Preface
The SunTM OpenSSO Enterprise
Deployment Planning Guide provides information to help
you determine which OpenSSO Enterprise features to use in your deployment.
This guide contains deployment architecture diagrams, process flow
diagrams, and benefits/trade-off analysis for various OpenSSO Enterprise
features.
The following topics are contained in this Preface:
Who Should Use This Guide
This guide is intended for a wide audience including: system
administrators, system integrators, and others who architect the OpenSSO
Enterprise environment and deploy OpenSSO Enterprise and related components.
-
IT professionals responsible for architecting enterprise
solutions.
-
Company executives responsible for evaluating enterprise
solutions and for approving IT vendors and purchases.
-
System integrator and administrators responsible for
deploying OpenSSO Enterprise and related components.
Before You Read This Guide
Readers should be familiar with the following components and
concepts:
-
OpenSSO Enterprise technical concepts, as described
in the Sun OpenSSO Enterprise 8.0 Technical Overview
-
Deployment platform: SolarisTM,
Linux, or Windows operating system
-
Web container that will run OpenSSO Enterprise, such
as Sun Java System Application Server, Sun Java System Web Server,
BEA WebLogic, or IBM WebSphere Application Server
-
Technical concepts: Lightweight Directory Access Protocol
(LDAP), JavaTM technology, JavaServer
PagesTM (JSPTM) technology, HyperText
Transfer Protocol (HTTP), HyperText Markup Language (HTML), and eXtensible
Markup Language (XML)
How This Guide Is Organized
This guide is organized in two parts as follows:
Part I: Planning
the Overall Deployment
Part II: Determining
Which Features to Deploy
-
Chapter 4, Using a Policy Agent and the Client SDK to Integrate Applications with OpenSSO Enterprise
-
Chapter 5, Using the OpenSSO Enterprise Fedlet to Enable Identity Federation
-
Chapter 6, Implementing a Virtual Federation Proxy (Secure Attributes Exchange)
-
Chapter 7, Implementing a SAMLv2 Identity Provider Proxy
-
Chapter 8, Using a Multi-Federation Protocol Hub
-
Chapter 9, Enabling Web Services Federation Between Active Directory Federation Service and OpenSSO Enterprise
-
Chapter 10, Securing Web Services Using ID-WSF (Liberty Alliance Specifications)
-
Chapter 11, Securing Web Services Using Security Token Service (WS-* Specifications)
-
Chapter 12, Enabling Single Sign-On Between Sun Identity Manager and OpenSSO Enterprise
-
Chapter 13, Enabling Single Sign-On Using CA SiteMinder and OpenSSO Enterprise
-
Chapter 14, Enabling Single Sign-On Using Oracle Access Manager and OpenSSO Enterprise
-
Chapter 15, Using the Embedded Configuration Data Store for OpenSSO Enterprise
Related Documentation
Related documentation is available as follows:
OpenSSO Enterprise Documentation Set
The following table describes the OpenSSO Enterprise documentation
set.
Table P–1 OpenSSO Enterprise Documentation
Set
|
Title
|
Description
|
|
Sun OpenSSO Enterprise 8.0 Release Notes
|
Describes new features, installation notes, and known issues
and limitations. The Release Notes are updated periodically after
the initial release to describe any new features, patches, or problems.
|
|
Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide
|
Provides information about installing and configuring OpenSSO
Enterprise including OpenSSO Enterprise server, Administration Console
only, client SDK, scripts and utilities, Distributed Authentication
UI server, and session failover.
|
|
Sun OpenSSO Enterprise 8.0 Technical Overview
|
Provides an overview of how components work together to consolidate
access control functions, and to protect enterprise assets and web-based
applications. It also explains basic concepts and terminology.
|
|
Sun OpenSSO Enterprise 8.0 Deployment Planning Guide(This
book)
|
(This book) Provides planning and deployment solutions for OpenSSO
Enterprise.
|
|
Deployment Example: Single Sign-On, Load Balancing and Failover Using Sun OpenSSO Enterprise 8.0
|
Provides step-by-step instructions for deploying OpenSSO Enterprise
in a single sign-on environment using load balancers and redundant
systems for high availability.
|
|
Deployment Example: SAML v2 Using Sun OpenSSO Enterprise 8.0
|
Provides step-by-step instructions for deploying OpenSSO Enterprise
to achieve identity federation among an Identity Provider and multiple
Service Providers.
|
|
Sun OpenSSO Enterprise 8.0 Administration Guide
|
Describes how to use the OpenSSO Enterprise Administration Console
as well as how to manage user and service data using the command-line
interface (CLI).
|
|
Sun OpenSSO Enterprise 8.0 Administration Reference
|
Provides reference information for the OpenSSO Enterprise command-line
interface (CLI), configuration attributes, log files, and error codes.
|
|
Sun OpenSSO Enterprise 8.0 Developer’s Guide
|
Provides information about customizing OpenSSO Enterprise and
integrating its functionality into an organization’s current
technical infrastructure. It also provides details about the programmatic
aspects of the product and its API.
