Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

PLACEHOLDER

INTRODUCTION

Prerequisites

  • A server running Java with relevant environment variables set (e.g. JAVA-HOME)
  • Server time synced with NTP or equivalent
  • Familiarity with your chosen platform
  • The username and password you use to access the publisher dashboard. PLACEHOLDER - LINK
  • Access to the publisher dashboard. PLACEHOLDER - LINK

Method

  1. Install OpenAthens software
    Anchor
    install
    install


    1. The recommended method is to use our Maven repository. For connection details see: Maven settings for Java OASP

    2. You can also download the software The software is also available as a zip file from https://download.openathens.net instead, you our service desk. You will need to manually move jar files to the correct location and set environment variables.


  2. Create metadata keys. These are used for signing and encrypting SAML erxchanges and the exchanges. The public key will be published in metadata.
    Anchor
    keys
    keys


    1. Linux
      WindowsUsing Keystore Explorer

  3. If you have not already done so, create an application in the publisher dashboard. PLACEHOLDER LINK
    Logging - PLACEHOLDER - HERE OR MAINT?
    Linux
    Windows. You will have the opportunity to paste in the signing certificate you generated in the previous step.when you set it up.

    1. If this is for an existing application, open the application in the dashboard and go to the getting started tab to paste in your signing certificate.

  4. Configure your web.xml file. The publisher dashboard will have  generated a configuration to copy and paste. In the file you will also need to:

    1. Update the protected location to cover your application.

    2. Restart your web server to download the configuration from the publisher dashboard and start using it.

...

Configure your application

See OpenAthens SP common

Advanced

When there will be more than one organisation accessing by this method, such as in a federation, you would usually restrict access by checking the users' scope. See: Attribute based authorisation on Java