAME.domain-name

   • SERVER_PORT =MANAGED_SERVER_INSTANCE_PORT

   • ADMIN_PORT = 7001

   • DS_HOST =DS_HOSTNAME with FQDN

   • DS_DIRMGRPASSWD =Directory Manager Password

   • ROOT_SUFFIX = root suffix of Access Manager

   • ADMINPASSWD =AM_PASSWORD

   • AMLDAPUSERPASSWD =LDAP_PASSWORD

   • COOKIE_DOMAIN = .domain-name

   • AM_ENC_PWD =any string of 12 characters

   • NEW_OWNER = root

   • NEW_GROUP = other (root for the Solaris 10 release and Linux and other for the Solaris 9 release)

   • PAM_SERVICE_NAME = other

   • WEB_CONTAINER = WL8

   • BASEDIR = Access Manager install directory., for example, /opt

   • AM_REALM = disabled

   • WL8_HOME =WebLogic install directory., for example, /usr/local/bea)

   • WL8_PROJECT_DIR = user_projects

   • WL8_DOMAIN = Domain name., for example, mydomain

   • WL8_CONFIG_LOCATION = $WL8_HOME/$WL8_PROJECT_DIR/domains

   • WL8_SERVER = Instance name., for example, myserver

   • WL8_PROTOCOL = $SERVER_PROTOCOL

   • WL8_HOST = $SERVER_HOST

   • WL8_PORT = $SERVER_PORT

   • WL8_SSLPORT = $ADMIN_PORT

   • WL8_ADMIN = Administrator name of WebLogic., for example, weblogic

   • WL8_PASSWORD = WebLogic administrator password

   • WL8_JDK_HOME = $WL8_HOME/jdk142_05 for WebLogic 8.1 service pack 4 or $WL8_HOME/jdk/142_08 for WebLogic 8.1 service pack 5

9. Run the following command.

   AccessManager_base/bin/amconfig -s amsamplesilent

10. Log in to the WebLogic administrator console.

11. Deploy the Access Manager war files, such as amserver.war, ampassword.war, amconsole.war, and amcommon.war available in the AccessManager_base directory.

    1. In the scripts, remove the following classpaths: AccessManager_base/SUNWam/lib/jaxrpc_1.0/jaxrpc-api.jar and AccessManager_base/SUNWam/lib/jaxrpc_1.0/jarpc-ri.jar.

    2. In the scripts, add the following classpaths: AccessManager_base/SUNWam/lib/jaxrpc-api.jar, AccessManager_base/SUNWam/lib/jaxrpc-impl.jar, and AccessManager_base/SUNWam/lib/jaxrpc-spi.jar.

    3. (Optional) For Linux, remove the following classpaths: AccessManager_base/identity/lib/jaxrpc_1.0/jaxrpc-api.jar and AccessManager_base/identity/lib/jaxrpc_1.0/jarpc-ri.jar from the startweblogic.sh and startManagedweblogic.sh scripts.

    4. (Optional) Add the following classpaths: AccessManager_base/identity/lib/jaxrpc-api.jar, AccessManager_base/identity/lib/jaxrpc-impl.jar, and AccessManager_base/identity/lib/jaxrpc-spi.jar

12. Restart WebLogic server and access the administrator console.

    http://host.domain-name:managed-server-port/amconsole

To Install Portal Server in the Configure Now Mode on a WebLogic Managed Server Where Access Manager is Installed on a Managed Server

1. Create a managed server.

2. Install Access Manager on the managed server.

3. Set -Dcom.iplanet.am.serverMode=false in the startManagedWebLogic.sh script if the managed server instance Portal Server is different from the managed server instance of Access Manager. Otherwise, set -Dcom.iplanet.am.serverMode=true.

4. Run the /usr/local/bea/domains/mydomain/startManagedWeblogic.sh script.

5. Start the Java ES installer and install Portal Server in the Configure Now mode.

6. Choose WebLogic container in the WebLogic container panel.

7. Specify the administrator port as 7001 and the server port as the port of the managed server instance.

8. Select Managed Server option.

9. Restart WebLogic server after the installation of Portal Server.

To Install Portal Server in the Configure Later Mode on a WebLogic Managed Server Where Access Manager is Installed on a Managed Server

1. Create a managed server.

2. Install Access Manager on the managed server.

3. Install Portal Server in the Configure Later mode using the Java ES installer.

4. Change the example files based on your requirements.

   For WebLogic, you can use the example15.xml file to configure Portal Server and search server. In the example15.xml file, ensure that the Port is set to the port of the managed server, the web container administrator port is set to 7001, and the web container managed server is set to true.

