Skip Headers
Oracle® OpenSSO STS Administrator's Guide
Release 11gR1. Version 11.1.1.3.0
Part Number E17844-01
Home
Contact Us
Next
View PDF
Contents
List of Examples
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
Part I Installation
1
Installing OpenSSO Security Token Service
1.1
Meeting the System Requirements
1.2
Installing a Web Container
1.2.1
Using Oracle WebLogic Server
1.2.2
Using GlassFish Application Server
1.3
Installing the OpenSSO STS Server
1.3.1
Downloading the OpenSSO STS WAR
1.3.2
Unpacking openssosts.war
1.3.3
Deploying the OpenSSO STS WAR File
1.3.4
To Deploy the OpenSSO STS WAR
1.3.4.1
Deploying openssosts.war on Oracle WebLogic Application Server
1.3.4.2
Deploying openssosts.war GlassFish Version 3
1.4
Configuring OpenSSO STS Using the Command-Line Configurator
1.4.1
Before You Begin
1.4.2
Installing the Command-Line Configurator
1.4.2.1
To Install the Command-Line Configurator
1.4.3
To Configure the OpenSSO STS Server
1.4.3.1
OpenSSO STS Configuration Parameters For the Command-Line Configurator
1.4.3.2
User Data Store Parameters
1.4.4
To Configure Multiple OpenSSO STS Servers with Identical Configuration Settings
1.5
Configuring the OpenSSO STS Administrator Password
1.6
Installing the OpenSSO STS Command-Line Utility
1.6.1
To Install the ssoadm Command-Line Utility
1.7
Uninstalling the OpenSSO STS Server
1.7.1
To Uninstall the OpenSSO STS Server
1.7.2
To Uninstall the OpenSSO STS Utilities and Scripts
Part II Basic Server Administration
2
Overview of OpenSSO Security Token Service
2.1
About OpenSSO STS
2.1.1
The OpenSSO Security Token Service
2.1.2
OpenSSO STS as a Web Service Security Provider
2.1.3
OpenSSO STS Agent Profiles
2.2
Common Uses for OpenSSO STS
2.2.1
Stand-Alone Security Token Service
2.2.2
Web Services Security Provider
2.3
Single-Realm Administration Console
3
Getting Started Using the OpenSSO STS Console
3.1
Logging In to the OpenSSO STS Console
3.2
First-Time Login Configuration
3.2.1
To Configure the OpenSSO STS Application
3.3
About the Single-Realm OpenSSO STS Console
4
Managing the Security Token Service
4.1
About the OpenSSO Security Token Service
4.1.1
Security Token Generation Process Flow
4.1.2
Supported Security Tokens and Security Mechanisms
4.1.3
Supported Standards
4.1.4
Leveraging Dynamic Policy For OpenSSO STS WSDL
4.2
To Configure the Security Token Service
4.3
Generating Security Tokens
4.3.1
Using the Security Token Generation Matrix
4.3.1.1
Token Generation Matrix Legend
4.3.2
To Read the Security Token Generation Matrix
4.3.2.1
Example: Using the Token Generation Matrix
4.4
To Register a Web Service Provider to OpenSSO STS
4.5
To Configure a Web Service Provider
4.6
To Register a WS-Trust Client
5
Configuring OpenSSO STS System Properties
5.1
Managing OpenSSO STS Servers
5.1.1
To Edit the Default OpenSSO STS Server Settings
5.1.2
To Add a New OpenSTS Server
5.1.3
To Configure an OpenSSO STS Server
5.1.3.1
To Configure OpenSSO STS Server General Properties
5.1.3.2
To Configure OpenSSO STS Server Security Properties
5.1.3.3
To Configure OpenSSO STS Server Session Properties
5.1.3.4
To Configure OpenSSO STS Server SDK Properties
5.1.3.5
To Configure OpenSSO STS Server Directory Configuration Properties
5.1.3.6
To Configure OpenSSO STS Server Advanced Properties
5.1.4
To Clone an OpenSSO STS Server
5.2
Managing OpenSSO STS Sites
5.2.1
To Add a New OpenSSO STS Site
5.2.2
To Configure an OpenSSO STS Site
5.2.3
