Installing OpenAM Release 9 on Tomcat 6.0.26 on Windows 7

So Oracle have moved away from Sun Access Manager towards the Oracle Access Manager roadmap. However, ForgeRock have taken over the product (only possible because of the Opensource nature of the product).

Anyways, let’s push on with installing OpenAM Release 9 onto Tomcat 6.0.26 on Windows 7.

Update – Check out:

for an install video.

First of all, download yourself a copy of Tomcat 6.0.26. Next, head over to the downloads page on ForgeRock and grab a copy of OpenAM.

To set up Tomcat, extract it to a folder. I picked C:\tomcat. We’ll need to edit C:\tomcat\bin\startup.bat and change the amount of memory available for Tomcat.  Add the line set CATALINA_OPTS=”-Xmx1024m” above the set “CURRENT_DIR=%cd%” line. This sets the maximum memory available to Tomcat as 1024MB. You’ll probably have to tell Tomcat where to find the Java Runtime Environment.

Click Start and right click on the Computer button and select properties. Then click Advanced System Settings. Finally click Environment Variables. Click the button for a new System Variable. The variable is called JRE_HOME and the value in my case is c:\Program Files\Java\jre6\.

We’ll need to add an administration user. Edit C:\tomcat\conf\tomcat-users.xml.

Add the following lines:

<role rolename=”manager” />
<user username=”admin” password=”admin” roles=”manager” />

Awesome. Now edit c:\windows\system32\drivers\etc\hosts in Notepad as a privileged user. Add a domain and your computer’s IP address. I added:

sso.kenningcorp.com 10.1.1.3

Now open up the command line and navigate to C:\tomcat\bin. Type startup and Tomcat should start. If things are going well, you should see this window. The last line should mention the server startup in X ms.

In your web browser, head to http://sso.kenningcorp.com:8080, obvious replacing my domain with your domain. You should see the Tomcat page if things are going well. Now navigate to http://sso.kenningcorp.com:8080/manager/html, with the login being admin and the password admin.

Under WAR file to deploy navigate to openam_release9_20100207\opensso\deployable-war and select opensso.war. Then hit the Deploy button. It’ll take a while as the war file is uploaded through your browser into Tomcat. Tomcat has an auto-deploy function, Google it if you’re interested.

Eventually the application will be deployed. Navigate to http://sso.kenningcorp.com:8080/opensso.

If things are going well, you should see the OpenSSO configuration options page.

Click Custom Configuration. Here are the settings I use:

  1. Default user password – password
  2. Server settings – I leave the default entries in there
  3. Configuration store – First instance, OpenSSO
  4. User data store – OpenSSO
  5. Site configuration – No (not being a load balancer)
  6. Default policy agent password – password2

Now click Create Configuration. Fingers crossed. I’ve had problems installing this, in the following order:

  1. Don’t use the version of Tomcat that comes with XAMPP. Didn’t work for me.
  2. Don’t use the nightly version of OpenAM. Didn’t work for me.
  3. Don’t use 127.0.0.1 as the IP address of your domain. Didn’t work for me.

I had weird errors such as cookie domains not being valid host names, and other weird errors.

If things go well it should install. I get an error about a log file being NULL, but I don’t worry about it. Head to http://sso.kenningcorp.com:8080/opensso, which should now redirect you to http://sso.kenningcorp.com:8080/opensso/UI/Login. Type amAdmin as the username, and password as the password, and you should be authenticated against your OpenAM install, and shown the Administration page. Congratulations!

Make $1500 in three hours GUARANTEED! My secret tip…

So I was sitting around at home, and I was thinking how can I make money easily?

Then I discovered … The Secretâ„¢.

Learn. Study. Become great at what you do in a specialised field that’s in high demand, and then you will make $500 an hour, not once, not twice, but every hour you work of every day.

Oh, just so this wasn’t a post baiting you without any substance, you can download Trial/Development versions of Siebel CRM, JD Edwards ERP, and other Oracle products from the Oracle E-Delivery Website.

Or download most of Sun’s products from the Sun website.

Learn these products, understand the business drivers behind their adoption in business, and specialise in that, rather than multi-level marketing. Trust me, you’ll easily make $1500 in three hours.

JD Edwards vs. Siebel vs. Sun Access Manager vs. Oracle Identity Manager

What to specialise in. Young IT professionals are spoiled for choice. There are a hundred and one different IT applications out there from Identity Management, to Enterprise Resource Planning, to Customer Relationship Management, and a thousand and one other categories in between.

However, I doubt there’s enough time in the day to specialise in *all* these applications, let alone get experience to implement them successfully. And so, what to pick?

I think over-specialising in a particular application makes you like a peak athlete – great at what you do, not so great at anything else. If you’ve spent five years becoming the master in JD Edwards ERP, you’re probably not going to know too much about Siebel CRM, let alone Sun’s Identity Management Suite.

Perhaps it’s better to focus on specialising in a particular area of interest, whether that’s horizontally by knowing all about all the different Customer Relationship Management products, whether from Oracle, or Microsoft, or SugarCRM – or specialising vertically by knowing the chain of software used in a particular industry say a Telecommunications-specific version of Siebel, and Telecommunications-specific versions of Integration software, of Radio Frequency software etc.

One great thing is, most of this software is freely available for you to download and learn from. Sun’s Identity Management Suite is free (as in beer), Oracle’s Identity Management Suite is free (as in development license), and this is an increasing trend which is positive for students. So now there’s no excuse (apart from hardware) to go out, learn these products, and become paid one of these highly paid consultants!