To Enable CDSSO and Cookie Hijacking Prevention
in the Web Policy Agent
-
Enable CDSSO for the Centralized Mode policy agent profile.
-
Log in to the OpenSSO Enterprise server as an administrator.
-
In the OpenSSO Enterprise administration console, go to Realm > Agents > Web Agents > Agent_Name > SSO.
-
Enable the property Cross Domain SSO.
-
Set the value for the CDSSO Servlet URL.
Example:
lb2_server_protocol://lb2_server.hostname:lb2_server.port/server-deployment-uri/cdservlet
-
-
Enable CDSSO for the Local Mode policy agent profile:
Edit OpenSSOAgentConfiguration.properties and set CDSSO related parameters. Example:
com.sun.identity.agents.config.cdsso.enable = true com.sun.identity.agents.config.cdsso.cdcservlet.url[0] = lb2_server_protocol://lb2_server.hostname: lb2_server.port/server-deployment-uri/cdcservlet
-
Enable Cookie Hijacking Prevention in the OpenSSO Enterprise server.
-
Log in OpenSSO Enterprise server as an administrator.
-
In the OpenSSO Enterprise administration console, go to Configuration >Sites and Server >Default server settings > Advanced and set the following properties:
com.sun.identity.enableUniqueSSOTokenCookie=true com.sun.identity.authentication.uniqueCookieName=sunIdentityServerAuthNServer com.sun.identity.authentication.uniqueCookieDomain= server domain
-
Go to Configuration > System > Platform .
Remove server domain and add the server host name.
Caution – If OpenSSO Enterprise is deployed behind a load balancer, then in step 3c, do not use the OpenSSO server host name. Instead, be sure to use the load balancer host name.
-
- © 2010, Oracle Corporation and/or its affiliates