This task consists of the following procedures:
This procedure assumes that you are installing Portal Server SRA Gateway on Solaris 10 8/07 OS or later version. Hence, no operating system patches need to be installed. The Java ES installer evaluates the state of the operating system and indicates if you need to install a patch. If you are using versions of the operating system older than Solaris 10 8/07 OS, it is better to install any required patches before you begin the actual SRA Gateway installation procedure.
This procedure runs the installer in Configure Later mode. After installation is complete, you manually configure a Gateway instance.
The following procedure runs the Java ES installer without saving a state file. You can choose to run the installer and capture your input in a state file (-saveState state-filename). You could then use the state file to re-create the installation if, for example, you needed to reinstall SRA Gateway.
Download the Java ES software distribution to sra1.
The procedure is documented in To Download the Software Distribution.
Log in as root or become superuser.
# su -
Start the Java ES installer.
# cd /portdist_71u2/Solaris_sparc
# ./installer
This procedure uses the GUI installer. The installer can also be run in text mode by using the - nodisplay option.
The Welcome panel opens.
In the Welcome panel, click Next.
The Software License Agreement panel opens.
In the Software License Agreement Panel, review the license terms and click Yes, Accept License.
The Choose Software Components panel opens.
In the Choose Software Components panel, select the following components:
Click Next.
The Dependency Warning panel opens.
In the Dependency Warning panel, choose Use Directory Server Installed on a Remote Machine and click OK.
The installer evaluates the Java SE Software Development Kit on the computer and determines if an upgrade is required. On a fresh copy of Solaris 10 8/07 OS, an upgrade is needed, and the Java SE Software Development Kit Upgrade Required panel opens.
In the Java SE Software Development Kit Upgrade Required panel, select Automatic Upgrade to the Version Included with the Installer and click Next.
The installer evaluates the Java ES shared components on the computer and determines if any upgrades are required. On a fresh copy of the Solaris 10 8/07 OS, shared component upgrades are needed, and the Shared Components Upgrades Required panel opens.
In the Shared Components Upgrades Required panel, click Next.
The installer upgrades the shared components. The Specify Installation Directories panel opens.
In the Specify Installation Directories panel, type the following values and click Next.
Input Field |
Value |
---|---|
Portal Server Secure Remote Access |
/opt |
Access Manager |
/opt |
The System Check panel opens.
In the System Check panel, evaluate the results of the system check.
If the system check is favorable, click Next.
The Choose a Configuration Type panel opens.
In the Choose a Configuration Type panel, select Configure Later and click Next.
The Ready to Install panel opens.
In the Ready to Install panel, indicate whether you want to open the software registration window during installation.
This panel enables you to register the components that you have selected for installation with Sun Connection. Sun Connection is a Sun-hosted service that helps you track, organize, and maintain Sun hardware and software. For example, Sun Connection can inform you of the latest available security fixes, recommended updates, and feature enhancements.
If you choose to register, information about the installation is sent to the Sun Connection database. You can also register at a later date, after installation has been completed.
Click Install.
The installer copies files to the computer.
When the installation is complete, review the installation in the Summary field.
Click Exit to exit the installer.
Check the installation log files for any installation errors.
# cd /var/sadm/install/logs
# egrep -i 'fail|error' Java*
Apply the patch to Portal Server 7.1 Update 2.
The following patch to Portal Server 7.1 Update 2 is needed for the Gateway service to interact with Portal Server through a firewall:
Solaris SPARC: 124301–10
Solaris x86: 124302–10
Linux: 124303–10
The patch revision number (10) is the minimum required for this upgrade. If newer revisions become available, use the newer revisions instead of the preceding patch revisions.
Access the SunSolveSM web site:
http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/patch-access
Search for the patch ID.
Download the patch to /working-directory.
Apply the patch.
# patchadd /working-directory/patch-ID
The patchadd command will instruct you to run psupdate -a, but you can safely skip this step.
Confirm that the patch upgrade was successful.
# showrev —p | grep patch-ID
The output should return the version of the patch ID that was applied in Step 18d.
