Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide

Overview of Installing and Configuring OpenSSO Enterprise

OpenSSO Enterprise 8.0 Changes to Consider

Before you install and configure OpenSSO Enterprise, here are a few changes to consider:

Summary of the OpenSSO Enterprise 8.0 Installation and Configuration Steps

To install and configure an instance of OpenSSO Enterprise server, follow these general steps:

  1. Check the Sun OpenSSO Enterprise 8.0 Release Notes for any recent issues or updates to the release.

  2. If necessary, install, configure, and start one of the supported web containers listed in Table 1–1.

  3. Download and unzip the file from the following site:

    OpenSSO Enterprise 8.0 patch releases are available as patch ID 141655 on

    For information about installing a patch release, see Chapter 23, Patching OpenSSO Enterprise 8.0.

  4. Deploy the opensso.war file to the web container, using the web container administration console or deployment command.

    For the detailed steps, see Chapter 3, Installing OpenSSO Enterprise.

  5. Run either the GUI or command-line Configurator.

    To run the GUI Configurator, enter the following URL in your browser:


    For example:

    If you are running the GUI Configurator, enter values in the Configurator fields or accept the default value for some fields. The Configurator has two configuration options:

    • The Default Configuration option requires you to enter only the OpenSSO Enterprise administrator (amAdmin) and default policy agent (UrlAccessAgent) passwords. The Configurator then uses default values for the other configuration options.

      Use the Default Configuration for development environments or simple demonstration purposes when you just want to evaluate OpenSSO Enterprise features.

    • The Custom Configuration option allows you to enter specific configuration values for your deployment (or accept the default values).

      Use the Custom Configuration for production and more complex environments. For example, a multi-server installation with several OpenSSO Enterprise instances behind a load balancer.

    For the detailed steps, see Chapter 4, Configuring OpenSSO Enterprise Using the GUI Configurator or Chapter 5, Configuring OpenSSO Enterprise Using the Command-Line Configurator.

  6. Launch OpenSSO Enterprise using the specific web container console or deployment command, or by specifying the URL from Step 4 in your browser.

  7. Login to the Console as the OpenSSO Enterprise administrator (amAdmin) using the password you specified when you ran the Configurator.

  8. To make additional configuration changes to your deployment, use the OpenSSO Enterprise Administration Console or the ssoadm command-line utility. For information, refer to the Administration Console Online Help or the Sun OpenSSO Enterprise 8.0 Administration Reference.

  9. Depending on your security requirements, consider making a snapshot of your deployment using the OpenSSO Diagnostic Tool. Then, you can run the Tamper Detection test periodically to very the integrity of your deployment. For more information, see Chapter 7, Running the OpenSSO Diagnostic Tool.