Access Management 7.3.2

Deploy and test the Fedlet on the SP

This page covers the two options for deploying the Fedlet.

Install and configure the Fedlet as a demo application

To deploy the Fedlet on the SP, you require the following:

  • The configuration files, as created in Create and configure the Fedlet.

  • The Fedlet WAR file, provided in the Fedlet-7.3.2.zip, within the AM distribution file; AM-7.3.2.zip.

    1. Create a fedlet directory, in the home directory of the user that runs the AM web container:

      $ cd $HOME
      $ mkdir fedlet
    2. Copy the fedlet configuration files to the $HOME/fedlet directory.

      The result may resemble the following:

      $ cd /Users/tomcat-user/fedlet
      $ ls -A1
      FederationConfig.properties
        fedlet.cot
        idp-extended.xml
        idp.xml
        sp-extended.xml
        sp.xml
    3. Deploy the Fedlet WAR file into your web container:

      $ cp fedlet.war /path/to/tomcat/webapps

      Upon completion, you can proceed to Test Fedlet single sign-on and single logout.

Embed the Java Fedlet in a web application

The Fedlet WAR file, fedlet.war, serves as an example and to provide the code needed to embed the Fedlet in your web application.

The basic steps for using the Fedlet in your application are as follows:

  1. Unpack the Fedlet ZIP file to a working directory, remove any files you do not want to keep, such as index.jsp or fedletEncode.jsp, and merge the Fedlet files with those of your web application.

  2. To integrate single sign-on into your application, modify the functionality in the fedletSampleApp.jsp page or add it to your application’s logic.

    If you add it to your application’s logic, then you must also edit your application’s deployment descriptor file, web.xml, to set the assertion consumer URI, which by default is /fedletapplication in the basic SP XML for the Fedlet. Add servlet and servlet-mapping elements as shown in the following example.

    <servlet>
        <servlet-name>yourapplication</servlet-name>
        <jsp-file>/your-application.jsp</jsp-file>
    </servlet>
    <servlet-mapping>
        <servlet-name>yourapplication</servlet-name>
        <url-pattern>/fedletapplication</url-pattern>
    </servlet-mapping>
  3. Build a WAR file from your web application with embedded Fedlet files.

    This is the version of the application to deploy. When you deploy your WAR file, also provide the Fedlet configuration files. For information on where to put the configuration files and how to deploy the WAR file with embedded Fedlet, see Install and configure the Fedlet as a demo application.

Test Fedlet single sign-on and single logout

To test single sign-on and single logout from the Fedlet, go to the Fedlet URL. For example, https://sp.example.com:8443/fedlet.

Try one or more examples from the Fedlet home page:

The home page for the demo Fedlet lets you try SP-(Fedlet-)initiated and IDP-initiated single sign-on and single logout.

You can log in to the identity provider with username demo and password Ch4ng31t.