Enable CDSSO for the Centralized Mode policy agent profile.
Log in to the OpenSSO Enterprise server as an administrator.
In the OpenSSO Enterprise administration console, go to Realm > Agents > Web Agents > Agent_Name > SSO.
Enable the property Cross Domain SSO.
Set the value for the CDSSO Servlet URL.
Example:
lb2_server_protocol://lb2_server.hostname:lb2_server.port/server-deployment-uri/cdservlet |
Enable CDSSO for the Local Mode policy agent profile:
Edit OpenSSOAgentConfiguration.properties and set CDSSO related parameters. Example:
com.sun.identity.agents.config.cdsso.enable = true com.sun.identity.agents.config.cdsso.cdcservlet.url[0] = lb2_server_protocol://lb2_server.hostname: lb2_server.port/server-deployment-uri/cdcservlet |
Enable Cookie Hijacking Prevention in the OpenSSO Enterprise server.
Log in OpenSSO Enterprise server as an administrator.
In the OpenSSO Enterprise administration console, go to Configuration >Sites and Server >Default server settings > Advanced and set the following properties:
com.sun.identity.enableUniqueSSOTokenCookie=true com.sun.identity.authentication.uniqueCookieName=sunIdentityServerAuthNServer com.sun.identity.authentication.uniqueCookieDomain= server domain |
Go to Configuration > System > Platform .
Remove server domain and add the server host name.
If OpenSSO Enterprise is deployed behind a load balancer, then in step 3c, do not use the OpenSSO server host name. Instead, be sure to use the load balancer host name.