Sun and OracleChannel SunHow to BuyLog In한국어

Deployment Example: Single Sign-On, Load Balancing and Failover Using Sun OpenSSO Enterprise 8.0
검색에만이 책은
검색 도움말
Contained Within
Find More Documentation
Featured Support Resources
 PDF로 이 문서 다운로드 (2144 KB)

Part III Reference: Summaries of Server and Component Configurations

This final section of Deployment Example: Single Sign-On, Load Balancing and Failover Using Sun OpenSSO Enterprise 8.0 contains component descriptions and configurations for the software and hardware used.

Note –

The BIG-IP load balancer login page and configuration console for all load balancers in this deployment example is accessed from the URL, is-f5.example.com.

Login

username

Password

password

Appendix A Directory Server Host Machines, Test Users and Load Balancer

This appendix collects the information regarding the Directory Server instances. It contains the following tables:

Table A–1 Sun Java System Directory Server 1 Host Machine

Components

Description

Host Name

ds–1.example.com

Installation Directory

/var/opt/mps/serverroot/

Administrator User

cn=Directory Manager

Administrator Password

dsmanager

User Data Instance

Instance Name

am-users

Instance Directory

/var/opt/mps/am-users

Port Number

1489 (LDAP)

1736 (LDAPS)

Base Suffix

dc=company,dc=com

Users Suffix

ou=users,dc=company,dc=com

Administrative User

cn=Directory Manager

Administrative User Password

dsmanager

Replication Manager

cn=replication manager,cn=replication,cn=config

Replication Manager Password

replmanager

Table A–2 Sun Java System Directory Server 2 Host Machine

Component

Description

Host Name

ds–2.example.com

Installation Directory

/var/opt/mps/serverroot/

Administrator User

cn=Directory Manager

Administrator Password

dsmanager

User Data Instance

Instance Name

am-users

Instance Directory

/var/opt/mps/am-users

Port Number

1489 (LDAP)

1736 (LDAPS)

Base Suffix

dc=company,dc=com

Users Suffix

ou=users,dc=company,dc=com

Administrative User

cn=Directory Manager

Administrative User Password

dsmanager

Replication Manager

cn=replication manager,cn=replication,cn=config

Replication Manager Password

replmanager

Table A–3 Load Balancer for Directory Server Host Machines

Component

Description

URL

lb-1.example.com

Method

Round Robin

Protected Servers

ds-1.example.com:1736

ds-2.example.com:1736

Virtual Servers

lb-1.example.com:489

Monitors

ds-1.example.com:1736

ds-2.example.com:1736

Table A–4 User Test Entries

UserID

Description

testuser1

Password

password

DN

uid=testuser1,ou=users,dc=company,dc=com

testuser2

Password

password

DN

uid=testuser2,ou=users,dc=company,dc=com

Appendix B OpenSSO Enterprise Host Machines and Load Balancer

This appendix collects the information regarding the OpenSSO Enterprise host machines. It contains the following tables:

Table B–1 OpenSSO Enterprise 1 Host Machine

Component

Description

Host Name

osso-1.example.com

Non-Root User

osso80adm

Non-Root User Password

nonroot1pwd

Sun Java System Application Server Administrative Server

Installation Directory

/opt/SUNWappserver91

Administrative User

admin

Administrative User Password

domain1pwd

Ports

4848 (administration)

8080 (HTTP)

8181 (HTTPS)

Default Domain Name

domain1

Administrative Console URL

http://osso–1.example.com:4848

Sun Java System Application Server Non-Root User Domain

Name

ossodomain

Directory

/export/osso80adm/domains/

Administrative User

domain2adm

Administrative User Password

domain2pwd

Master Password

domain2master

Ports

8989 (administration)

1080 (HTTP)

1081 (HTTPS)

Administrative Console URL

http://osso–1.example.com:8989

OpenSSO Enterprise

Administrative User

amadmin

Administrative User Password

ossoadmin

Configuration Data Store

Embedded

User Data Store

lb-1.example.com:489

Agent User

agentuser

Agent User Password

agentuser

Administrative Console URL

https://osso–1.example.com:1081/opensso/console

Table B–2 OpenSSO Enterprise 2 Host Machine

Component

Description

Host Name

osso-2.example.com

Non-Root User

osso80adm

Non-Root User Password

nonroot2pwd

Sun Java System Application Server Administrative Server

Installation Directory

/opt/SUNWappserver91

Administrative User

admin

Administrative User Password

domain1pwd

Ports

4848 (administration)

8080 (HTTP)

8181 (HTTPS)

Default Domain Name

domain1

Administrative Console URL

http://osso–2.example.com:4848

Sun Java System Application Server Non-Root User Domain

Name

ossodomain

Directory

/export/osso80adm/domains/

Administrative User

domain2adm

Administrative User Password

domain2pwd

Master Password

domain2master

Ports

8989 (administration)

1080 (HTTP)

1081 (HTTPS)

