Deployment example:
------------------
OpenSSO updat1 patch 3 server on machine avatar.red.iplanet.com
Glassfish 3.0 J2EE Policy Agent on machine rub-s10-6.sfbay.sun.com
Step-1: Install OpenSSO server. Configure agent profile, policies.
Step-2: Install J2EE Policy Agent 3.0
Step-3: In container hosting agent, deploy mini agent sample application from http://developers.sun.com/identity/reference/techart/policyagents/agent-mini-app.zip
Step-4: In container hosting agent, deploy agentapp.war This is not installed by default. It is available in the following location:
/opt/lakshman/installations/agents/j2ee_agents/appserver_v9_agent/etc
Step-5: Configure agent profile for 3 properties mentioned in the link:
http://docs.sun.com/app/docs/doc/820-5816/aeabl?a=view
In my sample, the values are (Agent Profile -> SSO tab):
a) Enabled "Cross Domain SSO" checkbox
b) CDSSO Servlet URL: http://avatar.red.iplanet.com:8080/opensso/cdcservlet
c) CDSSO Domain List: .sun.com
Step-6: Set property "CDSSO Clock Skew" if you have not synchronized time between two machines hosting OpenSSO and agent.
Step-7: Add agent machine domain name to Realm/DNS Aliases
Step-8: Restart both containers hosting OpenSSO and glassfish server.
Trouble shooting tips:
----------------------
1. Do not add /agentapp/sunwCDSSORedirectURI to not-enforced-list. This has been discussed some places in a google search.
*************
Related docs:
*************
CDSSO Config
CDSSO Block Diagram
Mini agent sample deployment
Binary Search Tree
8 years ago
sounds really good.
ReplyDeleteI have a similar environment:
Agent:
pepwebservice.wiwi.domain1.com:8080/agentapp
OpenSSO:
opensso.wiwi.domain1.com:8080/opensso
I followed your instructions, but I am receiving a 404 Error :(.
Do you have an idea why?
Both your servers hosting agent and opensso are in same domain. Why do you want to setup CDSSO?
ReplyDelete