By now you should be familiar with OpenSSO and the supported protocols, specifications and associated terminologies. This chapter takes you through the steps of setting up your operating environment with a supported web container, supported identity, and configuration stores. After completing this chapter you will be able to build OpenSSO from source code, and you will be able to configure the product in a single or multi-server deployment configuration. You can also find some tips and procedures to automate the configuration in a non-interactive environment using the command line utility provided by OpenSSO.
In the last part of this chapter, I have included some pertinent information about the OpenSSO release model and the details on how to obtain support for your specific version of OpenSSO (whether it is the enterprise or open source version) deployment from Oracle Inc., or Forgerock (http://www.forgerock.com). If you are planning to deploy OpenSSO for some serious revenue impacting business, it is recommended that you buy the OpenSSO Enterprise release support from Oracle. Of course, you have the option of deploying the open source version from Forgerock.
This chapter covers:
- Environmental requirements for OpenSSO
- Deployment
- Configuration
- Uninstalling OpenSSO
- OpenSSO release and support model
The OpenSSO product is a Java Web Archive (WAR) application which does not require any other external components such as a Database or LDAP server to configure the basic vanilla server. It can be deployed on any servlet 2.4/2.5-compliant web container. This can be readily deployed to any container by just copying the WAR file to the auto deployment directory if the container supports automatic web application deployments. For example, in the Apache Tomcat server, it can be easily deployed by copying the opensso.war (Refer to section OpenSSO—configuration choices, included later in the chapter) to the webapp directory of the Tomcat container. Once you copy the WAR file, it automatically deploys the application and the configurator will be available at the following URL: http://tomcatserver:port/opensso.
In order to deploy the OpenSSO web application, you need to have one of the containers in the supported platform, as described in the following table:
|
Container |
Version |
Operating environment |
|---|---|---|
|
Apache Tomcat |
5.5.27 6.0.18 |
Windows XP/VISTA/2003/2008 Solaris 9,10 Redhat Linux 3/4/5 Ubuntu 8.x/9.x OpenSolaris |
|
Glassfish |
v2U1,v2U2 |
Windows XP/VISTA/2003/2008 Solaris 9,10 Redhat Linux 3/4/5 Ubuntu 8.x/9.x OpenSolaris |
|
Glassfish EE Sun Application Server |
2.1/9.1 |
Windows 2003/2008 Solaris 9,10 Redhat Linux 4/5 |
|
Oracle WebLogic |
10.3 |
Windows 2003 Solaris 9,10 Redhat Linux 4/5 |
|
Oracle Application Server |
10g |
Windows 2003 Solaris 9,10 Redhat Linux 4/5 |
|
IBM WebSphere Application Server |
7 |
Windows 2003 Solaris 9,10 Redhat Linux 4/5 AIX 5.3 |
|
JBOSS |
5.1 |
Windows 2003 Solaris 9,10 Redhat Linux 4/5 |
|
Geronimo |
02/01/01 |
Solaris 10 |
OpenSSO leverages certain features from the container's Java SDK, and the server is tested and certified on these specific versions of the Java SDKs. Using these versions ensures that you experience consistent functionality and performance from OpenSSO. Mostly the Java virtual machines (JVMs) that come with the containers are certified by the OpenSSO test team. The following table lists out the supported Java versions for the OpenSSO server and the client applications.
|
Java version |
OpenSSO server |
OpenSSO Client |
|---|---|---|
|
*Developer Platforms GFv2 and Tomcat | ||
|
Java SDK 1.7* |
X |
X |
|
Java SDK 1.6 |
X |
X |
|
Java SDK 1.5 |
- |
X |
IBM Java and Oracle Weblogic Jrocket are also supported on their respective containers.