Installing and configuring WSO2's Identity Server 4.6.0 on a FQDN is pretty straight forward, but we'll cover all of the following details:
- Server Setup (Ubuntu 12.04.03 LTS 64bit)
- Environment Setup: JDK 1.7 && JAVA_HOME
- Download && Unpack wso2is-4.6.0.zip and configure Carbon.xml
Server Setup: Ubuntu 12.04.03 LTS 64bit on Digital Ocean
I'll be using Digital Ocean (DO) as my VM environment simply because it is easiest for me, but really any VM environment capable of running an OS that supports the minimum requirements for Carbon-based apps [read specs here] will suffice.
I've created my VM using the lowest possible specs available on DO, which currently is the 512MB of Ram with 20GB of disk space and 1 CPU (the $5/month option). I'll skip all the remaining DO specific stuff that doesn't matter.
Once the base installation of Ubuntu is complete, I point my domain.
Point your DNS
Once your VM is launched, point a domain name (or subdomain) at your VM's public IP address. For this example, I am using idam.wso2tele.com as my subdomain.
First Login
I add a sudo user and update the repositories:
CONSOLE
:$ ssh -l root idam.wso2tele.com
:$ adduser vmadmin
:$ sudo adduser vmadmin sudo
:$ logout
:$ ssh -l vmadmin idam.wso2tele.com
:$ sudo apt-get update
:$ sudo apt-get install unzip
:$ sudo apt-get install htop
Install JDK 1.7 && Configure JAVA_HOME
The next thing you'll need to do is install your favourite flavour of JDK 1.6+. For this example I am using oracle-java-jdk-1.7 from the webupd8team. I ran the following commands:
CONSOLE
:$ sudo apt-get install python-software-properties
:$ sudo add-apt-repository ppa:webupd8team/java
:$ sudo apt-get update
:$ sudo apt-get install oracle-java7-installer
:$ java -version
Configure JAVA_HOME
I'm not sure why I personally have a heck of a time with the JAVA_HOME variable from environment to environment. Below is what currently works for me, and it does require rebooting the server (yes I've tried source, refreshing the session, and standing on one foot and hopping on the other):
CONSOLE
:$ sudo vi /etc/environment
#file: /etc/environment
// prepend the file with the following \\
JAVA_HOME="/usr/lib/jvm/java-7-oracle/"
// prepend the existing PATH variable as follows \\
PATH="JAVA_HOME:
## example ##
JAVA_HOME="/usr/lib/jvm/java-7-oracle/"
PATH="JAVA_HOME:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"
CONSOLE
:$ source /etc/environment
:$ echo $JAVA_HOME
:$ sudo shutdown -r now
Download+Unpack WSO2 IS and Configure Carbon.xml
Download and Unpack WSO2 Identity Server 4.6.0
Next we'll download and unzip the WSO2 Identity Server package. Head over to WSO2.com and download the Identity Server product zip file (wso2is-4.6.0.zip) to your user's directory on the server. For me, this requires downloading the file and then uploading it to the server.
I prefer to unpack my WSO2 file into /var/wso2, but you can create it anywhere you like on the server. Let's create that directory now and unpack our zip there:
CONSOLE
:$ sudo mkdir -p /var/wso2
:$ cd /var/wso2
:$ sudo unzip ~/wso2is-4.6.0.zip
Configure Carbon.xml
The purpose of this configuration change is simply to configure the server to launch using its public IP and FQDN instead of "localhost".
What we're going to do is edit the main configuration file for any WSO2 product, and that is the "carbon.xml" file in the [INSTALL_DIR]/repository/conf/carbon.xml.
We are simply going to change all of the instances of "localhost" with our FQDN.
In my case, the installation directory is /var/wso2/wso2is-4.6.0, and the FQDN is idam.wso2tele.com, so below are our actions:
CONSOLE
:$ cd /var/wso2/wso2-4.6.0/respository/conf
:$ sudo vi carbon.xml
#file: [INSTALL_DIR]/repository/conf/carbon.xml
<!-- Make changes similar to following -->
<HostName>idam.wso2tele.com</HostName>
<MgtHostName>idam.wso2tele.com</MgtHostName>
First Time Launch of WSO2 Identity Server
There are two commands to launch the WSO2 Identity Server:
- [INSTALL_DIR]/bin/wso2server.sh
- [INSTALL_DIR]/bin/wso2server.sh start
The first one being verbose, the second quiet.
When I launch WSO2 server products for the first time, I prefer to run the verbose version to watch for any errors that happen. This is where you'll catch JAVA_HOME errors or configuration problems, for example. After I've tested the app for the first launch at the console level, I then test the GUI for login, and finally CTRL+C the process in the console window and restart the application in quiet mode. You can also use CTRL+Z then "bg" to release the process from the console.
Let's launch the Identity Server in verbose mode:
CONSOLE
:$ cd /var/wso2/
:$ sudo ./wso2is-4.6.0/bin/wso2server.sh
Successful output to watch for: "WSO2 Carbon started in 74 sec"
Now that you have a running WSO2 Identity Server, let's login and do a quick check on it.
First Login
Once you're up and running in the console, you'll want to view the server running in your web browser and to view its general status.
By default the server is always accessed via HTTPS and on port 9443. You may have offset the port to account for multiple servers running in the same VM or due to firewall settings, so adjust the following to match your configuration.
Just as a reminder, my changes are only to the FQDN, making the following url different from the official documentation by simply replacing the default "localhost" with "idam.wso2tele.com".
- GUI URL: https://idam.wso2tele.com:9443
- Default Username: admin
- Default Password: admin
Change Default Admin Password
I typically change the admin password on initial login; to do so, once you log in, do the following:
- Choose "Configure" from the vertical menu at far left of the screen.
- Click on "Users & Roles" from the contextual menu at near left of the screen.
- Then choose "Change My Password" from the options on the page that you are navigated to. (see below screen shot for help).
This is the first of a in a five-part series on Identity & Access Management (IDAM) using WSO2 Identity Server and complimentary WSO2 products.