Home > PKI, Security, SSO > OpenSSO and EJBCA: Use Case

OpenSSO and EJBCA: Use Case

January 1st, 2009 Leave a comment Go to comments

EJBCA logo

EJBCA

Interest by OpenSSO (especially in the Access Manager part)? If yes, you should be interest by my VMWare image. The image was made to demonstrate an application protected by opensso. The application is divided in three parts, the first one is available for everyone (non authenticated users). The second part, the secure area, is available only for users authenticated in OpenSSO, and members of group employee. And finally, only users authenticated by certificates and member of group employee can access to the very secure area.

OpenSSO logo

OpenSSO

How to try this image?

  • Download the archive
  • Extract it
  • Open the vmx file using VMWare
  • You need to give >= 1024MB of memory for the image. Indeed, lot of services are required for the demonstration. (One Tomcat, one JBoss, one OpenDS, and one Glassfish).
  • Boot the image, some services may take few minutes to start, depends of your configuration
  • Login using root account, with password root
  • When you opened the VMX file from VMWare, it ask if your copy or moved the virtual image. If you choose copy, you need to execute the following commands to get network working:
# rm /etc/udev/rules.d/z25_persistent-net.rules
# modprobe -r pcnet32
# sleep 1
# modprobe pcnet32
# /etc/init.d/networking restart
  • Execute the command ifconfig eth and identity the IP address of the image
    Check IP address
  • On the host system (your desktop, NOT on the image) edit your /etc/hosts (or equivalent) file, add the following line:

172.16.19.136 opensso.local.asyd.net

As usual, any feedbacks are welcome.

Notes:

  • In order to access to the very secure area, after importing the certificate, you usually need to restart your browser. Indeed, most of browsers use a persistent HTTP/1.1 session with server, in this case, the HTTPS negociation is made only one time.
  • The glassfish’s console is http://opensso.local.asyd.net:4848/ not http://opensso.local.asyd.net:4848/opensso

Categories: PKI, Security, SSO Tags: ,
  1. nyck
    May 26th, 2011 at 21:03 | #1
    Reply | Quote

    hi I,m trying to download the image but the link is broken, can you send me a good link?

    Thanks.

  2. fabdouglas
    June 19th, 2011 at 13:44 | #2
    Reply | Quote

    Is there a way to get the VM ?

  3. asyd
    June 19th, 2011 at 13:58 | #3
    Reply | Quote

    I fix the link, the archive is now available.

  4. nyck
    June 20th, 2011 at 16:10 | #4
    Reply | Quote

    Thanks a lot man!@asyd

  5. meijf
    September 28th, 2012 at 23:19 | #5
    Reply | Quote

    can you open the link to your image again?
    Thx

  6. mopik
    May 9th, 2013 at 15:22 | #6
    Reply | Quote

    Hi, is there posibility to download vmware image? I try to make own , bud every try finished with fail. Thx for advice

  7. tony
    March 11th, 2014 at 14:55 | #7
    Reply | Quote

    Hi asyd,
    I am wondering whether you still have such image available. I would appreciate if you could share with me or shed some light on developing such a model.
    Thanks,
    Tony

  8. asyd
    April 28th, 2014 at 08:23 | #8
    Reply | Quote

    Hi Tony, here the image: http://gendo.asyd.net/~asyd/OpenSSO-Ejbca.vmware.tar.gz

    however you should know it’s very old.

  1. September 17th, 2010 at 13:30 | #1
    OpenSSO and EJBCA: Use Case « Superpatterns