How to Upgrade the JDK version for Siteminder AdminUI
search cancel

How to Upgrade the JDK version for Siteminder AdminUI

book

Article ID: 235267

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Federation (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction

The Symantec Siteminder Administrative UI bundles the following versions of JAVA JRE:

r12.8.3:      AdoptOpenJDK 1.8.0_212-b04
r12.8.4:      AdoptOpenJDK 1.8.0_212-b04
r12.8.5:      AdoptOpenJDK 1.8.0_212-b04
r12.8.6/6a: AdoptOpenJDK 1.8.0.302.b08
r12.8.7:      AdoptOpenJDK 1.8.0.322.b06

NOTE: Upgrading the JAVA JDK is done at ones own risk.  Each version is not validated by the Siteminder QA team.  Customer's should implement a detailed upgrade plan, along with adequate testing and a rollback plan.  It is advisable to implement and test in a lower environment rather than testing in PRD.

Environment

Release : 12.8.x

Component : SITEMINDER Admin UI

Cause

Analyzing the file system of an r12.8.7 AdminUI installation, we find 3 instances of 'JAVA.exe' in different paths:

=============================
<Install_Dir>\SiteMinder\adminui\install_config_info\install_config_jre\bin\JAVA.exe
-> Oracle JAVA JRE 1.8.0.51.16

--> (above) is the path to the version of JAVA used by Install Anywhere to install JBOSS Wildfly.

---------------------------

<Install_Dir>\SiteMinder\adminui\runtime\bin\JAVA.exe
-> AdoptOpenJDK 1.8.0.3220.6

<Install_Dir>\SiteMinder\adminui\runtime\jre\bin\JAVA.exe
-> AdoptOpenJDK 1.8.0.3220.6

--> (above) is the path to the version of JAVA used by the Siteminder AdminUI
=============================

Note that the installer uses Oracle JAVA JRE, while the Siteminder AdminUI is bundled with AdoptOpenJDK JRE.

If a vulnerability has been published, you may want to upgrade the version of JAVA installed.  Here, the installer is using Oracle JAVA JRE 1.8.0.51.16, which has published vulnerabilities.

 

Resolution

How to Update JAVA on the Siteminder Administrative UI.

1) Download Oracle Java SE Runtime Environment (JRE) 1.8.x (8uxxx) from Oracle. (Download the 'Compressed Archive' version)

Downloads: https://www.oracle.com/java/technologies/javase/javase8u211-later-archive-downloads.html

example:

Windows: jre-8u381-windows-x64.tar.gz
Linux: jre-8u381-linux-x64.tar.gz

NOTE: Must be Oracle Java SE Runtime Environment (JRE) 1.8.x (8uxxx) from Oracle


2) Download AdoptOpenJDK JRE 1.8.x (jdk8uxxx-bxx) from Adoptium. (Download the JRE Binary)

Downloads: https://adoptium.net/temurin/archive/?version=8

example:

Windows: OpenJDK8U-jre_x64_windows_hotspot_8u392b08.zip
Linux:       OpenJDK8U-jre_x64_linux_hotspot_8u392b08.tar.gz

NOTE: Must be AdoptOpenJDK JRE 1.8.x (jdk8uxxx-bxx) from Adoptium

3) Copy both the Oracle JAVA and AdoptOpenJDK packages to the Siteminder AdminUI Host

4) Decompress both the Oracle JAVA and AdoptOpenJDK packages to their own directories.

5) Back-up the following directories:

<Install_Dir>\SiteMinder\adminui\install_config_info\install_config_jre\bin\
<Install_Dir>\SiteMinder\adminui\install_config_info\install_config_jre\lib\

<Install_Dir>\SiteMinder\adminui\runtime\bin\
<Install_Dir>\SiteMinder\adminui\runtime\lib\

<Install_Dir>\SiteMinder\adminui\runtime\jre\bin\
<Install_Dir>\SiteMinder\adminui\runtime\jre\lib\

EXAMPLE:

cp -r /<Install_Dir>/SiteMinder/adminui/install_config_info/install_config_jre/bin /<Install_Dir>/SiteMinder/adminui/install_config_info/install_config_jre/bin-BAK

