To Configure Identity Manager to Work with Application Server

1. Set the environment variables that will be required for the setup program:

   # export WSHOME=/opt/SUNWappserver91/domains/domain1/applications/j2ee-modules/idm # export JAVA_HOME=/usr/java # export PATH=/usr/java/bin:$PATH

2. Start an X server on your local machine, and set the DISPLAY variable on the Application Server host computer.

3. Run the following commands:

   # cd /opt/SUNWappserver91/domains/domain1/applications/j2ee-modules/idm/bin # ./lh setup

4. Select MySQL (JDBC Driver) as the Repository Type.

5. Enter the same password for the waveset user that you set earlier in MySQL.

6. Click the Next button.

7. Accept the default setting to setup a demo environment.

8. Enter information about the demo user.

   In this case, enter following credentials:

   User Name:

   demoapprover

   Password:

   password

9. In the next screen, select the option for a Notification File for the Mail Settings.

   You may accept the default file or customize it.

10. In the next screen, click Execute.

    The lh program logs the details of the execution steps in the screen. See the Example in the Sample Outputat the end of this chapter.

    Click Done.

11. Change permissions so that Identity Manager can perform certain actions.

    Add the following lines to /opt/SUNWappserver91/domains/domain1/config/server.policy:

    grant { permission java.lang.RuntimePermission "accessClassInPackage.sun.io"; permission java.lang.RuntimePermission "getClassLoader"; permission java.lang.RuntimePermission "createClassLoader"; permission java.lang.RuntimePermission "accessDeclaredMembers"; permission com.waveset.repository.test.testConcurrentLocking "read"; permission java.net.SocketPermission "*", "connect,resolve"; permission java.io.FilePermission "*", "read"; permission java.util.PropertyPermission "*", "read,write"; }; grant codeBase "file:${waveset.home}/-" { permission java.util.PropertyPermission "waveset.home", "read,write"; permission java.util.PropertyPermission "security.provider", "read,write"; permission java.io.FilePermission "${waveset.home}${/} *", "read,write,execute"; permission java.io.FilePermission "${waveset.home}/help/index/-", "read,write,execute,delete"; permission java.io.FilePermission "$(java.io.tmpdir)$(/)*", "read,write,delete"; permission java.util.PropertyPermission "*", "read,write"; permission java.lang.RuntimePermission "accessClassInPackage.sun.io"; permission java.net.SocketPermission "*", "connect,resolve"; };

12. To enable Identity Manager to connect to OpenSSO Enterprise with the SunAccessManagerRealmResourceAdapter, add the two following policies:

    grant { permission java.lang.RuntimePermission "shutdownHooks"; permission java.io.FilePermission "${waveset.home}/WEB-INF/spe/config/spe.tld", "read"; };

13. Restart the Application Server.

    # /opt/SUNWappserver91/bin/asadmin stop-domain domain1 # /opt/SUNWappserver91/bin/asadmin start-domain domain1

    Watch for any errors in the Application Server server.log file.

14. Verify that you can successfully log in to Identity Manager.

    Go to the Identity Manager console at http://ApplicationServerHost:Port/idm/login.jsp

    1. Log in using the following credentials:

       Username:

       configurator

       Password:

       configurator

       To minimize security risk, it is a good practice to change the default password for this administrator.

    2. Log out.

    3. Log in using the following credentials:

       Username:

       administrator

       Password:

       administrator

    4. Log out.

    5. Log in using the following credentials:

       Username:

       demoapprover

       Password:

       password

    6. Log out.