TAM API Setup for WebSphere Portal

Following are the installations and Configurations to be done for using TAM API

  1. Access Manager Runtime for Java
  2. pdjrtecfg utility to configure Access Manager runtime for java (utility gets installed with access manager runtime for Java)
  3. svrsslcfg to configure SSL connection to policy server.

————————Windows Setup———————————–

————————AIX Setup———————————–

Windows: Installing Access Manager Runtime for Java

The following procedure uses the setup.exe program to install the Access Manager Runtime for Java package and thepdjrtecfg utility to configure it.

To install and configure a Tivoli Access Manager Runtime for Java system on Windows® 2003, Windows Vista or Windows XP, follow these steps.

  1. Log on as a user with Administrator group privileges.
  2. Ensure that all necessary operating system patches are installed. Also ensure that you have reviewed the most-recent release information, including system requirements, disk space requirements, and known defects and limitations in theIBM Tivoli Access Manager for e-business: Release Notes or Technotes in the support knowledge database.
  3. Insert the IBM Tivoli Access Manager Base for Windows CD.
  4. Install the Tivoli Access Manager packages. To do so, run the setup.exe file, located in the following directory:

\windows\PolicyDirector\Disk Images\Disk1

Follow the online instructions and select to install the following packages:

    • Access Manager License
    • Access Manager Runtime for Java
  1. Ensure that either IBM® Java™ Runtime 1.5.0 SR5 provided with Tivoli Access Manager or the JRE provided with WebSphere® Application Server 6.1 is installed. For instructions on installing IBM Java Runtime 1.5.0 SR5, see pageWindows: Installing IBM Java Runtime.

Access Manager Runtime for Java configures additional security features into the specified JRE and only these two JREs are supported.

  1. To view status and messages in a language other than English, which is the default, install your language support packagebefore configuring packages. For instructions, see Installing language support packages for Tivoli Access Manager.
  2. To set up Access Manager Runtime for Java with a configuration type of Full, ensure that both the policy server and registry server are running. If the configuration type is standalone, this step is not required.
  3. To configure the Access Manager Runtime for Java component, change to the c:\Program Files\Tivoli\Policy Director\sbindirectory and enter the following:

PDJRTEcfg configuration

“c:\Program Files\Tivoli\Policy Director\sbin\pdjrtecfg.exe” -action config -host TORPDQ10 -port 9043 -java_home “C:\IBM\WebSphere\AppServer\java\jre”

Svrsslcfg Configuration

Go to C:\ibm\WebSphere\AppServer\java\jre\bin and run the below command

java com.tivoli.pd.jcfg.SvrSslCfg -action config -admin_id sec_master -admin_pwd celP0rta11 -appsvr_id PDPermissionjapp -appsvr_pwd password -host TORPDQ10 -mode remote -port 9043 -policysvr TORPDQ10:7135:1 -authzsvr TORPDQ10:7136:1 -cfg_file D:\IBM\WebSphere\AppServer\java\jre\PolicyDirector\PDPerm.properties -key_fileD:\IBM\WebSphere\AppServer\java\jre\PolicyDirector\pdperm.ks -domain Default -cfg_action create

AIX®: Installing Access Manager Runtime for Java

The following procedure uses installp to install Access Manager Runtime for Java and the pdjrtecfg utility to configure it.

  1. Log on as root.
  2. Ensure that all necessary operating system patches are installed. Also, ensure that you have reviewed the most-recent release information, including system requirements, disk space requirements, and known defects and limitations. See theIBM Tivoli Access Manager for e-business: Release Notesor Technotes in the support knowledge database.
  3. Insert the IBM Tivoli Access Manager Base for AIX CD and mount it.
  4. Install the Tivoli Access Manager packages:

5. installp -acgYXd cd_mount_point/usr/sys/inst.images packages

where cd_mount_point is the directory where the CD is mounted and packages are as follows:

PD.lic

Specifies the Access Manager License package.

PDJ.rte

Specifies the Access Manager Runtime for Java package.

  1. Ensure that either IBM® Java™ Runtime 1.5.0 SR5 provided with Tivoli Access Manager or the JRE provided with WebSphere® Application Server 6.1 is installed. For instructions on installing IBM Java Runtime 1.5.0 SR5, see page AIX: Installing IBM Java Runtime.

Access Manager Runtime for Java configures additional security features into the specified JRE and only these two JREs are supported.

  1. Unmount the CD.
  2. To view status and messages in a language other than English, which is the default, install your language support packagebefore configuring packages. For instructions, see Installing language support packages for Tivoli Access Manager.
  3. To set up a Tivoli Access Manager Runtime for Java system with a configuration type of Full, ensure that both the policy server and registry server are running. If the configuration type is standalone, this step is not required.
  4. Before configuring the Access Manager Runtime for Java component, ensure that either the IBM Java Runtime 1.5.0 SR5 provided with Tivoli Access Manager or the JRE provided with WebSphere Application Server 6.1 can be located using the PATH environment variable.
  5. To configure the Access Manager Runtime for Java component, change to the /opt/PolicyDirector/sbin directory and enter the following:

PDJRTEcfg configuration

./pdjrtecfg -host TORPDQ10 -port 9043 -java_home /IBM61/WebSphere/AppServer/java/jre

Svrsslcfg Configuration

Go to /IBM61/WebSphere/AppServer/java/jre/bin and run the below command

java com.tivoli.pd.jcfg.SvrSslCfg -action config -admin_id sec_master -admin_pwd celP0rta11 -appsvr_id PDPermissionjapp -appsvr_pwd password -host TORPDQ10 -mode remote -port 9043 -policysvr TORPDQ10:7135:1 -authzsvr TORPDQ10:7136:1 -cfg_file /IBM61/WebSphere/AppServer/java/jre/PolicyDirector\PDPerm.properties -key_file/IBM61/WebSphere/AppServer/java/jre/PolicyDirector\pdperm.ks -domain Default -cfg_action create

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s