Previous Topic: Web Agent Installation Guide for Apache-based serversNext Topic: Install and Configure Apache-based Agents on Windows


Preparation

This section contains the following topics:

Only Apache-based Web Server Procedures in this Guide

Hardware Requirements for CA SiteMinder® Agents

Preparation Roadmap for Apache-based web servers

How to Prepare for a Web Agent Installation on Apache-based Servers

Policy Server Requirements

Only Apache-based Web Server Procedures in this Guide

This guide only contains procedures for installing or configuring CA SiteMinder® agents on Apache-based web servers.

To install or configure a CA SiteMinder® agent on any other type of web server or operating environment, see one of the following guides:

Hardware Requirements for CA SiteMinder® Agents

Computers hosting CA SiteMinder® agents require the following hardware:

Windows operating environment requirements

CA SiteMinder® agents operating on Windows operating environments require the following hardware:

UNIX operating environment requirements

CA SiteMinder® agents operating on UNIX operating environments require the following hardware:

Preparation Roadmap for Apache-based web servers

The following illustration describes how to prepare your web server before you install a CA SiteMinder® agent:

Flowchart showing how to prepare a web server before installing a SiteMinder Agent

How to Prepare for a Web Agent Installation on Apache-based Servers

To prepare for a CA SiteMinder® agent installation on an Apache-based server, use the following process:

  1. Locate the Platform Support Matrix. Verify that your web server supports the version of the CA SiteMinder® agent that you want to install.
  2. Verify that you have an account with one of the following types of privileges for your web server:
  3. Configure the appropriate additional CA SiteMinder® agents require using one of the following lists:
  4. Verify that the Policy Server is installed and configured.
  5. Review the known issues section of the Web Agent Release Notes.
Locate the Platform Support Matrix

Use the Platform Support Matrix to verify that the operating environment and other required third-party components are supported.

Follow these steps:

  1. Log in to the CA Support site.
  2. Locate the Technical Support section.
  3. Enter CA SiteMinder® in the Product Finder field.

    The CA SiteMinder® product page appears.

  4. Click Product Status, CA SiteMinder® Family of Products Platform Support Matrices.

Note: You can download the latest JDK and JRE versions at the Oracle Developer Network.

Apache-based server Preparations for Windows operating environments

Apache-based servers running on Windows operating environments require the following preparations before installing a CA SiteMinder® agent:

  1. Install the Apache-based web server as a service for all users.
  2. Verify the presence of a logs subdirectory with the proper permissions.
Install an Apache Web Server on Windows as a Service for All Users

When an Apache-based web server is installed using a single user account, the Agent configuration cannot detect the Apache-based web server installation.

To correct this problem, select the following option when you install an Apache-based web server on a Windows operating environment:

"install as a service, available for all users".

Verify Presence of a Logs Subdirectory with Permissions for Apache-based Web Agents

For CA SiteMinder® Agents for Apache-based web servers (including IBM HTTP Server), a logs subdirectory must exist under the root directory of the Apache-based web server. This subdirectory needs Read and Write permissions for the user identity under which the Apache child process runs.

If the logs subdirectory does not exist, create it with the required permissions.

Note: This configuration requirement applies to any Apache-based web server that writes log files outside the Apache root directory.

Apache-based server Preparations on UNIX operating environments

Apache-based servers running on UNIX operating environments require the following preparations before installing a CA SiteMinder® agent:

  1. Set the display variable.
  2. Verify the presence of a logs subdirectory.
  3. Verify that the appropriate patches have been installed for your operating environment:
Set the DISPLAY For CA SiteMinder® Agent Installations on UNIX

If you are installing the CA SiteMinder® Agent on a UNIX system from a remote terminal, such as a Telnet or Exceed terminal, be sure the DISPLAY variable is set for the local system. For example, if your machine is 111.11.1.12, set the variable as follows:

DISPLAY=111.11.1.12:0.0

export DISPLAY

Note: You can also install the agent using the console mode installation, which does not require the X window display mode.

Verify Presence of a Logs Subdirectory with Permissions for Apache-based CA SiteMinder® Agents

For CA SiteMinder® Agents for Apache-based web servers (including IBM HTTP Server), a logs subdirectory must exist under the root directory of the Apache-based web server. This subdirectory needs Read and Write permissions for the user identity under which the Apache child process runs.

