Documentation Home
> Oracle OpenSSO 8.0 Update 2 Release Notes
Oracle OpenSSO 8.0 Update 2 Release Notes
Book Information
Preface
Chapter 1 About OpenSSO 8.0 Update 2
What's New in OpenSSO 8.0 Update 2
Security Token Service Enhancements
Fedlet Enhancements
Bugs Fixed in This Release
Hardware and Software Requirements For OpenSSO 8.0 Update 2
OpenSSO 8.0 Update 2 Issues and Workarounds
General Security Advisory
CR 6959610: OpenSSO 8.0 Update 2 samples should be removed in production environment
CRs 6944573, 6964648: New Java security permissions are required for WebLogic Server 10.3.3
CR 6939443: Certificate authentication with LDAP checking or OCSP checking fails on WebLogic Server 10.3.x
CR 6960514: Cannot access authentication certificates
To Configure JDBC Authentication with Oracle Database
To Manually Configure NSS on OpenSSO
CR 6967026: Configurator cannot connect to LDAPS-enabled directory server
CR 6948937: Activating OpenSSO 8.0 Update 2 in WebLogic Server 10.3.3 admin console causes exceptions
CR 6956461:SecurID authentication fails on IBM WebSphere Application Server
CR 6959373: Web container requires a restart after running updateschema script
CR 6961419: Running updateschema.bat script requires a password file
CR 6970859: Browser scroll feature does not work
Deploying OpenSSO 8.0 Update 2 on JBoss 5.0
To Deploy OpenSSO on JBoss 5.0
CR 6971437 : OpenSSO 8.0 Update 2 loses configuration after restart of JBoss Application Server 5.0.0.0
CR 6972593: Java Oracle OpenSSO Fedlet single sign-on (SSO) fails on JBoss AS 5.0.x
SR 72335286 and CR 6929674: LDAP Referrals Do Not Work as Expected
OpenSSO 8.0 Update 2 Documentation
Documentation Issues
CR 6958580: Console online Help documents unsupported Discovery Agents
CR 6967006 Console online Help does not document OAMAuth and WSSAuth authentication modules
CR 6953582: Fedlet Java API reference should be public
CR 6953579: OpenSSO Fedlet README file should document single logout feature
CR 6960630: Information for patching a specialized OpenSSO WAR should be revised
Additional Information and Resources
Deprecation Notifications and Announcements
How to Report Problems and Provide Feedback
Accessibility Features for People With Disabilities
Related Third-Party Web Sites
Chapter 2 OpenSSO 8.0 Update 2 Patch Releases
OpenSSO 8.0 Update 2 Patch 1
Known Issues in OpenSSO 8.0 Update 2 Patch 1
CR 6978018: Running OpenSSO 8.0 in GlassFish 2.1.x using LDAPS with JDK 1.6.x
CR 7002787: OpenSSO 8.0 Update 2 is not working with Active Directory Data Store
CR 6897101: After a login to a non-default realm, user experiences multiple logins after a timeout
CR 6983035: Remote console with OpenSSO server returns errors after a session timeout
CR 6983026: Remote console with OpenSSO server causes errors when modifying Federation or SAML v2 attributes requiring the certificate keystore
CR 6995584: “Post-Authentication Plug-In for First Time Login” sample requires OpenSSO 8.0 Update 1 or later
Chapter 3 Installing OpenSSO 8.0 Update 2
OpenSSO 8.0 Update 2 Installation Overview
OpenSSO 8.0 Update 2 Patches
Planning Your Patch Operation
To Plan Your Patch Operation for OpenSSO 8.0
Overview of the ssopatch Utility
Installing the ssopatch Utility
To Install the ssopatch Utility
Backing Up an OpenSSO WAR File
Running the ssopatch Utility
To run the ssopatch utility, follow this usage:
Comparing an OpenSSO WAR File to Its Internal Manifest
To Compare an OpenSSO WAR File to Its Internal Manifest
Comparing Two OpenSSO WAR Files
To Compare Two OpenSSO WAR Files
Patching an OpenSSO WAR File
To Create a Staging Area to Patch an OpenSSO WAR File
Creating an OpenSSO WAR Manifest File
To Create an OpenSSO WAR Manifest File
Patching a Specialized OpenSSO WAR
To Patch a Specialized OpenSSO WAR
Running the updateschema Script
Before You Begin
To Run the updateschema Script
Backing Out a Patch Installation
Chapter 4 Using the Security Token Service
Adding a WSSAuth Authentication Module
To Add a New Web Service Security Authentication Module Instance
To Configure a WSSAuth Authentication Module Instance
Adding an OAMAuth Authentication Module
To Add a New Oracle Authentication Module Instance
To Configure an Oracle Authentication Module Instance
Generating Security Tokens
Registering a Web Service Provider to OpenSSO STS
Requesting a Web Service Client Security Token from OpenSSO STS
Using the Security Token Generation Matrix
Chapter 5 Using the Oracle OpenSSO Fedlet
About the Oracle OpenSSO Fedlet
Requirements for the Oracle OpenSSO Fedlet
Oracle OpenSSO Fedlet Configuration
To Configure the Java Fedlet
To Configure the .NET Fedlet
New Features for the Fedlet in OpenSSO 8.0 Update 2
Fedlet Version Information (CR 6941387)
Java Fedlet Password Encryption and Decryption (CR 6930477)
Java Fedlet Support for Signing and Encryption
To Configure the Java Fedlet for Signing and Encryption
Java Fedlet Support for Attribute Query (CR 6930476)
To Configure the Java Fedlet for Attribute Query
.NET Fedlet Encryption and Decryption of Requests and Responses (CR 6939005)
To Configure the .NET Fedlet for Encryption and Decryption of Requests and Responses
.NET Fedlet Signing of Requests and Responses (CR 6928530)
To Configure the .NET Fedlet for Signing of Requests and Responses:
.NET Fedlet Single Logout (CR 6928528 and CR 6930472)
To Configure a .NET Fedlet Service Provider Application for Single Logout:
.NET Fedlet Service Provider Initiated Single Sign-on (CR 6928525)
.NET Fedlet Support for Multiple Identity Providers and Discovery Service (CR 6928524)
To Configure the .NET Fedlet for Multiple Identity Providers
.NET Fedlet Support for the Identity Provider Discovery Service (CR 6928524)
To Configure the .NET Fedlet to Use the Identity Provider Discovery Service:
Documentation Errata
Chapter 6 Integrating the OpenSSO 8.0 Update 2 with Oracle Access Manager
Overview of Integration Steps
Before You Begin
Unpacking the Integration Bits
Building Source Files for Oracle Access Manager in OpenSSO
To Build the Source Files for Oracle Access Manager
(Optional) Build an Authentication Scheme for OpenSSO in Oracle Access Manager
To Build an Authentication Scheme for OpenSSO in Oracle Access Manager
Configuring Single Sign-On Using Oracle Access Manager and Oracle OpenSSO STS
To Configure Single Sign-On Using Oracle Access Manager and Oracle OpenSSO 8.0 Update 2
To Test Single Sign-On
(Optional) Installing of Oblix AuthScheme into Oracle Access Manager
Integrating the OpenSSO 8.0 Update 2 with Oracle Access Manager
© 2010, Oracle Corporation and/or its affiliates