OpenAM Quick Start Guide
Original article: https://github.com/OpenIdentityPlatform/OpenAM/wiki/Quick-Start-Guide
Preparations
Install Docker
Install Docker for your platform, if you did not do this before, from https://docs.docker.com/install/#supported-platforms.
Prepare Hosts File
At first you need to add your to your hosts file aliases openam.example.org - for OpenAm and example.org for Apache Http Server. Your hosts file should contain following line:
127.0.0.1 openam.example.org example.org
OpenAM Configuration
Running OpenAM Image
Create Docker network for OpenAM
docker network create openam-quickstart
Run OpenAM image
docker run -h openam.example.org -p 8080:8080 --network openam-quickstart --name openam openidentityplatform/openam
Basic OpenAM Setup
Open your browser, goto url
http://openam.example.org:8080/openam.
Click Create Default Configuration.
Accept License Agreement
Set password for default admin user and policy agent
Press Create Configuration. After configuration successfully created, press Proceed to Login or open http://openam.example.org:8080/openam/console link in browser.
Policy Configuration
In administration console select realm, then go to Authorization -> Policy Sets, select Default Policy Set and add new Policy
Set Policy Name as you wish, Resource Type set URL, and add new Resource *://example.org:*/* and click Create to save new policy.
On new policy settings select Actions tab and add two actions GET and POST
Then select Subjects tab and set type to Authenticated Users
Click Save Changes to save your policy
Agent Configuration
Then, in left menu, go to Applications -> Web Agents and create new Agent
Set name as you wish, for example apache_agent
, set agent password.
Server URL set http://openam.example.org:8080/openam
Agent URL set http://example.org:80
Click Create to save new Web Agent
Click General tab to return to main menu.
Cookie Domain Configuration
Navigate to Configure -> Global Services -> Platform -> Cookie Domain.
Set cookie domain to .example.org, save your settings.
Apache HTTP Server Configuration
Create Dockerfile in your /home/user/openam-quickstart/apache/ folder with following content
FROM httpd:2.4.34
ENV PA_PASSWORD password
RUN apt-get update || true
RUN apt-get install -y wget unzip
RUN wget --show-progress --progress=bar:force:noscroll --quiet --output-document=/tmp/Apache_v24_Linux_64bit_4.1.1.zip https://github.com/OpenIdentityPlatform/OpenAM-Web-Agents/releases/download/4.1.1/Apache_v24_Linux_64bit_4.1.1.zip
RUN unzip /tmp/Apache_v24_Linux_64bit_4.1.1.zip -d /usr/
RUN rm /tmp/Apache_v24_Linux_64bit_4.1.1.zip
RUN echo $PA_PASSWORD > /tmp/pwd.txt
RUN cat /tmp/pwd.txt
RUN cat /etc/issue
RUN /usr/web_agents/apache24_agent/bin/agentadmin --s "/usr/local/apache2/conf/httpd.conf" "http://openam.example.org:8080/openam" "http://example.org:80" "/" "apache_agent" "/tmp/pwd.txt" --acceptLicence --changeOwner
Set ENV PA_PASSWORD as you previously set for your WebAgent in OpenAm
Build Apache Docker image
docker build --network=host -t apache_agent -f /home/user/openam-quickstart/apache/Dockerfile /home/user/openam-quickstart/apache/
And then run image
docker run -it --name apache_agent -p 80:80 -h example.org --shm-size 2G --network openam-quickstart apache_agent
Open in browser link http://example.org, and you will be redirected to OpenAM Authentication. After authentication you should see default Apache HTTP Server page