Install OpenSSO Enterprise in the Identity Provider Environment.
OpenSSO Enterprise is not the only supported access control software that can be used in the Identity Provider. But for optimum protocol interoperability, choosing OpenSSO Enterprise is a good practice. For detailed installation and configuration information, see the Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide.
Ideally, Service Provider and Identity Provider are deployed in two different domains. At minimum, the cookie domains should be different to ensure cookie validation consistency.
Install OpenSSO Enterprise in the Service Provider Environment.
The OpenSSO Enterprise in the Service Provider environment is the SAML2 protocols initiator. The SiteMinder Web Agent can protect the enterprise application, but will still redirect to OpenSSO Enterprise for single sign-on purposes.