OpenAM 13 ( ) 2018 3 13 2.4
1 1 1.1.................................... 1 1.2..................................... 1 1.3....................................... 1 2 3 2.1............................... 3 3 4 3.1................................ 4 4 5 5 RPM 6 5.1....................................... 6 5.2......................... 6 5.3................................ 7 5.4........................... 7 5.5 Tomcat.................................. 8 5.6................................. 8 6 RPM 10 6.1....................................... 10 6.2 Tomcat.................................. 10 6.3 OpenAM.................. 10 6.4 Tomcat work...................... 11 6.5................................ 11 6.6........................... 11 6.7 Tomcat.................................. 13 6.8.............................. 13 i
6.9 Tomcat.................................. 16 6.10 OpenAM2........................ 16 7 war 18 7.1 OpenJDK........................... 18 7.2 JAVA_HOME......................... 18 7.3 Java............................ 18 7.4 OpenAM war.......................... 19 7.5 OpenAM war...................... 19 7.6 Tomcat.................................. 19 7.7................................. 20 8 21 8.1 Server.xml................................ 21 9 OpenLDAP 22 9.1....................................... 22 9.2................................ 22 9.3 RPM........................ 23 9.4................................ 23 10 24 ii
1 1.1 OpenAM 13 OpenAM 13 1.2 OS OS OS OS (SELinux ) OpenAM OpenAM SELinux SELinux root ( ) /srv/osstech-work/software/rpms 1.3 Red Hat Enterprise Linux RHEL 1
OSSTech 2
2 OpenAM 2.1 OpenAM OpenAM (FQDN) FQDN DNS OpenAM sso.example.co.jp 3
3 3.1 OS Red Hat Enterprise Linux 7 (x86_64) CentOS 7 (x86_64) OS OpenJDK 8 OS Tomcat 7 (RHEL7/CentOS7) 4
4 Linux 1. OSSTech osstech-base osstech-support osstech-daemontools(rhel7/centos7) 2. OSSTech Tomcat osstech-tomcat(rhel7/centos7) 3. OSSTech OpenAM 13 osstech-openam13 5
5 RPM OS rpm 5.1 root su root $ su - Password: root ( ) /srv/osstech-work/software/rpms 5.2 5.2.1 ksh OSSTech ksh ksh # yum install ksh 5.2.2 OpenJDK 8 OpenAM OpenJDK 8 OpenJDK 8 # yum install java-1.8.0-openjdk 6
5.2.3 Tomcat(RHEL7/CentOS7) RHEL7 CentOS7 OS Tomcat Tomcat # yum install tomcat 5.3 RHEL7/CentOS7 # cd /srv/osstech-work/software/rpms # ls install.sh x86_64 # ls x86_64 osstech-base-x.x-x.el7.x86_64.rpm osstech-daemontools-x.x-x.el7.x86_64.rpm osstech-openam-ldapschema-x.x-x.el7.noarch.rpm osstech-openam13-13.0.0-x.el7.noarch.rpm osstech-openam13-configtools-13.0.0-x.el7.noarch.rpm osstech-openam13-tools-13.0.0-x.el7.noarch.rpm osstech-support-x.x-x.el7.x86_64.rpm osstech-tomcat-7.instancex.x.x-x.el7_7.x.x.rx_x.noarch.rpm repodata 5.4 yum #./install.sh Is this ok [y/n]: y install yum yum Is this ok [y/n]: 7
yum! Complete!) yum rpm # cd x86_64 # rpm -ivh osstech-base*.rpm \ > osstech-support*.rpm \ > osstech-daemontools*.rpm \ > osstech-tomcat*.rpm \ > osstech-openam13-13.0.0-*.rpm \ > osstech-openam13-tools-*.rpm...( ) [100%] 5.5 Tomcat RPM Tomcat # /sbin/service osstech-tomcat start 5.6 Tomcat URL http://sso.example.co.jp:8080/openam/ OpenAM (/openam/) Tomcat 8
1 9
6 RPM 2 OpenAM 2 6.1 root su root $ su - Password: root ( ) /srv/osstech-work/software/rpms 6.2 Tomcat Tomcat # /sbin/service osstech-tomcat stop 6.3 OpenAM OpenAM OpenAM /opt/osstech/var/lib/tomcat/openam /root/backup/conf # mkdir -p /root/backup/conf # cd /opt/osstech/var/lib/tomcat # cp -pir openam /root/backup/conf 10
6.4 Tomcat work Tomcat work # rm -rf /opt/osstech/share/tomcat/work/catalina/localhost/openam 6.5 RHEL7/CentOS7 # cd /srv/osstech-work/software/rpms # ls install.sh x86_64 # ls x86_64 osstech-base-x.x-x.el7.x86_64.rpm osstech-daemontools-x.x-x.el7.x86_64.rpm osstech-openam-ldapschema-x.x-x.el7.noarch.rpm osstech-openam13-13.0.0-x.el7.noarch.rpm osstech-openam13-configtools-13.0.0-x.el7.noarch.rpm osstech-openam13-tools-13.0.0-x.el7.noarch.rpm osstech-support-x.x-x.el7.x86_64.rpm osstech-tomcat-7.instancex.x.x-x.el7_7.x.x.rx_x.noarch.rpm repodata 6.6 rpm # cd x86_64 # rpm -Uvh osstech-base*.rpm \ > osstech-support*.rpm \ > osstech-daemontools*.rpm \ > osstech-tomcat*.rpm \ > osstech-openam13-13.0.0-*.rpm \ > osstech-openam13-tools-*.rpm 11
