Sun Java System SAML v2 Plug-in for Federation Services Release Notes

ProcedureTo Install SAML v2 Plug-in for Federation Services on Access Manager 7.1 Single WAR Install

  1. Download the Access Manager single WAR ZIP from Sun Downloads.

  2. Extract the ZIP to a new directory.

    For example, /AMzip.

  3. Deploy amserver.war according to the Java Development Kit (JDK) version running on your machine.

    • Deploy the extract_dir/application/jdk15/amserver.war if your web container is running JDK 1.5

    • Deploy the extract_dir/application/jdk14/amserver.war if your web container is running JDK 1.4

  4. Configure the deployed Access Manager with configurator.jsp by accessing http://host-name:port/amserver.

    Fill in values for the configurator.jsp fields and click Configure.

  5. Make sure that the value of the com.iplanet.am.jdk.path attribute in configuration_dir/AMConfig.properties points to a valid JDK path.

  6. Create a staging directory by extracting the amserver.war previously used in a new directory.

    For example, /export/war_staging.

  7. Unzip amAdminTools.zip to a new directory.

    For example, /export/amadmin. amAdminTools.zip is located in the tools directory of the parent directory to which you initially extracted the Access Manager single WAR ZIP.

  8. Run setup following the instructions in the extracted README.

    You will be asked for the name of the staging directory previously created. Following the setup, an instance of amadmin will be created in /export/amadmin/am_deploy_uri/bin/amadmin

  9. Download the SAML v2 Plug-in for Federation Services Product Release for Access Manager 7.1 from the Sun Microsystems download web site and unpack it.

  10. Add the following two properties to the saml2silent installation configuration properties file.

    These are specific to the Access Manager single WAR install:

    • AM_CONFIGURATION_DIR

      Path to the location of AMConfig.properties. This is the value entered as the configuration directory in the Access Manager Single WAR configurator page.

    • AMADMIN_DIR

      The value of this property should be the same as the directory location to which the amAdminTools.zip was extracted. For example, /export/amadmin/am_deploy_URI/bin

  11. Choose one of the following steps, depending on the operating system you are using.

    • WINDOWS: Copy ldapjdk.jar from the WAR staging directory to the \share\lib directory.

      For example:

      copy \export\war_staging\WEB-INF\lib\ldapjdk.jar \share\lib
    • SOLARIS: Create a symbolic link in /opt/SUNWam/bin for the ldapsearch and ldapmodify command line interfaces.

      For example:

      ln -s /usr/bin/ldapmodify /opt/SUNWam/bin/ldapmodify
      ln -s /usr/bin/ldapsearch /opt/SUNWam/bin/ldapsearch
    • LINUX: The ldapsearch and ldapmodify command line interfaces installed with Linux do not have the -j option required by the installer. If you do not have an instance of Sun Java System Directory Server, you need to download and install the Directory Server Resource Kit (DSRK).

      • Download the DSRK ZIP from the Sun Microsystems web site.

      • Unzip and install the DSRK.

      • Note the location of the ldapsearch and ldapmodify command line interfaces.

      • Create a symbolic link in /opt/SUNWam/bin for the ldapsearch and ldapmodify command line interfaces.

        For example:

        ln -s dsrk_dir/bin/dsrk52/ldapmodify /opt/sun/identity/bin/ldapmodify
        ln -s dsrk_dir/bin/dsrk52/ldapsearch /opt/sun/identity/bin/ldapsearch
  12. Ensure java is in your PATH.

  13. Run saml2setup install -s saml2silent to install the patch.

  14. Update the AM_CLASSPATH variable in the saml2meta script to include the amSAML.properties locale file.

    The saml2meta script is in /opt/SUNWam/SAML2/bin.

Postinstallation

When finished, you will need to do the postinstallation steps as described in Postinstallation in Sun Java System SAML v2 Plug-in for Federation Services User’s Guide.