Sun OpenSSO Enterprise 8.0 Administration Reference

Preface


Note –

Please be advised that this book has been published for the OpenSSO Enterprise 8.0 Early Access release. The information contained in this book may not reflect the most current release of the software.


The Sun OpenSSO Enterprise 8.0 Administration Guide describes how to use the Sun JavaTM System OpenSSO Enterprise console as well as manage user and service data via the command line interface.

Who Should Use This Book

This book is intended for use by IT administrators and software developers who implement a web access platform using Sun Java System servers and software.

Before You Read This Book

Readers should be familiar with the following components and concepts:

Related Documentation

Related documentation is available as follows:

OpenSSO Enterprise Documentation Set

The following table describes the OpenSSO Enterprise documentation set.

Table P–1 OpenSSO Enterprise Documentation Set

Title 

Description 

Sun OpenSSO Enterprise 8.0 Release Notes

Describes new features, installation notes, and known issues and limitations. The Release Notes are updated periodically after the initial release to describe any new features, patches, or problems. 

Sun OpenSSO Enterprise 8.0 installation and Configuration Guide

Provides information about installing and configuring OpenSSO Enterprise including OpenSSO Enterprise server, Administration Console only, client SDK, scripts and utilities, Distributed Authentication UI server, and session failover. 

Sun OpenSSO Enterprise 8.0 Technical Overview

Provides an overview of how components work together to consolidate access control functions, and to protect enterprise assets and web-based applications. It also explains basic concepts and terminology. 

Sun OpenSSO Enterprise 8.0 Deployment Planning Guide

Provides planning and deployment solutions for OpenSSO Enterprise. 

Sun OpenSSO Enterprise 8.0 Administration Guide

Describes how to use the OpenSSO Enterprise Administration Console as well as how to manage user and service data using the command-line interface (CLI). 

Sun OpenSSO Enterprise 8.0 Administration Reference

Provides reference information for the OpenSSO Enterprise command-line interface (CLI), configuration attributes, log files, and error codes. 

Sun OpenSSO Enterprise 8.0 Developer’s Guide

Provides information about customizing OpenSSO Enterprise and integrating its functionality into an organization’s current technical infrastructure. It also provides details about the programmatic aspects of the product and its API. 

Sun OpenSSO Enterprise 8.0 C API Reference for Application and Web Policy Agent Developers

Provides summaries of data types, structures, and functions that make up the public OpenSSO Enterprise C APIs. 

Sun OpenSSO Enterprise 8.0 Java API Reference

Provides information about the implementation of Java packages in OpenSSO Enterprise. 

Sun OpenSSO Enterprise 8.0 Performance Tuning Guide

Provides information about how to tune OpenSSO Enterprise and its related components for optimal performance. 

Sun OpenSSO Enterprise Policy Agent 3.0 User’s Guide

Provides an overview of version 3.0 policy agents. 

Related Product Documentation

The following table provides links to documentation collections for related products.

Table P–2 Related Product Documentation

Product 

Link 

Sun Java System Directory Server 6.3 

http://docs.sun.com/coll/1224.4

Sun Java System Web Server 7.0 Update 3 

http://docs.sun.com/coll/1653.3

Sun Java System Application Server 9.1 

http://docs.sun.com/coll/1343.4

Sun Java System Message Queue 4.1 

http://docs.sun.com/coll/1307.3

Sun Java System Web Proxy Server 4.0.6 

http://docs.sun.com/coll/1311.6

Sun Java System Identity Manager 7.1 

http://docs.sun.com/coll/1514.3

Searching Sun Product Documentation

Besides searching Sun product documentation from the docs.sun.comSM web site, you can use a search engine by typing the following syntax in the search field:


search-term site:docs.sun.com

For example, to search for “broker,” type the following:


broker site:docs.sun.com

To include other Sun web sites in your search (for example, java.sun.com, www.sun.com, and developers.sun.com), use sun.com in place of docs.sun.com in the search field.

Related Third-Party Web Site References

Third-party URLs are referenced in this document and provide additional, related information.


Note –

Sun is not responsible for the availability of third-party web sites mentioned in this document. Sun does not endorse and is not responsible or liable for any content, advertising, products, or other materials that are available on or through such sites or resources. Sun will not be responsible or liable for any actual or alleged damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through such sites or resources.


Documentation, Support, and Training

The Sun web site provides information about the following additional resources:

Default Paths and Directory Names

The OpenSSO Enterprise documentation uses the following terms to represent default paths and directory names:

Table P–3 Default Paths and Directory Names

Term 

Description 

zip-root

Represents the directory where the opensso.zip file is unzipped.

OpenSSO-Deploy-base

Represents the deployment directory where the web container deploys the opensso.war file.

This value varies depending on the web container. To determine the value of OpenSSO-Deploy-base, view the file name in the .openssocfg directory, which resides in the home directory of the user who deployed the opensso.war file. For example, consider this scenario with Application Server 9.1 as the web container:

  • Application Server 9.1 is installed in the default directory: /opt/SUNWappserver.

  • The opensso.war file is deployed by super user (root) on Application Server 9.1.

The .openssocfg directory is in the root home directory (/), and the file name in .openssocfg is:

AMConfig_opt_SUNWappserver_domains_domain1_applications_j2ee-modules_opensso_

Then, the value for OpenSSO-Deploy-base is:

/opt/SUNWappserver/domains/domain1/applications/j2ee-modules/opensso

ConfigurationDirectory

Represents the name of the configuration directory specified during the initial configuration of OpenSSO Enterprise server instance using the Configurator. 

The default is opensso in the home directory of the user running the Configurator. Thus, if the Configurator is run by root, ConfigurationDirectory is /opensso.

Common Criteria Requirements for Administrators

Sun OpenSSO Enterprise 8.0 Update 1 conforms to the Common Criteria for Information Technology Security Evaluation (ISO/IEC 15408) at Assurance Level EAL4, provided that you follow the requirements listed in Chapter 1, Getting Started With OpenSSO Enterprise 8.0, in Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide. An OpenSSO Enterprise 8.0 Update 1 administrator performs tasks such as installing, configuring, and managing the product. This administrator must be trustworthy, non-hostile, appropriately trained, and willing to follow the following guidance documentation:


Caution – Caution –

A administrator must not use the OpenSSO Enterprise 8.0 Update 1 Administration Console or command-line utilities to modify the security functionality of OpenSSO Enterprise 8.0 Update 1. Otherwise, OpenSSO Enterprise 8.0 Update 1 will not conform to the Common Criteria evaluated level.


Sun Welcomes Your Comments

Sun is interested in improving its documentation and welcomes your comments and suggestions.

To share your comments, go to http://docs.sun.com and click Send Comments. In the online form, provide the document title and part number. The part number is a seven-digit or nine-digit number that can be found on the title page of the book or at the top of the document.

For example, the title of this book is Sun OpenSSO Enterprise 8.0 Administration Reference, and the part number is 820–3886.