Steps
Table of Contents | ||
---|---|---|
|
Obtain and Install Oracle Server JRE 1.8.x and Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files
- You can find the download site in the address: http://www.oracle.com/technetwork/java/javase/downloads/index.html
- Refer to Oracle online documentation for installing the Server JRE: https://docs.oracle.com/javase/8/docs/technotes/guides/install/linux_server_jre.html
- Instructions to install JCE Policy Files are included in the download package
Set up a system wide JRE_HOME environment variable
- In Linux the method and best practice may vary based on your distribution, but one of following approaches should work:
- define JRE_HOME in the
/etc/environment
file - create a new file called e.g. /etc/profile.d/identity.server.sh and define JRE_HOME in it.
- define JRE_HOME in the
- Set the JRE_HOME environment variable so it refers to the Server JRE's jre directory (e.g. JRE_HOME=
/usr/local/java/jdk1.8.0_144/jre
.) - Note, that /etc/sudoers may enforce a secure environment. Make sure that the configuration exports JRE_HOME and JAVA_HOME in /etc/sudoers.
Unpack the Software
Unpack the tar archive to /usr/local/ubisecure
. Assuming the archive is in the current directory, we could do the following:
Code Block | ||
---|---|---|
| ||
mkdir -p /usr/local/ubisecure tar -xzvf ubilogin-sso-6.x.x.xxxxx.tar.gz -C /usr/local/Ubisecure |
Install dependencies
For 64 bit Redhat linux, the glibc and libgcc packages for i686 must be installed, update needs to be run for 64bit version of libgcc to prevent version mismatch problem:
Code Block | ||
---|---|---|
| ||
yum install glibc.i686 yum update libgcc yum install libgcc.i686 |
Modify the Configuration Template
Copy the configuration template to /usr/local/ubisecure/ubilogin-sso/ubilogin
:
...
Note |
---|
New LDAP passwords are generated every time the setup command is executed. For this reason, the |
...
Note | |||||
---|---|---|---|---|---|
“bad ELF interpreter” error indicates that glibc package for i686 has not been installed. Execute:
if the error is shown when using Redhat. |
Set Up the System User
Run the following command to set up the system user ubilogin. The newly-created user will be used for running the Ubisecure SSO and Ubisecure Directory.
Code Block | ||
---|---|---|
| ||
./config/unix/setupuser.sh |
Install Ubisecure Directory
Install OpenLDAP using following command:
...
Note |
---|
When using LDAPS, |
Install Ubisecure SSO Tomcat
Run the Tomcat install script to install and configure Tomcat to start automatically when Linux is started:
...
- Creates a self-signed SSL certificate for test purposes.
- Installs the applications in
ubilogin/webapps
for Tomcat. - Creates the init scripts used to start and stop the Tomcat process.
Start Ubisecure SSO
Start the Ubisecure SSO process using the following commands.
...