Modules - OpenAM: installation and configuration

This tutorial will help you easily install and configure the OpenAM module for CzechIdM. To read more about the module, please see OpenAM module documentation.

Download the idm-openam module distribution package. The package contains a backend folder. Your IdM Tomcat installation we call IDM in the following example.

  1. Copy content of the backend folder into your tomcat IdM installation - [IDM]/WEB-INF/lib
  2. Set correct access rights to the files if needed (chown tomcat:tomcat [IDM]/WEB-INF/lib/*)
  3. Restart the IdM application server (service tomcat restart)
  4. Log in to CzechIdM as an privileged user and go to Settings → Modules and enable the openam module.
  5. Go to the configuration and configure the properties needed for the communication with OpenAM (see below).

First, you need to know the address of your running OpenAM instance (or instances) and its version.

Based on that, set the following configuration properties:

If your OpenAM installation uses realms for the users, you may need to set idm.sec.openam.login.payload - e.g. uri=realm=/customers for the realm "/customers". But the information about realm may be already included in the URL of the OpenAM instance (for OpenAM v. 13 and newer), so you may not need to set this property.

If you run multiple instances (or need to support multiple realms), set as many values as you need to the above mentioned properties and separate the values with a comma.

That's it! You probably don't need to set anything else.

All available properties are documented in the Admin guide.

  • by apeterova