This article describes how it is possible to create a new tomcat instance and deploy openam in it (which is not the default tomcat instance) very quickly. This can be very useful if you have already other openam tomcat instances.

How to create and deploy a new OpenAM Tomcat instance: following this procedure, the deployment of a new tomcat/openam instance takes about 5 to 10 minutes.

This article can apply to any tomcat release and any openam distribution.

Requirements:
-Tomcat Downloads
-Openam download

I) Tomcat Installation

1) Install Tomcat
cd install-dir
unzip apache-tomcat-8.0.35.zip

2) rename tomcat directory
mv apache-tomcat-8.0.35.zip tomcat

3)customize tomcat ports
cd /tomcat/conf
By default tomcat provides the following default ports

8005 (shutdown)
8009 (apj)
8080 (non ssl)
8443 (ssl)

Update
The file /tomcat/conf/server.xml shoudl be updated with new vales

Example:
28005 (shutdown)
28009 (apj)
28080 (non ssl)
28443 (ssl)

You need to replace all the occurrence of the former values with the new values specified.

4) Make script files executable

cd /tomcat/bin
chmod +w *.sh

5) Copy openam war file in tomcat
cp $HOME/Downloads/OpenAM-12.war /tomcat/webapps/openam.war

6) start Tomcat
cd /tomcat/bin
sh startup.sh

Check tomcat log to ensure that tomcat can start correctly,without any error

tail -f ../logs/catalina.out

II)OpenAM customization

This part now indicates the operations that need to be performed to customize openam deployment

7) Custom configuration
Goto URL https:///openam

You get the following
PANEL: Please select a configuration option.

Click on link « Create Configuration »

8) amadmin password
Openam Panel: Step 1: General
Enter amadmin password

Click Next

9) Server Settings
Openam Panel: Step 2: Server Settings

Confirm the following settings to use for the server.

Server Settings
* Server URL: https::28080/openam
* Cookie Domain: .example.com
* Platform Locale: en_US
* Configuration Directory: $HOME/openam

Update:
You need to update the configuration with the one where you wnat your openam instance to be deployed

Example:
Server Settings
* Server URL: https::28080/openam
* Cookie Domain: .example.com
* Platform Locale: en_US
* Configuration Directory: $HOME/openam2

10) Configuration Data Store
Openam Panel: Step 3: Configuration Data Store Settings

The default value proposed corresponds to the internal embedded opened instance.
Make sure that if there is already an existing openam instance using an embedded opendj directory to provide new values for those ports

Configuration Data Store
OpenAM OpenDJ or Oracle Directory Server Enterprise Edition
* SSL/TLS Enabled
* Host Name : localhost
* Port: 50389
* Admin Port: 4444
* JMX Port: 1689
* Encryption Key
* Root Suffix dc=openam,dc=forgerock,dc=org

Update:
The 3 important parameters that you will have to specify:
-LDAP port (50289)
-admin port (2444)
-jmx port (2689)

Example:
For example, if there is already an instance configured you could provide
configurationData Store
OpenAM OpenDJ or Oracle Directory Server Enterprise Edition
* SSL/TLS Enabled
* Host Name : localhost
* Port: 52389
* Admin Port: 2444
* JMX Port: 2689
* Encryption Key
* Root Suffix dc=openam,dc=forgerock,dc=org

Click Next

11) User Data Store Settings

OpenAM panel « Step 4: User Data Store Settings »
By default « Other User Data Store » radio button is selected.

Update:
You should select « OpenAM User Data Store » radio button.

Following message will appear in the window User data store details with a red check mark at the beginning
« The OpenAM user data store is not recommended for large scale production environments or deployments with a complex topology. »

Click Next

12) step5

OpenPanel Step 5: Site Configuration

Click Next

13)Step 6

OpenAM Step 6: Default Policy Agent User
Enter default policy agent password
click next

14)Summary Details
Configurator Summary Details

Review Configurator summary details, and click « create configuration »
You will get a new openam/tomcat instance ready to be used.

janua
Les derniers articles par janua (tout voir)