Installing on the First System

CA AuthMinder UNIX Installation Guide › Deploying AuthMinder on Distributed Systems › Installing on the First System

Installing on the First System

In a distributed scenario, you can distribute AuthMinder, Administration Console, Java SDKs, and Web Services on different systems, typically you install AuthMinder Server on the first system. Custom installation allows you to install only the selected components from the package. This option is recommended for advanced users.

Note: Before proceeding with the installation, ensure that all the prerequisite software are installed and the database is set up, as described in chapter, "Preparing for Installation".

Perform the following steps to install AuthMinder and related components:

Log in and navigate to the directory where you untarred the installer.
Ensure that you have the permission to run the installer. If not, you must run the following command:
```
chmod a=rx Arcot-WebFort-7.1-<platform_name>-Installer.bin
```
Run the installer as follows:
```
prompt> sh Arcot-WebFort-7.1-<platform_name>-Installer.bin
```
If you are running the installer with root login, then a warning message appears. Enter Y to continue, or N to quit the installation. If you exit the installer, then you must run the installer again.

The Welcome message appears.
Press Enter to continue with the installation.
The License Agreement for AuthMinder appears.
On the License Agreement page:
1. Read the text carefully and press Enter to display the next page of the license text. You might have to press Enter multiple times, until the entire text for License Agreement is displayed.
  At the end of the license agreement, you will be prompted for acceptance of the terms of license agreement (DO YOU ACCEPT THE TERMS OF LICENSE AGREEMENT?).
2. Enter y to accept the acceptance of License Agreement and to continue with the installation.
Note: If you press n, then a warning message will be displayed and the installation will be aborted.

The Choose Installation Location options appear.
Perform one of the following steps:
- If the installer detects an existing Arcot home directory, then it displays the path to that directory. Press Enter to accept this directory path.
- If the installer does not detect an existing Arcot home directory, it displays the default directory path and prompts you to either accept the default path or specify a new path. Press Enter if you want to accept the default path. Alternatively, enter the absolute path of the directory where you want to install AuthMinder and press Enter to continue.
  Note: The installation directory name that you specify must not contain spaces. Otherwise, some AuthMinder scripts and tools might not function as intended.
The installation types (Complete and Custom) supported by AuthMinder appear.
Select the required option and press Enter to continue with the installation.
Note: If you have selected option 1, then a new folder arcot will be created in the specified location.

The installation types (Complete and Custom) supported by AuthMinder appear.
Type 2 and press Enter to accept the Custom installation option and to continue with the installation.
The Choose Product Features options appear. Use these options to select the specific components that you want to install on the system.
Specify a comma-separated list (without any space between the comma and the number) of numbers representing the AuthMinder components you would like to install.
On the first system, you will install the following components:
1. Arcot WebFort Authentication Server
2. Arcot Administration Console
3. Arcot User Data Service
The following table describes all components that are installed by the AuthMinder installer and the numbers that you must enter to install them.

Option	Component	Description
1	Arcot WebFort Authentication Server	This option installs the core Processing engine (WebFort Server) that serves the following requests from SDKs, Administration Console, and web services: Credential Issuance Configurations Credential Authentication Configurations Server Configurations In addition, this component also enables you to access the following Web services: Authentication and Authorization Web service - Provides the programming interface for authenticating and authorizing users. Issuance SDK and Web Services - Provides the programming interface for creating, reading, and updating user credential information in the AuthMinder database. Authentication Web Service - Provides the programming interface for authenticating users. Credential Management Web Service - Provides the programming interface for creation and management of user credentials. Administration Web Service - Provides the programming interface used by the AuthMinder Administration Console. Bulk Operations Web Service: Provides the programming interface for uploading and fetching OATH tokens.
2	Arcot WebFort Java SDK and WS	This option provides programming interfaces (in form of APIs and Web Services) that can be invoked by your application to forward authentication and user credential issuance requests to the AuthMinder Server. This package comprises the following sub-components: Authentication Java SDK and Web Services- Provides the programming interface for authentication with AuthMinder Server. Credential Management Java SDK and Web Services - Provides the programming interface for creation and management of user credentials. Administration Web Service - Provides the programming interface for creating configurations. Bulk Operations Web Service: Provides the programming interface for uploading and fetching OATH tokens. Refer to chapter, "Configuring AuthMinder Java SDKs and Web Services" for more information on configuring these components.
3	Arcot WebFort Sample Application	This option provides Web-based interface for demonstrating the usage of AuthMinder Java APIs. In addition, it can also be used to verify if AuthMinder was installed successfully, and if it is able to perform credential management and authentication requests.
4	Arcot Administration Console	This option provides the Web-based interface for managing AuthMinder Server and authentication-related configurations.
5	Arcot User Data Service	This option installs UDS that acts as an abstraction layer for accessing different types of user repositories, such as relational databases (RDBMSs) and directory servers (LDAPs.)

