Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide

Chapter 11 Installing the OpenSSO Enterprise Console Only

This chapter describes how to install only the Sun OpenSSO Enterprise Administration Console, including:

Requirements to Deploy Only the Console

To deploy only the Administration Console, your deployment must meet the following requirements:

You must deploy the Console to a supported web container, as listed in the OpenSSO Enterprise 8.0 Requirements.
One or more OpenSSO Enterprise full server instances must be running remotely in the deployment.
If you currently have a console only deployment, you must first uninstall the console. See Uninstalling an OpenSSO Enterprise Console Only Deployment.

Generating a Console Only WAR File

To generate a console only WAR file, use the jar command to extract the files from the opensso.war file and then to generate the specialized WAR file.

To Generate a Console Only WAR File

Before You Begin

Download and unzip the opensso_enterprise_80.zip file. You will then need the following files:

zip-root/deployable-war/opensso.war is the OpenSSO Enterprise WAR file that contains all components, including the console files.
zip-root/deployable-war/fam-console.list specifies the files that are required to generate a console only WAR file.
zip-root/deployable-war/console contains additional files you will need to deploy and configure the console.

where zip-root is where you unzipped the opensso_enterprise_80.zip file.

For more information about the opensso.war file, see Downloading OpenSSO Enterprise.

Make sure that your JAVA_HOME environment variable points to JDK 1.5 or later.

Create a new staging directory and extract the files from opensso.war in this staging directory. For example:
```
# mkdir consolestaging
# cd consolestaging
# jar xvf zip-root/opensso/deployable-war/opensso.war
```

Create the Console only WAR using the files in fam-console.list:

# cd consolestaging
# jar cvf zip-root/opensso/deployable-war/consoleonly.war \
   @zip-root/opensso/deployable-war/fam-console.list

where consoleonly.war is the name of the new Console only WAR file.

Update the WAR file created in previous step with the additional files required for the specific Console only WAR. For example:
```
# cd zip-root/opensso/deployable-war/console
# jar uvf zip-root/opensso/deployable-war/consoleonly.war *
```
You are now ready to configure the new consoleonly.war, as described in the next section.

Deploying and Configuring the Console Only WAR File

OpenSSO Enterprise includes the Console only WAR File Configurator (Configurator.jsp) to configure a Console only WAR file.

To Deploy and Configure the Console Only WAR File

Login as a user who has the following privileges:
- Access to the web container administration console, if you plan to deploy consoleonly.war using this console.
  
  or
- The capability to execute the web container's deploy command-line utility, if you plan to deploy consoleonly.war using the CLI.

Deploy consoleonly.war using either the web container administration console or CLI.

Launch the Configurator using the following URL:
```
protocol://host.domain:port/console
```
For example: http://host.example.com:8080/console

If the Console only deployment is not already configured, you will be directed to the Configurator page. (If the deployment is already configured, you will be directed to the login page.)

On the Configurator page, specify the following information:
- Server Protocol is the OpenSSO Enterprise server protocol: http or https. Default: http
- Server Host is the fully qualified host name of the system where OpenSSO Enterprise server is deployed.
- Server Port is the OpenSSO Enterprise server port number. Default: 58080
- Server Deployment URI is the URI prefix for accessing the HTML pages, classes, and JAR files associated with OpenSSO Enterprise server.
  
  Important: This value must include the leading slash (/).
- Application user name is the user name for the Console only application.
- Application user password is the password of the user for the application.
- Administration Console Protocol is the protocol (http or https) used by the Console only server web container. Default: http
- Administration Console Host is the fully qualified host name where the Console only server is deployed.
- Administration Console Port is the port number for the Console only server is deployed.
- Administration Console Deployment URI is the deployment URI Console only server. Default: /console
- Administration Console Debug directory is the directory where the debug files will be created.

After you have specified all configuration values (or accepted the default values), click Configure.

(Or, to reset all values, click Reset.)

Next Steps

After the configuration finishes, you will get a message showing the location of the Console only configuration file. This file is created in the home directory of the runtime user who owns the web container instance on which Console only WAR file is deployed.

Important: It is highly recommended that you change the permissions of this configuration file to limit access to the sensitive configuration information.

Accessing the Console

To access the Console in a Console only deployment, use the following URL in your browser:

consoleonly_protocol://consoleonly_host:consoleonly_port/consoleonly_uri

Where:

consoleonly_protocol is the protocol (http or https) used by the Console only server web container instance.
consoleonly_host is the fully qualified host name of the Console only server.
consoleonly_port is the port for the Console only server host.
consoleonly_uri is the deployment URI prefix for the Console only server. The default value is /console.

For example:

http://openssoconsole.example.com:58080/console