Using the HTTP Binding Component

Configure the HTTP Binding Component to use OpenSSO Web Service Security

With OpenSSO Enterprise Server installed, you can now configure the HTTP Binding Component to use the OpenSSO WSS Agent. The OpenSSO WSS Agent file contains the client configuration AMConfig.properties, and OpenSSO ClientSDK, that allow web service providers and clients to easily integrate, to validate and secure web service communications.

  1. Download openssowssproviders.zip. This file is available from http://download.java.net/general/opensso/stable/opensso-build6/openssowssproviders.zip, or you can go to the OpenSSO Downloadpage and click WSS Agent to download the zip file.

  2. Create a directory, such as /GlassFishESB/WSSAgent_OpenSSO/, and extract the contents of the openssowssproviders.zip file into it.

  3. From the NetBeans Services window, make sure that the GlassFish server is started. If not, right-click GlassFish and choose Start from the pop-up menu.

  4. Open the HTTP Binding Component Properties. To do this, expand Servers -> GlassFish -> JBI -> Binding Components in the Services window, right-click sun-http-binding and select Properties from the pop-up menu.

    The HTTP Binding Component Properties Editor appears.

  5. Configure the Sun Access Manager Classpath property to point to the following JAR files that you extracted to the WSSAgent_OpenSSO directory:

    • openssoclientsdk.jar

    • openssowssproviders.jar

    Note that the two files must be separated by a comma.

    Image shows the HTTP Binding Component Properties Editor
as described in context
  6. Configure the Sun Access Manager Configuration Directory property to point to the directory that contains the the AMConfig.properties file. This is located in the ./resources directory extracted to the WSSAgent_OpenSSO directory.

    Image shows the Sun Access Manager Configuration Directory
property custom editor, as described in context
  7. Modify the AMConfig.properties file as needed to connect to OpenSSO Enterprise Server. At a minimum, the following properties must be configured:


    com.iplanet.am.naming.url=@PROTOCOL@:
       //@SERVER_HOST@:@SERVER_PORT@/@DEPLOY_URI@/namingservice
    com.sun.identity.agents.app.username=@APPLICATION_USER@
    com.iplanet.am.service.password=@APPLICATION_PASSWD@
    am.encryption.pwd=@ENCRYPTION_KEY@
    com.iplanet.am.server.protocol=@SERVER_PROTOCOL@
    com.iplanet.am.server.host=@SERVER_HOST@
    com.iplanet.am.server.port=@SERVER_PORT@
    com.iplanet.am.services.deploymentDescriptor=@DEPLOY_URI@
    com.sun.identity.loginurl=@SERVER_PROTOCOL@://@SERVER_HOST@:
       @SERVER_PORT@/@DEPLOY_URI@/UI/Login
    com.sun.identity.liberty.authnsvc.url=@SERVER_PROTOCOL@://
       @SERVER_HOST@:@SERVER_PORT@/@DEPLOY_URI@/Liberty/authnsvc
  8. Restart GlassFish and HTTP BC and test the modifications.