Documentation of OpenAM in the GateIn project's Confluence instance is to be productized and added to the JPP 6.0.0 Reference Guide. The source content is located here: https://docs.jboss.org/author/display/GTNPORTAL35/OpenAM Additional background information provided by SME, Marek: "I finished work on SSO community documentation. Latest stuff is in confluence https://docs.jboss.org/author/display/GTNPORTAL35/Single-Sign-On+%28SSO%29 and all it's subpages. There are quite big changes in SSO integration between EPP5 and JPP6, so all existing SSO documentations (CAS, JOSSO, OpenAM, SPNEGO, Clustered SSO valve) include major changes with big number of new and removed sections. Documentation for SAML2 is completely new. I think that whole documentation is similar for project and product, so you can take it as it is. But there are some exceptions like: 1. https://docs.jboss.org/author/display/GTNPORTAL35/Central+Authentication+Service+%28CAS%29 - Last section "Setup with portal on Tomcat" shouldn't be in product documentation because JPP always run on EAP (JBoss7) and never on Tomcat. 2. https://docs.jboss.org/author/display/GTNPORTAL35/JOSSO - Last section "Setup with portal on Tomcat" is irrelevant for JPP (Same reason like in point 1 for CAS) 3. https://docs.jboss.org/author/display/GTNPORTAL35/OpenAM - Section "Setup with portal on Tomcat" is irrelevant for JPP (Same reason like in previous points 1 and 2 for CAS and JOSSO) 4. https://docs.jboss.org/author/display/GTNPORTAL35/Single-Sign-On+%28SSO%29 in section "Prerequisities". The directory GATEIN_SSO_HOME is part of JPP product and it's in directory JPP_HOME/gatein-sso . So it doesn't need to be downloaded and extracted from ZIP like with GateIn project. 5. References to JBoss AS7 probably needs to be changed to EAP or maybe they can be sometimes completely removed because JPP always run on EAP (with GateIn project it's more complicated because it can run on JBoss7 or Tomcat7). For example in https://docs.jboss.org/author/display/GTNPORTAL35/Central+Authentication+Service+%28CAS%29 the sentence "GateIn Portal will be deployed on JBoss AS 7, which will listen on localhost:8080 ." can be changed for product documentation similarly like "JPP will listen on localhost:8080 ." Important note: In docs we have SSO servers CAS, JOSSO and OpenAM running on Tomcat. Note that this is still valid for product documentation. Only the paragraphs, which are talking about GateIn running on Tomcat (like mentioned in points 1,2,3 ) are irrelevant for product documentation and can be removed from product docs. Let me know if something is unclear or you need more info. Good luck with product documentation! Marek"
*** NOTE *** This BZ ticket was created in order to split another BZ ticket - 856430 - into smaller pieces of work.
Documented, reviewed by Marek and finalized according to the review. Available for docs QA at [1]. [1] http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Portal_Platform/6/html-single/Reference_Guide/index.html#sect-Reference_Guide-SSO_Single_Sign_On_-OpenAM
Any comments on the QA side for us to work on?
Procedure 27.6. Adding the Authentication Plug-in point 2. "the sso-opensso-plugin-<VERSION>.jar and commons-httpclient-<VERSION>.jar archives to the TOMCAT_HOME/webapps/opensso/WEB-INF/lib directory." -- The "sso-common-plugin-<VERSION>.jar" is also copied. Procedure 27.7. Configuring a Realm in OpenAM User Interface "The Dynamic value ensures that all users are automatically added the datastore after their first successful authentication." --- "added to"
Fixed the issues pointed out in comment 4. Docs stage URL: http://documentation-devel.engineering.redhat.com/docs/en-US/JBoss_Portal_Platform/6/html-single/Reference_Guide/index.html#sect-Reference_Guide-SSO_Single_Sign_On_-OpenAM Build: JBoss_Portal_Platform-Reference_Guide-6-en-US-6.0.0-47