Web Services Security Guides › CA SiteMinder® Web Services Security Agent Guide for iPlanet Web Servers › Preparation

Preparation

This section contains the following topics:

Only iPlanet Web Server Procedures in this Guide

Hardware Requirements for CA SiteMinder® Agents

How to Prepare for SiteMinder WSS Agent Installation on an Oracle iPlanet Web Server

Only iPlanet Web Server Procedures in this Guide

This guide only contains procedures for installing or configuring SiteMinder WSS Agents on iPlanet web servers.

To install or configure a SiteMinder WSS Agent on any other type of web server or operating environment, see one of the following guides:

SiteMinder WSS Agent for Domino Guide.
SiteMinder WSS Agent for IIS Guide
SiteMinder WSS Agent for Apache-based Servers Guide .

Hardware Requirements for CA SiteMinder® Agents

Computers hosting CA SiteMinder® agents require the following hardware:

Windows operating environment requirements

CA SiteMinder® agents operating on Windows operating environments require the following hardware:

CPU: x86 or x64
Memory: 2-GB system RAM.
Available disk space:
- 2-GB free disk space in the installation location.
- .5-GB free disk space in the temporary location.

UNIX operating environment requirements

CA SiteMinder® agents operating on UNIX operating environments require the following hardware:

CPU:
- Solaris operating environment: SPARC
- Red Hat operating environment: x86 or x64
Memory: 2-GB system RAM.
Available disk space:
- 2-GB free disk space in the installation location.
- .5-GB free disk space in /temp.
Note: Daily operation of the agent requires 10 MB of free disk space in /tmp. The agent creates files and named pipes under /tmp. The path to which these files and pipes are created cannot be changed.

How to Prepare for SiteMinder WSS Agent Installation on an Oracle iPlanet Web Server

To prepare for a SiteMinder WSS Agent installation on an Oracle iPlanet server, use the following process:

Locate the Platform Support Matrix. Verify that your web server supports the version of the SiteMinder WSS Agent that you want to install.
Verify that you have an account with one of the following types of privileges for your web server:
- Administrative privileges (for the Windows operating environment)
- Root privileges (for the UNIX or Linux operating environments)
Configure the appropriate additional settings that a SiteMinder WSS Agent requires using one of the following lists:
Verify that the Policy Server is installed and configured.
Review the known issues section of the CA SiteMinder® Web Services Security Release Notes.

Locate the Platform Support Matrix

Use the Platform Support Matrix to verify that the operating environment and other required third-party components are supported.

Follow these steps:

Log in to the CA Support site.
Locate the Technical Support section.
Enter CA SiteMinder® in the Product Finder field.
The CA SiteMinder® product page appears.
Click Product Status, CA SiteMinder® Family of Products Platform Support Matrices.

Note: You can download the latest JDK and JRE versions at the Oracle Developer Network.

Oracle iPlanet Web Server Preparations for Windows

Oracle iPlanet servers running on Windows operating environments require the following preparations before installing a CA SiteMinder® agent:

For 64-bit Windows systems, verify that the Microsoft Visual C++ package prerequisite is met.

Verify that the Microsoft Visual C++ 2005 Redistributable Package (x64) is Installed

Before installing an 12.52 CA SiteMinder® Agent on a Windows 64-bit platform, download and install the Microsoft Visual C++ 2005 Redistributable Package (x64). Go to the Microsoft downloads page, and then search for "Microsoft Visual C++ 2005 Redistributable Package (x64)."

Oracle iPlanet Web Server Preparations for UNIX

Oracle iPlanet web servers running on UNIX operating environments require the following preparations before installing a CA SiteMinder® agent:

Set the display variable.
Verify that the appropriate patches have been installed for your operating environment:
- Solaris patches.
- AIX requirements.

Set the DISPLAY For CA SiteMinder® Agent Installations on UNIX

If you are installing the CA SiteMinder® Agent on a UNIX system from a remote terminal, such as a Telnet or Exceed terminal, be sure the DISPLAY variable is set for the local system. For example, if your machine is 111.11.1.12, set the variable as follows:

DISPLAY=111.11.1.12:0.0

export DISPLAY

Note: You can also install the agent using the console mode installation, which does not require the X window display mode.

Required Solaris Patches

Before installing a CA SiteMinder® Agent on a Solaris computer, install the following patches:

Solaris 9: Requires patch 111711-16.
Solaris 10: Requires patch 119963-08.

You can verify installed patch versions by logging in as the root user and executing the following command:

showrev -p | grep patch_id

To locate Solaris patches, go to the Oracle Solution Center.

AIX Requirements

CA SiteMinder® agents running on AIX systems require the following configurations:

To run a rearchitected (framework) CA SiteMinder® agent for Oracle iPlanet on an AIX system, your C/C++ runtime environment must be version 8.0.0.0.

