After You Finish Creating a Specialized WAR

1. If you are deploying a Distributed Authentication UI server WAR file, see Creating a Distributed Authentication UI Server WAR File.

2. Deploy the specialized WAR file into your web container.

3. Access the specialized WAR deployment URL from your browser. For example, for a console only WAR: http://console-host.example.com:8080/console

4. When the configurator page is displayed, enter the configuration information for the specialized WAR.

The OpenSSO Configurator creates configuration data as follows:

• OpenSSO Administration Console only: AMConfig.properties file in the home directory of the user running the web container where the specialized WAR file is deployed

• Distributed Authentication UI server: /FAMDistAuth/AMDistAuthConfig.properties file in the home directory of the user running the web container where the specialized WAR file is deployed

• OpenSSO server only:

  • Default configuration directory, which is opensso in the home directory of the user running the Configurator. For example, if the Configurator is run by super user (root), the configuration directory is /opensso.

  • user-home-directory.openssocfg, where user-home-directory is the home directory of the user who deployed the WAR file. For example, if the user is super user (root), the directory is /.openssocfg.

• IDP Discovery Service: libIDPDiscoveryConfig.properties file in the home directory of the user running the web container where the specialized WAR file is deployed

It is highly recommended that you change the permissions of a configuration file to limit access to sensitive configuration information, such as the administrator password.

Next Steps

Access the specialized OpenSSO WAR from your browser for its specific function, using the same URL from Step 3.

For example: http://console-host.example.com:8080/console

Creating a Distributed Authentication UI Server User

Before you configure a Distributed Authentication UI server WAR file, on the OpenSSO Enterprise sserver, create a user who has the “Read and write access to all realm and policy properties” privilege. You will specify this user (and password) when you run the Configurator (distAuthConfigurator.jsp) to configure the WAR file.

To Create a Distributed Authentication UI Server User

1. Log in to the OpenSSO server administration console as amadmin.

2. Click Access Control, the default realm, and then Subjects.

3. Create a new user. For example: dauser

4. Create a new group. For example: dagroup

5. Add the new user to the new group.

6. Click Privileges and then the link for the new group.

7. Select the "Read and write access to all realm and policy properties" privilege and click Save.