Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Table of Contents

Deploy OpenAM

So you have downloaded OpenAM, what do you need to do next. This document is designed to get you up and running quickly. If you are building a production environment then you should review the release notes and the production documentation before continuing.

You can also watch this YouTube tutorial.

Widget Connector
urlhttp://www.youtube.com/watch?v=DHuUaFaTnXI

Install the Web Container

We will use tomcat as the default container, tomcat can be downloaded from the Apache website.

Code Block

meere:openam steve$ unzip -qx ~/Downloads/apache-tomcat-6.0.20.zip
meere:openam steve$ cd apache-tomcat-6.0.20/
meere:apache-tomcat-6.0.20 steve$ ls
LICENSE		RUNNING.txt	lib		webapps
NOTICE		bin		logs		work
RELEASE-NOTES	conf		temp
meere:apache-tomcat-6.0.20 steve$

...

Make sure your local hosts file (/etc/hosts on Mac and Linux) contains a fully qualified domain name.

Code Block

127.0.0.1           meere.internal.forgerock.com

...

A default installation will require 1Gb of Java Heap and 256Mb of permanent space.

Code Block

meere:apache-tomcat-6.0.20 steve$ cd bin
meere:bin steve$ export JAVACATALINA_OPTS="-Xmx1024m -XX:MaxPermSize=256m"

Often you will find the execute permissions will be missing from the script, so these should be reset.

Code Block

meere:bin steve$ chmod a+x *sh

Now you can start tomcat. Review the ../logs/catalina.out log file to check that tomcat starts successfully.

Code Block

meere:bin steve$ ./startup.sh
Using CATALINA_BASE:   /Users/steve/openam/apache-tomcat-6.0.20
Using CATALINA_HOME:   /Users/steve/openam/apache-tomcat-6.0.20
Using CATALINA_TMPDIR: /Users/steve/openam/apache-tomcat-6.0.20/temp
Using JRE_HOME:       /System/Library/Frameworks/JavaVM.framework/Versions/1.6/Home

You can tell the tomcat has started as this entry is written to the log file.

Code Block

Feb 19, 2010 1:39:41 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 1510 ms

...

Unpack the OpenAM distribution zip file and copy the opensso.war file into the tomcat webapps directory. You will find the opensso.war file in the deployable-war directory.

Code Block

meere:deployable-war steve$ cp opensso.war ~/openam/apache-tomcat-6.0.20/webapps/

...

Section
Column
width70%

Column
width30%

Enter the password for your top level administration account; amadmin. This password should be eight characters in length.

Server Settings

Section
Column
width70%

Image Modified

Column
width30%

This section determines how the OpenAM server will be deployed. The Server URL should be the protocol, fully qualified domainname and port number.

The cookie domain is the domain into which the OpenAM session cookie will be set. This should match a domain or sub-domain in the server URL.

The platform locale be remain as the default of en_US.

The configuration directory should be a full path to where OpenAM will store its configuration. 

Note
titleBe Careful

The container must have write permission on the configuration directory otherwise the deployment will fail.

...

Section
Column
width70%

Column
width30%

The defaults of the configuration data store settings can remain unchanged. You only need to change these settings in custom deployments or with multiple OpenAM deployments.

User Data Store Settings

Section
Column
width70%

Image Modified

Column
width30%

Select the OpenSSO User Data Store and the User Data Store. You can safely ignore the warning as user data store can be configured after the deployment.

h3. Site Configuration

Section
Column
width70%

Column
width30%

A sample deployment is unlikely to be deployed behind a load balancer. The Site Configuration is only required when the OpenAM server will be accessed via a load balancer or SSL off-loader. This configuration is typically performed after the installation.

Default Policy Agent User

Section
Column
width70%

Image Modified

Column
width30%

This password is for the default policy agent profile account, this password should be different from the administrator account password.

h3. Configurator Summary Details

Section
Column
width70%

Column
width30%

This screen displays the settings set during the wizard, have a quick review and once you click Create Configuration it will be too late.

Status Window

Section
Column
width70%

Image Modified

Column
width30%

This screen shows the progress of the deployment. If anything goes wrong then the error will be displayed in this window. A full installation log is kept in the following directory CONFIG_DIR/install.log. In the example above CONFIG_DIR was /Users/steve/openam.

h3. Configuration Complete

Section
Column
width70%

Column
width30%

This screen shows the configuration has been successful, click on the Proceed to Login link to test the installation.

Test the Login

Section
Column
width70%

Image Modified

Column
width30%

You can now login to OpenAM using the credentials supplied in the configuration wizard. The default username is amadmin.

Info
titleWhat if my configuration failed

This document includes some useful gotcha around the installation process.