Configuration Tab:

I did some changes to the Configuration tab and want to share what are the changes, including cookie domain, saml2 globe setting...

Login to OpenSSO SP using amadmin account


Click on System tab:


I want to config the Platform link because if you work with the Reserve Proxy, you need to set up Domain Cookie with your Reverse Proxy domain so that your SP user session is not lost.  Let says you have a Reverse proxy under *, here is how to config:

Click on Platform link

If the IDP reverse proxy is *, they you need to add to this Cookie Domains.



Go out of this tab and click Global tab, it is where you will configure Samlv2 Service Configuration:


Again, if your reverse proxy domain is *, you will need to set Cookie domain for IDP Discovery Service:

Attribute name for Name ID information and information key are the one that you had defined on your opensso_users table.  If you did not like this name, you can change this column name in the opensso_users and then map them here.

If you want to configure an error page when you got the exception when OpenSSO consume the saml2 messages, it is on Common Federation Configuration link and set SAML Error Page URL: /saml2/jsp/2qvideosaml2error.jsp


Config Debug log:

When you configure and get the openSSO running, it is a complicated processes, everything can go wrong.  You should enable the debug log to see what it runs on the back ground.  That is done on the Servers and Sites tab and click on the link on your server name link and then set Debug Level: Message and Merge Debug Files: on



That are all when I configure Configuration tab for my use cases.