Creating a Specialized OpenSSO WAR File

OpenSSO Express Build 7 includes the createwar script to simplify the creation of the following specialized OpenSSO WAR files:

  • OpenSSO Administration Console only WAR
  • Distributed Authentication UI server WAR
  • OpenSSO server only, without the Administration Console WAR
  • IDP Discovery Service WAR

This script creates specialized OpenSSO WAR files by automatically executing several steps that you previously had to perform using the jar command.

The createwar script is available for the following platforms:

  • Solaris and Linux systems: createwar.sh
  • Windows: createwar.bat

After you unzip opensso.zip for OpenSSO Express Build 7, the script is in the following directory:

zip-root/deploy_uri/deployable-war

where:

  • zip-root is the directory where you unzipped opensso.zip for OpenSSO Express Build 7.
  • deploy_uri is the OpenSSO deploy URI. The default is opensso.

For example: /downloads/opensso/deployable-war

Running the createwar Script

To run the createwar script, follow this usage:

createwar --staging|-s stagingDir
--type |-t typeOfWarFile
--warfile|-w warfileName
[--locale|-l locale]

where:

  • createwar is either createwar.sh or createwar.bat, depending on your platform.
  • stagingDir is the staging directory where the opensso.war files are extracted.
  • typeOfWarFile is the type of WAR file you want to create:
    • console - OpenSSO Administration Console only WAR
    • distauth - Distributed authentication UI server WAR
    • noconsole - OpenSSO server only WAR (without the Administration Console)
    • ldpdiscovery - IDP Discovery Service
  • warfileName is the name of the specialized WAR file to be created.
  • locale (optional) indicates the locale of your system where you are running the createwar script. Choices can be de (German), en_US (US English), es (Spanish), fr (French), ja (Japanese), zh_CN (Simplified Chinese), or zh_TW (Traditional Chinese).

To display the createwar help:

createwar -help|? [--locale|-l locale]

Before You Begin Creating a Specialized WAR

  • If necessary, download and unzip the opensso.zip file for OpenSSO Express Build 7. You can download opensso.zip from the OpenSSO project site:
    http://opensso.dev.java.net/public/use/index.html
  • Set your JAVA_HOME environment variable to the location of your JDK installation. The createwar script requires JDK 1.5 or later.

Examples - Creating Specialized OpenSSO War Files

The following examples are intended for Solaris and Linux systems. If you are on a Windows system, run the createwar.bat script and adjust the paths for Windows conventions.

Creating a Console Only WAR File

To Create a Console Only WAR File

1. Create a staging directory and extract the files from opensso.war. For example:

mkdir /tmp/consolewarstaging
cd /tmp/consolewarstaging
jar xvf /downloads/opensso/deployable-war/opensso.war

2. Run the createwar.sh script to create a console only WAR file named console.war.

You must execute createwar.sh (or createwar.bat on Windows) script in the deployable-war directory.

cd /downloads/opensso/deployable-war
./createwar.sh -s /tmp/consolewarstaging -t console -w /tmp/console.war

3. You are now ready to deploy your new WAR, as described in After You Finish Creating a Specialized WAR.

Creating a Distributed Authentication UI Server WAR File

To Create a Distributed Authentication UI Server WAR File

1. Create a staging directory and extract the files from opensso.war. For example:

mkdir /tmp/dawarstaging
cd /tmp/dawarstaging
jar xvf /downloads/opensso/deployable-war/opensso.war

2. Run the createwar.sh script to create a Distributed Authentication UI server WAR file named distauth.war.

You must execute createwar.sh (or createwar.bat on Windows) script in the deployable-war directory.

cd /downloads/opensso/deployable-war
./createwar.sh -s /tmp/dawarstaging -t distauth -w /tmp/distauth.war

3. You are now ready to deploy your new WAR, as described in After You Finish Creating a Specialized WAR.

Creating a Server Only (No Admin Console) WAR File

To Create a Server Only (No Admin Console) WAR File

1. Create a staging directory and extract the files from opensso.war. For example:

mkdir /tmp/serveronlywarstaging
cd /tmp/serveronlywarstaging
jar xvf /downloads/opensso/deployable-war/opensso.war

