OpenAM provides open source Authentication, Authorization, Entitlement and Federation software. You can setup it to provide single sign on ( SSO ) for your different website. For example, say you are a banking organization having different sites for catering different vertical of your business (insurance, loans, deposits etc). Now, your user is same for all these sites, so no need to maintain separate user database for them. It can be manage by openam. You can create, update, delete and validate users of all your site with openam.
With, the short introduction of openam above, we will now proceed to install it on our ubuntu system. Detail installation instruction is available here.
STEP 1: Prerequisite
-> create fqdn for your system
fqdn is fully qualified domain name. You can read more on fqdn here on wiki. In simple word I can say that, You system should be accessible from browser. For your local system localhost(127.0.01) is fqdn. when you do localhost in browser it load a page with message “Its working”. Since, we are experimenting with openam in local, If localhost in your browser give “Its working” message, you are ready to proceed to next step
-> Install java # I will write a blog on this soon. For , now manage it yourself 🙂
-> Installing Application Server
A no of application server is available which work with openam. We will go with tomcat. You can find detail instruction on tomcat installation in this post.
STEP 2: Downloading openam
You can download latest stable version from here. extract the downloaded folder. The extracted folder have name like openam_10.1.3, where 10.1.3 is the version number. remove the version number i,e rename to just call it openam. If you do not, in url you have to type openam_10.1.3 instead of openam.
STEP 3: Put openam in tomcat container.
Copy the openam folder of step 2 into /var/lib/tomcat7/webapps/
STEP 4: configuration change
openam will try to use usr/share/tomcat folder, So we must grant all access to this folder. So, run below command on the terminal
$ chmod 777 -R /usr/share/tomcat7 # this will give all permission to this directory
STEP 5: Running openam in browser
Assuming, you have installed tomcat as described here, and is running at port 8080. go to the browser and type below url.
http://localhost:8080/openam . It will take you to the basic configuration page http://localhost:8080/openam/config/options.htm , as you have yet not set username and password. It will give you two options : basic configuration and custom configuration . We will go with basic configuration to create a password and will do advance custom configuration from openam UI itself later on when needed. So , click on Default Configuration. Fill in your password and submit on successful password creation, you will be taken to the login page. Note that, you have only set password no username. It’s O.K as for default configuration the username is always amadmin. You can Login with below credential
username : amadmin
Great…..You are loged in to openam, up and running. Make configuration and other settings as per your need.