5. Configure the common agent container.

   PortalServer_base/bin/psconfig --config example15.xml

   ---

   Note –

   For more information on the required sample, see the PortalServer_base/samples/psconfig/README.txt file.

   ---

6. Restart WebLogic server after the successful installation of Portal Server.

To Install psconsole on Web Server 7.0

The psconsole of Portal Server can be installed only on Web Server or Application server. If you install Portal Server on any of the compatible web containers, such as BEA WebLogic or IBM WebSphere, you need to install psconsole on Web Server or Application Server.

1. Start the Web Server 7.0 administrator server and instance.

   WebServer_base/admin-server/bin/startserver WebServer_base/https-host.domain-name:80/bin/startserv

2. Deploy the PortalServer_base/SUNWportal/admin/psconsole.war file on the Web Server 7.0 using the administrator console.

   1. Log in to the administrator console.

   2. Click the Deployment Pending link.

   3. Select Deploy.

   4. Select Configurations.

   5. Select the configuration in which the psconsole.war file is to be deployed.

   6. Click the java tab.

   7. Type /usr/lib/cacao/lib/cacao_cacao.jar to the Class Path Suffix text box and click Save.

3. Access psconsole.

   http://host.domain-name:80/psconsole

Installing Portal Server 7.1 on an IBM WebSphere Server 5.1.1.6

This section includes procedures to install Portal Server on WebSphere 5.1.1.6 in the following scenarios:

• Installing Portal Server on IBM WebSphere 5.1.1.6 Using in the Configure Now Mode

• Installing Portal Server on IBM WebSphere 5.1.1.6 Using the Configure Later Mode

• Installing psconsole on Web Server 7.0

---

Note –

Portal Server administration console (psconsole) is supported only on Sun Java System Web Server 7.0 and Sun Java System Application Server 8.2.

---

To Install Portal Server on IBM WebSphere 5.1.1.6 in the Configure Now Mode

1. Install IBM WebSphere 5.1.1.6.

2. Start the IBM WebSphere server.

3. Start the Java ES installer. Select Directory Server and Web Server 7.0, and install the components in the Configure Now mode.

4. Start the Directory Server instance.

   DirectoryServer_base/SUNWdsee/ds6/bin/dsadm start DirectoryServer_base/SUNWdsee/dsins1

5. Start the Java ES installer. Install Access Manager in the Configure Later mode.

6. Configure Access Manager on the IBM WebSphere container by modifying the following values in the amsamplesilent file.

   The amsamplesilent file is located at in the following directories:

   • Solaris platform: /AccessManager_base/SUNWam

   • Linux platform: /AccessManager_base/sun/identity

   • Default: AccessManagerSample_Location/bin

   Set values in the amasamplesilent file as follows:

   • DEPLOY_LEVEL=1

   • SERVER_NAME=AM_HOSTNAME without FQDN

   • SERVER_HOST=$SERVER_NAME.domain-name

   • SERVER_PORT=9080

   • ADMIN_PORT=9090

   • DS_HOST=DS_HOSTNAME with FQDN

   • DS_DIRMGRPASSWD=Directory Manager Password

   • ROOT_SUFFIX=root suffix of Access Manager

   • ADMINPASSWD=AM_PASSWORD

   • AMLDAPUSERPASSWD=LDAP_PASSWORD

   • COOKIE_DOMAIN=.doamin-name

   • AM_ENC_PWD=string

   • NEW_OWNER=root

   • NEW_GROUP=other (root for the Solaris 10 release and Linux and other for the Solaris 9 release)

   • PAM_SERVICE_NAME=other

   • WEB_CONTAINER=WAS5

   • BASEDIR= Directory where Access Manager is installed., for example, /AccessManager_base/SUNWam

   • AM_REALM=disabled

   • WAS51_HOME=/WebSphere_base/WebSphere/AppServer

   • WAS51_JDK_HOME=/AccessManager_base/WebSphere/AppServer/java

   • WAS51_CELL=Usually hostname without FQDN. Please check it in your install.