To Delete an OpenSSO STS Site
5.3
Managing User Data Stores
5.3.1
To Add a New User Data Store
5.3.2
To Delete a User Data Store
5.4
Configuring Global Platform Attributes
6
Managing the OpenSSO STS Authentication Service
6.1
Configuring Global Authentication Service Properties
6.1.1
To Configure Active Directory Authentication Service Attributes
6.1.2
To Configure Certificate Authentication Service Realm Attributes
6.1.3
To Configure Core Authentication Service Attributes
6.1.4
To Configure Data Store Authentication Service Attributes
6.1.5
To Configure Federation Authentication Service Attributes
6.1.6
To Configure JDBC Authentication Service Realm Attributes
6.1.7
To Configure LDAP Authentication Service Realm Attributes
6.1.8
To Configure OAMAuth Authentication Service Realm Attributes
6.1.9
To Configure WSSAuth Authentication Service Attributes
6.2
Configuring the Authentication Service Realm
6.2.1
To Configure the Authentication Realm
6.3
Managing Authentication Module Instances
6.3.1
To Add a New Active Directory Module Instance
6.3.2
To Configure an Active Directory Authentication Module Instance
6.3.3
To Add a New Certificate Authentication Module Instance
6.3.4
To Configure a Certificate Authentication Module Instance
6.3.5
To Add a New Data Store Authentication Module Instance
6.3.6
To Configure a Data Store Authentication Module Instance
6.3.7
To Add and Configure a New Federation Authentication Module Instance
6.3.8
To Add a New JDBC Authentication Module Instance
6.3.9
To Configure a JDBC Authentication Module Instance
6.3.10
To Add an New LDAP Authentication Module Instance
6.3.11
To Configure an LDAP Authentication Module Instance
6.3.12
To Add a New Oracle Authentication Module Instance
6.3.13
To Configure an Oracle Authentication Module Instance
6.3.14
To Add a New Web Service Security Authentication Module Instance
6.3.15
To Configure a WSSAuth Authentication Module Instance
6.3.16
To Delete an Authentication Module Instance
6.4
Managing Authentication Chains
6.4.1
To Create a New Authentication Chain
6.4.2
To Delete an Authentication Chain
7
Using the Logging Service
7.1
About the Logging Service
7.1.1
Log Records
7.1.2
Error Logs and Access Logs
7.1.3
Log File Formats
7.1.3.1
Flat File Format
7.1.3.2
Relational Database Format
7.2
Configuring Global Logging Attributes
7.2.1
To Configure Global Logging Attributes
7.3
Using OpenSSO STS Component Logs
7.4
Using Secure Logging
7.4.1
To Enable Secure Logging through a JSS Provider
7.4.2
To Change from a JCE Provider to a JSS Provider
7.5
Using Database Logging
7.5.1
To Enable Database Logging
8
Deploying OpenSSO STS with Other Oracle Products
8.1
Configuring Administrator Single Sign-On with Oracle Access Manager
8.1.1
To Configure Administrator Single Sign-On with Oracle Access Manager
8.2
Configuring OpenSSO STS to Work with Oracle Internet Directory and Oracle Virtual Directory
8.2.1
To Configure Oracle Internet Directory or Oracle Virtual Directory for User Authentication
8.2.2
To Configure SAML Attribute Generation and Retrieval
Part III Appendixes
A
Using the ssoadm Command-Line Interface
A.1
About ssoadm
A.2
Basic ssoadm Usage
A.2.1
ssoadm Syntax
A.2.2
Password File
A.2.3
ssoadm Usage Example
A.2.4
Displaying Options for an ssoadm Subcommand
A.2.5
ssoadm Subcommand Usage
A.3
Command-Line Reference
ssoadm Commands
B
Debugging and Troubleshooting OpenSSO STS
B.1
Debugging OpenSSO STS
B.2
Troubleshooting OpenSSO STS Issues