Before you configure a Distributed Authentication UI server WAR file, on the OpenSSO Enterprise sserver, create a user who has the “Read and write access to all realm and policy properties” privilege. You will specify this user (and password) when you run the Configurator (distAuthConfigurator.jsp) to configure the WAR file.
Log in to the OpenSSO server administration console as amadmin.
Click Access Control, the default realm, and then Subjects.
Create a new user. For example: dauser
Create a new group. For example: dagroup
Add the new user to the new group.
Click Privileges and then the link for the new group.
Select the "Read and write access to all realm and policy properties" privilege and click Save.