After you have entered the numbers corresponding to the desired components for installation, press Enter to continue.
The database types supported by AuthMinder appear.
Specify the number corresponding to the database, and press Enter to continue:
- 1 - Microsoft SQL Server
- 2 - IBM DB2 (UDB)
- 3 - Oracle Database
- 4 - MySQL
The Primary Database Access Configuration options appear.
Depending on the database that you are using:
- Specify the information listed in the following table if you specified 1 (Microsoft SQL Server) in the preceding step.

Parameter	Description
Primary ODBC DSN	The installer creates an ODBC connection that AuthMinder uses to connect to the database. The recommended value to enter is arcotdsn.
User Name	The database user name for AuthMinder to access the database. This name is specified by the database administrator. (MS SQL Server, typically, refers to this as login.) Note: The User Name for the Primary and Backup DSNs must be different.
Password	The password associated with the User Name you specified in the previous field and which is used by AuthMinder to access the database. This password is specified by the database administrator.
Server Name	The host name or IP address of the AuthMinder datastore. Default Instance Syntax: <server_name> Example: demodatabase Named Instance Syntax: <server_name>\<instance_name> Example: demodatabase\instance1
Port Number	The port on which the database server listens to the incoming requests. Note: Press Enter, if you want to accept the default port.
Database	The name of the MS SQL database instance.

Specify the information listed in the following table if you specified 2 (IBM DB2 (UDB)) in the preceding step:

Parameter	Description
Primary ODBC DSN	The installer creates an ODBC connection that AuthMinder uses to connect to the database. The recommended value to enter is arcotdsn.
User Name	The database user name for AuthMinder to access the database. This name is specified by the database administrator. Note: The User Name for the Primary and Backup DSNs must be different.
Password	The password associated with the User Name you specified in the previous field and which is used by AuthMinder to access the database. This password is specified by the database administrator.
Host Name	The host name or IP address of the AuthMinder datastore. Default Instance Syntax: <server_name> Example: demodatabase Named Instance Syntax: <server_name>\<instance_name> Example: demodatabase\instance1
Port Number	The port at which the Database listens to the incoming requests. Note: Press Enter, if you want to accept the default port.
Database	The name of the database that AuthMinder will access.

Specify the information listed in the following table if you specified 3 (Oracle Database Server) in the preceding step.

Parameter	Description
Primary ODBC DSN	The installer creates an ODBC connection that AuthMinder uses to connect to the database. The recommended value to enter is arcotdsn.
User Name	The database user name for AuthMinder to access the database. This name is specified by the database administrator. Note: The User Name for the Primary and Backup DSNs must be different.
Password	The password associated with the User Name you specified in the previous field and which is used by AuthMinder to access the database. This password is specified by the database administrator.
Service ID	The Oracle System Identifier (SID) that refers to the instance of the Oracle database running on the server.
Port Number	The port at which the Database listens to the incoming requests. Note: Press Enter, if you want to accept the default port.
Host Name	The host name or IP address of the AuthMinder datastore. Syntax: <server_name> Example: demodatabase

Specify the information listed in the following table if you specified 4 (MySQL) in the preceding step.

