« Those Darlin' OpenSS... | Main | A Wonderful Use of... »
Wednesday Nov 11, 2009

True to Enable Resource Authentication for OpenSSO Policy Agents

The new resource authentication feature (as documented Resource Authentication Type in OpenSSO Express 8) can also be enabled for deployments that use OpenSSO policy agents - either Web Agents or J2EE Agents. To enable resource authentication, a URL in the agent profile must be modified by appending to it the resource=true query parameter. The attribute that contains this URL is dependent upon whether the policy agent is configured in Cross Domain SSO (CDSSO) or not.

The procedure requires appending the "resource=true" query parameter to the "OpenSSO Login URL" or "CDSSO Servlet URL" field as follows:
  1. Log into the OpenSSO console as administrator.
  2. Click the Access Control tab.
  3. Click the name of the appropriate realm.
  4. Click the Agents tab.
  5. Click the appropriate agent tab (Web or J2EE).
  6. Click the name of the agent profile to modify.
  7. Choose the appropriate sub step based on whether the agent is configured in CDSSO mode or not.

    • For an agent running in CDSSO mode, click the SSO tab and append resource=true to the existing value of the CDSSO Servlet URL attribute. For example, http://opensso.sun.com:8080/opensso/cdcservlet?resource=true.

    • For an agent NOT running in CDSSO mode, click the OpenSSO Services tab and append resource=true to the existing value of the OpenSSO Login URL attribute. For example, http://opensso.sun.com:8080/opensso/UI/Login?resource=true.

As Spandau Ballet once sang so beautifully, it's True.

Posted at 01:52PM Nov 11, 2009 by Michael Teger in Sun  |  Comments[0]

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed