Deployment Example: SAML v2 Using Sun OpenSSO Enterprise 8.0

ProcedureTo Install and Configure Web Policy Agent on Protected Resource 1

Before You Begin

The JAVA_HOME environment variable should be set to /opt/SUNWwbsvr/jdk/jre.

  1. As a root user, log into the host machine.

  2. Create a directory into which you can download the Web Server agent bits and change into it.

    # mkdir /export/WebPA1
    # cd /export/WebPA1
  3. Create a text file that contains the Agent Profile password.

    The Web Policy Agent installer requires this for installation.

    # cat > agent.pwd
    Hit Control D to terminate the command
  4. Download the web policy agent for Web Server from

    # ls -al
    total 7512
    drwxr-xr-x   2 root     root         512 Jul 24 14:48 .
    drwxr-xr-x  11 root     root         512 Jul 24 14:41 ..
    -rw-r--r--   1 root     root          10 Jul 24 14:42 agent.pwd
    -rw-r--r--   1 root     root           9 Jul 24 14:42 agentadm.pwd
    -rw-r--r--   1 root     root     3826794 Jul 24 14:48
  5. Unzip the downloaded file.

    # unzip
  6. Run the agent installer.

    # cd /export/WebPA1/web_agents/sjsws_agent/bin
    # ./agentadmin --custom-install
  7. When prompted, do the following.

    Please read the following License 
    Agreement carefully:

    Press Enter and continue to press Enter until you have reached the end of the License Agreement. 

    Do you completely agree with all the terms and 
    conditions of this License Agreement (yes/no): [no]:

    Type yes and press Enter.

    Enter the Sun Java System Web Server Config 
    Directory Path [/var/opt/SUNWwbsvr7/]:

    Type /opt/SUNWwbsvr/ and press Enter.

    Enter the OpenSSO Enterprise URL 
    including the deployment URI 

    Type and press Enter.

    Enter the Agent URL: 

    Type and press Enter.

    Enter the Encryption Key

    Accept the default value. 

    Enter the Agent profile name 

    Type webagent-1 and press Enter.

    Enter the path to a file that contains the 
    password to be used for identifying the Agent.

    Type /export/WebPA1/agent.pwd and press Enter.

    Note –

    A warning message is displayed regarding the existence of the agent profile.

    Sun Java System Web Server Config Directory :
    OpenSSO Server URL :
    Agent URL :
    Encryption Key :
    Agent Profile name : webagent-1
    Agent Profile Password file name :
    Agent Profile will be created right now by 
     agent installer : true
    Agent Administrator : amadmin
    Agent Administrator's password file name :
    Verify your settings above and decide from 
    the choices below.
      1. Continue with Installation
      2. Back to the last interaction
      3. Start Over
      4. Exit
    Please make your selection [1]:

    Type 1 and press Enter.

  8. Restart the Web Server 1 instance.

    # cd /opt/SUNWwbsvr/ 
    # ./stopserv; ./startserv 
    server has been shutdown
    Sun Java System Web Server 7.0U3 B06/16/2008 12:00
    info: CORE3016: daemon is running as super-user
    info: CORE5076: Using [Java HotSpot(TM) Server VM, Version 1.5.0_15]
    from [Sun Microsystems Inc.]
    info: HTTP3072: http-listener-1: ready to
    accept requests
    info: CORE3274: successful server startup
  9. Verify that the Web Policy Agent was successfully created in OpenSSO Enterprise using the following sub procedure.

    1. Access from a web browser.

    2. Log in to the OpenSSO Enterprise console as the administrator.

      User Name:




    3. Under the Access Control tab, click / (Top Level Realm).

    4. Click the Agents tab.

      By default, the Web tab is displayed. You should see webagent-1 under the Agent table.

    5. Click webagent-1.

      The webagent-1 properties page is displayed.

    6. Log out of the console and close the browser.

  10. Remove the password files.

    # cd /export/WebPA1
    # rm agent.pwd
    # rm agentadm.pwd
  11. Log out of the host machine.