Downloading and Starting IG in Standalone Mode

This section describes how to install and start IG in standalone mode, from a .zip file.

Downloading the IG .zip File

Download IG
  1. Create a local installation directory for IG. The examples in this section use /path/to.

  2. Download IG-7.0.2.zip from the ForgeRock BackStage download site, and copy the .zip file to the installation directory:

    $ cp IG-7.0.2.zip /path/to/IG-7.0.2.zip
  3. Unzip the file:

    $ unzip IG-7.0.2.zip

    The directory /path/to/identity-gateway is created.

Starting IG With Default Settings

Use the following step to start the instance of IG, specifying the configuration directory where IG looks for configuration files. IG starts up by default on port 8080, and route-system.log is created in the logs directory.

Start IG With Default Settings
  1. Start IG:

    $ /path/to/identity-gateway/bin/start.sh
    ...
    ... started in 1234ms on ports : [8080]

    By default, the base location for IG configuration files is in $HOME/.openig, where $HOME/.openig is the instance directory. To read the configuration from a different location, specify the base location as an argument. The following example reads the configuration from the config directory under /path/to/instance-dir:

    $ /path/to/identity-gateway/bin/start.sh /path/to/instance-dir
  2. Check that IG is running in one of the following ways:

Starting IG With Custom Settings

By default IG runs on HTTP, on port 8080, from the instance directory $HOME/.openig.

The vertx property of admin.json finely-tune Vert.x instances. The connectors property of admin.json customizes server ports, TLS, and Vert.x-specific configurations. Each connectors object represents the configuration of an individual port.

To run IG on a different port, with custom settings, add the configuration file $HOME/.openig/config/admin.json, and restart IG. The following example starts IG on non-default ports, and configures Vert.x-specific options for the connection on port 9091:

{
  "connectors": [{
    "port": 9090
  },
  {
    "port": 9091,
    "vertx": {
      "maxWebSocketFrameSize": 128000,
      "maxWebSocketMessageSize": 256000,
      "compressionLevel": 4
    }
  }]
}

For information about the configuration of connectors, see "AdminHttpApplication (admin.json)".

Configure Environment Variables and System Properties

Configure environment variables and system properties for IG, as follows:

  • By adding environment variables on the command line when you start IG.

  • By adding environment variables in $HOME/.openig/bin/env.sh, where $HOME/.openig is the instance directory.

Starting IG With a Customized Router Scan Interval

By default, IG scans every 10 seconds for changes to the route configuration files. Any changes to the files are automatically loaded into the configuration without restarting IG. For more information about the router scan interval, see "Router".

The following example overwrites the default value of the Router scan interval to two seconds when you start up IG:

$ IG_ROUTER_SCAN_INTERVAL='2 seconds' /path/to/identity-gateway/bin/start.sh

Specifying Environment Variables for Key and JVM Options

The following example specifies environment variables in the IG env.sh file to customize JVM options and keys:

# Specify JVM options
JVM_OPTS="-Xms256m -Xmx2048m"

# Specify the DH key size for stronger ephemeral DH keys, and to protect against weak keys
JSSE_OPTS="-Djdk.tls.ephemeralDHKeySize=2048"

# Wrap them up into the JAVA_OPTS environment variable
export JAVA_OPTS="${JAVA_OPTS} ${JVM_OPTS} ${JSSE_OPTS}"

Stopping IG

Stop IG
  • In the terminal where IG is running, select CTRL+C to stop the service.

Read a different version of :