Notwithstanding that it is still a secret, we've just added a property that allows you to disable the ssoadm.jsp to harden your system and reduce attack vectors. The property is ssoadm.disabled and can be added with a value of true to the Advanced properties.
Log into the OpenSSO console as administrator.
Click the Configuration tab.
Click the Servers and Sites tab.
Click the Server name in the Servers table.
Click the Advanced tab.
Click Add in the Advanced Properties table.
Enter ssoadm.disabled as the Property Name and true as the Property Value.
You can also add this property as a default setting for future server configurations by clicking the Default Server Settings button under the Servers and Sites tab.
And now here's the only song that I know of that uses the word harden. The video is a live performance of Quarterflash singing (and playing saxophone on) Harden My Heart.
Look in the OpenSSO-Deploy-Base\*/opensso directory and you'll find ssoadm.jsp. This best kept secret is the web version of the ssoadm command line interface and can be used as such - although it's technically a secret. So check it out but don't tell them I sent you.
And now listen to Joni Mitchell and Peter Gabriel singing My Secret Place.
\* OpenSSO-Deploy-Base represents the directory in which your particular web container deploys the opensso.war.
I wanted to export the configuration data on my install of OpenSSO so I went back to the directory that was created after I expanded opensso.zip to setup the ssoadm command line utility. Here are the steps I followed.
Set JAVA_HOME and PATH variables to point to the correct version of Java; in this case, version 1.5.
Create a directory into which you will expand the ssoAdminTools.zip.
# mkdir /ssoadmtool
Unzip ssoAdminTools.zip into the top-level directory created.
# cd /opensso/tools
# unzip ssoAdminTools.zip -d /ssoadmtool
# cd /ssoadmtool
# ls -la
drwxr-xr-x 6 root root 10 Mar 31 10:42 .
drwxr-xr-x 42 root root 47 Mar 31 08:16 ..
-rw-r--r-- 1 root root 4796 Mar 18 01:31 README.setup
drwxr-xr-x 2 root root 25 Mar 18 03:55 lib
-rw-r--r-- 1 root root 17003 Mar 18 01:31 license.txt
drwxr-xr-x 3 root root 3 Mar 31 10:42 opensso
drwxr-xr-x 2 root root 1161 Mar 18 03:55 resources
-rwxr-xr-x 1 root root 2638 Mar 18 01:31 setup
-rw-r--r-- 1 root root 3182 Mar 18 01:31 setup.bat
drwxr-xr-x 4 root root 4 Mar 18 01:31 template
Run setup from the top-level ssoadmtool directory.
Path to config files of OpenSSO server (example: /opensso):/opensso
The scripts are properly setup under directory: /ssoAdmin/opensso
Debug directory is /opensso/debug.
Log directory is /opensso/log.
The version of this tools.zip is: (2009-March-18 01:14)
The version of your server instance is: (2009-March-18 01:14)
Run ssoadm using the export-svc-cfg option.
./ssoadm export-svc-cfg -e secretenckey -o /var/tmp/config.xml -u amadmin -f /tmp/password
e defines the key that will be used to encrypt any sensitive information in the configuration data store.
o defines the name and location of the XML file to which the configuration data will be written.
u defines the OpenSSO administrator; by default, amadmin.
f defines the name and location of the file that contains the OpenSSO administrator's password.
config.xml is created in /var/tmp and contains the configuration data stored in the OpenSSO embedded configuration data store.
Now I'm exporting (-o you) the loveliness that is the Comateens singing Get Off My Case in the old train station in Hoboken, New Jersey. They are a great band singing in a great city in an OK state. And I would know - I lived in Hoboken for three years.