Installing the OpenSSO Add-On

After using Update Tool to get the OpenSSO Add-On package, as described in Getting the OpenSSO Add-On, installing the package involves performing some minor configuration steps and then running an Ant script.

• To Install the OpenSSO Add-On

• To Uninstall the OpenSSO Add-On

To Install the OpenSSO Add-On

Before You Begin

• Make sure your OpenSSO server and your Web Space Server site are both running and accessible.

• Make note of the OpenSSO server host name, port number, and protocol used to access the OpenSSO administration application, as these will be needed later in this procedure.

1. Change to the webspace_dir/webspace/opensso/templates directory.

2. Make copies of the AMConfig.properties.template and portal-ext.properties.template files, dropping the .template extension from the names of the copies.

   For example:

   cp AMConfig.properties.template AMConfig.properties cp portal-ext.properties.template portal-ext.properties

3. Modify the AMConfig.properties file, as follows:

   1. Comment or uncomment, as appropriate, the lines for OpenSSO or Access Manager, depending on the type of authentication server you are using.

      The lines for OpenSSO configuration are uncommented by default. If you are instead using Access Manager, comment out the OpenSSO lines and uncomment the Access Manager lines.

   2. Replace localhost with the appropriate OpenSSO host name, port number, and protocol in the two lines containing the com.iplanet.am.*.url= properties.

      For example, if your OpenSSO server is ssofoo.bar.com running on HTTP port 7080, you would change:

      com.iplanet.am.naming.url=http://localhost:8080/opensso/namingservice

      to:

      com.iplanet.am.naming.url=http://ssofoo.bar.com:7080/opensso/namingservice

   3. Change com.iplanet.am.cookie.name from iPlanetDirectoryPro to the name of the cookie used by the OpenSSO server.

4. Modify the portal-ext.properties file, as follows:

   1. Comment or uncomment, as appropriate, the lines for OpenSSO or Access Manager, depending on the type of authentication server you are using.

      The lines for OpenSSO configuration are uncommented by default. If you are instead using Access Manager, comment out the OpenSSO lines and uncomment the Access Manager lines.

   2. Verify that the access.manager.auth.enabled property is set to true, and that the line is ucommented.

   3. Replace the first localhost in each access.manager.* property with the appropriate OpenSSO host name, port number, and protocol.

   4. Replace the second localhost, in each access.manager.* property (after the goto parameter), with the Web Space Server host name, port number, and protocol.

      For example, if your OpenSSO server is ssofoo.bar.com running on HTTP port 7080, and your Web Space Server is running on webspace.bar.com on port 8080, you would change:

      access.manager.login.url=http://localhost:8080/opensso/UI/Login? \ goto=http://localhost:8080/c/portal/login

      to:

      access.manager.login.url=http://ssofoo.bar.com:7080/opensso/UI/Login? \ goto=http://webspace.bar.com:8080/c/portal/login

      (Note that these statements should each be on a single line; they are wrapped to fit the page width here.)

5. Change to the webspace_dir/webspace/opensso directory and run the install-gfv2.xml Ant script

   ant -f install-gfv2.xml

6. Follow the prompts to complete the OpenSSO Add-On installation.

   The OpenSSO installation stops the Web Space Server domain and installs the following JAR and WAR files in the glassfish_dir/glassfish2/domains/domain_name directory for the domain_name you chose during installation:

   ./applications/j2ee-modules/FAMWebSynergyMapping/WEB-INF/lib/openssoclientsdk-v1.b5.jar ./applications/j2ee-modules/opensso-web/WEB-INF/lib/opensso-web-service.jar ./applications/j2ee-modules/opensso-web/WEB-INF/lib/openssoclientsdk-v1.b5.jar ./applications/j2ee-modules/websynergy/WEB-INF/lib/opensso-login-filters.jar ./applications/j2ee-modules/websynergy/WEB-INF/lib/openssoclientsdk-8.0.b6.jar ./autodeploy/FAMWebSynergyMapping.war ./autodeploy/opensso-web.war ./autodeploy/opensso-web.war_deployed ./lib/opensso-web-service.jar ./websynergy/deploy/opensso-web.war

7. Restart the Web Space Server domain when the OpenSSO Add-On installation is complete.

   cd glassfish_dir/glassfish2/bin ./asadmin start-domain domain_name

To Uninstall the OpenSSO Add-On

1. Stop the Web Space Server domain.

2. Change to the webspace_dir/var/webspace/war-workspace/customs/webspace/WEB-INF/classes directory and modify the portal-ext.properties file.

   1. Remove the OpenSSO Add-On entry from application.startup.events:

      com.sun.portal.opensso.startup.OpenssoAddonStartupAction

   2. Remove all properties related to OpenSSO.

      The complete list of properties is available in the portal-ext.properties.template file located in webspace_dir/webspace/opensso/templates.

3. Change to the webspace_dir/var/webspace/war-workspace/customs/webspace/WEB-INF directory and remove all the <filter> and <filter-mapping> entries named AM Filter.

4. Change to the webspace_dir/var/webspace/war-workspace/customs/webspace/WEB-INF/lib directory and remove the following two files:

   • openssoclientsdk-8.0.b6.jar

   • opensso-login-filters.jar

5. Change to the webspace_dir/var/webspace/war-workspace directory and run the synchronize.xml Ant script.

   ant -f synchronize.xml

   This rebuilds the Web Space Server webspace.war file.

6. Restart the Web Space Server domain and launch the Sun GlassFish Enterprise Server admin console.

   For example:

   http://fooserver:4848

7. Navigate to the Web Applications node and undeploy the communitymapperportlet.war and opensso-web.war applications.

8. Stop the Web Space Server domain.

9. Change to the glassfish_dir/domains/<webspaceserver_domain>/lib directory and remove the opensso-web-service.jar file.

10. Restart the Web Space Server domain.