Using the Policy Manager Services Feature
Learn how to install the Policy Manager Services feature.
Note: This document references the version of the Admin Console that is the default up to and including version 2022.1.0, but does not show the redesigned Admin Console available as an option in version 2022.1.0. For an overview of the new user interface, plus illustrations, see Admin Console 2022.1.0—Overview.
Table of Contents
- Introduction
- Step 1: Installation Prerequisites
- Step 2: Install Policy Manager Services Feature
- Step 3: Configure PKI Keys
- Step 4: Configure Database Options
- Step 5: Perform Provisioning (PM80)
- Step 6: Configure Policy Manager Administrator Credentials
- Step 7: Complete Configuration
Introduction
This feature includes services provided by the central Policy Manager governance application. These services include, but are not limited to, UDDIv2 and UDDIv3, WS-MetadataExchange, Container Configuration, an XACML Policy Decision Point, a WS-Trust Security Token Service, Alert reporting, and RESTful interfaces to the governance model. In addition, this feature includes engines for performing Quality of Service calculations and health and status monitoring.
Note: Managed Services, Scheduled Jobs, Security Services features are installed as part of this feature installation.
Step 1: Installation Prerequisites
- Installation of one of the supported platform versions.
- A Policy Manager container must be defined using the Configure Container Instance Wizard.
- If you are using MySQL 5.6 with Policy Manager 8.0 and/or Policy Manager 8.0 and Community Manager 8.0 a series of MySQL property settings must be configured. See MySQL Database Property Settings.
Step 2: Install Policy Manager Services Feature
- Launch the Admin Console (http://{hostname}:{port}/admin/).
- On the Installed Features screen, from the Filter menu, select Feature.
- Select the Policy Manager Services feature and click Install Feature.
- After the installation is complete, click Configure and continue to Step 3.
Step 3: Configure PKI Keys
- The Manage PKI Keys wizard allows you to configure the private key and certificate for the container when communicating with a governance console.
- Select a Key Management Option and click Next. For this walkthrough we will use the default key option Generate PKI Keys & X.509 Certificate.
- Refer to Managing Keys and Certificates for more information about each option and configuration instructions.
- After completing the key management task, click Next to continue.
Step 4: Configure Database Options
- The Configure Database Options Wizard > Select Database Option screen provides options for selecting the database to be used with the current container configuration.
For Oracle, choose Oracle Service Name (not SID). See Use Oracle Service Name, not SID (database notes, installation documentation).
Note: If you're using Oracle 18c or later, it's important that you create the database first, and then, in the Configure Database Options wizard, choose the Use Existing Database option (see Database creation, Oracle 18c or later).
For more information about available options, properties for your specific database type, and configuration instructions, refer to Configure Database Options / Add Database.
For MSSQL users. Complete the following steps after you configure MSSQL and receive the summary screen confirmation.
- You must set the quartz trigger property to True. This is a required to prevent database dead-locks.
- Select the Configuration tab and the com.soa.scheduler.quartz Configuration Category. Change the org.quartz.jobStore.acquireTriggersWithinLock property to B. Resume the Policy Manager configuration after completing this task.
For MSSQL Users
Complete the following steps after you configure MSSQL and receive the summary screen confirmation. You must set the quartz trigger property to True. This is a required to prevent database dead-locks.
- Select the Configuration tab and the com.soa.scheduler.quartz Configuration Category.
- Change the org.quartz.jobStore.acquireTriggersWithinLock property to True and click Apply Changes.
- After completing this task, resume the Policy Manager configuration.
For MySQL 5.6 and Users (Policy Manager 8.0 and Community Manager 8.0 only)
If you are using MySQL 5.6 with Policy Manager 8.0 and/or Policy Manager 8.0 and Community Manager 8.0 a series of MySQL property settings must be configured. See MySQL Database Property Settings.
Step 5: Perform Provisioning
Provisioning initializes resources associated with the current feature set being installed. For example, if you install both the Policy Manager Services and Policy Manager Console features and enable provisioning, the system will add system services, default policies, default workflows, a default container to the Policy Manager Management Console, and will create a Policy Manager Admin User account. In this scenario, if you did not enable provisioning, you would not be able to log into the Policy Manager Management Console unless another Policy Manager container was provisioned.
Note: This feature is introduced in Policy Manager 8.0. If you are using an earlier Policy Manager version, skip this step.
There may be scenarios where provisioning is not required. For example, if the current deployment is using a read-only database you could disable provisioning.
- To enable provisioning, click the Perform Provisioning checkbox. Clear it to skip provisioning for the current feature set.
- Click Finish.
Note: This is a one-time configuration task performed in the Admin Console, and does not appear in the Configure > Configuration Categories section after you have completed the feature configuration.
Step 6: Configure Policy Manager Administrator Credentials
The Policy Manager Administrator Credentials screen is used to create an Administrator user account definition for logging into the Policy Manager Management Console. The user account definition is composed of a Username and Password. After restarting the Admin Console, you can log into the Policy Manager Management Console using the administrator credentials. The User Account definition can be updated via the Security tab.
Note: This is a one-time configuration task performed in the Admin Console, and does not appear in the Configure > Configuration Categories section after you have completed the feature configuration.
- In the Credentials section, enter Username, New Password, and Confirm New Password for the Policy Manager Administrator user account.
- Click Finish. The system restart message displays. Click OK to restart the system, click Cancel to restart the system later.
- At the Complete Configuration screen, continue to the next step.
Step 7: Complete Configuration
- The Complete Configuration task performs configuration operations associated with one or more Feature installations. Operations typically include starting components, setting property values, and initializing credentials.
- The system restart was initiated when Finish was clicked on the Credentials Summary screen. After the system restarts and initializes the installed features for use, click Close to log out of the Admin Console.
- To exit the wizard and perform a system restart later, click Close. Configuration changes are saved, and the Complete Configuration task is available via the Installed Features tab in the Pending Installation Tasks section.