IBM Security Access Manager for Enterprise Single Sign-On, Version 8.2

Setting up a cluster (network deployment)

Clusters enable you to scale your IBM® Security Access Manager for Enterprise Single Sign-On configuration. Clusters enable enterprise applications to be highly available because requests are automatically routed to the running servers in the event of a failure. A clustered deployment is typically used in enterprise production environments.

Figure 1. IBM Security Access Manager for Enterprise Single Sign-On in a two-node network deployment cluster example for high availability.
Figure showing IBM Security Access Manager for Enterprise Single Sign-On deployed on a two-node network deployment cluster for high availability.

For more information about planning and deployment considerations when setting up a cluster, see the IBM Security Access Manager for Enterprise Single Sign-On Planning and Deployment Guide.

Road map

Install and prepare the following middleware before you run the IMS Server installation:

  1. Prepare the database server.
  2. Prepare the directory server.
  3. Prepare WebSphere® Application Server.
  4. Prepare IBM HTTP Server.
  5. Optional: Install the Tivoli Common Reporting component.

You must prepare the following middleware components for use with the IBM Security Access Manager for Enterprise Single Sign-On:

Database server
The database server hosts single sign-on user identities and Wallets. You can install a new instance of a database server or reuse an existing instance.
WebSphere Application Server
The WebSphere Application Server provides a centralized application administration platform that extends the ability of a web server to handle web application requests. The IBM Security Access Manager for Enterprise Single Sign-On IMS Server is a WebSphere application. To reuse an existing application server, you must install and configure it manually.
IBM HTTP Server
The IBM HTTP Server is a separate, dedicated web server that is configured to work with the application server.
Tivoli Common Reporting (optional)
Tivoli Common Reporting is an integrated reporting solution that lets you link multiple reports across various Tivoli products and simplify report navigation and access.
Directory server
A directory server or LDAP repository authenticates a user and retrieves information about users and groups to perform security-related functions, including authentication and authorization. You can install a new instance of a directory server or reuse an existing instance.

If you are reusing existing middleware that was previously deployed, apply the minimum supported fix packs before installing the IMS Server.

  1. Creating and choosing profiles for network deployments
    A WebSphere Application Server profile defines the runtime environment. High availability application-serving environments require multiple profiles to manage the complexity of the system.
  2. Configuring WebSphere Application Server for a cluster
    Define the cluster and apply required security settings for WebSphere Application Server before you install the IMS Server in a cluster.
  3. Configuring the IBM HTTP Server plug-in and securing the connection (network deployment)
    Deploy the IBM HTTP Server plug-in and configure connection requests to forward connections over secure Secure Sockets Layer (SSL) to the WebSphere Application Server.
  4. Configuring the IMS Server for a cluster
    You can install the IMS Server by using the IMS Server installer or by deploying the IMS Server Enterprise Archive (EAR) files manually on WebSphere.
  5. Adding application servers to a cluster
    You can add an additional IBM Security Access Manager for Enterprise Single Sign-On cluster member node to a WebSphere Application Server cluster.
Parent topic: Installing the IMS Server
Related concepts:
New server installation on a clustered deployment (end-to-end)
Server installation reusing existing middleware
IMS Server installation road map

Feedback