test

Sun GlassFish Web Space Server 10.0 Secure Web Access Add-On Guide

Chapter 2 Getting and Installing Secure Web Access Add-On

This chapter explains how to download and install the Secure Web Access Add-On for Sun GlassFish Web Space Server software.

Before You Begin

This section explains the basic requirements and concepts you should review before proceeding to the installation of Secure Web Access Add-On for Web Space Server.

System Requirements

The Web Space Server software should be installed as described in the Chapter 2, Web Space Server Installation Instructions, in Sun GlassFish Web Space Server 10.0 Administration Guide. Note that the requirements listed in the Software and Hardware Requirements in Sun GlassFish Web Space Server 10.0 Installation Guide also apply to the SWA Add-On.

If you are installing the SWA Add-On on a Web Space Server 10.0 update version, make sure that you are using a compatible version. For example, the Secure Web Access Add-On for Web Space Server 10.0 Update 5 should be installed only on a Web Space Server 10.0 Update 5 installation.

Installation Directories

The name of the core Web Space Server bundle is webspace-version-for-glassfish.zip), When you unzip this file, a webspace-for-glassfish directory is created. Throughout the installation instructions, this directory is referred to as webspace-dir.You can install and configure Web Space Server from this directory.

Similarly, the directory which contains the unzipped bundle of GlassFish is referred to as glassfish-root.

Platform-Specific Path Separators

The instructions and examples in this document use UNIX-style forward slash (/) path separators in file and command names. If Web Space Server and Sun GlassFish Enterprise Server are installed on a Windows system, be sure to use backslashes (\) instead of forward slashes. For example:

Downloading the Secure Web Access Add-On

As with most Web Space Server add-on packages, the SWA Add-On is downloaded using the Sun GlassFish Update Tool.

Note –

The version of Update Tool included with some versions of GlassFish Enterprise Server is not compatible with the Web Space Server add-on package repositories. You must use the version of Update Tool that comes with the Web Space Server 10.0 software.

Update Tool also includes a command-line (CLI) Image Packaging System (IPS) utility called pkg, which provides the same core functionality as its GUI-based counterpart.

ProcedureTo Download the SWA Add-On Using the GUI-Based Update Tool

If you are running Update Tool for the first time, you will have to install the interface before proceeding.

  1. Start Update Tool by changing to the webspace-dir/bin directory and typing updatetool.

    • If the Update Tool main window appears, proceed to Step 2.

    • If a prompt appears asking whether to allow the installation of Update Tool to proceed:

      1. Type y to proceed.

        The installer downloads and installs Update Tool and then exits. This process takes approximately 10 ‐ 15 minutes.

      2. Type the updatetool command again to start Update Tool.

        The Update Tool main window appears.

  2. Expand Web Space under the Application Images pane, and choose Available Updates.

    Figure 2–1 Update Tool

    Update Tool

  3. Click the Edit Properties button.

    The Image Properties window is displayed.

  4. Select the option support.sun.com repository, and choose Preferred.

    The Repository Properties window appears.

  5. Provide the appropriate repository URL provided by Sun support, and click OK.

    The support.sun.com repository is highlighted.

    Figure 2–2 Selecting the support.sun.com repository

    Selecting repositories

  6. Click OK again to enable the support.sun.com repository.

    The Update Tool main window is displayed.

  7. Expand Web Space under the Application Images pane, and choose Available add-ons.

  8. Select the Web Space for GlassFish V2 component, and click Install.

  9. Select the swa-administration, swa-datastore, and swa-gateway components.

Next Steps

Proceed to Installing the Secure Web Access Add-On for the remaining installation instructions.

ProcedureTo Download the Secure Web Access Add-On Using the CLI-Based pkg Tool

  1. Start Update Tool by changing to the webspace-dir/bin directory and typing updatetool.

    • If the Update Tool main window appears, proceed to Step 2.

    • If a prompt appears asking whether to allow the installation of Update Tool to proceed:

      1. Type y to proceed.

        The installer downloads and installs Update Tool and then exits. This process takes approximately 10 ‐ 15 minutes.

      2. Type the updatetool command again to start Update Tool.

        The Update Tool main window appears.

  2. Change to the webspace-dir/pkg/bin directory.

  3. Type the following command to download the Secure Web Access Add-On:

    pkg set-authority -P --enable -O http://pkg.sun.com/webspace/10/ repository-name

    Ask your SunSolve service representative for the correct repository name to use.

  4. Type the following commands to install the base Secure Web Access Add-On.

    pkg install webspace-swa-datastore-addon

    pkg install webspace-swa-administration-addon

    pkg install webspace-swa-gateway-addon

Next Steps

Proceed to Installing the Secure Web Access Add-On for the remaining installation instructions.

Installing the Secure Web Access Add-On

After using the Update Tool to get the SWA Add-On, the swa-administration, swa-datastore, and swa-gateway components are placed in the webspace-dir/webspace directory.

SWA uses JCR to store the Rewriter rule sets and other configuration data. The Gateway only reads from the data store, whereas the admin module both reads from and writes to the data store. Therefore, SWA has three components in terms of deployment. The Gateway is deployed in the DMZ (demilitarized zone), and the admin module and the data store are usually deployed in the intranet. A DMZ is a small protected network between the public Internet and a private intranet, usually demarcated with a firewall on both ends.

