Sun Java logo     Previous      Contents      Next     

Sun logo
Sun Java System Identity Pack 2005Q4M3 Installation  

8

Installing Identity Install Pack for Sun ONE Application Server 7

Use the following information and procedures to install Identity Install Pack for use with the Sun ONE Application Server 7.

Before You Begin

During installation, you will need to know:

Installation Steps

Follow these installation and configuration steps, located in this chapter and following chapters:

Step 1: Install the Sun ONE Application Server Software

Note  Information in this chapter about Sun ONE Application Server installation is for general reference only. For detailed information, refer to the Web page or reference information provided by the application server software provider.

You may need to perform one or more of these general steps when installing the software:

Step 2: Install the Identity Install Pack Software

Follow these procedures to install the software.:

  1. You may install the software using one of two methods:
    • Using the installer GUI

      • Run the install.bat (for Windows) or install (for UNIX) command to launch the installation process.

      The installer displays the Welcome panel.

    • Using the nodisplay option

      • On UNIX systems, change directory to the software location. Enter the following command to activate the installer in nodisplay mode:

      install -nodisplay

      The installer displays the Welcome text. The installer then presents a list of questions to gather installation information in the same order as the GUI installer in these procedures.

      Note

      If no display is present, the installer defaults to the nodisplay option.

      When installing on systems with JDK versions earlier than 1.4, ensure that the DISPLAY environmental variable is set to a valid X server or the installation may fail.

  2. Click Next. The installer displays the Install or Upgrade? panel.
  3. Leave the New Installation option selected, and then click Next.

    4. The installer displays the Select Installation Directory panel.

  4. Replace the displayed directory location with the location where you want to install Identity Install Pack. This could be a staging location or a specific folder. Enter the location (or click Browse to locate it), and then click Next.

    5. Note  If the directory you enter does not exist, Identity Manager prompts for confirmation, and then creates the directory.

  5. Click Next to begin installation.

    6. After installing the files, The installer displays the Launch Setup panel.

    WARNING  Before you continue, if you plan to use an index database, you may need to copy one or more files to the idm\WEB-INF\lib directory. For example, you may need to place into idm/WEB-INF/lib a JAR file containing a JDBC driver (for a DriverManager connection) or a JAR file containing a JNDI InitialContextFactory (for a DataSource connection). To determine the steps you may need to perform before you go on, see Appendix A, Index Database Reference. When finished, click Launch Setup to launch the Setup Wizard and continue with setup steps.

    If you click Launch Setup before copying your index database files, setup will not proceed correctly. If this happens, quit the installation program, and then use the lh setup command to restart the setup portion of the installation process.

  6. Click Next on the Setup Wizard panel.

    7. Identity Manager displays the Locate the Repository panel.

  7. Select an index database:
    • Oracle (JDBC Driver)
    • Oracle (Data Source)
    • MySQL (JDBC Driver)
    • MySQL (Data Source)
    • DB2 (JDBC Driver)
    • DB2 (Data Source)
    • SQL Server (JDBC Driver)
    • SQL Server (Data Source)
    • LocalFiles

      • Depending on your selection, setup prompts for additional setup information.

      Note  See Appendix A, Index Database Reference, for selections and setup instructions.

  8. Click Next.

    9. The installer displays the License Key panel with a valid Identity Manager Free use license and License Key as default.

  9. If appropriate, click Import from File to import your license key data from an XML file or click Copy and Paste to paste in your license key data.

    10. Depending on your license key data you will see the Identity Auditor, and/or Service Provider Edition boxes checked and a license valid message displayed.

    Note  

    If you have an Identity Manager license key, enter it to enable support services.

    If you re-license the product you must import update.xml again. This will insure that you get all the objects for the products which are licensed to you.

  10. Click Next.
  11. The Continue Identity Manager Demo Setup? panel appears.
  12. If this is a non-demo installation click No, I will configure Identity Manager myself. Go to Step 21.
  13. If appropriate, click Yes, I would like to continue setting up a demonstration environment.

    14. This allows you to quickly configure users and enter environment and server information.

  14. Enter the following personal information:
      • First name
      • Last name
      • Email address

        • Note  This personal information is used to create the Approver user (with configurator privileges.)

  15. Enter the following Approver information:
      • Approver name
      • Approver password
  16. Click Next.
  17. Select the Server Type from the list.

    18. Select None if your environment has no server to manager. If there is a server you wish to manage, select the appropriate server type. You will be prompted for further server information as appropriate.

  18. If you have an email SMTP server, click SMTP Host and enter the server address. If desired, click Test Server to verify communication to the SMTP server.
  19. If you would like email notifications to be written to a file, click Notification File. Click Browse to select another notification file.
  20. Click Next.
  21. The installer displays the Import Save Configuration panel.
  22. Click Execute to perform all the listed functions. If desired click Hide Details.
  23. When all functions complete, click Done in the setup panel.

