Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Last reviewed: 2018-05-04

...

  1. Back up Ubisecure Directory. See the instructions from Backup and restore Ubisecure Directory - SSO.
  2. Unpack the distribution package.
    Unzip the Ubisecure CustomerID zip archive customerid-X.X.X-windows.zip into a temporary folder, for example %USERPROFILE%\Desktop\customerid.

    This package contains all the required components you will need throughout the installation process. Do not download installation packages directly from Internet unless explicitly asked.

  3. Check Java. See the instructions from Java check on Windows - CustomerID.
  4. Install WildFly. See the instructions from WildFly installation on Windows - CustomerID.
  5. Extract the deployment template.

    Create a folder called Ubisecure under %PROGRAMFILES%:

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%"
    mkdir Ubisecure

    Unzip the cid-deployment-template-x.x.x.zip archive into this newly created directory.

    An optional additional step is to also copy the file containing versioning information from the installation package to the installation folder:

    Code Block
    languagetext
    copy %USERPROFILE%\Desktop\customerid\customerid-x.x.x-versioninfo.txt "%PROGRAMFILES%"\Ubisecure\customerid\
  6. Edit the setup template and run setup. See the instructions from Setup template on Windows - CustomerID.
  7. Configure WildFly. See the instructions from WildFly configuration on Windows - CustomerID.
  8. Prepare PostgreSQL. See the instructions from PostgreSQL preparation on Windows - CustomerID.
  9. Create a JDBC data source to WildFly.
    Ubisecure CustomerID uses a JDBC data source to access the database, thus one needs to be created to WildFly before the Ubisecure CustomerID application can be deployed. There is a script create-datasource.cmd in the distribution package's tools folder for this purpose. Note that the win32.config file must have been configured, setup.cmd must have been run successfully, and WildFly must be running before the script create-datasource.cmd can be run successfully. Before executing the command, verify that the file \postgresql-x.x.x.jar is under the directory Desktop/customerid .

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools"
    create-datasource.cmd

    Successful execution will output the following text:

    The batch executed successfully.

  10. Create a directory service for Ubisecure CustomerID SQL in Ubisecure SSO Management. See the instructions from SQL directory service creation on Windows - CustomerID.
  11. Create web agents for Ubisecure CustomerID.
    Ubisecure CustomerID needs two web applications in SSO management. The first one is used to provide login functionality to the Ubisecure CustomerID user interfaces and also the LDAP user account that Ubisecure CustomerID uses when accessing Ubisecure Directory. The second web application is used when performing verifications during registrations. Ubisecure CustomerID installation package contains LDIF import files that need to be imported to Ubisecure Directory using the import functionality of Ubisecure SSO.
    Importing the web applications:

    This section assumes Ubisecure CustomerID is installed on a different server than Ubisecure SSO. See below if Ubisecure CustomerID is installed on the same server as Ubisecure SSO.

    1. Copy the LDIF files found from %PROGRAMFILES%\Ubisecure\customerid\application\ldap on the Ubisecure CustomerID server to Ubisecure SSO server. You can place them on the desktop in a folder called customerid-ldifs.
    2. Use the import.cmd script in the path UBILOGIN_HOME\ldap\adam\import.cmd to import these files.

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%\Ubisecure\ubilogin-sso\ubilogin\ldap\adam"
    import.cmd "%USERPROFILE%\Desktop\customerid-ldifs\customerid.ldif"
    import.cmd "%USERPROFILE%\Desktop\customerid-ldifs\customerid-secrets.ldif"
    import.cmd "%USERPROFILE%\Desktop\customerid-ldifs\customerid-adlds.ldif"

    3. Securely remove the temporary files from the desktop.

    Info

    If Ubisecure CustomerID is installed on the same server as Ubisecure SSO, this command can be run in place:

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%\Ubisecure\ubilogin-sso\ubilogin\ldap\adam"
    import.cmd "..\..\..\..\customerid\application\ldap\customerid-ldifs\customerid.ldif"
    import.cmd "..\..\..\..\customerid\application\ldap\customerid-ldifs\customerid-secrets.ldif"
    import.cmd "..\..\..\..\customerid\application\ldap\customerid-ldifs\customerid-adlds.ldif"
  12. Create a directory service for Ubisecure CustomerID LDAP in Ubisecure SSO Management. See the instructions from LDAP directory service creation on Windows - CustomerID.

