Installation of IM R12 on Websphere with manual deployment steps.

Document ID : KB000052167
Last Modified Date : 14/02/2018
Show Technical Document Details

2 Extraction of EAR file

2.1 Extracting the ear file for first time

Copy the Identity Manager Installation "im-12.0-cr007-aix.zip" on AIX machine

Unzip the installation at your desired location using unzip

Figure 1

Make sure that you can have access to installer GUI, use export command if required

Note: By default the installer uses /tmp as temporary directory of installation. It needs 791806 kb free space in /tmp. If /tmp does not have enough space it will attempt to use the users home directory. If you want to change this location you can use variable IATEMPDIR explicitly to set this

Figure 2

The installer will launch

Figure 3

In the next screen scroll all the way down the license agreement to enable the accept option

Figure 4

Figure 5

In the component selection screen just select Identity Manager Server and hit next

Figure 6

Enter the path where you want installer to extract ear file

Figure 7

Hit next for the below screen

Figure 8

Keep the checkbox in next screen unchecked

Figure 9

In next screen check the option Generate Ear file only. Do not change any other field and hit next.

Figure 10

In the final verification screen hit install to begin the installation

Figure 11

The installation begins.

Figure 12

Hit done after the installation completes to exit the installer.

Figure 13

Note: During this installation in final screen you may get "but some errors occurred during installation" message. This can be safely ignored.

Verify that you have two ear files created under your install location. Assuming your install location is /WASdata/identitymanager, verify the following files are created

/WASdata/identitymanager/IAM_Suite/Websphere_ear/WAS_IMr12.ear    
/WASdata/identitymanager/IAM_Suite/Websphere_ear/WAS_caStyles.ear    

If you have above two files created, the extraction of ear file is complete.

2.2 Quick Reference of file changes in ear

After the ear has been extracted from the product installer once and it is modified and deployed in dev, in successive environments(Staging and Production), the following files only need to be modified

Sr. No. File Name Location in Ear/War Notes
1 ra.xml IdentityMinder.ear/policyserver.rar/META-INF Needs to be modified for policy server connection for test, staging and prod each.
2 web.xml IdentityMinder.ear/ user_console.war/WEB-INF Need this to modify only once in test, need not modify for staging and prod as value will be same in each environment
3 ra.xml IdentityMinder.ear/workflow.rar/META-INF Needs to be modified for workflow for test, staging and prod each.
4 workpoint-client.properties IdentityMinder.ear/config Needs to be modified for workflow for test, staging and prod each.
5 tews_iam.properties selfservice.war/WEB-INF Needs to be modified for self service URL's for test, staging and prod each.
6 hibernate.cfg.xml selfservice.war/WEB-INF/classes Needs to be modified for self service database connection for test, staging and prod each.

3 Creation of Websphere resources

The resources include the following:

  • Service Integration Bus

  • JMS Queue Connection Factory

  • JMS Topic Connection Factory

  • JMS Queues

  • JMS Topics

  • JMS Activation Specifications

  • Mail Session

Please note that the creation of each of the JMS resources is done at server level.

3.1 Configuration of Service Integration Bus

3.1.1 Create the Service Integration Bus

Go to Service Integration>Buses. Click on New. Enter IMSBus. Click on Finish.

You should see the following display.

Figure 14

3.1.2 Add the server as a bus member.

Go to Service Integration>Buses. Click on IMSBus. Click on Bus Members.

Click on Add. Choose the server option. Click on Next.

Choose File Store for the message store.

Click Next to display message store properties.

Click Next to confirm the addition of the bus member.

Click Finish.

Go to Service Integration>Buses. Click on IMSBus. Click on Bus Members.

You should see the following display.

Figure 15

3.1.3 Create the destinations for the bus.

Go to Service Integration>Buses. Click on IMSBus. Click on Destinations. Select Queue.

Enter IMSEvents.

Click on Next to display the assignment of the queue to a bus member.

Click on Next to display the Configuration screen. Click on Finish.

Repeat the steps above for wpUtilQueue, wpServAutoActQueue, RuntimeStatusDetailQueue.

