This task configures the WebSphere Liberty classpath variables to point to IBM Security Verify Access.
Before you begin
Depending on how your system administrator customized your system, you might not
have access to this task. To obtain access to this task or to have someone complete it for you,
contact your system administrator.
IBM Security Verify Access must be installed.
About this task
Perform these steps on the WebSphere Liberty that hosts IBM Verify Identity Governance.
Procedure
- Open a command window.
- Set up the WebSphere Liberty
environment to modify the variables.
Type one of the following commands.
- Add
PD.jar to the class path. Type one of the following
commands on one line.
Note: Collect PD.jar from IBM Security Verify Access and copy the PD.jar file
to WAS_HOME/tivoli/tam directory where IBM WebSphere Application Server is
hosting IBM Security Identity
Manager.
- Run the com.tivoli.pd.jcfg.PDJrteCfg utility to configure
the Java™ Runtime Environment
component. Type one of the following commands on one line.
Note: Set variables for TIV_HOME and TAM_HOST before you run the
commands.
For IBM
WebSphere Application Server:
- Microsoft
Windows
operating
systems:
"%JAVA_HOME%"\jre\bin\java -Djava.ext.dirs="%JAVA_HOME%"\jre\lib\ext -Dfile.encoding=ISO8859-1
-Xnoargsconversion -Dwas.install.root="%WAS_HOME%" -Dpd.home="%TIV_HOME%"\PolicyDirector
-cp "%TIV_HOME%"\PD.jar com.tivoli.pd.jcfg.PDJrteCfg -action config -was -java_home "%JAVA_HOME%"\jre
-host "%TAM_HOST%" -port 7135 -cfgfiles_path "%TIV_HOME%"\ -alt_config -config_type full
- UNIX and Linux operating
systems:
${JAVA_HOME}/jre/bin/java -Djava.ext.dirs=${JAVA_HOME}/jre/lib/ext -Dfile.encoding=ISO8859-1
-Xnoargsconversion -Dwas.install.root=${WAS_HOME} -Dpd.home=${TIV_HOME}/PolicyDirector
-cp ${TIV_HOME}/PD.jar com.tivoli.pd.jcfg.PDJrteCfg -action config -was -java_home ${JAVA_HOME}/jre
-host ${TAM_HOST} -port 7135 -cfgfiles_path ${TIV_HOME}/ -alt_config -config_type full
The software generates the following message:
Configuration of Access Manager Runtime for Java completed
successfully.
- Run the SSL configuration. Type one of the following commands on one
line.
Note: Set variables TIV_HOME, TAM_HOST,
TAM_APP_HOST before running the commands.
- Microsoft
Windows
operating
systems:
"%JAVA_HOME%"\jre\bin\java -cp "%CLASSPATH%" -Dpd.cfg.home="%WAS_HOME%"\tivoli\tam
-Dfile.encoding=ISO8859-1 -Xnoargsconversion com.tivoli.pd.jcfg.SvrSslCfg
-action config -admin_id sec_master -admin_pwd %TAM_PASSWORD% -appsvr_id %APPSVR_ID%
-policysvr "%TAM_HOST%":7135:1 -port 7135 -authzsvr "%TAM_APP_HOST%":7136:1
-mode remote -cfg_file "%WAS_HOME%"\tivoli\tam\PdPerm.properties
-key_file "%WAS_HOME%"\tivoli\tam\PdPerm.ks -cfg_action create
- UNIX and Linux operating
systems:
${JAVA_HOME}/jre/bin/java -cp ${CLASSPATH} -Dpd.cfg.home=${WAS_HOME}/tivoli/tam
-Dfile.encoding=ISO8859-1 -Xnoargsconversion com.tivoli.pd.jcfg.SvrSslCfg
-action config -admin_id sec_master -admin_pwd $TAM_PASSWORD -appsvr_id $APPSVR_ID
-policysvr ${TAM_HOST}:7135:1 -port 7135 -authzsvr ${TAM_APP_HOST}:7136:1
-mode remote -cfg_file ${WAS_HOME}/tivoli/tam/PdPerm.properties
-key_file ${WAS_HOME}/tivoli/tam/PdPerm.ks -cfg_action create
- -admin_pwd
- Corresponds to the password for
sec_master in the previous tasks.
- -appsvr_id sso
- Corresponds to the IBM Security Verify Access user that was
created in the first task of the procedure.
The software generates the following message:
The configuration completed successfully.
What to do next
Configure the Trust Association Interceptor.