Parameter	Description
Primary ODBC DSN	The installer creates an ODBC connection that AuthMinder uses to connect to the database. The recommended value to enter is arcotdsn.
User Name	The database user name for AuthMinder to access the database. This name is specified by the database administrator. (MS SQL Server, typically, refers to this as login.) Note: The User Name for the Primary and Backup DSNs must be different.
Password	The password associated with the User Name you specified in the previous field and which is used by AuthMinder to access the database. This password is specified by the database administrator.
Server Name	The host name or IP address of the AuthMinder datastore. Default Instance Syntax: <server_name> Example: demodatabase Named Instance Syntax: <server_name>\<instance_name> Example: demodatabase\instance1
Port Number	The port on which the database server listens to the incoming requests. Note: Press Enter, if you want to accept the default port.
Database	The name of the MS SQL database instance.

The Backup Database Access Configuration options appear.

Perform one of the following steps:
- Type N to skip the configuration of the secondary DSN, when prompted, and press Enter to continue.
- Type Y to configure the secondary DSN, when prompted, and press Enter to continue.
  For information on the tasks to be performed, see the table in the preceding step.
The Encryption Configuration options appear. Use these options to select the encryption mode and set the information used for encryption.
Specify the following information:
- Master Key: Enter the master key, which will be used to encrypt the data stored in the database. By default, the value of master key is set to MasterKey. This key is stored in the securestore.enc file, which is located at <install_location>/arcot/conf.
  If you want to change the value of the master key after the installation, then you must regenerate the securestore.enc file with a new master key value. For more information, see the CA AuthMinder Administration Guide.
- Enter y if you want to use a Hardware Security Module (HSM) to encrypt the sensitive data. Enter n if you want to use the software encryption, in this case you do not have to provide the following HSM information.
- Enter 1 if you want to use Luna HSM or 2 if you want to use nCipher netHSM.
- HSM PIN: Enter the password that is used to connect to the HSM.
- Shared Library: The absolute path to the PKCS#11 shared library corresponding to the HSM.
  For Luna (libCryptoki2.so) and for nCipher netHSM (libcknfast.so), enter the absolute path and full name of the file.
- Storage Slot Number: The HSM slot where the 3DES keys used for encrypting the data are present. The default value for Luna is 0, and for nCipher netHSM the default value is 1.
  Note: The HSM parameter values are recorded in the arcotcommon.ini file located at <install_location>/arcot/conf. To change these values after installation, you must edit the arcotcommon.ini file, as discussed in appendix, "Configuration Files and Options".
Press Enter to continue.
The Pre-Installation Summary appears. This summary lists the product details, installation directory, type of installation, and components that are to be installed.
Review the product details displayed carefully and press Enter to proceed. If you would like to change a configuration option, type back until you reach the option, make the required changes, and press Enter.
The Installing message appears. This might take several minutes, because the installer now:
- Puts all the components and their related binaries in the installation directory.
- Stores database settings in the arcotcommon.ini file and the password in the securestore.enc file.
- Writes to the required INI files.
- Sets the environment variables such as, ARCOT_HOME, ODBCHOME, ODBCINI, LD_LIBRARY_PATH, LC_MESSAGES, NLS_LANG, and LC_CTYPE in the arwfenv file.
- Creates or overwrites, as specified earlier, the Primary DSN and Backup DSN (if selected and configured) using the selected ODBC driver in the odbc.ini file.
After the preceding tasks are completed successfully, the Installation Complete message appears.
Press Enter to exit the installer.
You might have to wait for a few minutes (for the installer to clean up temporary files) until the prompt re-appears.
Ensure that UTF-8 support is enabled:
1. Navigate to the <install_location>/arcot/odbc32v70wf/odbc.ini file.
2. Locate the [ODBC] section.
3. Ensure that the IANAAppCodePage=106 entry is present in the section.
4. If you do not find this entry, then add it.
5. Save and close the file.

Installation Logs

After installation, you can access the installation log file (Arcot_WebFort_Install_<mm_dd_yyyy_hh_mm_ss>.log) in the <install_location> directory. For example, if you had specified the /opt directory as the installation directory, then the installation log file is created in the /opt directory.

If the installation fails for some reason, then error messages are recorded in this log file.