test

Deployment Example: SAML v2 Using Sun OpenSSO Enterprise 8.0

ProcedureTo Install and Configure Web Policy Agent on Protected Resource 1

Before You Begin

The JAVA_HOME environment variable should be set to /opt/SUNWwbsvr/jdk/jre.

  1. As a root user, log into the pr1.sp-example.com host machine.

  2. Create a directory into which you can download the Web Server agent bits and change into it.


    # mkdir /export/WebPA1
# cd /export/WebPA1

  3. Create a text file that contains the Agent Profile password.

    The Web Policy Agent installer requires this for installation.


    # cat > agent.pwd

webagent1

Hit Control D to terminate the command

^D

  4. Download the web policy agent for Web Server from http://www.sun.com/download/.


    # ls -al

total 7512
drwxr-xr-x   2 root     root         512 Jul 24 14:48 .
drwxr-xr-x  11 root     root         512 Jul 24 14:41 ..
-rw-r--r--   1 root     root          10 Jul 24 14:42 agent.pwd
-rw-r--r--   1 root     root           9 Jul 24 14:42 agentadm.pwd
-rw-r--r--   1 root     root     3826794 Jul 24 14:48 sjsws_v70_SunOS_sparc_agent_3.zip

  5. Unzip the downloaded file.


    # unzip sjsws_v70_SunOS_sparc_agent_3.zip

  6. Run the agent installer.


    # cd /export/WebPA1/web_agents/sjsws_agent/bin
# ./agentadmin --custom-install

  7. When prompted, do the following.


    Please read the following License 
Agreement carefully:

    Press Enter and continue to press Enter until you have reached the end of the License Agreement. 

    		 

    Do you completely agree with all the terms and 
conditions of this License Agreement (yes/no): [no]:

    Type yes and press Enter.

    		 

    Enter the Sun Java System Web Server Config 
Directory Path [/var/opt/SUNWwbsvr7/
  https-pr1.sp-example.com/config]:

    Type /opt/SUNWwbsvr/https-pr1.sp-example.com/config and press Enter.

    		 

    Enter the OpenSSO Enterprise URL 
including the deployment URI 
(http://opensso.sample.com:58080/opensso)

    Type https://lb4.example.com:1081/opensso and press Enter.

    		 

    Enter the Agent URL: 
(http://agent1.sample.com:1234)

    Type http://pr1.sp-example.com:1080 and press Enter.

    		 

    Enter the Encryption Key
[WSpf7aqc3AFIGvf2mCqvNBOsf44cDrf3].

    Accept the default value. 

    		 

    Enter the Agent profile name 
[UrlAccessAgent]:

    Type webagent-1 and press Enter.

    		 

    Enter the path to a file that contains the 
password to be used for identifying the Agent.

    Type /export/WebPA1/agent.pwd and press Enter.

    Note –

    A warning message is displayed regarding the existence of the agent profile.

    		 

    -----------------------------------------
SUMMARY OF YOUR RESPONSES
-----------------------------------------------

Sun Java System Web Server Config Directory :
 /opt/SUNWwbsvr/https-pr1.sp-example.com/config
OpenSSO Server URL :
 https://lb4.sp-example.com:1081/opensso
Agent URL : http://pr1.sp-example.com:1080
Encryption Key :
 WSpf7aqc3AFIGvf2mCqvNBOsf44cDrf3
Agent Profile name : webagent-1
Agent Profile Password file name :
 /export/WebPA1/agent.pwd
Agent Profile will be created right now by 
 agent installer : true
Agent Administrator : amadmin
Agent Administrator's password file name :
 /export/WebPA1/agentadm.pwd

Verify your settings above and decide from 
the choices below.

  1. Continue with Installation
  2. Back to the last interaction
  3. Start Over
  4. Exit

Please make your selection [1]:

    Type 1 and press Enter.

  8. Restart the Web Server 1 instance.


    # cd /opt/SUNWwbsvr/https-pr1.sp-example.com/bin 
# ./stopserv; ./startserv 

server has been shutdown
Sun Java System Web Server 7.0U3 B06/16/2008 12:00
info: CORE3016: daemon is running as super-user
info: CORE5076: Using [Java HotSpot(TM) Server VM, Version 1.5.0_15]
from [Sun Microsystems Inc.]
info: HTTP3072: http-listener-1: http://pr1.sp-example.com:1080 ready to
accept requests
info: CORE3274: successful server startup

  9. Verify that the Web Policy Agent was successfully created in OpenSSO Enterprise using the following sub procedure.

    1. Access https://lb4.sp-example.com:1081/opensso/console from a web browser.

    2. Log in to the OpenSSO Enterprise console as the administrator.

      User Name:

      amadmin

      Password:

      ossoadmin

    3. Under the Access Control tab, click / (Top Level Realm).

    4. Click the Agents tab.

      By default, the Web tab is displayed. You should see webagent-1 under the Agent table.

    5. Click webagent-1.

      The webagent-1 properties page is displayed.

    6. Log out of the console and close the browser.

  10. Remove the password files.


    # cd /export/WebPA1
# rm agent.pwd
# rm agentadm.pwd

  11. Log out of the pr1.sp-example.com host machine.