Oracle iPlanet Web Server Preparations for Linux

Oracle iPlanet web servers running on Linux operating environments require the following preparations before installing a CA SiteMinder® agent:

Required Linux Patches

The following Linux patches are required:

For Web Agents running on 64-bit Linux systems

Binutils 2.17
GCC 4.1.0

Required Linux Libraries

Certain library files are required for components operating on Linux operating environments. Failure to install the correct libraries can cause the following error:

java.lang.UnsatisfiedLinkError

If you are installing, configuring, or upgrading a Linux version of this component, the following libraries are required on the host system:

Red Hat 5.x:

compat–gcc-34-c++-3.4.6-patch_version.I386

libstdc++-4.x.x-x.el5.i686.rpm

Red Hat 6.x:

libstdc++-4.x.x-x.el6.i686.rpm

Additionally, for Red Hat 6.x (64-bit):

Note: All the RPM packages that are required for 64-bit Red Hat 6.x are 32-bit packages.

libXau-1.0.5-1.el6.i686.rpm

libxcb-1.5-1.el6.i686.rpm

compat-db42-4.2.52-15.el6.i686.rpm

compat-db43-4.3.29-15.el6.i686.rpm

libX11-1.3-2.el6.i686.rpm

libXrender-0.9.5-1.el6.i686.rpm

libexpat.so.1 (provided by expat-2.0.1-11.el6_2.i686.rpm)

libfreetype.so.6 (provided by freetype-2.3.11-6.el6_2.9.i686.rpm)

libfontconfig.so.1 (provided by fontconfig-2.8.0-3.el6.i686.rpm)

libICE-1.0.6-1.el6.i686.rpm

libuuid-2.17.2-12.7.el6.i686.rpm

libSM-1.1.0-7.1.el6.i686.rpm

libXext-1.1-3.el6.i686.rpm

compat-libstdc++-33-3.2.3-69.el6.i686.rpm

compat-db-4.6.21-15.el6.i686.rpm

libXi-1.3-3.el6.i686.rpm

libXtst-1.0.99.2-3.el6.i686.rpm

libXft-2.1.13-4.1.el6.i686.rpm

libXt-1.0.7-1.el6.i686.rpm

libXp-1.0.0-15.1.el6.i686.rpm

Policy Server Requirements

Verify the following criteria:

Your Policy Server is installed and configured.
Your Policy server can communicate with the computer where you plan to install the agent.

Note: For more information, see the Policy Server documentation.

To install and configure a CA SiteMinder® agent, a Policy Server requires at least the following items:

A CA SiteMinder® administrator that has the right to register trusted hosts.
A trusted host is a client computer where one or more CA SiteMinder® Agents are installed and registered with the Policy Server. The CA SiteMinder® administrator must have permissions to register trusted hosts with the Policy Server. Registering a trusted host creates a unique trusted host name object on the Policy Server.
An Agent identity
An Agent identity establishes a mapping between the Policy Server and the name or IP address of the web server instance hosting an Agent. You define an Agent identity from the Agents object in the Administrative UI. You assign it a name and specify the Agent type as a Web Agent.
A Host Configuration Object (HCO)
The host configuration object on the Policy Server defines the communication between the agent and the Policy Server that occurs after an initial connection. The Initial connections use the parameters in the SmHost.conf file.
Agent Configuration Object (ACO)
This object includes the parameters that define the agent configuration. All CA SiteMinder® agents require at least one of the following configuration parameters that are defined in the ACO:
AgentName
Defines the identity of the web agent. This identity links the name and the IP address or FQDN of each web server instance hosting an Agent.

The value of the DefaultAgentName is used instead of the AgentName parameter if any of the following events occur:
- The AgentName parameter is disabled.
- The value of AgentName parameter is empty.
- The values of the AgentName parameter do not match any existing agent object.
Note: This parameter can have more than one value. Use the multivalue option when setting this parameter in an Agent Configuration Object. For local configuration files, add each value to a separate line in the file.

Default: No default

Limit: Multiple values are allowed, but each AgentName parameter has a 4,000 character limit. Create additional AgentName parameters as needed by adding a character to the parameter name. For example, AgentName, AgentName1, AgentName2.

Limits: Must contain 7-bit ASCII characters in the range of 32-127, and include one or more printable characters. Cannot contain the ampersand (&) and asterisk (*) characters. The value is not case-sensitive. For example, the names MyAgent and myagent are treated the same.

Example: myagent1,192.168.0.0 (IPV4)

Example: myagent2, 2001:DB8::/32 (IPV6)

Example: myagent,www.example.com

Example (multiple AgentName parameters): AgentName1, AgentName2, AgentName3. The value of each AgentNamenumber parameter is limited to 4,000 characters.
DefaultAgentName

Defines a name that the agent uses to process requests. The value for DefaultAgentName is used for requests on an IP address or interface when no agent name value exists in the AgentName parameter.

If you are using virtual servers, you can set up your CA SiteMinder® environment quickly by using a DefaultAgentName. Using DefaultAgentName means that you do not need to define a separate agent for each virtual server.

Important! If you do not specify a value for the DefaultAgentName parameter, then the value of the AgentName parameter requires every agent identity in its list. Otherwise, the Policy Server cannot tie policies to the agent.

Default: No default.

Limit: Multiple values are allowed.

Limits: Must contain 7-bit ASCII characters in the range of 32-127, and include one or more printable characters. Cannot contain the ampersand (&) and asterisk (*) characters. The value is not case-sensitive. For example, the names MyAgent and myagent are treated the same.

Review the CA SiteMinder® Web Services Security Release Notes for Known Issues

The most-recent versions of the CA SiteMinder® Web Services Security Release notes are available from the CA Support website. We recommend reviewing them before installing or configuring a SiteMinder WSS Agent.

Follow these steps:

Open a web browser and navigate to the Technical Support website.
Click Enterprise/Small and Medium Business.
The Support for Businesses and Partners page appears.
Under the Get Support tab, click Product Documentation.
The documentation page appears.
Click the field under Select a Bookshelf.
Type siteminder.
A list of CA SiteMinder® bookshelves appears.
Click the bookshelf that you want from the list, and then click Go.
The bookshelf opens (in a new window or tab, depending on your browser settings).
Click Release Notes.
A list of release notes appears.
Click one of the following links to display the Release Notes in format you want:
- View HTML
- Download PDF
Note: You need the Adobe Reader software to view PDF documents. Click the Download Adobe Reader link in the bookshelf.