Project

General

Profile

Actions
History

WikiStart » Z Archive » CSSO » OpenSSO »

OpenSSOInstallDebianEtch » History » Revision 4

« Previous | Revision 4/13 (diff) | Next »
Lutz Suhrbier, 02/05/2009 09:06 PM

OpenSSO Installation (with Debian Etch)

This document will briefly describe the installation procedure of OpenSSO on a Debian Etch system.

The protocol logs the OpenSSO installation on idp.e-taxonomy.eu. Please, adapt this hostname to your environment.

Prerequisites

Installing Java

Follow Sun JDK Debian installation.

Installing Tomcat

First, follow Tomcat Debian installation.

Increase Java heap memory

Next, OpenSSO requires more heap space than configured by default. Increase the Java heap memory to at least 512MB by changing the following line in /etc/default/tomcat5.5:

CATALINA_OPTS="-Djava.awt.headless=true -Xmx512M -server"

Set ACL's

Change the owner/group of /usr/share/tomcat5.5 to tomcat55/root to prevent failure of the OpenSSO installation.

chown -R tomcat55:root /usr/share/tomcat5.5

Installing Apache

Follow Apache2.2 Denian installation, but omit installation of mod_jk!

==== mod_proxy installation ===

We will use mod_proxy instead of mod_jk to integrate Tomcat into Apache. There, enable the following Apache2 modules

a2enmod ssl
a2enmod proxy
a2enmod proxy_http
a2enmod proxy_ajp

Configure Apache site for opensso

Create an individual Apache2 site for opensso (e.g. /etc/apache2/sites-available/opensso) or adapt the default site as follows:

Listen 443
<VirtualHost idp.e-taxonomy.eu:443>
    ServerAdmin webmaster@localhost

    ServerName              idp.e-taxonomy.eu
    SSLEngine               on
    SSLCertificateFile      /etc/ssl/certs/idp.e-taxonomy.eu-cert.pem
    SSLCertificateKeyFile   /etc/ssl/private/idp.e-taxonomy.eu-key.pem

<Location /opensso>
    Allow from all
    ProxyPass ajp://localhost:8009/opensso/
    ProxyPassReverse ajp://localhost:8009/opensso/
    ProxyPassReverseCookiePath  ajp://localhost:8009/opensso/ /opensso
    ProxyPassReverseCookieDomain  ajp://localhost:8009/opensso/ idp.e-taxonomy.eu
  </Location>
</VirtualHost>

Enable opensso site (if not configured as default) and restart Apache2 web server.

a2ensite opensso
/etc/init.d/apache2 reload

Updated by Lutz Suhrbier about 15 years ago · 4 revisions