Web Agent Guides › Web Agent Option Pack Guide › Deploy Federation Web Services for Federation › Deploy Federation Web Services as a Web Application › Set Up WebSphere to Work with Federation Web Services

Set Up WebSphere to Work with Federation Web Services

To enable FWS in a federated environment for a CA SiteMinder®/WebSphere Application Server (WAS) configuration, deploy the FWS application.

On Systems 2 and 5, deploy FWS. These systems must also have WAS and the associated WAS Fix Pack, if applicable. On Systems 1 and 4, install the Web Agent and the WAS Proxy Plug-in. Enable SSL between the proxy and the WAS.

The following illustration shows a CA SiteMinder® and WebSphere sample configuration.

Prerequisites:

• Install WAS on systems that have the WebSphere Application Server installed.
• Complete the deployment procedure for the Web Agent at the asserting party and the relying party.

After installing the software components on the systems in the illustration, deploy FWS on System 2 and System 5 by following these steps:

1. Set the WebSphere LD_LIBRARY_PATH variable.
2. Create a SmHost.conf file.
3. Create a WebAgent.conf file.
4. Modify the AffWebServices.properties file.
5. Copy option pack library files to WebSphere.
6. Deploy a Federation Web Services WAR File in WebSphere.

Source the Environment Script on a UNIX Operating Environments

After you install the Web Agent Option Pack on a UNIX system, the installation program creates an environment script (ca-wa-opack-env.sh).

Source the environment script so the library path of the application server points to the location of the Web Agent Option Pack /bin directory.

Source the script by entering the following command at the command line:

. ./ca-wa-opack-env.sh

Setting the correct library path lets the option pack and the web or application server to work together.

After you source the script, the library path is set. The variable name for the library path differs depending on the operating system. Example of several library paths:

Solaris/Linux

LD_LIBRARY_PATH=/webagent_option_pack_home/bin

HP-UX

SHLIB_PATH=/webagent_option_pack_home/bin

AIX

LIBPATH=/webagent_option_pack_home/bin

Important! The application server startup script can reset the library path. Ensure that the path to the Web Agent Option Pack is the first entry in the path.

The path to the Web Agent Option Pack environment script points to one of the following locations:

• The installation directory of the web agent option pack. The default location is: /webagent_option_pack_home/bin.
• The installation directory of the web agent.

  If you install the option pack on the same system as the web agent, the script resides in the web agent directory. For any UNIX installation, the default location is /web_agent_home/bin.

Create an SmHost.conf File

The FWS application requires the SmHost.conf file. However, the Web Agent Option Pack does not install this file, so you must create it.

To create an SmHost.conf file

1. Create an SmHost.conf file by running smreghost.exe, which is located in the following directory:

   /webagent_option_pack_home/bin

2. Put the SmHost.conf file in the following directory on System 2 and System 5:

   /webagent_option_pack_home/config

Create a WebAgent.conf File

The FWS application requires the WebAgent.conf file; however, the Web Agent Option Pack does not install this file so you must create it.

To create a WebAgent.conf file

1. Copy the WebAgent.conf file from System 1 to the following directory on System 2 and System 5:

   /webagent_option_pack_home/config

   where,

   webagent_option_pack_home

   Defines the installed location of the Web Agent Option Pack on System 2 and System 5.

2. Modify the WebAgent.conf file by:
   1. Setting the EnableWebAgent parameter to YES.
   2. Modifying any other configuration parameters to suit the environment for the FWS application.

The following sample shows a WebAgent.conf file for the FWS application:

# WebAgent.conf - configuration file for the Federation Web Services Application
#agentname="<agent_name>, <IP_address>"
HostConfigFile="/<webagent_option_pack>/config/SmHost.conf"
AgentConfigObject="<agent_config_object_name>"
EnableWebAgent="YES"

Modify the FWS Properties File

The AffWebServices.properties file contains all the initialization parameters for Federation Web Services. For deploying FWS, set only the parameter that specifies the location of the WebAgent.conf file.

Follow these steps:

1. Navigate to the AffWebServices.properties file. Locate this file in the following directory:

   web_agent_optionpack_home/affwebservices/WEB-INF/classes

2. Set the AgentConfigLocation parameter to the location of the WebAgent.conf file at each partner site.
   • Windows example:

     C:\\Program Files\\CA\\webagent_optionpack\\config\\WebAgent.conf

     Note: Federation Web Services is a Java component, so the Windows paths must contain double backslashes.

   • UNIX example:

     web_agent_optionpack_home/config/WebAgent.conf

   • Windows example for the SPS federation gateway

     sps_home\\proxy-engine\\conf\\defaultagent\\WebAgent.conf

   • UNIX example for the SPS federation gateway

     sps_home/proxy-engine/conf/defaultagent/WebAgent.conf

3. Repeat this procedure for each application server where the Web Agent Option Pack is installed.
4. Accept the default values for the rest of the settings in the properties file.

Copy Web Agent Option Pack Libraries to WebSphere

Copy the Web Agent Option Pack library files on System 2 and System 5.

Follow these steps:

1. Copy the following files from the directory \webagent_option_pack\bin
   • smcommonutil.dll
   • smerrlog.dll
   • smfedclientcomponent.dll
   • smjavaagentapi.dll
2. Place the copied libraries in the following directory:

   \WebSphere_home\AppServer\bin

Deploy a Federation Web Services WAR File in WebSphere

To deploy the FWS WAR file

1. Create a WAR file of the Federation Web Services application. The application is installed in:

   \webagent_option_pack\affwebservices\

   For more information about creating a WAR file, see WebSphere documentation.

2. Deploy the WAR file using WebSphere Administrator Console.

   For more information, see WebSphere documentation.

   Important! If you make subsequent changes to any of the properties files in the affwebservices directory, recreate a WAR file and redeploy this file in the application server.

3. From the WebSphere Administrator Console, go to Applications, Enterprise Applications.
4. Select the name of the web services WAR file, such as affwebservices_war.
5. On the Configuration tab:
   1. Set the Classloader Mode.

      There are two possible modes for class loading:

      • Classes loaded with the parent class loader first (default)
      • Classes loaded with the local class loader first

      The mode you select is implementation-dependent. In releases before 7.0, these modes were named PARENT_FIRST and PARENT_LAST. See the WebSphere documentation for further information.

   2. Set WAR Classloader Policy to Application.
   3. Save the settings.
6. Test that the Federation Web Services application is working by opening a web browser and entering:

   http://fqhn:port_number/affwebservices/assertionretriever

   where,

   fqhn

   Defines the fully qualified host name.

   port_number

   Defines the port number of the server where the Federation Web Services application is installed.

   For example:

   http://myhost.ca.com:81/affwebservices/assertionretriever

   If Federation Web Services is operating correctly, the following message appears:

   Assertion Retrieval Service has been successfully initialized.
   The requested servlet accepts only HTTP POST requests.
   

   This message indicates that Federation Web Services is listening for data activity.

   When the Federation Web Services is not operating correctly, a message states that the Assertion Retrieval Service has failed. If the Assertion Retrieval Service fails, verify the Federation Web Services log.

Note: For more information about enabling trace logging for the FWS application, see Trace Logging.