Chapter 2. Installing the software
You can install Red Hat Single Sign-On by downloading a ZIP file and unzipping it, or by using an RPM. This chapter reviews system requirements as well as the directory structure.
2.1. Installation prerequisites
These prerequisites exist for installing the Red Hat Single Sign-On server:
- An operating system that runs Java
- Java 8 JRE or Java 11 JRE
- zip or gzip and tar
- At least 512M of RAM
- At least 1G of diskspace
- A shared external database like PostgreSQL, MySQL, Oracle, etc. Red Hat Single Sign-On requires an external shared database if you want to run in a cluster. Please see the database configuration section of this guide for more information.
- Network multicast support on your machine if you want to run in a cluster. Red Hat Single Sign-On can be clustered without multicast, but this requires a bunch of configuration changes. Please see the clustering section of this guide for more information.
-
On Linux, it is recommended to use
/dev/urandom
as a source of random data to prevent Red Hat Single Sign-On hanging due to lack of available entropy, unless/dev/random
usage is mandated by your security policy. To achieve that on Oracle JDK 8 and OpenJDK 8, set thejava.security.egd
system property on startup tofile:/dev/urandom
.
2.2. Installing RH-SSO from a ZIP file
The Red Hat Single Sign-On server download ZIP file contains the scripts and binaries to run the Red Hat Single Sign-On server. You install the 7.5 server first, then the 7.5.3 server patch.
Procedure
- Go to the Red Hat customer portal.
- Download the Red Hat Single Sign-On 7.5 server.
-
Unpack the ZIP file using the appropriate
unzip
utility, such as unzip, tar, or Expand-Archive. - Return to the Red Hat customer portal.
-
Click the
Patches
tab. - Download the Red Hat Single Sign-On 7.5.3 server patch.
- Place the downloaded file in a directory you choose.
-
Go to the
bin
directory of JBoss EAP. Start the JBoss EAP command line interface.
Linux/Unix
$ jboss-cli.sh
Windows
> jboss-cli.bat
Apply the patch.
$ patch apply <path-to-zip>/rh-sso-7.5.3-patch.zip
Additional resources
For more details on applying patches, see Patching a ZIP/Installer Installation.
2.3. Installing RH-SSO from an RPM
With Red Hat Enterprise Linux 7 and 8, the term channel was replaced with the term repository. In these instructions only the term repository is used.
You must subscribe to both the JBoss EAP 7.4 and RH-SSO 7.5 repositories before you can install RH-SSO from an RPM.
You cannot continue to receive upgrades to EAP RPMs but stop receiving updates for RH-SSO.
2.3.1. Subscribing to the JBoss EAP 7.4 repository
Prerequisites
- Ensure that your Red Hat Enterprise Linux system is registered to your account using Red Hat Subscription Manager. For more information see the Red Hat Subscription Management documentation.
- If you are already subscribed to another JBoss EAP repository, you must unsubscribe from that repository first.
For Red Hat Enterprise Linux 6, 7: Using Red Hat Subscription Manager, subscribe to the JBoss EAP 7.4 repository using the following command. Replace <RHEL_VERSION> with either 6 or 7 depending on your Red Hat Enterprise Linux version.
subscription-manager repos --enable=jb-eap-7.4-for-rhel-<RHEL_VERSION>-server-rpms --enable=rhel-<RHEL_VERSION>-server-rpms
For Red Hat Enterprise Linux 8: Using Red Hat Subscription Manager, subscribe to the JBoss EAP 7.4 repository using the following command:
subscription-manager repos --enable=jb-eap-7.4-for-rhel-8-x86_64-rpms --enable=rhel-8-for-x86_64-baseos-rpms --enable=rhel-8-for-x86_64-appstream-rpms
2.3.2. Subscribing to the RH-SSO 7.5 repository and installing RH-SSO 7.5
Prerequisites
- Ensure that your Red Hat Enterprise Linux system is registered to your account using Red Hat Subscription Manager. For more information see the Red Hat Subscription Management documentation.
- Ensure that you have already subscribed to the JBoss EAP 7.4 repository. For more information see Subscribing to the JBoss EAP 7.4 repository.
Procedure
For Red Hat Enterprise Linux 6, 7: Using Red Hat Subscription Manager, subscribe to the RH-SSO 7.5 repository using the following command. Replace <RHEL_VERSION> with either 6 or 7 depending on your Red Hat Enterprise Linux version.
subscription-manager repos --enable=rh-sso-7.5-for-rhel-<RHEL-VERSION>-server-rpms
For Red Hat Enterprise Linux 8: Using Red Hat Subscription Manager, subscribe to the RH-SSO 7.5 repository using the following command:
subscription-manager repos --enable=rh-sso-7.5-for-rhel-8-x86_64-rpms
For Red Hat Enterprise Linux 6, 7: Install RH-SSO from your subscribed RH-SSO 7.5 repository using the following command:
yum groupinstall rh-sso7
For Red Hat Enterprise Linux 8: Install RH-SSO from your subscribed RH-SSO 7.5 repository using the following command:
dnf groupinstall rh-sso7
Your installation is complete. The default RH-SSO_HOME path for the RPM installation is /opt/rh/rh-sso7/root/usr/share/keycloak.
Additional resources
For details on installing the 7.5.3 patch for Red Hat Single Sign-On, see RPM patching.
2.4. Important directories
The following are some important directories in the server distribution.
- bin/
- This contains various scripts to either boot the server or perform some other management action on the server.
- domain/
- This contains configuration files and working directory when running Red Hat Single Sign-On in domain mode.
- modules/
- These are all the Java libraries used by the server.
- standalone/
- This contains configuration files and working directory when running Red Hat Single Sign-On in standalone mode.
- standalone/deployments/
- If you are writing extensions to Red Hat Single Sign-On, you can put your extensions here. See the Server Developer Guide for more information on this.
- themes/
- This directory contains all the html, style sheets, JavaScript files, and images used to display any UI screen displayed by the server. Here you can modify an existing theme or create your own. See the Server Developer Guide for more information on this.