Symantec Access Management

Hi all.

We have installed new policy servers version 12.6 and are proceeding in our parallel migration from SSO 12.0 to SSO 12.6

In order to reflect the same functionality and customization, I need to point to the same jar files in the JVMOPTIONS.TXT
The strange thing is that the jvmoptions.txt in the new release 12.6 contains very few objects in particular in the

- Djava.class.path, where only these object are configured:

-Djava.class.path=C:/Program Files (x86)/CA/siteminder/resources;C:/Program Files

(x86)/CA/siteminder/config/properties;C:/Program Files (x86)/CA/siteminder/bin/jars/smbootstrap.jar

Usually the JvmOptions.txt contained a lot of object (without considering specific custom jar). What about all of the other "old" jar and path that were configured by default during installation of the previous policy server version?

These are the objects:
OLD JVMOPTION.TXT

E:/Program Files (x86)/CA/siteminder/config/properties
E:/Program Files (x86)/CA/siteminder/bin/jars/SmJavaApi.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/SmActiveExpr.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/variableapi.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/util.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/util_sdk.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/smkeydatabase.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/jce1_2_1.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/js.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/xercesImpl.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/xml-apis.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/resolver.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/xmlsec-1.4.3.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/cryptoj.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/cryptojFIPS.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/certj.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/ldapjdk.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/openldap.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/sslj.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/codebase.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/soap.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/javax.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/jaxb-api.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/jaxb-impl.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/jaxb-libs.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/jaxb-xjc.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/jax-qname.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/commons-logging-api-1.1.1.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/commons-logging-1.1.1.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/namespace.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/relaxngDatatype.jar
E:/Program Files (x86)/CA/siteminder/bin/endorsed/xsdlib.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/affwebservices.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/smerrlog.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/smfedservercomponent.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/assertiongenerator.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/saml.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/saml2.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/saml2Gen.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/ws.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/wsgen.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/saml2Security.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/federationps.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/smauthsaml.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/srca.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/smsamlattributeauthority.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/SmAuthInfoCard.jar
E:/Program Files (x86)/CA/siteminder/bin/jars/InfoCardHiggins.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/commons-lang-2.1.jar
E:/Program Files (x86)/CA/siteminder/bin/thirdparty/commons-chain-1.1.jar

NEW JVMOPTION.TXT (12.6):
-Djava.class.path=C:/Program Files (x86)/CA/siteminder/resources;C:/Program Files (x86)/CA/siteminder/config/properties;C:/Program Files (x86)/CA/siteminder/bin/jars/smbootstrap.jar

If any custom code was created, it will use a specific .jar that must be added manually into the JvmOptions.txt. But what about the other object? How we can be sure all code will works correctly in case it used "standard" jar inserted in the 12.0 jvmoptions?

Thanks all

My guess is that those jars that it was referring to in old version may have been moved into one of these two directories :

C:/Program Files (x86)/CA/siteminder/resources;

C:/Program Files(x86)/CA/siteminder/config/properties;

Can you please verify ?

Hi Ujwol,

looking for the folder,

C:/Program Files (x86)/CA/siteminder/resources  ----> This folder contains only files .properties (like activeExpression_en.properties, Tunnel_en.properties)... etc. All of these files are text files to configure the localization messagges of the several transactions.

C:/Program Files(x86)/CA/siteminder/config/properties;---> This folder is the same folder present in the jvmoptions of the older 12.0 release. But now we are missing all of the other objects

Ho we can proceed?

