000034189 - How to install the jTDS JDBC driver on WildFly in a non-clustered RSA Identity Governance & Lifecycle environment

Document created by RSA Customer Support Employee on Jul 7, 2018Last modified by RSA Customer Support Employee on Apr 24, 2019
Version 5Show Document
  • Comment0
  • View in full screen mode

Article Content

Article Number000034189
Applies ToRSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.0.0, 7.1.0, 7.1.1
 
IssueWith the switch from JBoss to WildFly for RSA Identity Governance & Lifecycle 7.0.0, significant changes were made to the filesystem within /home/oracle.  Because of these changes, the process for installing the jTDS JDBC driver (used for Windows authentication against a SQL Server database) has changed. 

This document outlines how to install the jTDS driver on an RSA Identity Governance & Lifecycle 7.0 non-clustered appliance/soft appliance. In the case of a clustered configuration, the steps, at a high level, are the same, the difference being the .ear file needs to be deployed on each node of the cluster. Steps to do this are documented in the RSA Identity Governance and Lifecycle Installation Guide for the version in your deployment.  Documentation for RSA Identity Governance & Lifecycle can be found on RSA Link.

This article assumes the customer is using a standalone soft/hard appliance.

Resolution

1.  Installation method


In JBoss 4, all that was necessary to install the jTDS driver was to place the jtds.jar file in an appropriate folder, and restart the server.

In WildFly, the strategy is a bit different.  Now the process is to add the driver to the .ear file, which requires customizing the .ear file. Steps to do this are documented in the RSA Identity Governance & Lifecycle Installation Guide for 7.0 and above.
 

2.  Customize the .ear file


Use the following commands to add the driver to the .ear file:

Prior to running steps below, ensure that Identify Governance & Lifecycle is running. If it is not running, make sure to start ACM via command line by logging in as the admin or root user and running sudo service aveksa_server start




  1. Log in to Identity Governance & Lifecycle as the oracle user.
  2. Go to /home/oracle/deploy.
  3. Run the customizeACM.sh script to extract the .ear file.  Note:  The contents of the .ear are extracted to /tmp/customizeACM/. 



oracle@acm-702:~> pwd 
/home/oracle 
oracle@acm-702:~> cd deploy
oracle@acm-702:~/deploy> customizeACM.sh -c <path to the ear file>



  1. You can view the currently available .ear files from /home/oracle/archive by using command option -l: 



oracle@acm-702:~/deploy> customizeACM.sh -l
Archived Files:
/home/oracle/archive/Archive_README.txt
/home/oracle/archive/aveksa_7.0.2_126845_GAHF02-2017-Jul-05-16.23.ear
/home/oracle/archive/aveksa_7.0.2_126845_P07-2018-Jul-05-11.13.ear
/home/oracle/archive/aveksa_7.0.2_126845_P07-2018-May-31-13.39.ear
/home/oracle/archive/DO_NOT_REMOVE_ARCHIVE_FILES.txt
/home/oracle/archive/aveksa_7.0.2_126845-2017-Mar-30-2.46.ear
/home/oracle/archive/wildfly_deployment.properties
/home/oracle/archive/aveksa_7.0.2_126845-2017-Jul-05-32.ear
/home/oracle/archive/aveksa_7.0.2_126845-2017-Jul-25-32.ear



  1. If you do not specify the path to the .ear file, the script prompts you to use the currently deployed .ear file. If you want to use the currently deployed .ear, enter yes. If you do not want to use the currently deployed .ear, enter no.



oracle@acm-702:~> pwd
/home/oracle
oracle@acm-702:~> cd deploy
oracle@acm-702:~/deploy> ./customizeACM.sh

You have not specified an archive ear file to customize.

The current ear file deployed to Wildfly is stored at /home/oracle/archive/aveksa_7.0.2_126845-2017-Jul-05-32.ear

Do you want to customize that archived ear file [yes/no]? yes
Customization dir being cleaned: /tmp/customizeACM

Unzipping aveksa.war and  aveksa.ear
    [unzip] Expanding: /home/oracle/archive/aveksa_7.0.2_126845-2017-Jul-05-32.ear into /tmp/customizeACM
    [unzip] Expanding: /tmp/customizeACM/aveksa_war into /tmp/customizeACM/aveksa/war

Ready for customization.  Please go to /tmp/customizeACM to continue modifications.
oracle@acm-702:~/deploy>



This change persists patches, because our patches take the current .ear (that has your third-party .jars in it) and overwrites all our files with the new ones in the newer patch.  For more instructions, please refer to the RSA Identity Governance & Lifecycle Installation Guide for your version.



  1.  Place the driver .jar file (for  example: jtds-1.3.1.jar ) in /tmp/customizeACM/aveksa.war/WEB-INF/LocalAgent/common/lib/
  2. When you finish modifying the files, run the customizeACM.sh script again to rebuild the .ear file. cd /home/oracle/deploy



oracle@acm-702:~> pwd
/home/oracle
oracle@acm-702:~> cd deploy
oracle@acm-702:~/deploy> customizeACM.sh –d

Verifying that Wildfly is running

Jul 05, 2018 11:13:28 AM java_util_logging_Logger$info$0 call
INFO: checkIfWildFlyRunning -  Checking server status
Jul 05, 2018 11:13:28 AM java_util_logging_Logger$info$0 call
INFO: Connecting to check connection
WARN: can't find jboss-cli.xml. Using default configuration values.
Jul 05, 2018 11:13:29 AM org.xnio.Xnio <clinit>
INFO: XNIO version 3.3.0.Final
Jul 05, 2018 11:13:29 AM org.xnio.nio,NioXnio <clinit>
INFO: XNIO NIO Implementation version 3.3.0.Final
Jul 05, 2018 11:13:29 AM org.jboss.remoting3.EndpointImp <cint
INFO: JBoss Remoting version 4.0.6.Final
Jul 05, 2018 11:13:30 AM java_util_logging_Logger$info$0 call
INFO: checkIfWildFlyRunning - Found server in running state
Jul 05, 2018 11:13:30 AM java_util_logging_Logger$info$0 call
INFO: Terminate session

Wildfly is running

Repackaging the aveksa.war and aveksa.ear

Archive name is aceksa_7.0.2_126845+P07-2018-Jul-05-11.13 ear

Creating aveksa.ear file for deployment
     [zip] Building zip:  /tmp/customizeACM/aveksa.war
     [zip] Building zip: /tmp/customizeACM/aveksa.ear
    [copy] Copying 1 file to /home/oracle/archive

Undeploying current ear...

Deploying new customized ear...       this may take a while...

Updating CURRENTLY_DEPLOYED_ARCHIVE to aveksa_7.0.2_126845_P07-2018-Jul-05-11.13.ear


The script performs the following tasks:



  1. It archives the new .ear file to /home/oracle/archive, appending a time and date stamp to the name, and
  2. It deploys the new customized .ear file.



3.  Restart RSA Identity Governance & Lifecycle




In order to leverage this new configuration, restart the RSA Identity Governance & Lifecycle service:



  1. Log in as root or the admin user.
  2. Run the following:



sudo service aveksa_server restart



You will see a line in the output referring to the change in the WildFly stdout.log file, located in the /home/oracle/wildfly/standalone/log.


NotesPlease note that installing the jTDS JDBC driver is an example. You may use this approach for including any custom/external JDBC driver.

To get this driver working with AFX, please refer to article 000029641 - How to install the third party jTDS database driver using RSA Identity Governance & Lifecycle Access Fulfillment Express (AFX).

Attachments

    Outcomes