Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
OpenAM with lifreray
1. OPENAM WITH LIFERAY
March 9,
2016
SEE MORE : WWW.LIFERAYSOLUTION.COM
Install OpenDJ
1) Download OpenAM-11.0.0.war
from https://backstage.forgerock.com/#!/downloads/OpenAM/OpenAM%20Enterprise/11.0.0/OpenAM%2
011#list
2) you can deploy this war file in the same tomcat where your Liferay is running or you can deploy in
separate tomcat server (apache-tomcat-7.0.68). My recommendation is , use separate tomcat server for
that
3) For our comfort, rename war file from OpenAM-11.0.0.war to OpenSSO.war and start tomcat server for
deployment
4) Once it's deployed into tomcat, you can access it through http://jignesh.openam.com:7070/OpenSSO.
Here jignesh.openam.com:7070 is the host name which i configured for newly installed tomcat server.
Also make sure that server have enough JVM memory allocation using below line in startup.bat
set JAVA_OPTS=-Dfile.encoding=UTF-8 -Xms128m -Xmx1024m -XX:PermSize=64m -
XX:MaxPermSize=256m
5) Click on create new configuration link
6) Give the password called password1 for General >> Default user password
2. OPENAM WITH LIFERAY
March 9,
2016
SEE MORE : WWW.LIFERAYSOLUTION.COM
7)Click next
8) Provide host name and other setting given in below snap
9) click next and Configure Data store setting given as below screen
3. OPENAM WITH LIFERAY
March 9,
2016
SEE MORE : WWW.LIFERAYSOLUTION.COM
10) click next and Configure User Data store setting given as below screen where you will give your
OpenDJ related setting where your User is stored
4. OPENAM WITH LIFERAY
March 9,
2016
SEE MORE : WWW.LIFERAYSOLUTION.COM
11) Click next and don't make any change in Site Configuration
12) click on next and give the password calles password2 for Default Policy Agent [UrlAccessAgent]
13) click next and check the summary
5. OPENAM WITH LIFERAY
March 9,
2016
SEE MORE : WWW.LIFERAYSOLUTION.COM
14) Click on Create configuration button which will take 2-3 minutes time to configure OpenSSO if you
configured everything properly.
You are done with setup !!!!
Now you may have to make sure whether the configuration you did is correct or not for OpenAM and its
reading all the users from OpenDJ or not.
6. OPENAM WITH LIFERAY
March 9,
2016
SEE MORE : WWW.LIFERAYSOLUTION.COM
OpenAM Configuration
if you have done this setup proper then it will bring you to the login screen of OpenAM which can be
access byhttp://jignesh.openam.com:7070/OpenSSO
you can login with
amadmin
password1 (First default user password which you set through configuration step)
1) Once you login, you will be able to see below screen
7. OPENAM WITH LIFERAY
March 9,
2016
SEE MORE : WWW.LIFERAYSOLUTION.COM
2) Go to Access Control Tab where you can create your own Realm or can use / (Top Level Realm) which
is available
3) click on / (Top Level Realm) and go to Subjects tab where you should be able to see all your users which
is available and if its not then you need to to Data stores tab where you can find your data store link and
can configure proper LDAP settings.
4) Also here you will have to create Joe bloggs user in LDAP OpenDJ under people group so it will be
available for us. use the same email,first name, last name and screen name to create user in OpenDJ
5) No we will have to create J2ee agent inside OpenAM which will be needed for SSO with Liferay
6) Go to Agents >> J2EE tab
7) Click on new button to create new agent called LiferayEEagent
8. OPENAM WITH LIFERAY
March 9,
2016
SEE MORE : WWW.LIFERAYSOLUTION.COM
8) Now you also need to apply the agent for the tomcat server where your SSO application is running
Download Tomcat-v6-Agent_3.5.0.zip
from https://backstage.forgerock.com/#!/downloads/OpenAM/J2EE%20Policy%20Agents/3.5.0/Apache%
20Tomcat%206,%207%20and%208#list
extract the zip file and put tomcat_v6_agent folder in some directory
go to tj2ee_agentstomcat_v6_agentbin folder and run agentadmin --install from command prompt
it will ask you couple of questions for configuration and tomcat paths which will be given as below
Tomcat Server Config Directory : C:jigneshapache-tomcat-7.0.68conf
OpenAM server URL : http://jignesh.openam.com:7070/OpenSSO
$CATALINA_HOME environment variable : C:jigneshapache-tomcat-7.0.68
Agent URL : http://jignesh.openam.com:7070/agentapp
Agent Profile name : LiferayEEagent
Agent Profile Password file name : C:jigneshapache-tomcat-7.0.68agent-pass.txt
Verify your settings above and decide from the choices below.
1. Continue with Installation
2. Back to the last interaction
3. Start Over
4. Exit
Please make your selection [1]: 1
here make sure you give the same
9. OPENAM WITH LIFERAY
March 9,
2016
SEE MORE : WWW.LIFERAYSOLUTION.COM
Agent Profile name : LiferayEEagent
Agent Profile Password file name : C:jigneshapache-tomcat-7.0.68agent-pass.txt
which you used during j2ee agent creation time from OpenAM. password you may need to put some txt
file and you may need to provide location
9) you setup j2ee policy agent in openAm as well as tomcat server so you are good to go ahead now.
Note: if your server doesn start after applying agent for tomcat, just go to config folder and replace
server.xml file and also you may need to put set JAVA_OPTS=%JAVA_OPTS% -
Dopenam.agents.bootstrap.dir=C:/jignesh/tomcat_v6_agent/Agent_001/configin your startup.bat file
of tomcat where your sso is running
10) Now go to Configuration >> Servers and Sites tab from access control panel and click on default
server setting button and security tab
11) Go to Cookie section and mark Encode Cookie Value: true and save the configurations
You are done from OpenAM side configurations.
Liferay Configuration
Put below properties in portal-ext.properties file :
open.sso.auth.enabled=true
open.sso.login.url=http://jignesh.openam.com:7070/OpenSSO/UI/login?goto=http://jignesh.openam.com:
8080/c/portal/login
open.sso.logout.url=http://jignesh.openam.com:7070/OpenSSO/UI/Logout?goto=http://jignesh.openam.co
m:8080/c/portal/logout
open.sso.service.url=http://jignesh.openam.com:7070/OpenSSO
open.sso.screen.name.attr=uid
open.sso.email.address.attr=mail
open.sso.first.name.attr=givenname
open.sso.last.name.attr=sn
open.sso.logout.on.session.expiration=false
Add below code in your web.xml file
<filter>
<description>SJS Access Manager Tomcat Policy Agent Filter</description>
<display-name>Agent</display-name>
<filter-name>Agent</filter-name>
<filter-class>com.sun.identity.agents.filter.AmAgentFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>Agent</filter-name>
<url-pattern>/web*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>FORWARD</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
10. OPENAM WITH LIFERAY
March 9,
2016
SEE MORE : WWW.LIFERAYSOLUTION.COM
Restart Liferay tomcat
How to Test
Go to your Liferay server URL : jignesh.openam.com:8080
click on signin link
it will bring you to openAM login
once you login with your joebloggs credentials , it will redirect you to liferay and you will alrady logged in
there in liferay
Enjoy!!!!!!!!!!!!!