Info |
---|
Last reviewed: 2018-05-04 |
...
- Back up Ubisecure Directory. See the instructions from Backup and restore Ubisecure Directory - SSO.
- Unpack the distribution package.
Unzip the Ubisecure CustomerID zip archivecustomerid-X.X.X-windows.zip
into a temporary folder, for example%USERPROFILE%\Desktop\customerid
.This package contains all the required components you will need throughout the installation process. Do not download installation packages directly from Internet unless explicitly asked.
- Check Java. See the instructions from Java check on Windows - CustomerID.
- Install WildFly. See the instructions from WildFly installation on Windows - CustomerID.
Extract the deployment template.
Create a folder called Ubisecure under
%PROGRAMFILES%
:Code Block language text cd /D "%PROGRAMFILES%" mkdir Ubisecure
Unzip the
cid-deployment-template-x.x.x.zip
archive into this newly created directory.An optional additional step is to also copy the file containing versioning information from the installation package to the installation folder:
Code Block language text copy %USERPROFILE%\Desktop\customerid\customerid-x.x.x-versioninfo.txt "%PROGRAMFILES%"\Ubisecure\customerid\
- Edit the setup template and run setup. See the instructions from Setup template on Windows - CustomerID.
- Configure WildFly. See the instructions from WildFly configuration on Windows - CustomerID.
- Prepare PostgreSQL. See the instructions from PostgreSQL preparation on Windows - CustomerID.
Create a JDBC data source to WildFly.
Ubisecure CustomerID uses a JDBC data source to access the database, thus one needs to be created to WildFly before the Ubisecure CustomerID application can be deployed. There is a scriptcreate-datasource.cmd
in the distribution package's tools folder for this purpose. Note that thewin32.config
file must have been configured,setup.cmd
must have been run successfully, and WildFly must be running before the scriptcreate-datasource.cmd
can be run successfully. Before executing the command, verify that the file\postgresql-x.x.x.jar
is under the directoryDesktop/customerid
.Code Block language text cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools" create-datasource.cmd
Successful execution will output the following text:
The batch executed successfully
.- Create a directory service for Ubisecure CustomerID SQL in Ubisecure SSO Management. See the instructions from SQL directory service creation on Windows - CustomerID.
- Create web agents for Ubisecure CustomerID.
Ubisecure CustomerID needs two web applications in SSO management. The first one is used to provide login functionality to the Ubisecure CustomerID user interfaces and also the LDAP user account that Ubisecure CustomerID uses when accessing Ubisecure Directory. The second web application is used when performing verifications during registrations. Ubisecure CustomerID installation package contains LDIF import files that need to be imported to Ubisecure Directory using the import functionality of Ubisecure SSO.Importing the web applications:
This section assumes Ubisecure CustomerID is installed on a different server than Ubisecure SSO. See below if Ubisecure CustomerID is installed on the same server as Ubisecure SSO.1. Copy the LDIF files found from
%PROGRAMFILES%\Ubisecure\customerid\application\ldap
on the Ubisecure CustomerID server to Ubisecure SSO server. You can place them on the desktop in a folder calledcustomerid-ldifs
.
2. Use theimport.cmd
script in the pathUBILOGIN_HOME\ldap\adam\import.cmd
to import these files.Code Block language text cd /D "%PROGRAMFILES%\Ubisecure\ubilogin-sso\ubilogin\ldap\adam" import.cmd "%USERPROFILE%\Desktop\customerid-ldifs\customerid.ldif" import.cmd "%USERPROFILE%\Desktop\customerid-ldifs\customerid-secrets.ldif" import.cmd "%USERPROFILE%\Desktop\customerid-ldifs\customerid-adlds.ldif"
3. Securely remove the temporary files from the desktop.
Info If Ubisecure CustomerID is installed on the same server as Ubisecure SSO, this command can be run in place:
Code Block language text cd /D "%PROGRAMFILES%\Ubisecure\ubilogin-sso\ubilogin\ldap\adam" import.cmd "..\..\..\..\customerid\application\ldap\customerid-ldifs\customerid.ldif" import.cmd "..\..\..\..\customerid\application\ldap\customerid-ldifs\customerid-secrets.ldif" import.cmd "..\..\..\..\customerid\application\ldap\customerid-ldifs\customerid-adlds.ldif"
- Create a directory service for Ubisecure CustomerID LDAP in Ubisecure SSO Management. See the instructions from LDAP directory service creation on Windows - CustomerID.
