[OpenAM] Step By Step SSO Configuration

LOW Chee Chong cheechong at azlabs.sg
Tue Mar 27 12:39:03 BST 2012


Upendra,

 

Tomcat 7 requires J2EE Policy Agent, not Web Policy Agent.

 

--

Chee Chong

 

 

From: openam-bounces at forgerock.org [mailto:openam-bounces at forgerock.org] On
Behalf Of Upendra sai kumar
Sent: Tuesday, 27 March, 2012 6:59 PM
To: Users
Subject: Re: [OpenAM] Step By Step SSO Configuration

 

Hi Brad,

thanks for the response,i am trying to configure as per the steps given by
you,but i am facing a problem i.e i am using windows 7 64 bit os and tomcat7
i.e to be configured as my agent but i dont find the Web Policy Agent for
this.

can you please help me in this regards

thanks and regards,
upendra

On Mon, Mar 26, 2012 at 7:31 PM, Brad Tumy <brad at tumy-tech.com> wrote:

Upendra -

 

For step 1 - use this as an example:

https://wikis.forgerock.org/confluence/display/openam/Add+Authentication+to+
a+Website+using+OpenAM

 

For step 2 - you can use this as a starting point:

https://wikis.forgerock.org/confluence/display/openam/SAMLv2+IDP+Proxy+Part+
1.+Setting+up+a+simple+Proxy+scenario

 

I'll need to find some more information for you on extending your app to
include the fedlet.

 

The above references are meant to be guides ... they may not be the exact
steps you need per your environment.

 

 

Brad Tumy

TUMY | technology, inc. // identity and access management solutions

 

(e) brad at tumy-tech.com

(p) 240.215.4825

(w) http://www.tumy-tech.com

 

 

 

 

 

 

 

On Mar 26, 2012, at 8:55 AM, Upendra sai kumar wrote:





Hi Brad,

thank you,mean while i will also try to configure things as per the guide
lines given by you.

thanks&regards
upendra

On Mon, Mar 26, 2012 at 6:21 PM, Brad Tumy <brad at tumy-tech.com> wrote:

I'll see what I can do about getting you more details today.

 

Thanks,

Brad Tumy

TUMY | technology, inc. // identity and access management solutions

 

(e) brad at tumy-tech.com

(p) 240.215.4825

(w) http://www.tumy-tech.com <http://www.tumy-tech.com/> 

 

 

 

 

 

 

 

On Mar 26, 2012, at 8:48 AM, Upendra sai kumar wrote:





Hi Brad,

Thanks for the Good Response,i got the point what you are trying to convey
but it would be a great help if you can give in detail.

Thanks & Regards,
Upendra

On Mon, Mar 26, 2012 at 5:50 PM, Brad Tumy <brad at tumy-tech.com> wrote:

Upendra,

 

In this situation Application A would be the identity provider (IDP) because
this is the "partner" that manages the user's credentials.  Application B is
the Service Provider (SP).  You can accomplish this several ways.  The
approach that I would recommend to you is to implement OpenAM and protect
Application A with an agent.  So that when a user attempts to access
Application A they are prompted by whatever credential you require.  Once
you have that working the way you want it then you will need to set up a
Circle of Trust in OpenAM and deploy a fedlet which will need to be
integrated with your application B.  The fedlet is a self-contained SP (war
file) that can be implemented into your existing application context on
Application B.

 

This is a very high-level explanation so please let me know if you need more
details.

 

Thanks,

Brad Tumy

TUMY | technology, inc. // identity and access management solutions

 

(e) brad at tumy-tech.com

(p) 240.215.4825

(w) http://www.tumy-tech.com <http://www.tumy-tech.com/> 

 

 

 

 

 

 

 

On Mar 26, 2012, at 7:16 AM, Upendra sai kumar wrote:

 

Hi,

i need to implement SSO Using the openAM where the scenario is as follows,

i have "AppliactionA" having authentication using jdbc running in tomcat
and i have another "ApplicationB" running in Jboss where there is no
login,now when i try to access "ApplicationB" i need to be redirect to a
login page(credentials) and after successful login, i should be able to
access both "ApplicationA" as well as "ApplicationB".

For the above i have choosen openAM as my solution,but i am finding
difficulty while configure things like Identity Provider,Service Provider
,realm etc and finally to protect my resources.

Can any one help me in this regard by giving some step by step proceedure of
configuration using openAM.

thanks in advance

regards,
Upendra

_______________________________________________
OpenAM mailing list
OpenAM at forgerock.org
https://lists.forgerock.org/mailman/listinfo/openam

 


_______________________________________________
OpenAM mailing list
OpenAM at forgerock.org
https://lists.forgerock.org/mailman/listinfo/openam


_______________________________________________
OpenAM mailing list
OpenAM at forgerock.org
https://lists.forgerock.org/mailman/listinfo/openam

 


_______________________________________________
OpenAM mailing list
OpenAM at forgerock.org
https://lists.forgerock.org/mailman/listinfo/openam


_______________________________________________
OpenAM mailing list
OpenAM at forgerock.org
https://lists.forgerock.org/mailman/listinfo/openam

 


_______________________________________________
OpenAM mailing list
OpenAM at forgerock.org
https://lists.forgerock.org/mailman/listinfo/openam

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.forgerock.org/pipermail/openam/attachments/20120327/6724e11e/attachment.html>


More information about the OpenAM mailing list