2. Run the createwar.sh script to create a console only WAR file named serveronly.war.

You must execute createwar.sh (or createwar.bat on Windows) script in the deployable-war directory.

cd /downloads/opensso/deployable-war
./createwar.sh -s /tmp/serveronlywarstaging -t noconsole -w /tmp/serveronly.war

3. You are now ready to deploy your new WAR, as described in After You Finish Creating a Specialized WAR.

Creating an IDP Discovery Service WAR File

To Create an IDP Discovery Service WAR File

1. Create a staging directory and extract the files from opensso.war. For example:

mkdir /tmp/idpdiscoverywarstaging
cd /tmp/idpdiscoverywarstaging
jar xvf /downloads/opensso/deployable-war/opensso.war

2. Run the createwar.sh script to create a IDP Discovery Service WAR file named idpdiscovery.war.

You must execute createwar.sh (or createwar.bat on Windows) script in the deployable-war directory.

cd /downloads/opensso/deployable-war
./createwar.sh -s /tmp/idpdiscoverywarstaging -t idpdiscovery -w /tmp/idpdiscovery.war

3. You are now ready to deploy your new WAR, as described in After You Finish Creating a Specialized WAR.

After You Finish Creating a Specialized WAR

  1. If you are deploying a Distributed Authentication UI server WAR file, see Creating a Distributed Authentication UI Server User.
  2. Deploy the specialized WAR file into your web container.
  3. Access the specialized WAR deployment URL from your browser. For example, for a console only WAR:
    http://console-host.example.com:8080/console
  4. When the configurator page is displayed, enter the configuration information for the specialized WAR.

The OpenSSO Configurator creates configuration data as follows:

  • OpenSSO Administration Console only: AMConfig.properties file in the home directory of the user running the web container where the specialized WAR file is deployed
  • Distributed Authentication UI server: /FAMDistAuth/AMDistAuthConfig.properties file in the home directory of the user running the web container where the specialized WAR file is deployed
  • OpenSSO server only:
    • Default configuration directory, which is opensso in the home directory of the user running the Configurator. For example, if the Configurator is run by super user (root), the configuration directory is /opensso.
    • user-home-directory.openssocfg, where user-home-directory is the home directory of the user who deployed the WAR file. For example, if the user is super user (root), the directory is /.openssocfg.
  • IDP Discovery Service: libIDPDiscoveryConfig.properties file in the home directory of the user running the web container where the specialized WAR file is deployed

Note - It is highly recommended that you change the permissions of a configuration file to limit access to sensitive configuration information, such as the administrator password.

Next Steps

Access the specialized OpenSSO WAR from your browser for its specific function, using the same URL from Step 3.
For example: http://console-host.example.com:8080/console

Creating a Distributed Authentication UI Server User

Before you configure a Distributed Authentication UI server WAR file, on the OpenSSO sserver, create a user who has the "Read and write access to all realm and policy properties" privilege. You will specify this user (and password) when you run the Configurator (distAuthConfigurator.jsp) to configure the WAR file.

To Create a Distributed Authentication UI Server User

  1. Log in to the OpenSSO server administration console as amadmin.
  2. Click Access Control, the default realm, and then Subjects.
  3. Create a new user. For example: dauser
  4. Create a new group. For example: dagroup
  5. Add the new user to the new group.
  6. Click Privileges and then the link for the new group.
  7. Select the "Read and write access to all realm and policy properties" privilege and click Save.

Related Information

For information about deploying and configuring your new specialized WAR file, see the Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide.

http://docs.sun.com/doc/820-3320
In This Article
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.

Sign up or Log in to add a comment or watch this page.


The individuals who post here are part of the extended Sun Microsystems community and they might not be employed or in any way formally affiliated with Sun Microsystems. The opinions expressed here are their own, are not necessarily reviewed in advance by anyone but the individual authors, and neither Sun nor any other party necessarily agrees with them.

Copyright 1994-2009 Sun Microsystems, Inc.
Powered by Atlassian Confluence Sun Guidelines on Public Discourse Privacy Policy Terms of Use Trademarks Site Map Employment Investor Relations Contact