If the logs subdirectory does not exist, create it with the required permissions.

Note: This configuration requirement applies to any Apache-based web server that writes log files outside the Apache root directory.

Required Solaris Patches

Before installing a CA SiteMinder® Agent on a Solaris computer, install the following patches:

Solaris 9

Requires patch 111711-16.

Solaris 10

Requires patch 119963-08.

You can verify installed patch versions by logging in as the root user and executing the following command:

showrev -p | grep patch_id

To locate Solaris patches, go to the Oracle Solution Center.

AIX Requirements

CA SiteMinder® agents running on AIX systems require the following components:

Apache-based server Preparations for Linux operating environments

Apache-based servers running on Linux operating environments require the following preparations before installing a CA SiteMinder® agent:

  1. Verify that the required patches are installed.
  2. Verify that the required libraries are installed.
  3. Verify that the required tools are installed.
  4. Compile the Apache-based web server.
  5. Verify the presence of a logs subdirectory.
Required Linux Patches

The following Linux patches are required:

For Web Agents running on 64-bit Linux systems
Required Linux Libraries

Certain library files are required for components operating on Linux operating environments. Failure to install the correct libraries can cause the following error:

java.lang.UnsatisfiedLinkError 

If you are installing, configuring, or upgrading a Linux version of this component, the following libraries are required on the host system:

Red Hat 5.x:

compat–gcc-34-c++-3.4.6-patch_version.I386

libstdc++-4.x.x-x.el5.i686.rpm

Red Hat 6.x:

libstdc++-4.x.x-x.el6.i686.rpm

Additionally, for Red Hat 6.x (64-bit):

Note: All the RPM packages that are required for 64-bit Red Hat 6.x are 32-bit packages.

libXau-1.0.5-1.el6.i686.rpm

libxcb-1.5-1.el6.i686.rpm

compat-db42-4.2.52-15.el6.i686.rpm

compat-db43-4.3.29-15.el6.i686.rpm

libX11-1.3-2.el6.i686.rpm

libXrender-0.9.5-1.el6.i686.rpm

libexpat.so.1 (provided by expat-2.0.1-11.el6_2.i686.rpm)

libfreetype.so.6 (provided by freetype-2.3.11-6.el6_2.9.i686.rpm)

libfontconfig.so.1 (provided by fontconfig-2.8.0-3.el6.i686.rpm)

libICE-1.0.6-1.el6.i686.rpm

libuuid-2.17.2-12.7.el6.i686.rpm

libSM-1.1.0-7.1.el6.i686.rpm

libXext-1.1-3.el6.i686.rpm

compat-libstdc++-33-3.2.3-69.el6.i686.rpm

compat-db-4.6.21-15.el6.i686.rpm

libXi-1.3-3.el6.i686.rpm

libXtst-1.0.99.2-3.el6.i686.rpm

libXft-2.1.13-4.1.el6.i686.rpm

libXt-1.0.7-1.el6.i686.rpm

libXp-1.0.0-15.1.el6.i686.rpm

Linux Tools Required

Before installing a CA SiteMinder® Agent on a Red Hat Apache 2.2 web server running on the Red Hat Enterprise Linux operating environment, install all the items included in the Red Hat Legacy Software Development tools package.

Compile an Apache Web Server on a Linux System

For the CA SiteMinder® Agent to operate with an Apache web server running Linux, you have to compile the server. Compiling is required because the Agent code uses pthreads (a library of POSIX-compliant thread routines), but the Apache server on the Linux platform does not, by default.

If you do not compile with the lpthread option, the Apache server starts up, but then hangs and does not handle any requests. The Apache server on Linux cannot initialize a module which uses pthreads due to issues with Linux's dynamic loader.

Follow these steps:

  1. Enter the following:
    LIBS=-lpthread
    export LIBS
    
  2. Configure Apache as usual by entering the following:
    configure --enable-module=so --prefix=your_install_target_directory
    make
    make install
    
Verify Presence of a Logs Subdirectory with Permissions for Apache-based CA SiteMinder® Agents

For CA SiteMinder® Agents for Apache-based web servers (including IBM HTTP Server), a logs subdirectory must exist under the root directory of the Apache-based web server. This subdirectory needs Read and Write permissions for the user identity under which the Apache child process runs.