Update the JAVA for Install Anywhere (JBOSS Wildfly)

1) Stop the Siteminder AdminUI server

2) Copy the binary files from the new Oracle JRE binaries to the Siteminder AdminUI installer

Source: <install_Dir>/jre-8u381-linux-x64/jre1.8.0_381/bin/*

Destination: <Install_Dir>/SiteMinder/adminui/install_config_info/install_config_jre/bin/

3) Copy the library files from the new Oracle JRE binaries to the Siteminder AdminUI installer

Source: <install_Dir>/jre-8u381-linux-x64/jre1.8.0_381/lib/*

Destination: <Install_Dir>/SiteMinder/adminui/install_config_info/install_config_jre/lib/

NOTE: DOT NOT replace the /bin and /lib directories. Copy the FILES from the source directories to the target directories.

example:

cp -rf <install_Dir>/jre-8u381-linux-x64/jre1.8.0_381/bin/* <Install_Dir>/SiteMinder/adminui/install_config_info/install_config_jre/bin/

4) Start the Siteminder AdminUI serer

5) Deleted the backed-up directories

<Install_Dir>\SiteMinder\adminui\install_config_info\install_config_jre\bin-BAK
<Install_Dir>\SiteMinder\adminui\install_config_info\install_config_jre\lib-BAK

Update the JAVA for the Siteminder AdminUI

OPTION #1

1) Stop the Siteminder AdminUI server

2) Copy the binary files from the new AdoptOpenJDK binaries to the Siteminder AdminUI

Source: <install_Dir>/OpenJDK8U-jre_x64_linux_hotspot_8u392b08/jdk8u392-b08-jre/bin/*

Destinations: <Install_Dir>/SiteMinder/adminui/runtime/bin/
                      <Install_Dir>/SiteMinder/adminui/runtime/jre/bin/

3) Copy the library files from the new AdoptOpenJDK binaries to the Siteminder AdminUI

Source: <install_Dir>/OpenJDK8U-jre_x64_linux_hotspot_8u392b08/jdk8u392-b08-jre/lib/*

Destinations: <Install_Dir>/SiteMinder/adminui/runtime/lib/
                      <Install_Dir>/SiteMinder/adminui/runtime/jre/lib/

NOTE: DOT NOT replace the /bin and /lib directories. Copy the FILES from the source directories to the target directories.

example:

cp -rf <install_Dir>/OpenJDK8U-jre_x64_linux_hotspot_8u392b08/jdk8u392-b08-jre/bin/* <Install_Dir>/SiteMinder/adminui/runtime/bin/

4) Start the Siteminder AdminUI

5) Test functionality to verify upgrade was successful

6) Delete the backed-up directories

<Install_Dir>\SiteMinder\adminui\runtime\bin-BAK
<Install_Dir>\SiteMinder\adminui\runtime\lib-BAK

<Install_Dir>\SiteMinder\adminui\runtime\jre\bin-BAK
<Install_Dir>\SiteMinder\adminui\runtime\jre\lib-BAK

OPTION #2:

1) Stop the Siteminder AdminUI

2) Install an upgraded version of the AdoptOpenJDK 1.8.x.

3) Edit the 'standalone.sh' script to point the 'JAVA_HOME' environment variable to the new AdoptOpenJDK instance

<Install_Dir>/SiteMinder/adminui/bin/standalone.sh

JAVA_HOME="<install_Dir>/OpenJDK8U-jre_x64_linux_hotspot_8u392b08/jdk8u392-b08-jre"

4) Start the Siteminder AdminUI

5) Test functionality to verify upgrade was successful

6) Delete the backed-up directories

<Install_Dir>\SiteMinder\adminui\runtime\bin-BAK
<Install_Dir>\SiteMinder\adminui\runtime\lib-BAK

<Install_Dir>\SiteMinder\adminui\runtime\jre\bin-BAK
<Install_Dir>\SiteMinder\adminui\runtime\jre\lib-BAK

 

Additional Information

AdminUI R12.8.x does not work with Oracle JAVA  11 or AdoptOpenJDK 11.

Powered by Wolken Software