Administrative Console URL

http://osso–2.example.com:8989

OpenSSO Enterprise

Administrative User

amadmin

Administrative User Password

ossoadmin

Configuration Data Store

Embedded

User Data Store

lb-1.example.com:489

Agent User

agentuser

Agent User Password

agentuser

Administrative Console URL

https://osso–2.example.com:1081/opensso/console

Table B–3 Load Balancer for OpenSSO Enterprise Host Machines

Component

Description

URL

lb-2.example.com

Method

Round Robin

Protected Servers

osso-1.example.com:1081

osso-2.example.com:1081

Virtual Servers

lb-2.example.com:489

Monitors

osso-1.example.com:1081

osso-2.example.com:1081

Cookie Name

amlbcookie

Appendix C OpenSSO Enterprise Distributed Authentication User Interface Host Machines and Load Balancer

This appendix collects the information regarding the instances of the OpenSSO Enterprise Distributed Authentication User Interface. It contains the following tables:

Table C–1 Distributed Authentication User Interface Host Machine 1

Component

Description

Host Name

da-1.example.com

Non-Root User

da80adm

Non-Root User Password

da80a6m

Sun Java System Web Server Administration Server

Installation Directory

/opt/SUNWwbsvr/

Default Administration Directory

/opt/SUNWwbsvr/admin-server

Default Administrator

admin

Default Administrator Password

web4dmin

Runtime User ID

da80adm

Ports

8989 (SSL)

1080 (HTTP)

Sun Java System Web Server Instance

Instance Name

da-1.example.com

Instance Directory

/opt/SUNWwbsvr/https-da-1.example.com

Port

1080 (HTTP)

1443 (SSL)

Service URL

http://da-1.example.com:1080

https://da-1.example.com:1443

Distributed Authentication User Interface

Server Protocol

https

Server Host

lb-2.example.com

Server Port

1081

Server Deployment URI

opensso

distAuth Protocol

http

https

distAuth Host

da–1.example.com

distAuth Port

1080 (HTTP)

1443 (SSL)

distAuth Deployment URI

distAuth

distAuth Cookie Name

AMDistAuthCookie

Application User Name

authuiadmin

Application User Password

authuiadmin

Table C–2 Distributed Authentication User Interface Host Machine 2

Component

Description

Host Name

da-2.example.com

Non-Root User

da80adm

Non-Root User Password

da80a6m

Sun Java System Web Server Administration Server

Installation Directory

/opt/SUNWwbsvr/

Default Administration Directory

/opt/SUNWwbsvr/admin-server

Default Administrator

admin

Default Administrator Password

web4dmin

Runtime User ID

da80adm

Ports

8989 (SSL)

1080 (HTTP)

Sun Java System Web Server Instance

Instance Name

da-2.example.com

Instance Directory

/opt/SUNWwbsvr/https-da-2.example.com

Port

1080 (HTTP)

1443 (SSL)

Service URL

http://da-2.example.com:1080

https://da-2.example.com:1443

Distributed Authentication User Interface

Server Protocol

https

Server Host

lb-2.example.com

Server Port

1081

Server Deployment URI

opensso

distAuth Protocol

http

https

distAuth Host

da–2.example.com

distAuth Port

1080 (HTTP)

1443 (SSL)

distAuth Deployment URI

distAuth

distAuth Cookie Name

AMDistAuthCookie

Application User Name

authuiadmin

Application User Password

authuiadmin

Table C–3 Load Balancer for the Distributed Authentication User Interface Host Machines

Component

Description

URL

lb-3.example.com

Method

Round Robin

Protected Servers

da-1.example.com:1443

da-2.example.com:1443

Virtual Servers

lb-3.example.com:1443

Monitors

da-1.example.com:1443

da-2.example.com:1443

Cookie Name

DistAuthLBCookie

OpenSSO Enterprise Agent Profile

authuiadmin

OpenSSO Enterprise Agent Profile Password

authuiadmin

Appendix D Protected Resource Host Machine Web Containers, Policy Agents and Load Balancers

This appendix collects the information regarding the web containers and policy agents installed on the Protected Resource host machines. It contains the following tables:

Table D–1 Protected Resource 1 Host Machine

Component

Description

Host Name

pr-1.example.com

BEA WebLogic Server Administration Server

Home Directory

/usr/local/bea

Installation Directory

/usr/local/bea/weblogic10

Domain Directory

/usr/local/bea/user_projects/domains/pr-1

Administration Server Directory

/usr/local/bea/user_projects/domains/pr-1/servers/AdminServer

Administrator

weblogic

Administrator Password

bea10admin

Port

7001

Administration Console URL

http://pr-1.example.com:7001/console

BEA WebLogic Server Managed Server

Managed Server Directory

/usr/local/bea/user_projects/domains/pr-1/servers/ApplicationServer-1

Port

1081

OpenSSO Enterprise URL

https://lb-2.example.com:1081/opensso

Distributed Authentication User Interface URL

https://lb-3.example.com:1443/distAuth/UI/Login

J2EE Policy Agent for BEA WebLogic Server

J2EE Agent Profile Name

j2eeagent–1

J2EE Agent Profile Password

j2eeagent1

J2EE Agent URL

http://pr-1.example.com:1081/agentapp

Sun Java System Web Server Administration Server

Installation Directory

/opt/SUNWwbsvr/

Default Administration Directory

/opt/SUNWwbsvr/admin-server

Default Administrator

admin

Default Administrator Password

web4dmin

Runtime User ID

root

Ports

8989 (SSL)

