Skip to end of metadata
Go to start of metadata

Table of Contents

Deploy OpenAM

So you have downloaded OpenAM, what do you need to do next. This document is designed to get you up and running quickly. If you are building a production environment then you should review the release notes and the production documentation before continuing.

You can also watch this YouTube tutorial.

Install the Web Container

We will use tomcat as the default container, tomcat can be downloaded from the Apache website.

meere:openam steve$ unzip -qx ~/Downloads/
meere:openam steve$ cd apache-tomcat-6.0.20/
meere:apache-tomcat-6.0.20 steve$ ls
LICENSE		RUNNING.txt	lib		webapps
NOTICE		bin		logs		work
RELEASE-NOTES	conf		temp
meere:apache-tomcat-6.0.20 steve$

Prepare the system

Make sure your local hosts file (/etc/hosts on Mac and Linux) contains a fully qualified domain name. 

Start the Web Container

A default installation will require 1Gb of Java Heap and 256Mb of permanent space.

meere:apache-tomcat-6.0.20 steve$ cd bin
meere:bin steve$ export CATALINA_OPTS="-Xmx1024m -XX:MaxPermSize=256m"

Often you will find the execute permissions will be missing from the script, so these should be reset.

meere:bin steve$ chmod a+x *sh

Now you can start tomcat. Review the ../logs/catalina.out log file to check that tomcat starts successfully.

meere:bin steve$ ./
Using CATALINA_BASE:   /Users/steve/openam/apache-tomcat-6.0.20
Using CATALINA_HOME:   /Users/steve/openam/apache-tomcat-6.0.20
Using CATALINA_TMPDIR: /Users/steve/openam/apache-tomcat-6.0.20/temp
Using JRE_HOME:       /System/Library/Frameworks/JavaVM.framework/Versions/1.6/Home

You can tell the tomcat has started as this entry is written to the log file.

Feb 19, 2010 1:39:41 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 1510 ms

Deploy the OpenAM WAR file

Unpack the OpenAM distribution zip file and copy the opensso.war file into the tomcat webapps directory. You will find the opensso.war file in the deployable-war directory.

meere:deployable-war steve$ cp opensso.war ~/openam/apache-tomcat-6.0.20/webapps/

Create the default OpenAM Configuration

Open a browser and navigate to the tomcat container on the following url; [].

Be Careful

Be sure to use your fully qualified domainname and not the example! Unless yours happen to be same (smile)

Select Custom Configuration

Select the Create New Configuration link to guide you through the full configuration wizard.

Administration Password

Enter the password for your top level administration account; amadmin. This password should be eight characters in length.

Server Settings

This section determines how the OpenAM server will be deployed. The Server URL should be the protocol, fully qualified domainname and port number.

The cookie domain is the domain into which the OpenAM session cookie will be set. This should match a domain or sub-domain in the server URL.

The platform locale be remain as the default of en_US.

The configuration directory should be a full path to where OpenAM will store its configuration. 

Be Careful

The container must have write permission on the configuration directory otherwise the deployment will fail.

Configuration Data Store Settings

The defaults of the configuration data store settings can remain unchanged. You only need to change these settings in custom deployments or with multiple OpenAM deployments.

User Data Store Settings

Select the OpenSSO User Data Store and the User Data Store. You can safely ignore the warning as user data store can be configured after the deployment.

h3. Site Configuration

A sample deployment is unlikely to be deployed behind a load balancer. The Site Configuration is only required when the OpenAM server will be accessed via a load balancer or SSL off-loader. This configuration is typically performed after the installation.

Default Policy Agent User

This password is for the default policy agent profile account, this password should be different from the administrator account password.

h3. Configurator Summary Details

This screen displays the settings set during the wizard, have a quick review and once you click Create Configuration it will be too late.

Status Window

This screen shows the progress of the deployment. If anything goes wrong then the error will be displayed in this window. A full installation log is kept in the following directory CONFIG_DIR/install.log. In the example above CONFIG_DIR was /Users/steve/openam.

h3. Configuration Complete

This screen shows the configuration has been successful, click on the Proceed to Login link to test the installation.

Test the Login

You can now login to OpenAM using the credentials supplied in the configuration wizard. The default username is amadmin.

What if my configuration failed

This document includes some useful gotcha around the installation process.