Configuring the Distributed Authentication UI Server
OpenSSO Enterprise includes the Distributed Authentication UI server Configurator (distAuthConfigurator.jsp) to configure a Distributed Authentication UI server after you deploy the WAR file.
Default values. The default values for the Distributed Authentication UI server protocol, host, port, and deployment URI will be based on the URL used to access the Distributed Authentication UI server WAR file. For example, if you use http://distauth.example.com:8080/openssoDistAuth to access the Configurator, the protocol will be http, the host will be distauth.example.com, the port will be 8080, and the deployment URI will be /openssoDistAuth.
To Configure the Distributed Authentication UI Server
-
Make sure that the Distributed Authentication UI server web container is running.
-
Launch the Distributed Authentication UI server WAR file using the following URL:
protocol://host.domain:port/distauth_uri
For example: http://distauth.example.com:8080/openssoDistauth
If the Distributed Authentication UI server is not already configured, you will be directed to the Configurator (distAuthConfigurator.jsp) page. (If the Distributed Authentication UI server is already configured, you will be directed to the login page.)
-
On the Configurator page, specify the following information:
-
Server Protocol is the OpenSSO Enterprise server protocol: http or https. Default: http
Note: If the Distributed Authentication UI Server is being configured to use an SSL-enabled OpenSSO Enterprise server, you must import the root CA certificate for the server certificate on the OpenSSO Enterprise server into the trust store of the web container JVM on which the Distributed Authentication UI Server is being deployed. After you import the certificate, restart the web container instance.
-
Server Host is the fully qualified host name of the system where OpenSSO Enterprise server is deployed.
-
Server Port is the OpenSSO Enterprise server port number. Default: 8080
-
Server Deployment URI is the URI prefix for accessing the HTML pages, classes, and JAR files associated with OpenSSO Enterprise server.
-
DistAuth Server Protocol is the protocol (http or https) used by the Distributed Authentication UI server web container. Default: http
-
DistAuth Server Host is the fully qualified host name where the Distributed Authentication UI server is deployed.
-
DistAuth Server Port is the port number on DistAuth Server Host where the Distributed Authentication UI server is deployed. Default: 80
-
DistAuth Server Deployment URI is the deployment URI that will be used on the host by the Distributed Authentication UI server.
-
DistAuth Cookie Name is the cookie name used on the host by the Distributed Authentication UI server.
-
Debug directory is the directory where the debug files will be created.
-
Debug level is the level for the debug service. Values can be: error, warning, message or off. Default: error
-
Encryption Key is the password encryption key.
-
Application user name is the user name for the Distributed Authentication UI server application. For example: UrlAccessAgent
-
Application user password is the password of the user for the application.
-
Confirm Application user password is confirmation for the password.
-
-
After you have specified all configuration values (or accepted the default values), click Configure.
(Or, to reset all values, click Reset.)
Next Steps
After the configuration finishes, you will get a message showing the location of the AMDistAuthConfig.properties configuration file. This file is created in the home directory of the runtime user who owns the web container instance on which the Distributed Authentication UI WAR file is deployed.
Important: It is highly recommended that you change the permissions of this configuration file to limit access to the sensitive configuration information.
- © 2010, Oracle Corporation and/or its affiliates