Table of Contents
So you have downloaded OpenAM, what do you need to do next. This document is designed to get you up and running quickly. If you are building a production environment then you should review the release notes and the production documentation before continuing.
You can also watch this YouTube tutorial.
Install the Web Container
We will use tomcat as the default container, tomcat can be downloaded from the Apache website.
Prepare the system
Make sure your local hosts file (
/etc/hosts on Mac and Linux) contains a fully qualified domain name.
Start the Web Container
A default installation will require 1Gb of Java Heap and 256Mb of permanent space.
Often you will find the execute permissions will be missing from the script, so these should be reset.
Now you can start tomcat. Review the
../logs/catalina.out log file to check that tomcat starts successfully.
You can tell the tomcat has started as this entry is written to the log file.
Deploy the OpenAM WAR file
Unpack the OpenAM distribution zip file and copy the
opensso.war file into the tomcat webapps directory. You will find the
opensso.war file in the
Create the default OpenAM Configuration
Open a browser and navigate to the tomcat container on the following url; [http://meere.internal.forgerock.com:8080/opensso].
Be sure to use your fully qualified domainname and not the example! Unless yours happen to be same
Select Custom Configuration
Select the Create New Configuration link to guide you through the full configuration wizard.
Enter the password for your top level administration account;
amadmin. This password should be eight characters in length.
This section determines how the OpenAM server will be deployed. The Server URL should be the protocol, fully qualified domainname and port number.
The cookie domain is the domain into which the OpenAM session cookie will be set. This should match a domain or sub-domain in the server URL.
The platform locale be remain as the default of
The configuration directory should be a full path to where OpenAM will store its configuration.
The container must have write permission on the configuration directory otherwise the deployment will fail.
Configuration Data Store Settings
The defaults of the configuration data store settings can remain unchanged. You only need to change these settings in custom deployments or with multiple OpenAM deployments.
User Data Store Settings
Select the OpenSSO User Data Store and the User Data Store. You can safely ignore the warning as user data store can be configured after the deployment.
h3. Site Configuration
A sample deployment is unlikely to be deployed behind a load balancer. The Site Configuration is only required when the OpenAM server will be accessed via a load balancer or SSL off-loader. This configuration is typically performed after the installation.
Default Policy Agent User
This password is for the default policy agent profile account, this password should be different from the administrator account password.
h3. Configurator Summary Details
This screen displays the settings set during the wizard, have a quick review and once you click
Create Configuration it will be too late.
This screen shows the progress of the deployment. If anything goes wrong then the error will be displayed in this window. A full installation log is kept in the following directory
CONFIG_DIR/install.log. In the example above CONFIG_DIR was
h3. Configuration Complete
This screen shows the configuration has been successful, click on the
Proceed to Login link to test the installation.
Test the Login
You can now login to OpenAM using the credentials supplied in the configuration wizard. The default username is
What if my configuration failed
This document includes some useful gotcha around the installation process.