If the logs subdirectory does not exist, create it with the required permissions.

Note: This configuration requirement applies to any Apache-based web server that writes log files outside the Apache root directory.

How to Prepare for Agent Installation and Configuration on z/OS Systems

Before you install and configure a CA SiteMinder® agent on the z/OS operating environment, perform the preparation steps described in this process.

Graphic showing the preparation steps for the SiteMinder Web Agent on z/OS

  1. Locate the CA SiteMinder® Platform Support Matrix.
  2. Locate the installation media.
  3. Add a supported JRE to the system path.
  4. Set the DISPLAY variable.
  5. Verify the presence of a logs subdirectory.
Locate the Platform Support Matrix

Use the Platform Support Matrix to verify that the operating environment and other required third-party components are supported.

Follow these steps:

  1. Log in to the CA Support site.
  2. Locate the Technical Support section.
  3. Enter CA SiteMinder® in the Product Finder field.

    The CA SiteMinder® product page appears.

  4. Click Product Status, CA SiteMinder® Family of Products Platform Support Matrices.

Note: You can download the latest JDK and JRE versions at the Oracle Developer Network.

Locate the Installation Media

You can find the installation media on the Technical Support site.

Follow these steps:

  1. Log in to the CA Support site.
  2. Locate the Technical Support section.
  3. Click Download Center.
  4. Locate the Support by Product section.
  5. Type CA SiteMinder® in the Select a Product Page field, and then press Enter.
  6. Click Downloads.

    The Download Center screen appears.

  7. Enter CA SiteMinder® in the Select a Product field.
  8. Select a release from the Select a Release drop-down list.
  9. Select a Service Pack from the Select a Gen Level drop-down list.
  10. Click Go.

    The Product Downloads screen appears. All CA SiteMinder® installation executables are listed.

Set the DISPLAY Variable for CA SiteMinder® Agent Installations on z/OS

If you are installing the CA SiteMinder® agent on a z/OS system from a remote terminal, verify that the DISPLAY variable is set for the local system. For example, if your server IP address is 111.11.1.12, set the variable as follows:

export DISPLAY=111.11.1.12:0.0

Note: You can also install the CA SiteMinder® agent using the console mode installation, which does not require the X window display mode.

Verify Presence of a Logs Subdirectory with Permissions for Apache-based CA SiteMinder® Agents

For CA SiteMinder® Agents for Apache-based web servers (including IBM HTTP Server), a logs subdirectory must exist under the root directory of the Apache-based web server. This subdirectory needs Read and Write permissions for the user identity under which the Apache child process runs.

If the logs subdirectory does not exist, create it with the required permissions.

Note: This configuration requirement applies to any Apache-based web server that writes log files outside the Apache root directory.

Add a Supported JRE to the System Path

On z/OS systems, before installing the CA SiteMinder® agent, verify that a supported JRE is present on the system and defined in the PATH and JAVA_HOME system variables.

Follow these steps:

Enter the following commands at a command prompt:

export PATH=JRE/bin:$PATH
export JAVA_HOME=JRE
JRE

Specifies the location of the JRE.

For example, /sys/java64bt/v6r0m1/usr/lpp/java/Jversion_number

IBM HTTP server Preparations for all Supported Operating Environments

Apache-based IBM HTTP servers require the following preparations before installing a CA SiteMinder® agent:

Enable Write Permissions for IBM HTTP Server Logs

If you install the CA SiteMinder® Agent on an IBM HTTP Server, this web server gets installed as root and its subdirectories do not give all users in all groups Write permissions.

For the Low Level Agent Worker Process (LLAWP) to write agent initialization messages to the web server logs, the user running the web server needs permission to write to the web server’s log directory. Ensure that you allow write permissions for this user.

Policy Server Requirements

Verify the following criteria:

Note: For more information, see the Policy Server documentation.

To install and configure a CA SiteMinder® agent, a Policy Server requires at least the following items: