You should prepare the application server that will run the identity applications. For your convenience, NetIQ provides Apache Tomcat in the installation kit. For more information about using the applications in a cluster environment, also see Section 31.4, Preparing a Cluster for the Identity Applications.
Before installing the identity applications on a JBoss application server, review the following actions and considerations:
Ensure that JBoss is not running. On Linux, JBoss starts as a service at system reboot by default, so you must stop the service. To stop JBoss, use the script called /etc/init.d/jboss_init start/stop. You can also use a JavaServiceWrapper to stop the JBoss Application Server as a Windows service or a Linux or UNIX daemon process.
For more information, see the directions from JBoss at http://www.jboss.org/community/wiki/RunJBossAsAServiceOnWindows. One such wrapper is at http://wrapper.tanukisoftware.org/doc/english/integrate-simple-win.html. Manage it by JMX (http://wrapper.tanukisoftware.org/doc/english/jmx.html#jboss).
JBoss comes with three different ready-to-use server configurations: minimal, default and all. You can enable clustering in the all configuration only. A cluster-service.xml file in the /deploy folder describes the configuration for the default cluster partition. When you install the identity applications and indicate to the installation program that you want to install into a cluster, the installation program makes a copy of the all configuration, names the copy IDM by default, and installs the identity applications into this configuration.
For more information about installing the identity applications in a JBoss cluster, see the following sections:
This section describes how to prepare an environment where you want to run the identity applications on Tomcat. The .iso for installing Identity Manager includes a program for installing Tomcat (and optionally PostgreSQL). For more information, see Section 25.0, Installing PostgreSQL and Tomcat.
You can use your own Tomcat installation program instead of using the convenience installer provided in the installation package. However, if you do use a different installation program, there are additional steps you must perform for Tomcat to function correctly with the Identity Applications.
Before you start the installation process, ensure that the versions of the components you are installing are supported with this version of the Identity Applications. For more information, see Section 28.3, Prerequisites and Considerations for Installing the Identity Applications.
Install Apache Tomcat as a service on your server.
For more information, see Tomcat Setup.
Install the following components on the same server where you installed Tomcat.
Java Runtime Environment (JRE): For more information, see the Java Platform Installation Guide.
Apache ActiveMQ: For more information, see .
PostgreSQL: For more information, see PostgreSQL Manuals.
Copy the activemq-all-5.9.0.jar file to the TOMCAT_INSTALLED_HOME/lib folder for ActiveMQ.
Copy the following files to the TOMCAT_INSTALLED_HOME/lib folder for logging.
log4j.jar
log4j.properties
tomcat-juli-adapters.jar
Set the following properties in the setenv.bat (Windows) or setenv.sh (Linux) file.
JAVA_HOME JRE_HOME PATH (set Java path) JAVA_OPTS="-Xms1024m -Xmx1024m -XX:MaxPermSize=512m"
Create a user with the name novlua and create a group with the name novlua.
This allows you to run Tomcat as a non-root user. For more information, see A Guide To Apache Tomcat Linux Installation and Set-Up.
Make the novlua user and novlua group owners of the Tomcat files.
Copy the postgresql-9.3-1101.jdbc41.jar file to the /TOMCAT_INSTALLED_HOME/lib folder.
(Conditional) In a cluster environment, open the server.xml file located by default in the /TOMCAT_INSTALLED_HOME/conf/ directory in the first node of the cluster and uncomment this line:
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
Do this for all nodes in the cluster.
For advanced Tomcat clustering configuration, follow the steps from https://tomcat.apache.org/tomcat-7.0-doc/cluster-howto.html.
After you have installed Tomcat and the Identity Applications, you can tune Tomcat to function more effectively. For more information, see Section 32.5, Post-Installation Steps for Tomcat.
This section describes how to prepare an environment where you want to run the identity applications on WebSphere.
The installation process for the identity applications requires an existing data source file that points to the database. For WebSphere environments, you must manually create a JDBC Provider and a data source file.
Open the Integrated Solutions Console, which allows you to configure and administer WebSphere Application Server (WAS). By default, http://host_name:9060/ibm/console.
In the left pane of the console, expand Resources > JDBC.
To create the JDBC provider, complete the following steps:
Click JDBC providers.
In the content pane, expand Scope.
Select Node=yourservername, Server=server1.
Click New.
For Database Type, specify the type of database you plan to use. For example, Oracle.
Click Next.
Specify the classpath for the JDBC provider.
Click Next.
Click Finish.
Click Save to save the changes directly to the master configuration.
To create the data source file, complete the following steps:
Click Data sources (in the left pane under JDBC).
In the content pane, expand Scope.
Select Node=yourservername, Server=server1.
Click New.
Specify the name of the data source file and the JNDI. For example, IDMUADatasource for both fields.
Click Next.
Click Select an existing JDBC provider.
Select the JDBC Provider that you created in Step 3.
Click Next.
Specify the name, server name, port, username, and password for the database.
Click Next.
(Optional) Specify information for the Security Alias.
Click Next.
Click Finish.
Click Save.
In the Data Sources pane, click the box to the left of your new data source file.
To verify the settings, click Test Connection.
In a WebSphere environment, the identity applications require that you apply the unrestricted policy files to the supported IBM JDK. Otherwise, the identity applications report the error Illegal key size
.
To apply the files, see the documentation for IBM and WebSphere. Ensure sure that you use the correct JDK version. Also, place the JAR file for unrestricted policy files in the JAVA_HOME\jre\lib\security directory.
For more information about installing the identity applications in a WebSphere cluster, see the following sections: