Adding Services

A number of services can be added to a realm for more fine-grained configuration. These services may contain Global attributes (which are common to the OpenSSO Enterprise instance and inherited by all configured realms), Realm attributes (which can be customized per realm after the service has been added to it) and Dynamic attributes (which are inherited by users that belong to the realm in which the value is defined). Default values for all attributes in these services can be defined under the Configuration tab in the OpenSSO Enterprise console. The services that can be added to a realm include:

Administration

The Administration service is used to customize tasks performed by the OpenSSO Enterprise console. Default values for the Administration service are defined for the console under the Configuration tab in the OpenSSO Enterprise console. By adding the Administration service to a realm, the realm's administrator can customize these values per realm.

Discovery Service

An identity service is a web service that supports the query and modification of data regarding a principal. An identity service might host, for example, a principal's profile, such as name, address and phone number, or it might hold more sensitive information like a credit card number. The initial step in accessing the identity data a client is requesting is to determine in which identity service it is hosted. A resource offering defines the association between a piece of identity data and the identity service that provides access to it. A discovery service is a registry of resource offerings. By adding the Discovery Service to a realm, the realm's administrator can add resource offerings at the realm level as opposed to the user level.

---

Note –

This functionality is designed for business to business use cases.

---

Globalization Settings

The Globalization Settings service contains attributes to customize OpenSSO Enterprise for different locales and character sets. Default values for the Globalization Settings service are defined for the console under the Configuration tab in the OpenSSO Enterprise console. By adding the Globalization Settings service to a realm, the realm's administrator can customize these values per realm.

Password Reset

The Password Reset service allows users to reset their configured password or to receive an email message containing a new password. The Password Reset service does not need to be added to the realm in which a user resides to work. If the Password Reset service is not added to the realm in which the user resides, it will inherit the attribute values defined globally for the service under the Configuration tab in the OpenSSO Enterprise console. By adding the Password Reset service to a realm, the realm's administrator can customize these values per realm.

Policy Configuration

The Policy Configuration service is added to a realm, by default, when the realm is created. Default values for the Policy Configuration service are defined globally under the Configuration tab in the OpenSSO Enterprise console but the realm's administrator can customize them as needed. The service contains properties related to the Policy Service itself.

Session

The Session service defines values for properties that pertain to an authenticated user's session. This includes information such as maximum session time and maximum idle time. Default values for the Session service are defined globally under the Configuration tab in the OpenSSO Enterprise console. By adding the Session service to a realm, the realm's administrator can customize certain properties per realm.

User

Default user preferences for properties like time zone and locale are defined with the User service. Default values for the User service are defined globally under the Configuration tab in the OpenSSO Enterprise console. By adding the User service to a realm, the realm's administrator can customize certain properties per realm.

The following procedures pertain to adding and managing a realm's services.

• To Add a Service to a Realm

• To Modify the Attributes of a Realm's Added Services

To Add a Service to a Realm

Before You Begin

This procedure assumes you are logged into the OpenSSO console as the administrator, amAdmin.

1. Click the Access Control tab.

2. Click the name of the realm to which the service will be added.

3. Click the Services tab.

4. Click Add in the Services list.

5. Select the service you want to add.

6. Click Next.

7. Configure the service by defining values for the appropriate attributes.

8. Click Finish.

   The service will be listed under Services.

To Modify the Attributes of a Realm's Added Services

Before You Begin

This procedure assumes you are logged into the OpenSSO console as the administrator, amAdmin.

1. Click the Access Control tab.

2. Click the name of the realm that contains the service to be modified.

3. Click the Services tab.

4. Click the name of the service you are modifying.

5. Edit the appropriate values.

6. Click Save to save the new values.