...

  1. Install PostgreSQL JDBC driver to SSO node(s).
    Ubisecure CustomerID package includes a PostgreSQL JDBC driver.

    Note

    NOTE: The installation instructions concerning the PostgreSQL JDBC driver to SSO are written for a single Ubisecure SSO node. If you have more nodes, these instructions should be followed on all nodes.

    To install the PostgreSQL JDBC driver to Ubisecure SSO:

    Copy the postgresql-x.x.x.jar library included in the root folder of the CustomerID installation archive to the Ubisecure SSO server and copy it to the the folder %JRE_HOME%\lib\ext.

  2. Install Ubisecure CustomerID SSO Adapter to SSO node(s). See the instructions from SSO Adapter installation on Windows - CustomerID.

...

  1. Add the authentication method configurations in Ubisecure SSO Management. See the instructions from Authentication method configuration on Windows - CustomerID.
  2. Create a site specific configuration for Ubisecure CustomerID. See the instructions from Site specific configuration on Windows - CustomerID.

    Note

    NOTE: This step is very important as some configuration options cannot be changed after this step.

  3. Configure the authentication protocol.

     Download Identity Provider metadata from Ubisecure SSO and generate Service Provider metadata: 

    1. Download IDP metadata by running the following commands:

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\"
    get-metadata.cmd

    This command will show download statistics if successful.

    2. Initialize Ubisecure CustomerID SPs by running the following commands: 

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\"
    init-eidm-sp.cmd

    This command will not display any output if successful.

    3. Initialize authentication provider by running the following commands: 

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\"
    init-eidm-ap.cmd

    This command will not display any output if successful.


  4. Deploy Ubisecure CustomerID to WildFly.

    Ubisecure CustomerID uses WildFly as a J2EE Container. Here's how to deploy the cid-ear-x.x.x.ear and cid-worker-ear-x.x.x.ear enterprise archives (EARs):

    Deploy the Ubisecure CustomerID applications to WildFly using the deploy-ear.cmd script. When invoking the script, you must supply the path to the EAR file like in the example below: 

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\"
    deploy-ear.cmd %USERPROFILE%\Desktop\customerid\cid-ear-x.x.x.ear
    deploy-ear.cmd %USERPROFILE%\Desktop\customerid\cid-worker-ear-x.x.x.ear
  5. Initialize data storages.
    1. Initialize Ubisecure CustomerID internal database and repository (i.e., the part of Ubisecure Directory needed by Ubisecure CustomerID) by running the following commands:

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\"
    init-customerid-data-storages.cmd

    Successful execution will show: <init><initializeDatabase/></init>

    2. Download SP metadata for authentication provider by running the following commands:

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools\"
    get-metadata-for-ap.cmd

    This command will show download statistics if successful.

...

  1. Restart Ubisecure CustomerID.
    Run the following commands:

    Code Block
    languagetext
    net stop wildfly
    net start wildfly
    Note

    NOTE: Stopping the Ubisecure CustomerID service using the mentioned command may not succeed in Windows if your firewall settings block access to WildFly management.

  2. Import example admin user.

    After installing the software, it is necessary to create an administrative user. It is recommended that generic administrative accounts are not used.

    To import the user organization and the first user account:

    In the folder %PROGRAMFILES%\Ubisecure\customerid\tools, modify the provided template import file:

    Code Block
    languagetext
    cd /D "%PROGRAMFILES%\Ubisecure\customerid\tools"
    notepad examples\importtool\example.import

    Include your personal account. Then execute the import:

    Code Block
    languagetext
    import.cmd examples\importtool\example.import

    Successful execution will show:

    Code Block
    languagetext
    ImportTool 5.0.13
    Create 'Users': OK
    Create 'leena.laine@example.com': OK
      'Assign Role': OK

    For more details, refer to the page CustomerID Data Import from External Systemsimport from external systems - CustomerID.

You can now log in to CustomerID using the URL https://<eidm.url>/eidm2/wf/admin

...