The Following command line shows how to configure the OpenSSO server deployed on WebLogic9.2(container type immaterial) http://sso.red.iplanet.com:7001/fam with DSEE 6.x as the service configuration datastore.
curl -d "&deployuri=%2F/fam&ADMIN_PWD=secret12&ADMIN_CONFIRM_PWD=secret12& \\
AMLDAPUSERPASSWD=secret123&AMLDAPUSERPASSWD_CONFIRM=secret123& \\
SERVER_URL=http%3A%2F%2Fsso.red.iplanet.com%3A7001& \\
COOKIE_DOMAIN=.red.iplanet.com&PLATFORM_LOCALE=en_US& \\
AM_ENC_KEY=FederatedAccessManagerEncryptionKey& \\
BASE_DIR=/root/sso-config&DATA_STORE=dirServer& \\
ROOT_SUFFIX=dc=sun,dc=com&DIRECTORY_SERVER=dsee.red.iplanet.com&
DIRECTORY_PORT=7001&DS_DIRMGRDN=cn=Directory Manager&
DS_DIRMGRPASSWD=secret12&DS_UM_SCHEMA=sdkSchema&
AMConfig.button1=Configure" http://sso.red.iplanet.com:7001/fam/configurator.jsp\\?type=custom


Same opensso server can be configured with embedded store as service configuration store,
using the following command line

curl -d "&deployuri=%2F/fam&ADMIN_PWD=secret12&ADMIN_CONFIRM_PWD=secret12& \\
AMLDAPUSERPASSWD=secret123&AMLDAPUSERPASSWD_CONFIRM=secret123& \\
SERVER_URL=http%3A%2F%2Fsso.red.iplanet.com%3A7001& \\
COOKIE_DOMAIN=.red.iplanet.com&PLATFORM_LOCALE=en_US& \\
AM_ENC_KEY=FederatedAccessManagerEncryptionKey& \\
BASE_DIR=/root/sso-config&DATA_STORE=embedded& \\
ROOT_SUFFIX=dc=sun,dc=com&DIRECTORY_SERVER=sso.red.iplanet.com&
DIRECTORY_PORT=50389&DS_DIRMGRDN=cn=Directory Manager&
DS_DIRMGRPASSWD=secret12&DS_UM_SCHEMA=&
AMConfig.button1=Configure" http://sso.red.iplanet.com:7001/fam/configurator.jsp\\?type=custom

Description of the Fields


 Form Field Name  Valid Values  Description Example
 deployur
i
 Any valid webapp deployment URI preceded with a front slash(/) This is the deployment URI of the OpenSSO WAR application       eg: /opensso
 ADMIN_PWD  valid password characters  This is the password of the  ‘amadmin’ top level admin user of OpenSSO system mysecret
 ADMIN_CONFIRM_PWD  valid password characters  Confirm password for the ‘amadmin’ user
 AMLDAPUSERPASSWD  valid password characters  shared secret, traditionally called ‘amldapuser’passwd
 AMLDAPUSERPASSWD_CONFIRM  valid password characters  confirm field
 SERVER_URL  Valid  URL  Web Container URL where opensso WAR is deployed http://dev.java.com:8080
 COOKIE_DOMAIN  cookie domain value preceded with dot(.)  This is the domain to which the SSO token will be set .dev.java.com
 PLATFORM_LOCALE  any valid locale   en_US
 AM_ENC_KEY  follows same norms as Sun Java ES  Access Manager   mysecretencryptionkey
 BASE_DIR  valid filesystem location  this is the place where the opensso related configuration,debug and bootstrap files are placed after configuration /root/opensso
 DATA_STORE  Datastore type to hold the opensso configuration data

 embedded – OpenDS based embedded configuration store

dirServer – DSEE 6.x based directory stores, must be up and running bfore configuring the opensso

 ROOT_SUFFIX  valid ldap suffix  Service configuration suffix dc=example,dc=com
 DIRECTORY_SERVER  Directory Server Name  Service configuration data Directory Server Name
 DIRECTORY_PORT  Directory Server Port  Service configuration data Directory Server port 1389
DIRMGRDN the privielged user DN this is used to connect to the Service configuration data Directory Server to load the schema and configuration data

cn=directory manager

in the embedded configuration cn=directory manager is assumed, but in the dirServer case this can be any valid DN

DS_DIRMGRPASSWD Password for the DIRMGRDN in the embedded configuration cn=directory manager is assumed and the password is set to same as of ‘amadmin’, but in the dirServer case this must be entered in the configurator
DS_UM_SCHEMA
sdkSchema - only in 'dirServer'

null for 'embedded' 

Whether to load the  amSDK compliant user schema This will basically will load

sunone_schema2.ldif
ds_remote_schema.ldif
index.ldif
plugin.ldif
install.ldif
AMConfig.button1 submit button I guess so!

 

 Actually I have a shell script which would interactively ask for the serverconfig details then will post it accordingly if you want mail me. BTW, I have not tested this with HTTPS protocol yet, how ever I dont expect any problem because if the ‘curl’ knows the public key store of your container then it should work seamlessly. Tested this with

curl version 7.15.5

 

 

 

 

Advertisements