Deployment Example: Single Sign-On, Load Balancing and Failover Using Sun OpenSSO Enterprise 8.0

ProcedureTo Install the J2EE Policy Agent 2 on Application Server 2

Before You Begin

Set JAVA_HOME to /usr/local/bea/jdk150_06.

  1. As a root user, log into the pr-2 host machine.

  2. Stop the WebLogic Server 2 administration server and the WebLogic Server 2 managed server.

    # cd /usr/local/bea/user_projects/domains/pr-2/bin
    # ./ ApplicationServer-2 t3://localhost:7001
    # ./
  3. Create a directory into which you will download the J2EE policy agent bits and change into it.

    # mkdir /export/J2EEPA2
    # cd /export/J2EEPA2
  4. Create a text file that contains a password for the Agent Profile created during installation.

    The J2EE Policy Agent installer requires this.

    # cat > agent.pwd
    Hit Control D to terminate the command
  5. Create a text file that contains the Agent Administrator password.

    This text file should contain the password of the OpenSSO Enterprise administrator (by default, amadmin).

    # cat > agentadm.pwd
    Hit Control D to terminate the command
  6. Download the J2EE policy agent bits for WebLogic Server from

    # ls -al
    total 18824
    drwxr-xr-x   2 root     root         512 Jul 17 16:02 .
    drwxr-xr-x   8 root     root         512 Jul 17 15:58 ..
    -rw-r--r--   1 root     root          11 Jul 17 15:59 agent.pwd
    -rw-r--r--   1 root     root           9 Jul 17 16:01 agentadm.pwd
    -rw-r--r--   1 root     root     9623704 Jul 17 16:02
  7. Unpack the J2EE policy agent bits.

    # unzip
  8. Run the J2EE policy agent installer.

    # cd /export/J2EEPA2/j2ee_agents/weblogic_v10_agent/bin
    # chmod 755 agentadmin
    # ./agentadmin --custom-install
  9. When prompted, provide the following information.

    The following information is to configure the J2EE Policy Agent against the OpenSSO Enterprise secure port.

    Please read the following License Agreement carefully:

    Press Enter to continue. Continue to press Enter until you reach the end of the License Agreement and the installer's Welcome page is displayed. 

    Enter startup script location.

    Enter /usr/local/bea/user_projects/domains/pr-2/bin/

    Enter the WebLogic Server instance 
    name: [AdminServer]

    Enter the name of the WebLogic Server instance secured by the agent ApplicationServer-2

    Enter the WebLogic home directory: 

    Enter /usr/local/bea/weblogic10.

    OpenSSO Enterprise 

    Enter the URL where OpenSSO Enterprise is running (including the URI):

    Is the agent being deployed on a Portal domain [false]

    Accept the default value. 

    Agent URL:

    Enter the URL where the policy agent is running (including the URI):

    Enter the Encryption Key 

    Accept the default value. 

    Enter the Agent Profile Name:


    Enter the path to the password file:

    Enter the path to a file that contains the password to be used for identifying the policy agent: /export/J2EEPA2/agent.pwd.

    Note –

    A warning message is displayed regarding the existence of the agent profile.

    This Agent Profile does not exist in 
    OpenSSO Enterprise. 
    Will it be created by the installer? (Agent 
    Administrator name and password are required) 

    Accept the default value to create the Agent Profile during installation. 

    Enter the Agent Administrator's name:

    Enter amadmin

    Enter the path to the password file 
    that contains the password of Agent Administrator:

    Enter /export/J2EEPA2/agentadm.pwd

    Startup script location :
    WebLogic Server instance name : 
    WebLogic home directory : 
    OpenSSO Server  URL :
    Agent Installed on Portal domain : false
    Agent URL :
    Encryption Key : 
    Agent Profile name : j2eeagent-2
    Agent Profile Password file name : 
    Agent Profile will be created right now 
      by agent installer : true
    Agent Administrator : amadmin
    Agent Administrator's password file 
      name : /export/J2EEPA2/agentadm.pwd
    Verify your settings and decide from 
    the choices below:
    1. Continue with Installation
    2. Back to the last interaction
    3. Start Over
    4. Exit
    Please make your selection [1]:

    Accept the default value. 

    Agent instance name: Agent_001
    Agent Bootstrap file location:
    Agent Configuration file location
    Agent Audit directory location:
    Agent Debug directory location:
    Install log file location:

    Accept the default value. 

    When the installer is finished, a new file is in the bin directory called

  10. Modify the startup script to reference using the following sub procedure.

    Tip –

    Backup before you modify it.

    1. Change to the bin directory.

      # cd /usr/local/bea/user_projects/domains/pr-2/bin
    2. Insert the following line at the end of

      . /usr/local/bea/user_projects/domains/pr-2/
    3. Save and close the file.

  11. Change permissions for

    # chmod 755
  12. Start the WebLogic Server administration server and managed instance.

    # ./ &
    # ./ ApplicationSever-2 t3://localhost:7001

    Watch for startup errors.

  13. Verify that the J2EE Policy Agent 2 was successfully created on the server using the following sub-procedure.

    1. Access from a web browser.

    2. Log in to the OpenSSO Enterprise console as the administrator.

      User Name:




    3. Under the Access Control tab, click / (Top Level Realm).

    4. Click the Agents tab.

    5. Click the J2EE tab.

      j2eeagent-2 is displayed under the Agent table.

    6. Click j2eeagent-2.

      The j2eeagent-2 properties page is displayed.

    7. Log out of the OpenSSO Enterprise console and close the browser.

  14. Remove the password files.

    # cd /export/J2EEPA2
    # rm agent.pwd
    # rm agentadm.pwd
  15. Log out of the pr-2 host machine.