Tuesday, 20 August 2013

Single Sign on using openAm(Idp) and salesforce(SP)



   Prerequsites :
1.       Java 1.6 or above.
2.       Apache Tomcat Server 6.0 or above.
3.       OpenDJ as a directory server.
4.       OpenAm as an identity provider.


 1.    Steps to install Java 1.6 in Linux are here
               https://wikis.forgerock.org/confluence/display/openam/1+Introduction
 2.  Installing openDJ
    OpenDJ provides a user directory service based upon LDAP standards, creating a simple, easy to deploy and  scalable option to use as a user data store. You can download openDJ(Zip) setup here http://forgerock.com/opendj-downloads/
Steps to install openDJ in Linux can be found at https://wikis.forgerock.org/confluence/display/openam/2+OpenAM+Server+Installation

  
Installing OpenDJ in windows:  Once you have downloaded the openDJ unzip it,  open the folder and click setup.bat and follow the steps below to install openDJ in windows

SSO














 Password: opendj













 Fully Qualified host name and Directory Data will be used while configuring Directory server in openAM












Once the installation is done login into opendj with the opendj as password. You can manage different users in the manage entries section on the sidebar.
To open opendj again go to installation directory. In my case it is C:\Users\NareshJella\OpenDJ-2.5.0-Xpress1\OpenDJ-2.5.0-Xpress1\bat and double click  control-panel.bat .

3. Install Tomcat server6.0 or above and add the following entries in the host file and save it          C:\Windows\System32\drivers\etc\hosts
    XXX.XXX.XXX.XXX  openam.example.com
   127.0.0.1  website.example.com
    (where XXX.XXX.XXX.XXX is the public ip address of the system in  which tomcat is installed )  

Once this is done you should be able to see tomcat running  at http://openam.example.com:80 (80 is the port in which our Tomcat is running it may be different for you) 

Installing openAm:   Download the latest openam war file from http://forgerock.com/openam-downloads/  (you may change the name of war file to openam.war) and deploy it in the Tomcat Server





Click on manager app and enter your username and password.
Now go to ‘WAR file to deploy’ section and choose the openAm war file you downloaded and click on deploy. If everything goes well you should be able to see an entry in the applications section
Note : If you get any error related to ‘multipart-config‘ then go to        C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\manager\WEB-INF and open web.xml and increase the max-file-size of the multi-part config tag to the size specified in the error message




Click on openam application you will be directed to the OpenAm configuration page as below




Password : cangetinam



















   Directory name is the fully qualified host name and Root Suffix is the Directory Data which you gave during openDJ installation.
Password : cangetindj (password that is given during installation of OpenDJ)











Password : cangetinpa












Once the configuration is done you should able to see the following page when you browse for
http://openam.example.com:80/openam

Login with the administrator credentials i.e
User name : amadmin
Password   : cangetinam





Follow this link for further configurations like 
Creating Users
Creating a Web Agent
Creating an Access Policy
https://wikis.forgerock.org/confluence/display/openam/3+OpenAM+Server+Configuration


Configuring for Single sign on
    Follow the below link to configure SSO on openAm and Salesforce

http://openam.forgerock.org/openam-documentation/openam-doc-source/doc/admin-guide/index/chap-federation.html#salesforce-as-sp



Posted by at No comments:
Labels: , , , , , ,
Location: Hyderabad, Andhra Pradesh, India
Subscribe to: Posts (Atom)