Because Access Manager SDK was installed using the Configure Later option, you need to configure Access Manager SDK by modifying Access Manager configuration files. The standard approach for making these modifications is to run the amconfig command with an input file.
Change to the directory that contains the amconfig input file template, amsamplesilent.
# cd /opt/SUNWam/bin
Copy the template to a new file.
# cp amsamplesilent amconfigsra
In a text editor, edit the amconfigsra file to set the Access Manager SDK configuration parameters.
Locate the configuration parameters that are listed in the following table, and change their values to the values shown in the table.
Parameter |
Value |
---|---|
DEPLOY_LEVEL |
3 |
SERVER_HOST |
am.pstest.com |
SERVER_PORT |
80 |
DS_HOST |
ds.pstest.com |
DS_DIRMGRPASSWD |
directory-manager-password |
ROOT_SUFFIX |
"dc=pstest,dc=com" |
SM_CONFIG_BASEDN |
$ROOT_SUFFIX |
ADMINPASSWD |
access-manager-admin-password |
AMLDAPUSERPASSWD |
access-manager-LDAP-password |
COOKIE_DOMAIN |
pstest.com |
AM_ENC_PWD |
password-enc-key |
Run the amconfig command with the input file you modified in Step 3.
# /opt/SUNWam/bin/amconfig -s amconfigsra
Verify that the Access Manager SDK is properly configured.
# /opt/SUNWam/bin/amadmin —u amadmin —m http://am.pstest.com:80
The output should show current session information.
This procedure uses the psconfig command and a configuration file to create a Gateway instance. You begin with the appropriate configuration file as a template and edit the file to specify parameter values that are needed for the reference configuration.
Create a config-sra1 configuration file.
Use the example10.xml file as a template.
# cd /opt/SUNWportal/samples/psconfig
# cp example10.xml config-sra1.xml
Open the config-sra1.xml file in a text editor.
Modify config-sra1.xml to use the values in the following table.
Parameter |
Value |
---|---|
ConfigurationHostName |
sra1.pstest.com |
AdministratorUID |
amadmin |
AdministratorUserPassword |
access-manager-admin-password |
LDAPUserId |
amldapuser |
LDAPUserIdPassword |
access-manager-LDAP-password |
DirectoryManagerDn |
cn=Directory Manager |
directory-manager-password |
directory-manager-password |
PortalAccessURL |
http://ps.pstest.com:80/portal |
PrimaryPortalHost |
ps1.pstest.com |
Protocol |
https |
Host |
sra1.pstest.com |
Port |
443 |
IPAddress |
10.0.4.1 |
LogUserPassword |
log-user-password |
RestrictiveMode |
true |
Organization |
your-organization |
Division |
your-division |
CityOrLocality |
your-city |
StateProvince |
your-state |
CountryCode |
your-country |
CertificateDatabasePassword |
cert-DB-password |
The modified config-sra1.xml file is reproduced in Example Configuration File: Gateway Instance on sra1.
Run the psconfig command with the configuration file input.
# cd /opt/SUNWportal/bin
# ./psconfig --config /opt/SUNWportal/samples/psconfig/config-sra1.xml
The output should resemble the following:
Creating directory: /etc/opt/SUNWportal Copying config templates from: /opt/SUNWportal/template/config Successfully created PortalDomainConfig.properties file Validating the Input Config XML File Configuring Cacao Agent for Portal Software Connecting to Cacao MBean Server ... Closing MBean Server connection Resetting log level Configuration successful
Start the Gateway instance.
# /opt/SUNWportal/bin/psadmin start-sra-instance -u amadmin -N default -t gateway --restrictive
When prompted, type the access-manager-admin-password.
Start a browser.
Go to the following URL:
https://sra1.pstest.com
You are prompted to accept the Gateway's self-signed certificate.
Accept the certificate.
The Access Manager login page opens.
Log in to the Portal desktop by typing the following values and clicking Login.
Input Field |
Value |
---|---|
User ID |
developer |
Password |
developer |
If you successfully login, the Gateway is operating correctly.