This article describes how it is possible to create a new tomcat instance and deploy openam in it (which is not the default tomcat instance) very quickly. This can be very useful if you have already other openam tomcat instances.
How to create and deploy a new OpenAM Tomcat instance: following this procedure, the deployment of a new tomcat/openam instance takes about 5 to 10 minutes.
This article can apply to any tomcat release and any openam distribution.
Requirements:
-Tomcat Downloads
-Openam download
I) Tomcat Installation
1) Install Tomcat
cd install-dir
unzip apache-tomcat-8.0.35.zip
2) rename tomcat directory
mv apache-tomcat-8.0.35.zip tomcat
3)customize tomcat ports
cd /tomcat/conf
By default tomcat provides the following default ports
8005 (shutdown)
8009 (apj)
8080 (non ssl)
8443 (ssl)
Update
The file /tomcat/conf/server.xml shoudl be updated with new vales
Example:
28005 (shutdown)
28009 (apj)
28080 (non ssl)
28443 (ssl)
You need to replace all the occurrence of the former values with the new values specified.
4) Make script files executable
cd /tomcat/bin
chmod +w *.sh
5) Copy openam war file in tomcat
cp $HOME/Downloads/OpenAM-12.war /tomcat/webapps/openam.war
6) start Tomcat
cd /tomcat/bin
sh startup.sh
Check tomcat log to ensure that tomcat can start correctly,without any error
tail -f ../logs/catalina.out
II)OpenAM customization
This part now indicates the operations that need to be performed to customize openam deployment
7) Custom configuration
Goto URL https:///openam
You get the following
PANEL: Please select a configuration option.
Click on link « Create Configuration »
8) amadmin password
Openam Panel: Step 1: General
Enter amadmin password
Click Next
9) Server Settings
Openam Panel: Step 2: Server Settings
Confirm the following settings to use for the server.
Server Settings
* Server URL: https::28080/openam
* Cookie Domain: .example.com
* Platform Locale: en_US
* Configuration Directory: $HOME/openam
Update:
You need to update the configuration with the one where you wnat your openam instance to be deployed
Example:
Server Settings
* Server URL: https::28080/openam
* Cookie Domain: .example.com
* Platform Locale: en_US
* Configuration Directory: $HOME/openam2
10) Configuration Data Store
Openam Panel: Step 3: Configuration Data Store Settings
The default value proposed corresponds to the internal embedded opened instance.
Make sure that if there is already an existing openam instance using an embedded opendj directory to provide new values for those ports
Configuration Data Store
OpenAM OpenDJ or Oracle Directory Server Enterprise Edition
* SSL/TLS Enabled
* Host Name : localhost
* Port: 50389
* Admin Port: 4444
* JMX Port: 1689
* Encryption Key
* Root Suffix dc=openam,dc=forgerock,dc=org
Update:
The 3 important parameters that you will have to specify:
-LDAP port (50289)
-admin port (2444)
-jmx port (2689)
Example:
For example, if there is already an instance configured you could provide
configurationData Store
OpenAM OpenDJ or Oracle Directory Server Enterprise Edition
* SSL/TLS Enabled
* Host Name : localhost
* Port: 52389
* Admin Port: 2444
* JMX Port: 2689
* Encryption Key
* Root Suffix dc=openam,dc=forgerock,dc=org
Click Next
11) User Data Store Settings
OpenAM panel « Step 4: User Data Store Settings »
By default « Other User Data Store » radio button is selected.
Update:
You should select « OpenAM User Data Store » radio button.
Following message will appear in the window User data store details with a red check mark at the beginning
« The OpenAM user data store is not recommended for large scale production environments or deployments with a complex topology. »
Click Next
12) step5
OpenPanel Step 5: Site Configuration
Click Next
13)Step 6
OpenAM Step 6: Default Policy Agent User
Enter default policy agent password
click next
14)Summary Details
Configurator Summary Details
Review Configurator summary details, and click « create configuration »
You will get a new openam/tomcat instance ready to be used.
JANUA provides better security, build relationships, and enable new cloud, mobile, and IoT offerings from any device or connected thing.
- New Keycloak online training - 19 janvier 2022
- Sizing Keycloak or Redhat SSO projects - 8 juin 2021
- Keycloak.X Distribution - 28 janvier 2021