This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Trouble shooting User Application
Trouble shooting User Application

Version management

Difference between version and

At line 1 added 86 lines
!!Installation Tips
Some installation and [Troubleshooting] Tips for Novell's [User Application]
!!MySQL
If you already have MySQL installed,
* Be sure you have a user that can be used in MySQL that can login from the localhost. (MySQL treats users with localhost priviliges different than the same user that has "remote" priviliges).
* Create a "schema" named idm.
* NOTE: User Appliction expects:
** character-set-server=utf8
** default-table-type=innodb
** lower_case_table_names=1!MySQL Connection Info
Is stored in the file:
{{{/idm/jboss/server/IDM/deploy/IDM-ds.xml}}}
!!Rights For User That User App Runs-as
Set this up before you install it will be a lot easier.
Be sure that tiy have a user that has rights to the directory where install the User App.
!!Starting and Stopping
You MUST make sure the Database is running before trying to start the "User Application"!
Start:
{{{
/idm/start-jboss.sh
}}}
Stop:
{{{
/idm/stop-jboss.sh
}}}
Start the driver after starting Jboss.
NOTE:The driver, upon starting, attempts a handshake with the User Application If JBoss isn’t running or the WAR wasn’t successfully deployed, the driver errors out.
!!Where is it Running
The "User Application" when installed with defaults is:
{{{
http://xxx.xxx.xxx.xxx:<port>/IDM/
}}}
!!Implementing https://
Why this is not done out-of-the-box I have no idea. We are setting up a site that changes passwords and passing them in the clear.
Also, come on; Novell you are supposed to be "smart. Why not use a directory cert??
First, generate a cert.
{{{
/opt/novell/java/bin/keytool -genkey -alias tomcat -keyalg RSA -storepass changeit -keystore /home/userapp/novell/userapp/jboss/server/IDM/conf/jboss.jks -dname "cn=JBoss,o=willeke,l=butler,s=OH,c=US" -keypass changeit
}}}
Then edit the /home/userapp/novell/userapp/jboss/server/IDM/deploy/jbossweb-tomcat55.sar/server.xml file.
Enable SSL by uncommenting or adding a section that looks like:
{{{
<Connector port="8443" address="${jboss.bind.address}"
maxThreads="100"
strategy="ms"
maxHttpHeaderSize="8192"
emptySessionPath="true"
scheme="https" secure="true"
clientAuth="false"
keystoreFile="${jboss.server.home.dir}/IDM/conf/jboss.jks"
keystorePass="changeit"
sslProtocol = "TLS" />
}}}!!Turning on the Application Security
In IDM.war, find the web.xml file and open it in a text editor. At the bottom of the file, uncomment the following section:
{{{
<security-constraint>
<web-resource-collection>
<web-resource-name>IDMProv</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
<description>IDM Provisioning Edition</description>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport guarantee>
</user-data-constraint>
</security-constraint>
}}}
Save the file and the archive. Restart JBoss.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop