OpenAM is an open source continuation of the OpenSSO project that was taken over, and later scrapped, by Oracle. OpenAM is the only commercial-grade, feature-rich web application that provides SSO solutions. It has a variety of features and a powerful Single Sign-On capability, but the implementation can be tricky, and the unorganized and incoherent online documentation is not very helpful.
TheOpenAM book will serve as a guide to everything you need to know to get started with implementing Single Sign-On using OpenAM to protect your web applications, along with real-world examples.
The author's extensive experience in testing and troubleshooting OpenAM enables him to share insights on how the product works, its strengths, its weaknesses, and some inside information.
If you are reading this, you probably want to protect your web application using OpenAM. The book starts off with an introduction to OpenAM and describing the core features and the kind of problems that can be solved by OpenAM. Then it provides you with detailed instructions on how to protect your web applications by using OpenAM server and policy agents. You will also learn about the user interface elements in order to manage OpenAM successfully. You'll understand the concepts of identity web services provided by OpenAM. There are examples in the book that describe how the REST-based identity services can be invoked and utilized. In the final chapters, you will find detailed discussions about backup, recovery, and audit logging.
The book concludes by discussing some of the common OpenAM problems and tips to troubleshoot them. Although the project name has changed from OpenSSO to OpenAM, the product screen and file names still reflect OpenSSO. Hence, you will encounter the term "OpenSSO" throughout the book.
This practical, hands-on guide will teach you how to protect your web applications by implementing Single Sign-On (SSO) using OpenAM.
This book is a step-by-step tutorial stuffed with practical, real-world examples. It is designed in such a way that if you are already familiar with OpenAM, you can easily skip to a later chapter without missing a beat. You should be able to quickly grasp the basic elements of OpenAM before moving on to the more advanced features and functionality.
Who this book is for
If you are a security architect or a solution developer responsible for the design and development of web-based enterprise applications that need to provide authentication, authorization, and audit facilities along with SSO capabilities, then this book is for you. You do not require any prior knowledge of OpenAM to read this book. Familiarity with Java will be helpful, but is not essential.