Share on:

OpenAM Quick Start Guide

Original article: https://github.com/OpenIdentityPlatform/OpenAM/wiki/Quick-Start-Guide

Preparations

Install Docker

Install Docker for your platform, if you did not do this before, from https://docs.docker.com/install/#supported-platforms.

Prepare Hosts File

At first you need to add your to your hosts file aliases openam.example.org - for OpenAm and example.org for Apache Http Server. Your hosts file should contain following line:

127.0.0.1    openam.example.org example.org

OpenAM Configuration

Running OpenAM Image

Create Docker network for OpenAM

docker network create openam-quickstart

Run OpenAM image

docker run -h openam.example.org -p 8080:8080 --network openam-quickstart --name openam openidentityplatform/openam

Basic OpenAM Setup

Open your browser, goto url http://openam.example.org:8080/openam. OpenAM Configuration Start

Click Create Default Configuration.

OpenAM License Agreement

Accept License Agreement

OpenAM Set Passwords

Set password for default admin user and policy agent

Press Create Configuration. After configuration successfully created, press Proceed to Login or open http://openam.example.org:8080/openam/console link in browser.

Policy Configuration

OpenAM Console Realm

In administration console select realm, then go to Authorization -> Policy Sets, select Default Policy Set and add new Policy

Set Policy Name as you wish, Resource Type set URL, and add new Resource *://example.org:*/* and click Create to save new policy.

OpenAM Console New Policy

On new policy settings select Actions tab and add two actions GET and POST

OpenAM Policy Actions

Then select Subjects tab and set type to Authenticated Users

OpenAM Policy Subjects

Click Save Changes to save your policy

Agent Configuration

Then, in left menu, go to Applications -> Web Agents and create new Agent

OpenAM Web Agents

Set name as you wish, for example apache_agent, set agent password.

OpenAM Create Web Agent

Server URL set http://openam.example.org:8080/openam

Agent URL set http://example.org:80

Click Create to save new Web Agent

Click General tab to return to main menu.

Navigate to Configure -> Global Services -> Platform -> Cookie Domain.

Set cookie domain to .example.org, save your settings.

Apache HTTP Server Configuration

Create Dockerfile in your /home/user/openam-quickstart/apache/ folder with following content

FROM httpd:2.4.34

ENV PA_PASSWORD password

RUN apt-get update || true

RUN apt-get install -y wget unzip

RUN wget --show-progress --progress=bar:force:noscroll --quiet --output-document=/tmp/Apache_v24_Linux_64bit_4.1.1.zip https://github.com/OpenIdentityPlatform/OpenAM-Web-Agents/releases/download/4.1.1/Apache_v24_Linux_64bit_4.1.1.zip

RUN unzip /tmp/Apache_v24_Linux_64bit_4.1.1.zip -d /usr/

RUN rm /tmp/Apache_v24_Linux_64bit_4.1.1.zip

RUN echo $PA_PASSWORD > /tmp/pwd.txt

RUN cat /tmp/pwd.txt

RUN cat /etc/issue

RUN /usr/web_agents/apache24_agent/bin/agentadmin --s "/usr/local/apache2/conf/httpd.conf" "http://openam.example.org:8080/openam" "http://example.org:80" "/" "apache_agent" "/tmp/pwd.txt" --acceptLicence --changeOwner

Set ENV PA_PASSWORD as you previously set for your WebAgent in OpenAm

Build Apache Docker image

docker build --network=host -t apache_agent -f /home/user/openam-quickstart/apache/Dockerfile /home/user/openam-quickstart/apache/

And then run image

docker run -it --name apache_agent -p 80:80 -h example.org --shm-size 2G --network openam-quickstart apache_agent

Open in browser link http://example.org, and you will be redirected to OpenAM Authentication. After authentication you should see default Apache HTTP Server page Apache Default Page