Preparing the Web Space Server Administrator Account

One of the primary concepts to remember when working with the OpenSSO Add-On is that for a user to be able to log in to an OpenSSO-enabled Web Space Server site, he or she must have a corresponding user account on the OpenSSO server that is providing authentication services for the Web Space Server site.

With this in mind, before using the Community Mapper Portlet provided by the OpenSSO Add-On with the sample Web Space Server site used in these examples, an account corresponding to the Web Space Server sample administrator account must be created on the OpenSSO server.

To Create a Web Space Server Administrator Account in OpenSSO

This task will likely be unnecessary in most Web Space Server production environments. It is only necessary in cases where the Web Space Server site administrator does not have an OpenSSO account with correspondingly sufficient privileges to perform administrative tasks on the Web Space Server site.

This example demonstrates how to create an OpenSSO account corresponding to the Web Space Server administrative account, admin@example.com.

1. Gather the credentials for the Web Space Server administrator for whom you want to create a corresponding account on the OpenSSO server.

   In particular, make note of the user name, password, and email address.

2. Go to the URL for the your OpenSSO server and log in as the OpenSSO adminstrator.

   For example:

   http://ssofoo.bar.com:7080/opensso

   

3. In the OpenSSO Administration Console main screen, choose the Access Control tab.

   

4. Choose the name of the realm in which you want to create the Web Space Server admin user.

   In this example, the / (Top Level Realm) is chosen.

   

5. On the Realm Properties page, choose the Subjects tab.

   

6. Make sure the User tab is selected, and then choose New.

   

7. Enter the information for the Web Space Server admin user, as appropriate, and then click OK.

   ---

   Note –

   Do not use the same password here as is defined for the admin user in Web Space Server.

   ---

   

8. Back on the Subjects->User page, click the name of the new admin user.

   The Edit User — admin page is displayed.

9. Enter additional information for the admin user, and then click Save and Back to Subjects.

   In this, in order to work with the Web Space Server sample site, the email address for the admin user, admin@example.com, is entered here.

   

10. Back on the Subjects page, choose the Group tab.

    

11. Choose New to create a new group.

12. Enter an ID for the new group, and then click OK.

    In this example, the group name webminadmin is used.

13. Back on the Subjects->Group page, click the name of the new webminadmin group.

14. On the Edit Group — webminadmin page choose the User tab.

    

15. Select the new admin user from the Available list, and then click Save and Back to Subjects.

    

16. Choose the Privileges tab to display the realm Privileges page.

    

17. Choose the name of the new group, webminadmin, to display the group Properties page.

    

18. Enable the bottom checkbox, “Read and write access to all realm and policy properties,” and then choose Save and Back to Privileges.

19. Log out of the OpenSSO administration console, and log in as admin to the Web Space Server site using the account information you defined on the OpenSSO server.

    The admin user will now be logged in and have full administrative privileges on the Web Space Server site.