Go to Service Integration>Buses. Click on IMSBus. Click on Destinations. Select Topic Space.

Enter ServerCommand.

Click on Next to display the assignment of the topic space to a bus member.

Click on Next to display the Configuration screen. Click on Finish.

Go to Service Integration>Buses. Click on IMSBus. Click on Destinations.

You should see the following display.

Figure 16

Disable bus security, since we have global security enabled.

3.2 Creation of JMS Queue Connection Factories

3.2.1 Create neteQCF

Go to Resources>JMS>Queue Connection Factories. Click on New.

Select Default Messaging Provider. Click on OK.

Enter neteQCF in the Name field.

Enter javax.jms.QueueConnectionFactory in the JNDI Name field.

Enter IMSBus in the Bus Name field.

Hit OK.

3.2.2 Create wpConnectionFactory

Go to Resources>JMS>Queue Connection Factories. Click on New.

Select Default Messaging Provider. Click on OK.

Enter wpConnectionFactory in the Name field.

Enter jms/wpConnectionFactory in the JNDI Name field.

Enter IMSBus in the Bus Name field.

Hit OK.

Go to Resources>JMS>Queue Connection Factories.

You should see the following display.

Figure 17

3.3 Creation of Topic Connection Factories

3.3.1Create neteTCF

Go to Resources>JMS>Topic Connection Factories. Click on New.

Select Default Messaging Provider. Click on OK.

Enter neteTCF in the Name field.

Enter javax.jms.TopicConnectionFactory in the JNDI Name field.

Enter IMSBus in the Bus Name field.

Hit OK.

3.3.2 Create GeneralMonitorCF

Go to Resources>JMS>Topic Connection Factories. Click on New.

Select Default Messaging Provider. Click on OK.

Enter GeneralMonitorCF in the Name field.

Enter com/netegrity/idm/GeneralMonitorCF in the JNDI Name field.

Enter IMSBus in the Bus Name field.

Hit OK.

Go to Resources>JMS>Topic Connection Factories.

You should see the following display.

Figure 18

3.4 Creation of Queues

3.4.1 Create IMSEvents

Go to Resources>JMS>Queues. Click on New.

Select Default Messaging Provider. Click on OK.

Enter IMSEvents in the Name field.

Enter com.netegrity.ims.msg.queue in the JNDI Name field.

Select IMSBus in the Bus Name field.

Select IMSEvents in the Queue Name field.

Hit OK.

3.4.2 Create wpServAutoActQueue

Go to Resources>JMS>Queues. Click on New.

Select Default Messaging Provider. Click on OK.

Enter wpServAutoActQueue in the Name field.

Enter queue/wpServAutoActQueue in the JNDI Name field.

Select IMSBus in the Bus Name field.

Select wpServAutoActQueue in the Queue Name field.

Hit OK.

3.4.3 Create queue/wpUtilQueue

Go to Resources>JMS>Queues. Click on New.

Select Default Messaging Provider. Click on OK.

Enter wpUtilQueue in the Name field.

Enter queue/wpUtilQueue in the JNDI Name field.

Select IMSBus in the Bus Name field.

Select wpUtilQueue in the Queue Name field.

Hit OK.

3.4.4 Create RuntimeStatusDetailQueue

Go to Resources>JMS>Queues. Click on New.

Select Default Messaging Provider. Click on OK.

Enter RuntimeStatusDetailQueue in the Name field.

Enter queue/RuntimeStatusDetailQueue in the JNDI Name field.

Select IMSBus in the Bus Name field.

Select RuntimeStatusDetailQueue in the Queue Name field.

Hit OK.

Go to Resources>JMS>Queues.

You should see the following display.

Figure 19

3.5 Creation of Topics

3.5.1 Create ServerCommand Topic

Go to Resources>JMS>Topics. Click on New.

Select Default Messaging Provider. Click on OK.

Enter ServerCommand in the Name field.

Enter topic/ServerCommandTopic in the JNDI Name field.

Select IMSBus in the Bus Name field.