|
|
Sun OpenSSO Enterprise 8.0 C API Reference for Application and Web Policy Agent Developers
|
Provides summaries of data types, structures, and functions
that make up the public OpenSSO Enterprise C APIs.
|
|
Sun OpenSSO Enterprise 8.0 Java API Reference
|
Provides information about the implementation of Java packages
in OpenSSO Enterprise.
|
|
Sun OpenSSO Enterprise 8.0 Performance Tuning Guide
|
Provides information about how to tune OpenSSO Enterprise and
its related components for optimal performance.
|
|
Sun OpenSSO Enterprise 8.0 Integration Guide
|
Provides information about how to integrate Sun Identity Manager,
CA SiteMinder, or Oracle Access Manager with OpenSSO Enterprise.
|
|
Sun OpenSSO Enterprise Policy Agent 3.0 User’s Guide for J2EE Agents
|
Provides an overview of version 3.0 policy agents.
|
Related Product Documentation
The following table provides links to documentation collections
for related products.
Table P–2 Related Product Documentation
Searching Sun Product Documentation
Besides searching Sun product documentation from the docs.sun.comSM web site, you can use a search
engine by typing the following syntax in the search field:
search-term site:docs.sun.com
|
For example, to search for “broker,” type the following:
To include other Sun web sites in your search (for example, java.sun.com, www.sun.com, and developers.sun.com),
use sun.com in place of docs.sun.com in
the search field.
Related Third-Party Web Site References
Third-party URLs are referenced in this document and provide
additional, related information.
Note –
Sun is not responsible for the availability of third-party
web sites mentioned in this document. Sun does not endorse and is
not responsible or liable for any content, advertising, products,
or other materials that are available on or through such sites or
resources. Sun will not be responsible or liable for any actual or
alleged damage or loss caused or alleged to be caused by or in connection
with use of or reliance on any such content, goods, or services that
are available on or through such sites or resources.
Documentation, Support,
and Training
The Sun web site provides information
about the following additional
resources:
Sun Welcomes Your Comments
Sun is interested in improving its documentation and welcomes your
comments and suggestions. To share your comments, go to http://docs.sun.com and click Feedback.
Typographic
Conventions
The following table describes the typographic
conventions that are used in this book.
Table P–3 Typographic
Conventions
|
Typeface
|
Meaning
|
Example
|
|
AaBbCc123
|
The names of commands, files, and directories,
and onscreen computer output
|
Edit your .login file.
Use ls -a to
list all files.
machine_name% you have
mail.
|
|
AaBbCc123
|
What you type, contrasted with onscreen
computer output
|
machine_name% su
Password:
|
|
aabbcc123
|
Placeholder: replace with a real name
or value
|
The command to remove a file is rm filename.
|
|
AaBbCc123
|
Book titles, new terms, and terms to
be emphasized
|
Read Chapter 6 in the User's
Guide.
A cache is a copy
that is stored locally.
Do not save the
file.
Note: Some
emphasized items appear bold online.
|
Shell Prompts
in Command Examples
The following table shows the default UNIX® system
prompt and superuser prompt for the C shell,
Bourne shell, and Korn shell.
Table P–4 Shell
Prompts
|
Shell
|
Prompt
|
|
C shell
|
machine_name%
|
|
C shell for superuser
|
machine_name#
|
|
Bourne shell and Korn shell
|
$
|
|
Bourne shell and Korn shell for superuser
|
#
|
Default Paths and Directory Names
The OpenSSO Enterprise documentation uses the following terms
to represent default paths and directory names:
Table P–5 Default Paths and Directory
Names
|
Term
|
Description
|
|
zip-root
|
Represents the directory where the opensso_enterprise_80.zip file is unzipped.
|
|
OpenSSO-Deploy-base
|
Represents the deployment directory where the web container
deploys the opensso.war file.
This value varies depending on the web container. To determine
the value of OpenSSO-Deploy-base,
view the file name in the .openssocfg directory,
which resides in the home directory of the user who deployed the opensso.war file. For example, consider this scenario with
Application Server 9.1 as the web container:
The .openssocfg directory is in the root home directory (/), and the file name
in .openssocfg is:
AMConfig_opt_SUNWappserver_domains_domain1_applications_j2ee-modules_opensso_
Then, the value for OpenSSO-Deploy-base is:
/opt/SUNWappserver/domains/domain1/applications/j2ee-modules/opensso
|
|
ConfigurationDirectory
|
Represents the name of the configuration directory specified
during the initial configuration of OpenSSO Enterprise server instance
using the Configurator.
The default is opensso in the home directory
of the user running the Configurator. Thus, if the Configurator is
run by root, ConfigurationDirectory is /opensso.
|
Sun Welcomes Your Comments
Sun is interested in improving its documentation and welcomes
your comments and suggestions.
To share your comments, go to http://docs.sun.com and click Send comments. In the online form, provide
the document title and part number. The part number is a seven-digit
or nine-digit number that can be found on the title page of the guide
or at the top of the document.
For example, the title of this guide is the Sun OpenSSO Enterprise Deployment Planning Guide,
and the part number is 820-3746-10.
PDF로 이 문서 다운로드 (8095 KB)