Thanks

Starting in R12.51 we have given reference links in smbootstrap.jar file

Manifest-Version: 1.0
Class-Path: . ../../config/properties ../../resources smi18n.jar SmJav
 aApi.jar SmActiveExpr.jar tmsigservice.jar domutils.jar variableapi.j
 ar util.jar util_sdk.jar smkeydatabase.jar ../thirdparty/jce1_2_1.jar
  ../thirdparty/js.jar ../endorsed/xercesImpl.jar ../endorsed/xml-apis
 .jar ../endorsed/resolver.jar ../endorsed/serializer.jar ../thirdpart
 y/activation.jar ../endorsed/xmlsec-1.4.3.jar ../endorsed/commons-log
 ging-api-1.1.1.jar ../endorsed/commons-logging-1.1.1.jar ../thirdpart
 y/cryptoj.jar ../thirdparty/cryptojFIPS.jar ../thirdparty/certj.jar .
 ./thirdparty/ldapjdk.jar ../thirdparty/openldap.jar ../thirdparty/ssl
 j.jar ../thirdparty/codebase.jar ../thirdparty/soap.jar ../thirdparty
 /javax.jar ../endorsed/jaxb-api.jar ../endorsed/jaxb-impl.jar ../endo
 rsed/jaxb-libs.jar ../endorsed/jaxb-xjc.jar ../endorsed/jax-qname.jar
  ../thirdparty/namespace.jar ../endorsed/relaxngDatatype.jar ../endor
 sed/xsdlib.jar ../endorsed/xalan.jar ../thirdparty/log4j-1.2.8.jar af
 fwebservices.jar smerrlog.jar smfedservercomponent.jar assertiongener
 ator.jar saml.jar saml2.jar saml2Gen.jar ws.jar wsgen.jar saml2Securi
 ty.jar federationps.jar smauthsaml.jar srca.jar smsamlattributeauthor
 ity.jar SmAuthInfoCard.jar InfoCardHiggins.jar SmAuthCert.jar SmAuthO
 penID.jar SmAuthOAuth.jar smadminapi.jar smrpc.jar smcaproducts.jar f
 edutil.jar fedserver.jar fedsecurity.jar fedshared.jar fedcommon.jar
 fedprotocol.jar fmdeploy.jar fmcrypto.jar juel-2.1.2.jar fedsdk.jar o
 penformatexpression.jar smagentapi.jar ../thirdparty/jvatk.jar ../thi
 rdparty/protobuf-java-2.4.1.jar ../thirdparty/commons-lang-2.1.jar ..
 /thirdparty/commons-chain-1.1.jar ../thirdparty/org.eclipse.higgins.c
 onfiguration.api.jar ../thirdparty/org.eclipse.higgins.sts.api.jar ..
 /thirdparty/org.eclipse.higgins.sts.common.jar ../thirdparty/org.ecli
 pse.higgins.sts.spi.jar ../thirdparty/org.eclipse.higgins.sts.xmlsecu
 rity.apache.jar ../thirdparty/commons-collections-3.2.1.jar ../thirdp
 arty/openid4java-0.9.6.jar ../thirdparty/httpclient-4.0.jar ../thirdp
 arty/httpcore-4.0.1.jar ../thirdparty/commons-codec-1.3.jar ../thirdp
 arty/guice-2.0.jar ../thirdparty/nekohtml.jar ../thirdparty/openxri-s
 yntax-1.2.0.jar ../thirdparty/openxri-client-1.2.0.jar ../thirdparty/
 icu4j-3.8.jar smopenformatcookie.jar

The default OOB JVMOPTION.txt has more of less only these lines. This is from R12.52 SP1 CR02 OOB.

-server
-Xbootclasspath/p:C:/CA/siteminder/bin/endorsed/xercesImpl.jar;C:/CA/siteminder/bin/endorsed/xml-apis.jar;C:/CA/siteminder/bin/endorsed/resolver.jar;C:/CA/siteminder/bin/endorsed/serializer.jar
-XX:+AllowUserSignalHandlers
-Xrs
-Xms128m
-Xmx256m
-DNETE_PS_ROOT=C:/CA/siteminder
-Djavax.xml.parsers.DocumentBuilderFactory=org.apache.xerces.jaxp.DocumentBuilderFactoryImpl
-Djavax.xml.parsers.SAXParserFactory=org.apache.xerces.jaxp.SAXParserFactoryImpl
-Dorg.apache.xerces.xni.parser.XMLParserConfiguration=org.apache.xerces.parsers.XML11Configuration
-Dorg.xml.sax.driver=org.apache.xerces.parsers.SAXParser
-Djava.endorsed.dirs=C:/CA/siteminder/bin/endorsed
-Djava.class.path=C:/CA/siteminder/resources;C:/CA/siteminder/config/properties;C:/CA/siteminder/bin/jars/smbootstrap.jar
-Djava.util.logging.config.file=C:/CA/siteminder/config/properties/logging.properties

So what we see in 12.6 is correct.

It could be possible that either 12.0 had those OR were added manually later.

I would recommend testing with OOB JVMOPTIONS.txt and seeing the results OR backup the JVMOPTIONS.txt then update manually. 

Also I have a slight doubt about 12.6 being GA? Are you doing the BETA Testing, then it'd be best to add the query in the BETA Validation Testing forum.

Regards

Hubert