In a simple deployment scenario, the three SWA components; swa-datastore, swa-administration, and swa-gateway are installed in the webspace-dir/webspace directory. Each component should be installed in its own subdirectory. Install the components in this order: swa-datastore, swa-administration, and swa-gateway.

ProcedureTo Install the swa-datastore Component

  1. In a command shell of your operating system, change to the webspace-dir/webspace/swa-datastore directory.

  2. Run ant -f install-glassfish.xmlinstallation script..


    ant -f install-glassfish.xml
Buildfile: install-glassfish.xml

check-ant:

check-last-install:

set-last-install:

show-user-warning:
    [input] JAVA_HOME must be set to JDK 1.5 or greater and java must be available in the execution path. GlassFish must be running. [RETURN to continue or CONTROL-C to stop]


set-glassfish-properties:
    [input] Enter GlassFish Directory  [/opt/glassfish]
glassfish-root/glassfish
    [input] Enter GlassFish Domain (include full path to domain)  [glassfish-root/glassfish/domains/domain1]

    [input] Enter GlassFish Target  [server]

    [input] Enter GlassFish Administrator [admin]

    [input] Enter GlassFish Administrator Password File (include full path to file)  [/root/asadmin-password]

    [input] Enter GlassFish Administration Port  [4848]

    [input] Can installer deploy wars?  [true]


set-datastore-properties:
    [input] Enter Fully Qualified Datastore Host  [localhost]
***fully qualified name of the datastore deployment machine; can be the same machine***
    [input] Enter Datastore Port  [1099]

    [input] Use builtin Derby or a mySQL database  [Derby]
mysql

set-derby-properties:

set-mysql-properties:
    [input] Enter Database User Name  [root]
lportal
    [input] Enter Database User Password File (include full path to file)  [/root/database-user-password]

    [input] Enter Database Host  [localhost]

    [input] Enter Database Port  [3306]

    [input] Enter Database Name  [lportal]
    Note –

    You need to provide the GlassFish root directory, path for the GlassFish administration password file and other details while installing the swa-datastore component of SWA.

    You need to provide a FQDN. Apart from that, you need to specify the database, user name for the database, path for the database password file, and other attributes.

  3. Restart the GlassFish server.

ProcedureTo Install the swa-administration Component

  1. In a command shell of your operating system, change to the webspacedir/webspace/swa-administration directory.

  2. Run ant -f install-glassfish.xml.


    ant -f install-glassfish.xml
Buildfile: install-glassfish.xml

check-ant:

check-last-install:

set-last-install:

show-user-warning:
    [input] JAVA_HOME must be set to JDK 1.5 or greater and java must be available in the execution path. GlassFish must be running. [RETURN to continue or CONTROL-C to stop]


set-glassfish-properties:
    [input] Enter GlassFish Directory  [/opt/glassfish]
glassfish-root/glassfish
    [input] Enter GlassFish Domain (include full path to domain)  [glassfish-root/glassfish/domains/domain1]

    [input] Enter GlassFish Target  [server]

    [input] Enter GlassFish Administrator [admin]

    [input] Enter GlassFish Administrator Password File (include full path to file)  [/root/asadmin-password]

    [input] Enter GlassFish Administration Port  [4848]

    [input] Can installer deploy wars?  [true]


set-datastore-properties:
    [input] Enter Fully Qualified Datastore Host  [localhost]
***fully qualified name of the datastore deployment machine; can be the same machine***
    [input] Enter Datastore Port  [1099]
    Note –

    You need to provide the GlassFish root directory, path for the GlassFish administration password file and other details while installing the swa-administration component of SWA.

    For the successful configuration of SWA, you need to provide the Fully Qualified Domain Name (FQDN). In a simple deployment scenario, where you are installing all the components on a single machine, FQDN can be your machine host name. You should not select the default localhost.

  3. Restart the GlassFish server.

ProcedureTo Install the swa-gateway Component

  1. In a command shell of your operating system, change to the webspace-dir/webspace/swa-gateway directory.

  2. Run ant -f install-glassfish.xml.


    ant -f install-glassfish.xml
Buildfile: install-glassfish.xml

check-ant:

check-last-install:

set-last-install:

show-user-warning:
    [input] JAVA_HOME must be set to JDK 1.5 or greater and java must be available in the execution path. GlassFish must be running. [RETURN to continue or CONTROL-C to stop]


set-glassfish-properties:
    [input] Enter GlassFish Directory  [/opt/glassfish]
glassfish-root/glassfish
    [input] Enter GlassFish Domain (include full path to domain)  [glassfish-root/glassfish/domains/domain1]

    [input] Enter GlassFish Target  [server]

    [input] Enter GlassFish Administrator [admin]

    [input] Enter GlassFish Administrator Password File (include full path to file)  [/root/asadmin-password]

    [input] Enter GlassFish Administration Port  [4848]

    [input] Can installer deploy wars?  [true]


set-datastore-properties:
    [input] Enter Fully Qualified Datastore Host  [localhost]
***fully qualified name of the datastore deployment machine; can be the same machine***
    [input] Enter Datastore Port  [1099]
    Note –

    You need to provide the GlassFish root directory, path for the GlassFish administration password file and other details while installing the swa-gateway component of SWA.

    Also, you need to provide the FQDN name.