Deployment Example: SAML v2 Using Sun OpenSSO Enterprise 8.0

ProcedureTo Configure OpenSSO Enterprise 1

  1. Access from a web browser.

    The OpenSSO Enterprise Configurator page is displayed for first time access.

  2. Select Create New Configuration under Custom Configuration on the Configurator page.

    The OpenSSO Enterprise Custom Configuration Wizard is displayed.

  3. Provide the following information for the Default User [amAdmin] in Step 1: General and click Next.





  4. Accept the default values in Step 2: Server Settings and click Next

  5. Do the following in Step 3: Configuration Store and click Next

    1. Select First Instance.

    2. Select Embedded DS as the configuration data store.

    3. Accept the default values for the Port, Encryption Key, and Root Suffix fields.

  6. Select Remote Directory in Step 4: User Store Settings, provide the following information and click Next

    SSL Enabled

    Check the box.

    Directory Name



    Root Suffix



    Store Type

    Select Generic LDAP.

  7. Select No in Step 5: Site Configuration and click Next.

  8. Provide the following information for the Default Agent User [amldapuser] in Step 6: Default Agent User and click Next.





  9. Click Create Configuration on the Summary page.

    The Configuration Complete page is displayed after configuration is completed.

  10. Click Proceed to Login on the Configuration Complete page.

  11. Log in to the OpenSSO Enterprise console as the administrator.

    User Name:




    If authentication succeeds and the OpenSSO Enterprise console is displayed, OpenSSO Enterprise has successfully accessed the embedded configuration data store.

  12. (Optional) To verify that the config directory and the supporting bootstrap directory have been created with the proper permissions, do the following.

    1. As a root user, log in to the host machine.

    2. Examine the file system.

      # cd /export/osso80adm
      # ls -al
      total 130556
      drwxr-xr-x   8 osso80adm staff        512 Sep  6 19:32 .
      drwxr-xr-x  14 root      sys          512 Sep  6 09:07 ..
      -rw-r--r--   1 osso80adm staff         70 Sep 27 14:01 .asadminpass
      -rw-------   1 osso80adm staff       1527 Sep  6 18:27 .asadmintruststore
      -rw-r--r--   1 osso80adm staff        144 Sep 11 17:02 .profile
      drwx------   3 osso80adm staff        512 Sep 24 11:20 .sunw
      drwxr-xr-x   4 osso80adm staff        512 Sep  6 19:34 config
      drwxr-xr-x   4 osso80adm staff        512 Sep  6 18:26 domains
      -rw-r--r--   1 osso80adm staff        136 Sep 11 17:02 local.cshrc
      -rw-r--r--   1 osso80adm staff        157 Sep 11 17:02 local.login
      -rw-r--r--   1 osso80adm staff        174 Sep 11 17:02 local.profile

      The config directory was created and is owned by non-root user osso80adm.

    3. Log out of the host machine.