000021855 - How to run RSA ClearTrust Agent on BEA WebLogic managed servers

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021855
Applies ToRSA ClearTrust Agent 3.5.1 for BEA WebLogic
RSA ClearTrust Agent 3.5.2 for BEA WebLogic
Microsoft Windows 2000 Server SP4
IssueHow to run RSA ClearTrust Agent on BEA WebLogic managed servers
How to run RSA ClearTrust Agent on BEA WebLogic cluster
CauseThe documentation for RSA ClearTrust Agents 3.5.1 & 3.5.2 for BEA WebLogic discusses the installation of the Agent on a WebLogic cluster (in appendix A).

At the current time, the documentation states that you must manually manage and rename multiple variations of the cleartrust_realm.properties when you are installing with different settings. No advice is given as to which parameters should be entered into the files when edited manually.
Editing of the file manually is not required, and is in fact undesirable. For managed servers, the cleartrust_realm.properties file on the managed server must exactly match the one on the admin machine. Users can copy the file from the admin machine in its entirety without any alteration to the managed servers machine.
This will mean that all servers in the single WebLogic domain will all share the same WebLogic Server Virtual Name (as configured on the RSA ClearTrust Identification Strings page) and refers to the cleartrust.agent.weblogic_server.name parameter in the cleartrust_realm.properties file.

After the synctool has been used, the ClearTrust Entitlements Server will have been populated with information, and will have configured an Enhanced App Server with name and address parameters matching the Admin server for the WebLogic domain. This is all that is required, and is a representation of the WebLogic Domain and should not be considered to mean a single server. The fact that the IP address or fully-qualified domain name (FQDN) and port number of the Admin Server is registered against this name is not relevant for a WebLogic domain.

A rough guide called "Using the ClearTrust WebLogic 3.5.2" is available and can be distributed to customers.  This is updated whenever possible to include any extra information as it is found and is a step-by-step guide which starts from installing WebLogic.  Although not a formal document is may prove useful, it is usually available at the following location ftp://ftp.rsasecurity.com/support/users/mjbond/Using_the_ClearTrust_WebLogic_3.5.2_agent.zip .

This document is only "best endeavors" and is not part of any formal documentation - make sure that you make customers aware of this when distributing copies, but just as important - let them know that we welcome extra tips to put into it.

Legacy Article IDa25416