rpm... ########################################### [100%] osstech-base-3.0-115.el7.x86_64 osstech-support-3.0-115.el7.x86_64 osstech-base osstech-support openam13-13.0.0-91 python-requests : : python-requests osstech-openam13-tools-13.0.0-94.el7.noarch rpm python-requests rpm # yum install python-requests 6.6.1 index.html /opt/osstech/share/tomcat/webapps/openam/xui/index.html /... 1:osstech-openam13-13.0.0-94.el7 : /opt/osstech/share/tomcat7/webapps/ openam/xui/index.html /opt/osstech/share/tomcat7/webapps/openam/ XUI/index.html.rpmnew index.html urlargs index.html /opt/osstech/share/tomcat/webapps/openam/xui/index.html.rpmnew 12
# view /opt/osstech/share/tomcat/webapps/openam/xui/index.html.rpmnew urlargs ( v=3fe9843) var require = { urlargs : "v=3fe9843", deps : ['main'], index.html # vi /opt/osstech/share/tomcat/webapps/openam/xui/index.html urlargs index.html urlargs index.html.rpmnew : : urlargs : "v=8173efa", urlargs : "v=3fe9843", index.html 6.7 Tomcat # /sbin/service osstech-tomcat start 6.8 1. Tomcat URL http://sso.example.co.jp:8080/openam/ 2. OpenAM13 13
3. I accept the license agreement Continue 14
4. OpenAM 5. OpenAM 15
2 6.9 Tomcat Tomcat # /sbin/service osstech-tomcat restart 6.10 OpenAM2 OpenAM 2 1. Tomcat OpenAM OpenAM1,2 2. 2 Tomcat OpenAM2 OpenAM1 2 Tomcat 3. OpenAM1 Tomcat work 16
4. OpenAM1 Tomcat Tomcat 1 (FQDN) 5. 2. OpenAM2 OpenAM1 OpenAM2 Tomcat Tomcat 6. OpenAM2 Tomcat work 7. OpenAM2 Tomcat Tomcat OpenAM2 8. 5. OpenAM1 (OpenAM1,2 2 ) 2 17
7 war OpenAM war Tomcat Tomcat (Tomcat ) 7.1 OpenJDK OpenAM OpenJDK 8 OpenJDK 8 # yum install java-1.8.0-openjdk 7.2 JAVA_HOME OpenJDK JAVA_HOME OSSTech Tomcat JAVA_HOME 7.3 Java OpenAM Java 1024MB JAVA_OPTS $ export JAVA_OPTS="-Xmx1024m -XX:MaxPermSize=256m" OS Tomcat JAVA_OPTS OSSTech Tomcat Java 1024MB 18
7.4 OpenAM war OpenAM war OSSTech OpenAM 13 RPM(osstech-openam13) /opt/osstech/share/openam13/openam.war war 2 1. RPM RPM war 2. RPM war rpm2cpio cpio RPM $ rpm2cpio osstech-openam13-13.x.x-x.el7.noarch.rpm cpio -id RPM OpenAM war war $ ls opt/osstech/share/openam13/openam.war opt/osstech/share/openam13/openam.war 7.5 OpenAM war OpenAM war Tomcat webapps $ cp openam.war <TOMCATDIR>/webapps/ 7.6 Tomcat Tomcat 19
$ export LANG="en_US.UTF-8" $ <TOMCATDIR>/bin/startup.sh OSSTech Tomcat LANG "en_us.utf-8" 7.7 Tomcat URL http://sso.example.co.jp:8080/openam/ OpenAM 20
8 OpenAM : openam Tomcat 8.1 Server.xml server.xml <Host name="localhost" appbase="webapps" unpackwars="true" autodeploy="true" deployignore="openam"> </Host> <Context path="/[ ]]" docbase="openam"/> example <Host name="localhost" appbase="webapps" unpackwars="true" autodeploy="true" deployignore="openam"> </Host> <!-- openam example --> <Context path="/example" docbase="openam"/> OpenAM http://sso.example.co.jp:8080/example/ openam 21
9 OpenLDAP OpenAM OSSTech OpenLDAP OSSTech OpenLDAP 9.1 root su root $ su - Password: root ( ) /srv/osstech-work/software/rpms 9.2 # cd /srv/osstech-work/software/rpms # ls install.sh x86_64 # ls x86_64 osstech-base-x.x-x.el7.x86_64.rpm osstech-daemontools-x.x-x.el7.x86_64.rpm osstech-openam-ldapschema-x.x-x.el7.noarch.rpm osstech-openam13-13.0.0-x.el7.noarch.rpm osstech-openam13-configtools-13.0.0-x.el7.noarch.rpm osstech-openam13-tools-13.0.0-x.el7.noarch.rpm osstech-support-x.x-x.el7.x86_64.rpm osstech-tomcat-7.instancex.x.x-x.el7_7.x.x.rx_x.noarch.rpm repodata 22
9.3 RPM rpm RPM # cd x86_64 # rpm -ivh osstech-openam-ldapschema-x.x-x.el7.noarch.rpm 9.4 /opt/osstech/etc/openldap/slapd.conf OpenAM include /opt/osstech/etc/openldap/schema/openam.schema include /opt/osstech/etc/openldap/schema/saml2.schema OpenLDAP # /sbin/service osstech-ldap restart 23
10 2016 3 14 1.0 2016 8 25 2.0 2016 10 18 2.1 OpenJDK 8 2017 03 23 2.2 OpenAM2 2017 12 22 2.3 python-requests 2018 03 13 2.4 index.html 24