...
Install PostgreSQL JDBC driver to SSO node(s).
Ubisecure CustomerID package includes a PostgreSQL JDBC driver.Note NOTE: The installation instructions concerning the PostgreSQL JDBC driver to SSO are written for a single Ubisecure SSO node. If you have more nodes, these instructions should be followed on all nodes.
To install the PostgreSQL JDBC driver to Ubisecure SSO:
Copy the
postgresql-x.x.x.jar
library included in the root folder of the CustomerID installation archive to the Ubisecure SSO server and copy it to the the folder%JRE_HOME%\lib\ext
.- Install Ubisecure CustomerID SSO Adapter to SSO node(s). See the instructions from SSO Adapter installation on Windows - CustomerID.
...
- Add the authentication method configurations in Ubisecure SSO Management. See the instructions from Authentication method configuration on Windows - CustomerID.
Create a site specific configuration for Ubisecure CustomerID. See the instructions from Site specific configuration on Windows - CustomerID.
Note NOTE: This step is very important as some configuration options cannot be changed after this step.
Code Block language text cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\" get-metadata.cmd
Code Block language text cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\" init-eidm-sp.cmd
Code Block language text cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\" init-eidm-ap.cmd
- Deploy Ubisecure CustomerID to WildFly.
Ubisecure CustomerID uses WildFly as a J2EE Container. Here's how to deploy the
cid-ear-x.x.x.ear
andcid-worker-ear-x.x.x.ear
enterprise archives (EARs):Deploy the Ubisecure CustomerID applications to WildFly using the
deploy-ear.cmd
script. When invoking the script, you must supply the path to the EAR file like in the example below:Code Block language text cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\" deploy-ear.cmd %USERPROFILE%\Desktop\customerid\cid-ear-x.x.x.ear deploy-ear.cmd %USERPROFILE%\Desktop\customerid\cid-worker-ear-x.x.x.ear
Initialize data storages.
1. Initialize Ubisecure CustomerID internal database and repository (i.e., the part of Ubisecure Directory needed by Ubisecure CustomerID) by running the following commands:Code Block language text cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\" init-customerid-data-storages.cmd
Successful execution will show:
<init><initializeDatabase/></init>
2. Download SP metadata for authentication provider by running the following commands:
Code Block language text cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\" get-metadata-for-ap.cmd
This command will show download statistics if successful.
...
Restart Ubisecure CustomerID.
Run the following commands:Code Block language text net stop wildfly net start wildfly
Note NOTE: Stopping the Ubisecure CustomerID service using the mentioned command may not succeed in Windows if your firewall settings block access to WildFly management.
- Import example admin user.
After installing the software, it is necessary to create an administrative user. It is recommended that generic administrative accounts are not used.
To import the user organization and the first user account:
In the folder
%PROGRAMFILES%\Ubisecure\customerid\tools
, modify the provided template import file:Code Block language text cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools" notepad examples\importtool\example.import
Include your personal account. Then execute the import:
Code Block language text import.cmd examples\importtool\example.import
Successful execution will show:
Code Block language text ImportTool 5.0.13 Create 'Users': OK Create 'leena.laine@example.com': OK 'Assign Role': OK
For more details, refer to the page CustomerID Data Import from External Systems.
You can now log in to CustomerID using the URL https://<eidm.url>/eidm2/wf/admin
...