When Tivoli Access Manager security is configured for your existing
environment and security is enabled for
a single node, you can migrate to WebSphere Application Server, Version
6.1.
Before you begin
Your
profiles must be migrated using the tools in
Using the migration tools to migrate product configurations.
Important: Do not restart the WebSphere Application
Server Version 6.1 server until after performing the following procedure.
The migration tools omit some files that enable the server to start correctly.
About this task
After migrating your profiles additional steps are required when
Tivoli Access Manager security is configured.
Procedure
- Copy the following files from the existing
directory to the same directory for Version 6.1.
%WAS_HOME%\java\jre\PDPerm.properties
%WAS_HOME%\java\jre\lib\security\PdPerm.ks
%WAS_HOME%\java\jre\PolicyDirector\PDCA.ks
- Edit the PD.properties file, and change
the following configuration settings:
appsvr-plcysvrs=null\:0:\:1
config_type=standalone
Make the appropriate changes to point to
your Tivoli Access Manager Policy Server, for example:appsvr-plcysvrs=pdmgrd.test.gc.au.ibm.com\:7135\:1
config_type=full
- Edit the PdPerm.properties file, and
change all path names to the correct path name. Change the following configuration
settings:
pdvar-home=C\:\\Program
Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
baseGroup.PDJv1dugong-v2dugongMessageFileHandler.fileName=C\:\\Program
Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector\\log/msg__v1dugong-v2dugong.log
pdcert-url=file\:/c\:/progra~1/WebSphere/AppServer/java/jre/lib/security/PdPerm.ks
baseGroup.PDJv1dugong-v2dugongTraceFileHandler.fileName=C\:\\Program
Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector\\log/trace__v1dugong-v2dugong.log
pd-home=C\:\\Program Files\\WebSphere\\AppServer\\java\\jre\\PolicyDirector
java-home=C\:\\Program Files\\WebSphere\\AppServer\\java\\jre
What to do next
Also
see the migration information with Tivoli Access Manager for authentication
that is enabled on multiple nodes with security enabled.