Web Services Security Guides › CA SiteMinder WSS Agent for Oracle WebLogic Guide › Install the SiteMinder WSS Agent for WebLogic on a Windows System

Install the SiteMinder WSS Agent for WebLogic on a Windows System

This section contains the following topics:

Set the JRE in the Path Variable

Apply the Unlimited Cryptography Patch to the JRE

Configure the JVM to Use the JSafeJCE Security Provider

Run the Installer to Install a SiteMinder WSS Agent

(Optional) Install a SiteMinder WSS Agent Using the Unattended Installer

Installation and Configuration Log Files

How to Configure Agents and Register a System as a Trusted Host

Uninstall a SiteMinder WSS Agent

Set the JRE in the Path Variable

Set the Java Runtime Environment (JRE) in the Windows path variable.

Follow these steps:

Open the Windows Control Panel.
Double-click System.
Add the location of the Java Runtime Environment bin directory to the Path system variable in the Environment Variables dialog.

Apply the Unlimited Cryptography Patch to the JRE

Patch the Java Runtime Environment (JRE) used by the Agent to support unlimited key strength in the Java Cryptography Extension (JCE) package. The patches for all supported platforms are available from the Oracle website.

The files that need to be patched are:

local_policy.jar
US_export_policy.jar

The local_policy.jar and US_export_policy.jar files can found be in the following locations:

Windows
jre_home\lib\security
UNIX
jre_home/lib/security

jre_home: Defines the location of your Java Runtime Environment installation.

Note: If WebLogic has been configured to use its own JRE then you must also patch the JRE used by WebLogic to support unlimited key strength in the Java Cryptography Extension (JCE) package.

Configure the JVM to Use the JSafeJCE Security Provider

The SiteMinder WSS Agent XML encryption function requires that the JVM is configured to use the JSafeJCE security provider.

Follow these steps:

Add a security provider entry for JSafeJCE (com.rsa.jsafe.provider.JsafeJCE) to the java.security file located in the following location:
- JRE_HOME\lib\security (Windows)
- JRE_HOME/lib/security (UNIX)
JRE_HOME

Is the installed location of the JRE used by the application server.

In the following example, the JSafeJCE security provider entry has been added as the second security provider:
```
security.provider.1=sun.security.provider.Sun
security.provider.2=com.rsa.jsafe.provider.JsafeJCE
security.provider.3=sun.security.rsa.SunRsaSign
security.provider.4=com.sun.net.ssl.internal.ssl.Provider
security.provider.5=com.sun.crypto.provider.SunJCE
security.provider.6=sun.security.jgss.SunProvider
security.provider.7=com.sun.security.sasl.Provider
```
Note: If using the IBM JRE, always configure the JSafeJCE security provider immediately after (that is with a security provider number one higher than) the IBMJCE security provider (com.ibm.crypto.provider.IBMJCE)
Add the following line to JRE_HOME\lib\security\java.security (Windows) or JRE_HOME/lib/security/java.security (UNIX) to set the initial FIPS mode of the JsafeJCE security provider:
```
com.rsa.cryptoj.fips140initialmode=NON_FIPS140_MODE
```
Note: The initial FIPS mode does not affect the final FIPS mode you select for the SiteMinder WSS Agent.