Manualshelf

HP-UX AAA Server A.08.02.10 Administrator's Guide HP-UX 11i v3 (T1428-90093, November 2013)

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
41424344454647484950
<Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
clientAuth="false" protocol="TLS"
keystoreFile="<keystore-file>"
nl
keystorePass="<password>" />
IMPORTANT: Replace <password> with the password used to generate the keystore in
Step 1.
4. Stop and start Tomcat:
Stop -/opt/hpws22/tomcat/bin/shutdown.sh
Start - /opt/hpws22/tomcat/bin/startup.sh
5. Point your web browser to:
https://<hostname>:8443/aaa
Creating a Tomcat Identity Specifically for the HP-UX AAA Server
If several applications use Tomcat, you can configure Tomcat to have a user name and password
specifically for the AAA Server. All other applications using Tomcat will have a different user name
and password.
Complete the following steps to create a Tomcat identity specifically for your HP-UX AAA Server:
1. Search for the following line in/opt/hpws22/tomcat/conf/server.xml:
<!-- Tomcat Examples Context -->
Add the following code above this line:
<Context path="/aaa" docBase="aaa" debug="0"
reloadable="false" crossContext="false">
<Realm className="org.apache.catalina.realm.MemoryRealm"
debug="0" pathname="conf/aaa-users.xml"/>
</Context>
2. Open the /opt/hpws22/tomcat/conf/aaa-users.xml file.
3. Replace adminaaa with the new user name and password
4. Enter the following command:
$ export JAVA_HOME=/opt/java6
5. Stop Tomcat if it is running:
$ /opt/hpws22/tomcat/bin/shutdown.sh
6. Restart Tomcat:
$ /opt/hpws22/tomcat/bin/startup.sh
NOTE: Before starting and stopping the Remote Method Invocation (RMI) server,JAVA_HOME
environment variable must be set to appropriate path. For example, to use Java7, export
JAVA_HOME to the /opt/java7 path. path. If the JAVA_HOME environment variable is not
set or set incorrectly, the default value /opt/java6 is used to start and stop the RMI Server.
7. Stop the RMI objects if they are running:
$ /opt/aaa/remotecontrol/rmistop.sh
8. Set the shared library path to the OCI client or ODBC driver in the /opt/aaa/
remotecontrol/rmistart.sh script if you are implementing the SQL Access feature. See
the following README files for more information:
/opt/aaa/examples/sqlaccess/oracle-1/README: for Oracle - OCI
/opt/aaa/examples/sqlaccess/mysql-1/README: for MySQL - ODBC
See Chapter 22: “SQL Access” (page 248) for more information on the SQL Access feature.
9. Start the RMI objects:
Securing the HP-UX AAA Server 45