Installation- You need concern about JVM that required by openam
add jvm args "-server -Xmx2048m "
Create app service for tomcat
- create a file under path /etc/init.d/tomcat7
- change administrator as your OS user
- run update as su # update-rc.d tomcat7 default
if you want to autostart tomcat every reboot OS
Configuration repeatation/ OpenAM always asking for configuration option every restart tomcat:
- You need to add an argument -Dcom.sun.identity.configuration.directory=/opt/sso after you run configure openam
- run as su # service tomcat7 stop
- open file /etc/init.d/tomcat7
- add the argument in line CATALINA_OPTS
CATALINA_OPTS="-server -Xmx2048m -XX:MaxPermSize=256m -Dcom.sun.identity.configuration.directory=/opt/sso"
- /opt/sso is openam configuration directory that you have set when configure openam initially
- save and run tomcat7
Create SAML Identity Retriever for your application:
What is IDP & SP:
Attribute User Mapping:
Activate DEBUG log for more detail log information:
- login to openam as amadmin
- choose realm
- go to configuration tab
- go to servers and sites tab
- click the site
- find Debugging section
- change Debug Level to Warning
- Save and Configure
- debug file should be show under path /opt/sso/openam/debug/debug.out
- /opt/sso is the config directory of your openam
HTTP Status 500 - Unable to do Single Sign On or Federation.
add jvm args "-server -Xmx2048m "
Create app service for tomcat
- create a file under path /etc/init.d/tomcat7
- change administrator as your OS user
#!/bin/sh
#
# tomcat
#
# chkconfig: 345 95 5
# description: Manage Tomcat web application container
CATALINA_HOME="/opt/tomcat7"
export CATALINA_HOME
JAVA_HOME="/opt/java/jdk1.7.0_76"
export JAVA_HOME
CATALINA_OPTS="-server -Xmx2048m -XX:MaxPermSize=256m"
export CATALINA_OPTS
case "${1}" in
start)
/bin/su administrator -c "${CATALINA_HOME}/bin/startup.sh"
exit ${?}
;;
stop)
/bin/su administrator -c "${CATALINA_HOME}/bin/shutdown.sh"
exit ${?}
;;
*)
echo "Usage: $0 { start | stop }"
exit 1
;;
esac
- run update as su # update-rc.d tomcat7 default
if you want to autostart tomcat every reboot OS
Configuration repeatation/ OpenAM always asking for configuration option every restart tomcat:
- You need to add an argument -Dcom.sun.identity.configuration.directory=/opt/sso after you run configure openam
- run as su # service tomcat7 stop
- open file /etc/init.d/tomcat7
- add the argument in line CATALINA_OPTS
CATALINA_OPTS="-server -Xmx2048m -XX:MaxPermSize=256m -Dcom.sun.identity.configuration.directory=/opt/sso"
- /opt/sso is openam configuration directory that you have set when configure openam initially
- save and run tomcat7
Create SAML Identity Retriever for your application:
What is IDP & SP:
Attribute User Mapping:
Activate DEBUG log for more detail log information:
- login to openam as amadmin
- choose realm
- go to configuration tab
- go to servers and sites tab
- click the site
- find Debugging section
- change Debug Level to Warning
- Save and Configure
- debug file should be show under path /opt/sso/openam/debug/debug.out
- /opt/sso is the config directory of your openam
HTTP Status 500 - Unable to do Single Sign On or Federation.
- ERROR: UtilProxySAMLAuthenticatorLookup.retrieveAuthenticationFromCache: Unable to do sso or federation.
com.sun.identity.saml2.common.SAML2Exception: Error retrieving meta data.
ERROR: IDPSSOUtil.getACSurlFromMetaByIndex: Unable to get SP SSO Descriptor from metadata, descriptor is null.
com.sun.identity.saml2.common.SAML2Exception: Error retrieving meta data.
ERROR: IDPSSOUtil.getACSurlFromMetaByIndex: Unable to get SP SSO Descriptor from metadata, descriptor is null.
