Before you install and configure OpenSSO Enterprise, here are a few changes to consider:
You install OpenSSO Enterprise from the opensso.war file, using the web container administration console or deployment command. You no longer run a standalone installer.
You initially configure OpenSSO Enterprise using the GUI or command-line Configurator. Then, to perform additional configuration, you use either the Administration Console or command-line utilities such as the new ssoadm utility. You no longer run the amconfig script with the amsamplesilent file.
Configuration data, including policy agent configuration data, is stored in a centralized repository. This repository can be either Sun Java System Directory Server or the OpenSSO data store (which is usually transparent to the user). OpenSSO Enterprise does not use the AMConfig.properties or serverconfig.xml files, except for co-existence with previous versions of Access Manager.
To install and configure an instance of OpenSSO Enterprise server, follow these general steps:
Check the Sun OpenSSO Enterprise 8.0 Release Notes for any recent issues or updates to the release.
If necessary, install, configure, and start one of the supported web containers listed in Table 1–1.
Download and unzip the opensso_enterprise_80.zip file from the following site:
OpenSSO Enterprise 8.0 patch releases are available as patch ID 141655 on http://sunsolve.sun.com/.
For information about installing a patch release, see Chapter 23, Patching OpenSSO Enterprise 8.0.
Deploy the opensso.war file to the web container, using the web container administration console or deployment command.
For the detailed steps, see Chapter 3, Installing OpenSSO Enterprise.
Run either the GUI or command-line Configurator.
To run the GUI Configurator, enter the following URL in your browser:
For example: http://opensso.example.com:8080/opensso
If you are running the GUI Configurator, enter values in the Configurator fields or accept the default value for some fields. The Configurator has two configuration options:
The Default Configuration option requires you to enter only the OpenSSO Enterprise administrator (amAdmin) and default policy agent (UrlAccessAgent) passwords. The Configurator then uses default values for the other configuration options.
Use the Default Configuration for development environments or simple demonstration purposes when you just want to evaluate OpenSSO Enterprise features.
The Custom Configuration option allows you to enter specific configuration values for your deployment (or accept the default values).
Use the Custom Configuration for production and more complex environments. For example, a multi-server installation with several OpenSSO Enterprise instances behind a load balancer.
Launch OpenSSO Enterprise using the specific web container console or deployment command, or by specifying the URL from Step 4 in your browser.
Login to the Console as the OpenSSO Enterprise administrator (amAdmin) using the password you specified when you ran the Configurator.
To make additional configuration changes to your deployment, use the OpenSSO Enterprise Administration Console or the ssoadm command-line utility. For information, refer to the Administration Console Online Help or the Sun OpenSSO Enterprise 8.0 Administration Reference.
Depending on your security requirements, consider making a snapshot of your deployment using the OpenSSO Diagnostic Tool. Then, you can run the Tamper Detection test periodically to very the integrity of your deployment. For more information, see Chapter 7, Running the OpenSSO Diagnostic Tool.