Installing Sun OpenSSO Enterprise from a web archive (WAR) file involves these steps:
Creating and Deploying Specialized OpenSSO Enterprise WAR Files
Examples: Deploying OpenSSO Enterprise on JBoss Application Server
Before you begin, check the OpenSSO Enterprise 8.0 Requirements.
OpenSSO Enterprise is available in the opensso_enterprise_80.zip file, which you can download from the following site:
http://www.oracle.com/technetwork/indexes/downloads/index.html
The following table describes the layout after you unzip the opensso_enterprise_80.zip file. The directory where you unzip the file is represented by zip-root.
Table 3–1 OpenSSO Enterprise opensso_enterprise_80.zip File Layout
zip-root/opensso/ Directory |
Description |
---|---|
deployable-war |
OpenSSO Enterprise WAR and related files:
|
docs |
Java API reference documentation (opensso-public-javadocs.jar). |
integrations |
|
fedlet |
Fedlet-unconfigured.zip file. After you unzip this file, fedlet.war allows you to deploy the Fedlet, a light-weight SAMLv2 service provider (SP). Follow the instructions in the Readme to configure the Fedlet metadata and COT and to deploy fedlet.war. |
ldif |
LDIF files for Sun Java System Directory Server, Microsoft Active Directory, and other LDAPv3 compliant directory servers. |
libraries |
DLL and JAR files for components such as OpenSSO Enterprise client SDK, the C SDK library for web policy agents, and the Secure Attribute Exchange (SAE) also known as Virtual Federation Proxy. |
patches |
Reserved for future use. |
samples |
Client SDK and samples (opensso-client.zip). See Chapter 13, Installing the OpenSSO Enterprise Client SDK. |
tools |
OpenSSO Enterprise tools and utilities:
See Chapter 6, Installing the OpenSSO Enterprise Utilities and Scripts. |
upgrade |
Upgrade scripts and related files to upgrade Access Manager or Federation Manager. |
xml |
OpenSSO Enterprise XML files, such as amAdminConsole.xml, amAuth.xml, amSession.xml, and amUser.xml. |
Before you deploy the opensso.war, a supported web container must be deployed and configured, as described in Chapter 2, Deploying the OpenSSO Enterprise Web Container.
Then you deploy the OpenSSO Enterprise WAR (opensso.war) file using the web container administration console or deploy command.
If you plan to use the OpenSSO configuration data store, you must deploy OpenSSO Enterprise on a local file system and not on an NFS-mounted file system. The OpenSSO configuration data store, which is deployed with OpenSSO Enterprise, is not supported on an NFS-mounted file system.
Login as a user who has the following privileges:
Access to the OpenSSO Enterprise web container administration console, if you plan to deploy opensso.war using the console.
or
The capability to execute the web container's deploy command-line utility, if you plan to deploy opensso.war using the CLI.
If necessary, copy opensso.war to the server where you want to deploy OpenSSO Enterprise.
Deploy opensso.war using either the web container administration console or deploy command.
If the OpenSSO Enterprise web container administration console includes the option to deploy a WAR file, this method is usually the simplest one to use.
Otherwise, use the web container deploy command. For example, the following command deploys opensso.war on the Application Server 9.1 web container on Solaris systems:
# cd /opt/SUNWappserver/appserver/bin # ./asadmin deploy --user admin --passwordfile /tmp/pwdfile --port 4848 zip-root/opensso/deployable-war/opensso.war
where:
zip-root is where you unzipped the opensso_enterprise_80.zip file. Or, if you copied opensso.war to a different location, use that location in the command.
/tmp/pwdfile is the Application Server 9.1 password file. This ASCII text file contains the AS_ADMIN_PASSWORD variable set to the administrator password.
Continue with the initial OpenSSO Enterprise server configuration using the Configurator:
Chapter 4, Configuring OpenSSO Enterprise Using the GUI Configurator
or
Chapter 5, Configuring OpenSSO Enterprise Using the Command-Line Configurator
In addition to an OpenSSO Enterprise full server deployment, you can also create and deploy the following specialized WAR files:
Distributed Authentication UI Server: Chapter 9, Deploying a Distributed Authentication UI Server
IDP Discovery Service: Chapter 10, Deploying the Identity Provider (IDP) Discovery Service
OpenSSO Enterprise Administration Console only: Chapter 11, Installing the OpenSSO Enterprise Console Only
OpenSSO Enterprise server without the Administration Console: Chapter 12, Installing OpenSSO Enterprise Server Only
OpenSSO Enterprise client SDK: Chapter 13, Installing the OpenSSO Enterprise Client SDK
This section describes two additional methods to deploy OpenSSO Enterprise. Each method uses JBoss Application Server as the web container, but you can also use these methods on other web containers, if the container support the method.
Create a subdirectory under JBOSS_HOME/server/instance/deploy/name_of_war_file. For example:
# mkdir /opt/jboss-4.2.2.GA/server/opensso/deploy/opensso.war
Explode the opensso.war file in this new directory. For example:
# cd /opt/jboss-4.2.2.GA/server/opensso/deploy/opensso.war # jar xvf /tmp/opensso.war
Your don't need to restart the container, because JBoss Application Server will automatically hot-deploy it.
Point your browser to http://host.domain:port/opensso or http://host:port/openssoand start configuring OpenSSO Enterpriseserver.
The OpenSSO Enterprise Configurator will write a bootstrap file in your home directory. For example:
/.openssocfg/AMConfig_opt_jboss-4.2.2.GA_server_opensso_._deploy_opensso.war_
Explode the opensso.war file in a temporary directory. For example:
# cd /tmp/sun # jar xvf zip-root/opensso/deployable-war/opensso.war
where zip-root is where you unzipped the opensso_enterprise_80.zip file.
In the WEB-INF/classes/bootstrap.properties file, uncomment the configuration.dir property and set the property to the configuration directory that you plan to use for the OpenSSO Enterprise installation. For example:
configuration.dir=/opt/opensso-server1
Create a new opensso.war with the extracted contents. For example:
# cd /tmp/sun # jar cvf /tmp/opensso.war *
Hot-deploy this new WAR file on the JBoss Application Server container instance by copying the opensso.war from Step 3 to the JBoss deploy directory. For example:
# cp /tmp/opensso.war /opt/jboss-4.2.2.GA/server/opensso/deploy
Start configuring OpenSSO Enterprise by pointing your browser to http://host.domain:port/opensso or http://host:port/opensso.
Note: Because you pre-configured the OpenSSO Enterprise configuration directory in the opensso.war file in Step 4, you won't be able to change it during the configuration process.