This chapter describes how to upgrade the IBM WebSphere Security Module for 11.1.2.3. It contains the following sections:
Note:
If you do not follow the exact sequence provided in this task table, your Oracle Entitlements Server Client Server upgrade may not be successful.Table E-1 lists the steps for upgrading Oracle Entitlements Server Client Server upgrade.
Table E-1 Upgrade Roadmap for Oracle Entitlements Server Client Server
| No. | Task | For More Information |
|---|---|---|
|
1. |
Shut down all security modules. This includes shutting down the Administration Server and Managed Servers too. |
|
|
2. |
Obtain Oracle Entitlements Server Client software. |
|
|
3. |
Install OES Client 11.1.2.3 in the same ORACLE_HOME where OES Client 11.1.2.2 is installed. |
|
|
4. |
Verify the installation. |
|
|
5. |
Start the Security Modules. |
|
|
6. |
Verify the Oracle Entitlements Server Client Server upgrade. |
Bring down all security module instances, Administration Server, and Managed Servers.
The security module instances shuts down when the Administration Server and Managed Servers are shut down.
Stop the Node Manager and Deployment Manger
On the Deployment Manager Machine, stop the Node Manager and Deployment Manager by running the following commands:
$WAS_HOME/profiles/Custom01/stopNode.sh -profileName server_profile_name -username wasadmin_username -password wasadmin_password $WAS_HOME/profiles/dmgr_profile_name/stopManager.sh -profileName dmgr_profile_name -username wasadmin_username -password wasadmin_password
You can also stop IBM WebSphere servers with profile scripts. To stop the IBM WebSphere servers, navigate to the following directory in the IBM WebSphere home and enter the command:
(UNIX) PROFILE/bin/stopServer.sh server_name -username username -password password
You can also stop IBM WebSphere servers from Oracle Enterprise Manager Fusion Middleware Control.
For example, to stop a server from Fusion Middleware Control:
Navigate to the Server home page.
From the WebSphere Application Server menu, select Control, and then select Shut down.
Fusion Middleware Control displays a confirmation dialog box.
Click Shutdown.
Note:
Fusion Middleware Control is deployed to the OracleAdminServer. As a result, if you stop the OracleAdminServer, then Fusion Middleware Control will be stopped, and you must use the profile scripts to start the servers.Stopping the Administration Server
To stop the OracleAdminServer, navigate to the following directory in the IBM WebSphere home, and enter the following command:
$WAS_HOME/profiles/profile_name/bin/stopServer.sh OracleAdminServer -profileName profileName
For information about where to download the Oracle Entitlements Server Client software, refer to the Oracle Fusion Middleware Download, Installation, and Configuration Readme Files on the Oracle Technology Network (OTN): http://download.oracle.com/docs/cd/E23104_01/download_readme.htm.
This Oracle Entitlements Server Client component has its own installer and it is not included in the Oracle Identity and Access Management 11g Release 2 (11.1.2.3.0) installation. The Oracle Entitlements Server Client does not require Oracle WebLogic Server.
To install Oracle Entitlements Server Client 11g Release 2 (11.1.2.3) on IBM WebSphere, follow the instructions for installing on Oracle WebLogic Server. For information, see "Installing Oracle Entitlements Server Client" in Installation Guide for Oracle Identity and Access Management.
To verify that your Oracle Entitlements Server Client installation is successful, go to your OES_CLIENT_HOME directory which you specified during installation, and verify that the OES_CLIENT_HOME directory is populated with product files.
You can also verify the installation log file that is generated after the installation is complete. The name and location of the installation log file is displayed on the Installation Progress screen of the Oracle Entitlements Server Client installation.
You must start the security modules by starting the Administration Server and Managed Servers.
The following procedure shows the sequence you must use to start the deployment manager, the node, and the servers in the cell.
Start the Deployment Manager:
Navigate to the following directory in the IBM WebSphere home and enter the following command:
On UNIX operating systems:
profiles/dmgr_profileName/bin/startManager.sh
For example:
/disk01/IBM/WebSphere/AppServer/profiles
/Dmgr01/bin/startManager.sh
Note:
If you are running thestartManager.sh (or startManager.bat) command from WAS_HOME/bin directory, you must specify the parameter -profileName.
For example, on a UNIX operating system:
WAS_HOME/bin/startManager.sh -profileName dmgr_profileName
Synchronize the node:
Navigate to the following directory in the IBM WebSphere home and enter the following command:
On UNIX operating systems:
profiles/Server_profile_name/bin/syncNode.sh host_name SOAP_Port -username admin_user -password admin_password
For example:
/disk01/IBM/WebSphere/AppServer/profiles/Custom01/bin/syncNode.sh myhost.mycompany.com 8879 -username wasadmin -password welcome1
Start the node:
Navigate to the following directory in the IBM WebSphere home and enter the following command:
On UNIX operating systems:
profiles/Server_profile_name/bin/startNode.sh
For example:
/disk01/IBM/WebSphere/AppServer/profiles/Custom01/bin/startNode.sh
Note:
If you are running thestartNode.sh (or startNode.bat) command from WAS_HOME/bin directory, you must specify the parameter -profileName.
For example, on a UNIX operating system:
WAS_HOME/bin/startNode.sh -profileName Server_profileName
Start the OracleAdminServer server:
Navigate to the following directory in the IBM WebSphere home and enter the following command:
On UNIX operating systems:
profiles/Server_profile_name/bin/startServer.sh OracleAdminServer
For example:
/disk01/IBM/WebSphere/AppServer/profiles/Custom01/bin/startServer.sh
OracleAdminServer
Note:
If you are running thestartServer.sh (or startServer.bat) command from WAS_HOME/bin directory, you must specify the parameter -profileName.
For example, on a UNIX operating system:
WAS_HOME/bin/startServer.sh OracleAdminServer -profileName Server_profileName
Start any additional servers that were configured as part of your IBM WebSphere cell.
After you start the OracleAdminServer, you can start the other servers using the IBM WebSphere Administrative Console or Oracle Enterprise Manager Fusion Middleware Control. For more information, see Section 3.1, "Summary of the Oracle Fusion Middleware Management Tools on IBM WebSphere" in Oracle Fusion Middleware Third-Party Application Server Guide for Oracle Identity and Access Management, 11g Release 2 (11.1.2.2.0).
Alternatively, you can use the startServer script, as follows:
Navigate to the following directory in the IBM WebSphere home and enter the following command:
On UNIX operating systems:
profiles/Server_profile_name/bin/startServer.sh server_name
Note:
If you are running thestartServer.sh (or startServer.bat) command from WAS_HOME/bin directory, you must specify the parameter -profileName.
For example, on a UNIX operating system:
WAS_HOME/bin/startServer.sh server_name -profileName Server_profileName
To verify, create an authorization, as mentioned in "Using the PEP API" in the Developer's Guide for Oracle Entitlements Server, and see if it works correctly.