Install the CA Single Sign-On SDK for Software Gateways

This topic describes how to install the CA Single Sign-On SDK on a Software gateway running in the following environments:
gateway10
This topic describes how to install the CA Single Sign-On SDK on a Software
Layer7 API Gateway
running in the following environment:
  • Red Hat Enterprise Linux (excluding RHEL 7–see "About Linux Compatibility" below for more details)
The CA Single Sign-On SDK that is provided in the distribution archives is version 12.52 SP01 CR9. For more information on CA Single Sign-On compatibility, see "Identity Providers" in Requirements and Compatibility.
(Available in v10.0 CR1)
The CA Single Sign-On SDK that is provided in the distribution archives is version 12.8.03. For more information on CA Single Sign-On compatibility, see "Identity Providers" in Requirements and Compatibility. CA Single Sign-On SDK 12.8 is not available on Solaris.
The CA Single Sign-On SDK is included in the Appliance and Virtual Appliance form factors of the
Layer7 API Gateway
, so separate installation is
not
required.
Contents:
2
2
Before You Begin
  • Ensure that your
    Layer7 API Gateway
    is configured and operational.
  • Ensure that you have the following file:
    siteminder-sdk-12.52.01.09.tar.gz
    (Available in v10.0 CR1)
    siteminder-sdk-12.8.03.tar.gz
    This file is contained in the "Layer7 API Gateway Software Installer Upgrader" distribution archive. For more information, see the latest Release Notes for the Layer7 API Gateway Techdocs site.
Install the SDK
The installation script detects and installs the appropriate SDK binary for your platform.
If you install the SDK in a custom path, ensure that you update the
/opt/SecureSpan/Gateway/runtime/etc/profile.d/siteminder-env.sh
file as shown below:
CAROOT=/opt/SecureSpan/CA SM_JAVA_OPTS="${SM_JAVA_OPTS} -Dcom.l7tech.server.smreghost.path=${CAROOT}/sdk/bin64"
Note:
Modifying the
siteminder-env.sh
file can revert if Gateway is upgraded.
To install the CA Single Sign-On SDK on a RHEL Gateway:
  1. Copy the appropriate tar file to the machine hosting the
    Layer7 API Gateway
    .
  2. Create a new directory from the root and then change it to:
    # mkdir smsdk
    # cd smsdk
  3. Extract the tar file:
    RHEL:
    # tar -xzf ../siteminder-sdk-<version>.tar.gz
  4. Set the permissions for the script file, then run the script file:
    # chmod 744 sm_sdk_install.sh
    # ./sm_sdk_install.sh
    A success message displays indicating that installation is complete.
You can now enable the CA Single Sign-On SDK.
Enable the CA Single Sign-On SDK
After installing the SDK, enable single sign-on.
  1. Open the system.properties file in a text editor.
    The file is found here: /opt/SecureSpan/Gateway/node/default/etc/conf/
  2. Enable the CA Single Sign-On SDK by setting this system property:
    com.l7tech.server.siteminder.enabled=true
Next, restart the Gateway.
Restart the Gateway
Restart the Gateway with these commands:
# /opt/SecureSpan/Gateway/runtime/bin/gateway.sh stop
# /opt/SecureSpan/Gateway/runtime/bin/gateway.sh start
The CA Single Sign-On features in the
Layer7 API Gateway
are now enabled. As a post-installation task, remove the directory containing the extracted files.