Getting More Information

When installation completes, Identity Manager displays the Installation Summary panel. For detailed information about the installation, click Details.

Depending on the amount of information captured during the installation process, not all messages may not be displayed here. View the log file (identified in details) for more information.

When finished, click Close to exit the installer.

After completing installation, continue by optionally installing the Sun Identity Manager Gateway.

Step 3. Deploy Identity Manager into Sun ONE Application Server

Follow these steps to deploy the Identity Manager application into Sun ONE Application Server. For additional information about deploying applications under Sun Java One Application Server, refer to the Sun Java One Application Server documentation.

  1. Open a command prompt, and then change to the staging directory where you installed the Identity Manager files.
  2. Create a .war file with the Identity Manager files by using the jar.exe command:

    3. c:\java1.4\bin\jar.exe cvf ..\idm.war *

  3. Launch and log in to the Sun ONE Admin Console. For example, to start a domain:
    1. Change to the SUNWAppServer Installation Directory/appserver/bin directory.
    2. Enter the command:
      ./asadmin start-domain --user User --password Password DomainName

      3. Note  To verify that the domain is running, go to https://Host:Port from a Web browser. You should see the Sun Java Application Server Administration console.

  4. In the Common Task Panel (left panel), go to Applications, and then Web Applications.
  5. In the Web Applications window, click Deploy.
  6. In the Deploy Web Module window, do one of the following:
    • Specify the path to the staged Sun Java One System Identity Manager Installation to upload.
    • Enter a path to the installation if accessible on the server.
  7. Click Next.
  8. Deploy the application.
  9. In the Common Task Panel (left panel), go to Configurations, expand
    server-config (Admin Config), and then select JVM Settings.
  10. Under the JVM Options tab, add the following JVM option:

    11. -Dwaveset.home=domain_home/applications/j2ee-modules
      /    StagedIDMName

    For example:

    -Dwaveset.home=/var/opt/SUNWappserver/domains/domain1/
      applications/j2ee-modules/idm

  11. If you are using specific resource drivers, you may need to add them in the Classpath Suffix under the JVM Settings, Path Settings tab. For example, if you are using the Oracle jdbc driver, add:

    12. DomainHome/applications/j2ee-modules/idm/
      WEB-INF/lib/ojdbc14.jar

  12. Configure the security policy to allow Identity Manager to operate. See Step 5. Edit the server.policy File for recommended permissions settings.
  13. Restart your domain instance. For example:

    14. ./asadmin stop-domain Domain1
    ./asadmin start-domain --user User --password Password
      DomainName

  14. To verify setup, log in to Identity Manager on port 8081 (the application server default port setting).

Step 4. Install the Sun Identity Manager Gateway

If you plan to set up Windows Active Directory, Novell NetWare, Novell GroupWise, Exchange 5.5, Remedy, or RSA ACE/Server resources, you should install the Sun Identity Manager Gateway. Follow the procedures in Chapter 11, Install the Sun Identity Manager Gateway.

Step 5: Edit the server.policy File

When running Identity Manager on a Sun ONE server with Java 1.4 or later, Identity Manager must be given permissions to perform certain actions.

Add the following lines to the server.policy file for the domain in which Identity Manager is installed (located in ApplicationServerHome/domains/domainName/config):

grant {

  permission java.lang.RuntimePermission "accessClassInPackage.sun.io";

  permission java.lang.RuntimePermission "getClassLoader";

  permission java.lang.RuntimePermission "createClassLoader";

  permission java.lang.RuntimePermission "accessDeclaredMembers";

  permission com.waveset.repository.test.testConcurrentLocking "read";

  permission java.net.SocketPermission "*", "connect,resolve";

  permission java.io.FilePermission "*", "read";

  permission java.util.PropertyPermission "*", "read,write";

};

grant codeBase "file:${waveset.home}/-" {

  permission java.util.PropertyPermission "waveset.home", "read,write";

  permission java.util.PropertyPermission "security.provider", "read,write";

  permission java.io.FilePermission "${waveset.home}${/}

*", "read,write,execute";

  permission java.util.PropertyPermission "*", "read,write";

  permission java.lang.RuntimePermission "accessClassInPackage.sun.io";

  permission java.net.SocketPermission "*", "connect,resolve";

};

If you want to run with trace set to write to a file, you will need to add the following additional permissions to the server.policy file.

grant {

  permission java.io.FilePermission "/opt/SUNWappserver/domains/domain1/applications/j2ee-modules/
idm/config/trace1.log", "read,write";

  permission java.io.FilePermission "${java.io.tmpdir}"${/}*" "read,write"

  permission java.util.PropertyPermission "trace.file", "read";

  permission java.util.PropertyPermission "trace.destination", "read";

  permission java.util.PropertyPermission "trace.enabled", "read";

};

where FilePermission is the actual path of the trace file.

Note  After modifying the file, you must restart the application server.



Previous      Contents      Next     

Copyright 2006 Sun Microsystems, Inc. All rights reserved.