OpenSSO Enterprise 8.0 Requirements

File system 

If you plan to use the OpenSSO configuration data store, you must deploy OpenSSO Enterprise on a local file system and not on an NFS-mounted file system. The OpenSSO configuration data store, which is deployed with OpenSSO Enterprise, is not supported on an NFS-mounted file system. 

Web container 

One of the following web containers must be running on the host server where you plan to deploy OpenSSO Enterprise: 

• Sun Java System Application Server 9.1 Update 1 or Update 2

• GlassFish Application Server V2 UR1 or UR2

• Sun Java System Web Server 7.0 Update 3

• Apache Tomcat 6.0.18 (or later)

• Oracle WebLogic Server 10

• Oracle WebLogic Server 9.2 MP2

• Oracle Application Server 10g, version 10.1.3.x

• IBM WebSphere Application Server 6.1

• Apache Geronimo Application Server 2.1.2 (with Tomcat on Solaris systems only)

• JBoss Application Server 4.x

Note: These web container versions and any subsequent updates to the version are supported.

For more information about supported versions and open issues for each web container, see the Sun OpenSSO Enterprise 8.0 Release Notes.

Configuration Data Store 

OpenSSO Enterprise requires a data store for its configuration data, which you select when you run the GUI or command-line Configurator: 

• OpenSSO data store

  If you deploying OpenSSO Enterprise in a multiple server deployment, each OpenSSO Enterprise instance must share the same configuration data store.

  The OpenSSO configuration data store is not supported on an NFS-mounted file system.

• Sun Java System Directory Server

User Data Store 

OpenSSO Enterprise also requires a data store for its user data: 

• Sun Java System Directory Server

  If you are deploying multiple OpenSSO Enterprise instances in a multiple server deployment, all instances must access the same Directory Server.

• Microsoft Active Directory

• IBM Tivoli Directory Server

• OpenSSO data store

  Note: Storing user data in the OpenSSO data store is recommended only for prototype, proof of concept (POC), or developer deployments that have a small number of users. It is not recommended for production deployments.

Password encryption key 

If you deploying OpenSSO Enterprise in a multiple server deployment, you must use the same password encryption key value for each OpenSSO Enterprise instance. 

Copy the encryption key value from the first instance and then use this value when you configure each additional instance. 

Web container runtime user permissions 

If the runtime user of the OpenSSO Enterprise web container instance is a non-root user, this user must be able to write to its own home directory. 

For example, if you are installing Sun Java System Web Server, the default runtime user for the Web Server instance is webservd. On Solaris systems, the webservd user has the following entry in the /etc/passwd file:

webservd:x:80:80:WebServer Reserved UID:/:

The webservd user does not have permission to write to its default home directory (/). Therefore, you must change the permissions to allow the webservd user to write to its default home directory. Otherwise, the webservd user will encounter an error after you configure OpenSSO Enterprise using the Configurator.

Mode 

OpenSSO Enterprise is always deployed in Realm Mode.