Installing on a system where the IBM Verify Identity Governance is installed

Edit online

You must install the single sign-on application by using the IBM WebSphere Application Server administrative console.

Before you begin

Familiarize yourself with the SSO application details and installation requirements before you install it.

You must install the IBM WebSphere Application Server fixes that are specified in the IBM Verify Identity Governance Release Notes. Use the installation instructions in the Release Notes to install the fixes. Install the SSO application on the IBM WebSphere Application Server where the IBM Security Identity Manager is installed.

About this task

When you install the SSO application on the same system where IBM Verify Identity Governance is installed, SSO authentication uses the IBM Verify Identity Governance web services. The WebSphere® Liberty returns an LTPA token when you authenticate with the WebSphere Liberty.

Procedure

  1. Build the SSO application to create the itim_ws.war file.
    For information about building the application, see Building the SSO application.
  2. Install the application by using the IBM WebSphere Application Server administrative console.
    1. Log on to the IBM WebSphere Application Server administrative console.
      For example, http://localhost:9060/ibm/console
    2. Click Applications > New Applications > New Enterprise Application.
    3. In the Path to the new application area, select Local file system.
    4. Click Browse to set Full path to the location of the itim_ws.war file.
    5. Click Next.
    6. In the How do you want to install the application area, select Detailed - Show all installation options and parameters.
    7. Click Next.
    8. At the Application Security Warnings window, click Continue.
    9. Click the Map context roots for Web modules step and specify the context root value as /itim_ws.
    10. Click Map security roles to users or groups step. Select the ITIM_CLIENT role
    11. Click Map Special Subjects > All Authenticated in Trusted Realms.
    12. Click Next repeatedly until the Summary window is displayed.
    13. Click Finish.
    14. Click Save to save your changes directly to the master configuration.
  3. Update the class loader properties
    1. Click Applications > Application Types > WebSphere enterprise applications.
    2. Click itim_ws.war.
    3. Under Detailed Properties, click Class loading and update detection.
    4. Select Classes loaded with local class loader first (parent last) for the Class loader order and Single class loader for application for the WAR class loader policy.
    5. Click OK.
    6. Click Save to save your changes directly to the master configuration.

What to do next

The SSO application works only with its own authentication by using the IBM Verify Identity Governance user registry. You must enable authentication with WebSEAL.