1080 (HTTP)

Sun Java System Web Server Instance

Instance Name

pr-1.example.com

Instance Directory

/opt/SUNWwbsvr/https-pr-1.example.com

Port

1080

Service URL

http://pr-1.example.com:1080

Web Policy Agent for Sun Java System Web Server

Web Agent Profile Name

webagent-1

Web Agent Profile Password

webagent1

Table D–2 Protected Resource 2 Host Machine

Component

Description

Host Name

pr-2.example.com

BEA WebLogic Server Administration Server

Home Directory

/usr/local/bea

Installation Directory

/usr/local/bea/weblogic10

Domain Directory

/usr/local/bea/user_projects/domains/pr-2

Administration Server Directory

/usr/local/bea/user_projects/domains/pr-2/servers/AdminServer

Administrator

weblogic

Administrator Password

bea10admin

Port

7001

Administration Console URL

http://pr-2.example.com:7001/console

BEA WebLogic Server Managed Server

Managed Server Directory

/usr/local/bea/user_projects/domains/pr-2/servers/ApplicationServer-2

Port

1081

OpenSSO Enterprise URL

https://lb-2.example.com:1081/opensso

Distributed Authentication User Interface URL

https://lb-3.example.com:1443/distAuth/UI/Login

J2EE Policy Agent for BEA WebLogic Server

J2EE Agent Profile Name

j2eeagent–2

J2EE Agent Profile Password

j2eeagent2

J2EE Agent URL

http://pr-2.example.com:1081/agentapp

Sun Java System Web Server Administration Server

Installation Directory

/opt/SUNWwbsvr/

Default Administration Directory

/opt/SUNWwbsvr/admin-server

Default Administrator

admin

Default Administrator Password

web4dmin

Runtime User ID

root

Ports

8989 (SSL)

1080 (HTTP)

Sun Java System Web Server Instance

Instance Name

pr-2.example.com

Instance Directory

/opt/SUNWwbsvr/https-pr-2.example.com

Port

1080

Service URL

http://pr-2.example.com:1080

Web Policy Agent for Sun Java System Web Server

Web Agent Profile Name

webagent-2

Web Agent Profile Password

webagent2

Table D–3 Load Balancer for the Web Policy Agents

Component

Description

URL

lb-4.example.com

Method

Round Robin

Protected Servers

pr-1.example.com:1080

pr-2.example.com:1080

Virtual Servers

lb-4.example.com:90

Monitors

pr-1.example.com:1080

pr-2.example.com:1080

Table D–4 Load Balancer for the J2EE Policy Agents

Component

Description

URL

lb-5.example.com

Method

Round Robin

Protected Servers

pr-1.example.com:1081

pr-2.example.com:1081

Virtual Servers

lb-5.example.com:91

Monitors

pr-1.example.com:1081

pr-2.example.com:1081

Appendix E Message Queue Servers

This appendix collects the information regarding the Message Queue host machines. It contains the following tables:

Table E–1 Message Queue 1 Host Machine

Component

Description

Host Name

mq-1.example.com

Sun Java System Message Queue

Session Tools Scripts Directory

/export/SFO/ssoSessionTools/opensso

Message Queue Directory

/export/SFO/ssoSessionTools/jmq

Berkeley Database Directory

/tmp/amsession/sessiondb

Message Queue Broker Instance

Name

msgqbroker

Port

7777

Instance User

msgquser

Instance User Password

m5gqu5er

Database URL

http://mq-1.example.com:7777

Table E–2 Message Queue 2 Host Machine

Component

Description

Host Name

mq-2.example.com

Sun Java System Message Queue

Session Tools Scripts Directory

/export/SFO/ssoSessionTools/opensso

Message Queue Directory

/export/SFO/ssoSessionTools/jmq

Berkeley Database Directory

/tmp/amsession/sessiondb

Message Queue Broker Instance

Name

msgqbroker

Port

7777

Instance User

msgquser

Instance User Password

m5gqu5er

Database URL

http://mq-2.example.com:7777

Appendix F Known Issues and Limitations

The issues in this appendix will be updated as more information becomes available.

Table F–1 Known Issues and Limitations

Reference Number

Description

4510

Creating a non-root domain Shows a FileNotFoundException

For more information, see Issue 4510 on https://glassfish.dev.java.net/.