Last week I was engaged in bringing up a demo set up at Sun Solution Center
, employing a number of components from Sun Software Stack, including IDM
(Sun's provisioning tool), OpenSSO
(Sun's Access Management Solution), DSEE
(User Data Store), MySQL
(Sun's database), GlassFish
(Sun's Application Server) and Glassfish Web Space Server
(Sun's portal solution) installed in Solaris Containers
For reference, the deployment scenario is depicted in the diagram below:
The phase I of implementation involved integrating Sun's IDM with OpenSSO. The following was the objective:
Configure OpenSSO Enterprise to protect Identity Manager, and to allow single sign-on login to the Identity Manager user and administrative interface.
Configure Identity Manager to provision users and roles to OpenSSO Enterprise.
To achieve the above,there is a neat documentation available here
Once I got the above integration of IDM and OpenSSO functional in our set up, users could be provisioned from Sun Identity Manager to the 'idm' realm
in OpenSSO (which finally gets stored in the DSEE 6.x configured as the User repository for OpenSSO).
The actual reason for adding an entry on my blogs around this set up is to express my excitement on discovering the ease of integrating GlassFish WebSpace Server with OpenSSO. I'd reiterate those steps performed to make the GlassFish Web Space Server (installed in one zone
of Solaris 10 OS) contact OpenSSO (installed in another zone) for authentication. I presume, this exercise can be performed in a matter of few minutes. So set your stop watch and get going:
Glassfish v3 prelude. Then click here
and download OpenSSO. For instructions on installation, read my friend David's blog
. You would remember him to be the author of free training on OpenSSO
. Create a realm
, if needed (say 'idm').
Glassfish WebSpace Server 10.. To install WebSpace Server, you would also need Ant 1.7 or higher from here
. Now follow the steps (the following example uses WebSpace Server bundled with Glassfish):
 Unzip Ant and GlassFish WebSpace Server.
 Set ANT_HOME variable to point to the directory location of new version of ANT.
 Goto webspace_dir
/glassfishv2 directory and run the following command:
ant -f setup.xml
 Once the above step is completed, goto webspace_dir
/glassfishv2/bin directory and start domain:
 Upon successful completion of above step, open a browser and access the following URL:
If any of the above steps seems ambiguous, please read the installation instructions here
Once the GlassFish WebSpace Server page is up on the browser, login using the credentials of Administrator (firstname.lastname@example.org/admin), click on the Control Panel -> Settings -> Authentication -> OpenSSO. Following page is what you would see on your browser.
On the page as displayed above, following is the information filled in to make the WebSpace Server contact the 'idm' realm in OpenSSO for authentication of users. Not only that, on successful authentication with OpenSSO, WebSpace Server populates the user information from OpenSSO in its database (HSQL by default)!
Glassfish WebSpace Server installation,configuration and integration with OpenSSO is such a pleasant experience that I invite you to try it and experience it for yourself.