Deployment Example: Single Sign-On, Load Balancing and Failover Using Sun OpenSSO Enterprise 8.0

ProcedureTo Configure Distributed Authentication User Interface 2

  1. Access http://da-2.example.com:1080/distAuth from a web browser.

    The Configurator page is displayed the first time the Distributed Authentication User Interface is accessed.

  2. Provide the following configuration information and click Configure.

    Server Protocol 

    https

    Server Host 

    lb-2.example.com

    Server Port 

    1081

    Server Deployment URI 

    opensso

    distAuth Server Protocol

    http

    distAuth Server Host

    da-2.example.com

    distAuth Server Port

    1080

    distAuth Server Deployment URI

    /distAuth

    distAuth Server Cookie Name

    AMDistAuthCookie

    Debug Directory 

    /export/da80adm/Debug

    Debug level 

    error

    Encryption Key 

    Accept the default value. 

    Application User Name 

    authuiadmin

    Application User Password 

    authuiadmin

    Confirm Application User Password 

    authuiadmin

    These values will configure the Distributed Authentication User Interface web application to communicate with OpenSSO Enterprise through Load Balancer 2. You see the following message after a successful configuration.


    DistAuth application is successfully configured.
    AMDistAuthConfig.properties created at /export/da80adm/AMDistAuthConfig.properties
    
    Click here to go to login page.
  3. Access http://da-2.example.com:1080/distAuth/UI/Login?goto=http://da-2.example.com:1080 from a web browser.

  4. Log in to the Distributed Authentication User Interface as testuser1.

    Username

    testuser1

    Password

    password

    After successful authentication, you should be redirected to the index page for the Web Server instance in which the Distributed Authentication User Interface is deployed. This confirms that the Distributed Authentication User Interface has authenticated to OpenSSO Enterprise using the load balancer's secure channel.


    Caution – Caution –

    You may click the login link after configuration of the Distributed Authentication User Interface. If you do and provide valid administrator credentials you will get an error page indicating that the requested object does not exist on this server. This is because the success login URL configured on OpenSSO Enterprise is a relative URL.