Chapter 2. Installation

You can install Red Hat Single Sign-On by downloading a ZIP file and unzipping it, or by using an RPM. This chapter reviews system requirements as well as the directory structure.

2.1. System Requirements

These are the requirements to run the Red Hat Single Sign-On authentication server:

  • Can run on any operating system that runs Java
  • Java 8 JDK
  • zip or gzip and tar
  • At least 512M of RAM
  • At least 1G of diskspace
  • A shared external database like Postgres, MySql, Oracle, etc. Red Hat Single Sign-On requires an external shared database if you want to run in a cluster. Please see the database configuration section of this guide for more information.
  • Network multicast support on your machine if you want to run in a cluster. Red Hat Single Sign-On can be clustered without multicast, but this requires a bunch of configuration changes. Please see the clustering section of this guide for more information.
  • On Linux, it is recommended to use /dev/urandom as a source of random data to prevent Red Hat Single Sign-On hanging due to lack of available entropy, unless /dev/random usage is mandated by your security policy. To achieve that on Oracle JDK 8 and OpenJDK 8, set the java.security.egd system property on startup to file:/dev/urandom.

2.2. Installing RH-SSO from a ZIP File

The Red Hat Single Sign-On Server is contained in one distribution file: rh-sso-7.2.5.GA.zip.gz.

The rh-sso-7.2.5.GA.zip.gz archive is the server-only distribution. It contains only the scripts and binaries to run Red Hat Single Sign-On Server.

To unpack these files, run the unzip or gunzip utility.

2.3. Installing RH-SSO from an RPM

Note

With Red Hat Enterprise Linux 7, the term channel was replaced with the term repository. In these instructions only the term repository is used.

You must subscribe to both the JBoss EAP 7.1 and RH-SSO 7.2 repositories before you can install RH-SSO from an RPM.

Note

You cannot continue to receive upgrades to EAP RPMs but stop receiving updates for RH-SSO.

2.3.1. Subscribing to the JBoss EAP 7.1 Repository

Prerequisites

  1. Ensure that your Red Hat Enterprise Linux system is registered to your account using Red Hat Subscription Manager. For more information see the Red Hat Subscription Management documentation.
  2. If you are already subscribed to another JBoss EAP repository, you must unsubscribe from that repository first.

Using Red Hat Subscription Manager, subscribe to the JBoss EAP 7.1 repository using the following command. Replace <RHEL_VERSION> with either 6 or 7 depending on your Red Hat Enterprise Linux version.

subscription-manager repos --enable=jb-eap-7.1-for-rhel-<RHEL_VERSION>-server-rpms

2.3.2. Subscribing to the RH-SSO 7.2 Repository and Installing RH-SSO 7.2

Prerequisites

  1. Ensure that your Red Hat Enterprise Linux system is registered to your account using Red Hat Subscription Manager. For more information see the Red Hat Subscription Management documentation.
  2. Ensure that you have already subscribed to the JBoss EAP 7.1 repository. For more information see Subscribing to the JBoss EAP 7.1 repository.

To subscribe to the RH-SSO 7.2 repository and install RH-SSO 7.2, complete the following steps:

  1. Using Red Hat Subscription Manager, subscribe to the RH-SSO 7.2 repository using the following command. Replace <RHEL_VERSION> with either 6 or 7 depending on your Red Hat Enterprise Linux version.

    subscription-manager repos --enable=rh-sso-7.2-for-rhel-<RHEL-VERSION>-server-rpms
  2. Install RH-SSO from your subscribed RH-SSO 7.2 repository using the following command:

    yum groupinstall rh-sso7

Your installation is complete. The default RH-SSO_HOME path for the RPM installation is /opt/rh/rh-sso7/root/usr/share/keycloak.

2.4. Distribution Directory Structure

This chapter walks you through the directory structure of the server distribution.

distribution directory structure

distribution

Let’s examine the purpose of some of the directories:

bin/
This contains various scripts to either boot the server or perform some other management action on the server.
domain/
This contains configuration files and working directory when running Red Hat Single Sign-On in domain mode.
modules/
These are all the Java libraries used by the server.
standalone/
This contains configuration files and working directory when running Red Hat Single Sign-On in standalone mode.
themes/
This directory contains all the html, style sheets, javascript files, and images used to display any UI screen displayed by the server. Here you can modify an existing theme or create your own. See the Server Developer Guide for more information on this.