This post is a demo version of the ForgeRock Documentation on Setting Up OpenAM with HTTPS on Tomcat. I had earlier published a screen-cast on the ForgeRock OpenAM deployment and Configuration on a LXC. If you haven’t watched it yet, and would like to have a look at it, it’s right here. Below you’ll find the steps that I run in my Ubuntu Linux Container to secure our OpenAM deployment:
– Create a Certificate & store it in keystore in a Linux Container
– Modify the Tomcat Server Configuration file (server.xml) to enable SSL (on port 8443)
– Deploy ForgeRock OpenAM
– Access OpenAM from the host OS and complete the configuration
If it’s hard for your visualize how the infrastructure looks like, here’s an illustration to make life easy.
Now on to the action:
If you are not able to view the embedded video, please click here
This blog post was first published @ www.fedji.com, included here with permission.
Comments are closed.
Hey Rajesh,
Excellent video on Setting Up ForgeRock OpenAM with HTTPS for tomcat.
I was wondering do you anything that i can look at for setting up OpenAM with OpenDJ.
I want to actually do 3 things
1. SSO between multiple tomcat and jboss web apps
2. Secure my REST APIs
3. Not manage userId and passwords in my own database
So i am thinking to use OpenAM with OpenDJ in open source community edition to start with.
Do you have anything i can look at .I will also be more then happy to share back to community when i put this sample application together in github or something like that for others .
Hi,
1. For SSO between multiple tomcat and jboss is better you use OpenAM Policy Agents. See links below..
https://backstage.forgerock.com/#!/docs/openam-policy-agents/3.5.0/jee-users-guide#chap-apache-tomcat
https://backstage.forgerock.com/#!/docs/openam-policy-agents/3.5.0/jee-users-guide#chap-jboss-7
2. For API Protection, you can use OpenIG. See link below…
https://forgerock.org/2014/11/api-protection-openig-controlling-access-methods/
3. So, in this case, I think can use OpenIDM to sync UserId and Password in your database.
https://backstage.forgerock.com/#!/docs/openidm/3.1.0/integrators-guide/chap-synchronization
There are many things todo :-)
At, (Dumbledore).
@harrypotter: Apologies. I missed this request. I’ve made a couple of more videos on OpenAM, which I’m furnishing below for your reference. Have a look and see if it is useful:
– Creating Realm in OpenAM and using OpenDJ as its Data Store
https://forgerock.org/2015/07/creating-realm-in-openam-and-configuring-opendj-as-a-data-store/
– Installing and Configuring OpenAM and Protecting Apache Web Server
https://forgerock.org/2015/07/forgerock-openam-installation-in-a-linux-container/
Let me know if you have any other specific requirements, and I can try and build a demo for you on the same.
Thanks for the positive feedback:-)