Select ServerCommand in the Topic Space field.

Hit OK.

Go to Resources>JMS>Queues.

You should see the following display.

Figure 20

3.5.2 Creation of Activation Specifications

Create act

Go to Resources>JMS>Activation Specifications. Click on New.

Select Default Messaging Provider. Click on OK.

Enter act in the Name field.

Enter ACT in the JNDI Name field.

Enter Queue in the Destination Type.

Enter com.netegrity.ims.msg.queue in the Destination JNDI Name.

Select IMSBus in the Bus Name field.

Hit OK.

Create wpServAutoActActSpec

Go to Resources>JMS>Activation Specifications. Click on New.

Select Default Messaging Provider. Click on OK.

Enter wpServAutoActActSpec in the Name field.

Enter jms/wpServAutoActActSpec in the JNDI Name field.

Enter Queue in the Destination Type.

Enter queue/wpServAutoActQueue in the Destination JNDI Name.

Select IMSBus in the Bus Name field.

Hit OK.

Create wpUtilActSpec

Go to Resources>JMS>Activation Specifications. Click on New.

Select Default Messaging Provider. Click on OK.

Enter wpUtilActSpec in the Name field.

Enter jms/wpUtilActSpec in the JNDI Name field.

Enter Queue in the Destination Type.

Enter queue/wpUtilQueue in the Destination JNDI Name.

Select IMSBus in the Bus Name field.

Hit OK.

Create ServerCommand

Go to Resources>JMS>Activation Specifications. Click on New.

Select Default Messaging Provider. Click on OK.

Enter ServerCommand in the Name field.

Enter ServerCommand in the JNDI Name field.

Enter Topic in the Destination Type.

Enter topic/ServerCommand in the Destination JNDI Name.

Select IMSBus in the Bus Name field.

Hit OK.

Create RuntimeStatusDetailQueue

Go to Resources>JMS>Activation Specifications. Click on New.

Select Default Messaging Provider. Click on OK.

Enter RuntimeStatusDetailQueue in the Name field.

Enter jms/RuntimeStatusDetailQueue in the JNDI Name field.

Enter Queue in the Destination Type.

Enter queue/RuntimeStatusDetailQueue in the Destination JNDI Name.

Select IMSBus in the Bus Name field.

Hit OK.

Go to Resources>JMS>Activation Specifications.

You should see the following display.

Figure 21

4 Creation of Mail Session

Go to Mail>Mail Sessions. Click on New.

Enter mailMail in the Name field.

Enter mail/Mail in the JNDI Name field. Click OK.

Go to Mail>Mail Sessions.

You should see the following display.

Figure 22

Note: Please provide your corporate SMTP mail server hostname in the mail transport host and mail store host properties of this session

5. Set Web Container Custom Properties

Go to Application Servers and select your server.

Click on Web Container. Click on Custom Properties.

Enter the following customer property with the value true: com.ibm.ws.webcontainer.invokefilterscompatibility.

On your server's custom properties page, you should see the following.

Figure 23

6. Deploy ear file in websphere.

6.1 To deploy the CA Stylesheet ear (ca-stylesr5.1.1.ear).

In the WebSphere Administrative Console, go to Applications, Install New Application.

Choose Local file system and select the compressed ca-stylesr5.1.ear.

Do not specify a context root.

Click Next.

Keep all default settings.

For Virtual Host settings, choose default_host for Web modules.

Click Next.

Under Select installation options, ensure that Distribute application and Create MBeans for resources are checked.

Click Next.

Under Map modules to servers, ensure that the cell and server name are listed.

Select the Module CA Styles r5.1.1 and click Next.

Under Map virtual hosts for Web modules, select Web module CA Styles R5.1.

Ensure that default_host is selected under Virtual host column, then click Next.

Click Finish.

The application is installed.

Click Save to Master Repository.

The nodes in the cluster are synchronized.

Go to Applications, Install New Application and click Start.

The status is Started.

Note: The preceding procedure applies to WebSphere 6.1 only.