   • WAS51_NODE=Usually hostname without FQDN. Please check it in your install.

   • WAS51_INSTANCE=server1

   • WAS51_PROTOCOL=$SERVER_PROTOCOL

   • WAS51_HOST=$SERVER_NAME

   • WAS51_PORT=9080

   • WAS51_SSLPORT=9081

   • WAS51_ADMIN=admin

   • WAS51_ADMINPORT=9090

7. Run the amsamplesilent script.

   The amsamplesilent file is located in the following directories

   • Solaris platform: /AccessManager_base/SUNWam

   • Linux platform: /AccessManager_base/sun/identity

8. Verify if Access Manager is functioning properly.

   http://host.domain-name:9080/amconsole

9. Install Portal Server in the Configure Now mode using the Java ES installer.

10. Restart IBM WebSphere after the successful installation of the Portal Server.

11. Access the portal.

    http://host.domain-name:9080/portal

To Install Portal Server on IBM WebSphere 5.1.1.6 Using the Configure Later Mode

1. Install IBM WebSphere 5.1.1.6 server.

2. Start IBM WebSphere.

3. Install Directory Server and Web Server 7.0 in the Configure Later mode using the Java ES installer.

4. Start the Directory Server instance.

   /DirectoryServer_base/SUNWdsee/ds6/bin/dsadm start /var/DirectoryServer_base/SUNWdsee/dsins1

5. Install Access Manager in the Configure Later mode using the Java ES installer.

6. Configure Access Manager on IBM WebSphere container using the following values in the amsamplesilent file.

   The amsamplesilent file is located at:

   • Solaris: /AccessManager_base/SUNWam

   • Linux: /AccessManager_base/sun/identity

   • Default: AccessManagerSample_Location/bin

   The values in the amasamplesilent file is as follows:

   • DEPLOY_LEVEL=1

   • SERVER_NAME=AM_HOSTNAME without FQDN

   • SERVER_HOST=$SERVER_NAME.sun-name

   • SERVER_PORT=9080

   • ADMIN_PORT=9090

   • DS_HOST=DS_HOSTNAME with FQDN

   • DS_DIRMGRPASSWD=Directory Manager Password

   • ROOT_SUFFIX=root suffix of Access Manager

   • ADMINPASSWD=AM_PASSWORD

   • AMLDAPUSERPASSWD=LDAP_PASSWORD

   • COOKIE_DOMAIN=.domain-name

   • AM_ENC_PWD=any string

   • NEW_OWNER=root

   • NEW_GROUP=other (root for the Solaris 10 release and Linux and other for the Solaris 9 relesae)

   • PAM_SERVICE_NAME=other

   • WEB_CONTAINER=WAS5

   • BASEDIR=Directory where Access Manager is installed., for example: /AccessManager_base/SUNWam

   • AM_REALM=disabled

   • WAS51_HOME=/WebSphere_base/WebSphere/AppServer

   • WAS51_JDK_HOME=/WebSphere/AppServer/java

   • WAS51_CELL=Usually hostname without FQDN. Please check it in your install.

   • WAS51_NODE=Usually hostname without FQDN. Please check it in your install.

   • WAS51_INSTANCE=server1

   • WAS51_PROTOCOL=$SERVER_PROTOCOL

   • WAS51_HOST=$SERVER_NAME

   • WAS51_PORT=9080

   • WAS51_SSLPORT=9081

   • WAS51_ADMIN=admin

   • WAS51_ADMINPORT=9090

7. Run the AccessManager_base/SUNam/bin/amconfig -s AccessManager_base/SUNam/bin/amsamplesilent script.

   For Solaris, the amsamplesilent file is available in the /AccessManager_base/SUNWam directory. For Linux, it is available in the AccessManager_base/sun/identify directory.

8. Verify if Access Manager is functioning properly.

   http://host.domain-name:9080/amconsole

9. Install Portal Server in the Configure Later mode using the Java ES installer.

10. Modify the example files based on your requirements.

    For IBM WebSphere, you can use the example16.xml file.

11. Configure the common agent container.

    PortalServer_base/bin/psconfig --config example16.xml