6.2 To deploy the Identity Minder ear (WAS_IMr12.ear)

Choose the EAR file, as shown:

Figure 24

Click Next.

Select Precompile JavaServer Pages files, as shown:

Figure 25

Click Next.

Select all of modules to map, as shown:

Figure 26

Click Next.

Map the Activation Specs as follows:

Associate SubscriberMessageEJB with ACT.

Associate ServerCommandsEJB with ServerCommand

Associate RuntimeStatusDetailEJB with jms/RuntimeStatusDetailQueue

Associate ServerAutomatedActivityMDBean with jms/wpServAutoActActSpec.

Associate UtilityMDBean with jms/wpUtilActSpec.

Figure 27

Map virtual hosts to web modules, as shown:

Figure 28

Ensure that the summary appears as follows:

Figure 29

Save to Master Repository.

6.3 Create Policy Server and workflow connector objects

In the WebSphere Administrative Console, go to Application servers, your_server, Install Applications, IdentityMinder, Manage Modules.

Figure 30

Choose PolicyServerRA:

Figure 31

  • Create the Policy Server connector object with the JNDI, as nete/rar/PolicyServerConnection

    Figure 32

  • Create the Workflow connector object. Under the WorkflowRA module, use Workflow for the JNDI name.

    Figure 33

Restart the server.

6.4 Modify the UserConsole.war to not use Websphere Classes

The deployment.xml file needs to be edited to ensure the UserConsole.war does not use WebSphere classes . Note: This can also be achieved alternatively thru the websphere admin console by selecting child class loader first for the IMS-UI module.

To edit the deployment.xml file

Edit the deployment.xml found in the following location:

WebSphere_NODE_HOME     \profiles\AppSrv02\config\cells\BaseIDMNode02Cell\applications\IdentityMinder.ear\deployments\IdentityMinder\deployment.xml    

Change the following lines:

 <classloader xmi:id="Classloader_1202404294500" mode="PARENT_FIRST"/>    
 <modules xmi:type="appdeployment:WebModuleDeployment" xmi:id="WebModuleDeployment_1202404294500"  deploymentId="1" startingWeight="4000" uri="user_console.war">    
 <targetMappings xmi:id="DeploymentTargetMapping_1202404294501" target="ServerTarget_1202404294500"/>    
 <classloader xmi:id="Classloader_1202404294501"/>    
 </modules>       

to the following lines:

 <classloader xmi:id="Classloader_1202404294500" mode="PARENT_FIRST"/>    
 <modules xmi:type="appdeployment:WebModuleDeployment" xmi:id="WebModuleDeployment_1202404294500"  deploymentId="1" startingWeight="4000" uri="user_console.war" classloaderMode="PARENT_LAST">    
 <targetMappings xmi:id="DeploymentTargetMapping_1202404294501" target="ServerTarget_1202404294500"/>    
 <classloader xmi:id="Classloader_1202404294501"/>    
 </modules>       

Restart the WebSphere application server.

7. Create JDBC resources in Websphere.

7.1 Prerequisites

Oracle 10g database.

Initial DBA access on Identity Manager database. It can be revoked later

7.2 Creation of resources

Within the WebSphere administrative console, open the appropriate data source descriptor.

Change the JndiName in the data source descriptor according to the following:

Task Persistence: jdbc/idm

Workflow: jdbc/WPDS

Auditing: auditDbDataSource

Reporting: jdbc/reportsnapshot (Please read highlighted note below for this JNDI)

Object Store: jdbc/objectstore

IMCUSTOM: jdbc/IMCUSTOM

Change the DatabaseName, User, and Password in the data source descriptor to the appropriate values for the new database.

The database schema (SQL scripts) will be automatically applied when you restart Identity Manager.

Add the following to Custom Properties:

 user=<username>, password=<password>

Note: the schema name(user) for reporting JNDI (jdbc/reportsnapshot) is different than remaining JNDI

Note: Ensure that the JDBC provider is created as XA. Below is the screenshot for datasource Object store. Provide similar information for remaining datasources and make sure you can test the connections successfully.

Figure 34