Preparing for JBoss and WildFly

1. Stop JBoss or WildFly.

2. The default JVM settings do not allocate sufficient memory to AM. This step shows one method that you can use to modify the JVM settings. For other methods, refer to the JBoss Application Server Documentation or the JVM Settings page in the WildFly documentation

   1. Open the standalone.conf file in the /path/to/jboss/bin directory for JBoss or WildFly in standalone mode.

   2. Check the JVM settings associated with JAVA_OPTS.

      Change the JVM heap size to -Xmx1g. The default JVM heap size for some versions of JBoss might already exceed the recommended value. If you are evaluating AM and using the embedded version of DS, the minimum heap size may be higher. For details on the JVM options to use, refer to "Preparing a Java Environment".

      Change the metaspace size to -XX:MaxMetaspaceSize=256m if the default size does not exceed this amount.

   3. Set the following JVM JAVA_OPTS setting in the same file:

      -Dorg.apache.tomcat.util.http.ServerCookie.ALWAYS_ADD_EXPIRES=true

      Verify that the headers include the Expires attribute rather than only Max-Age, as some versions of Internet Explorer and Microsoft Edge do not support Max-Age.

3. Edit the WildFly configuration to allow HTTP connections from any IP address.

   In the /path/to/wildfly/standalone/configuration/standalone.xml file, locate the <interface name="public"> interface (around line 512 of the file) and change the value to <any-address/>:

         <interface name="public">
          <any-address/>
         </interface>
        

4. Set up Wildfly for Social Authentication, by performing the following steps:

   1. Ensure the Wildfly server is running.

   2. Go to the Wildfly Path.

   3. In the $JBOSS_HOME/bin directory, run the jboss-cli.sh script file:

      $ ./bin/jboss-cli.sh

   4. Type "connect" to connect to the server.

   5. Enable use of the equals (=) symbol in cookies by running the following command:

      For example:

      [standalone@localhost:9990 /] /subsystem=undertow/server=default-server/
      http-listener=default:write-attribute(name=allow-equals-in-cookie-value,
      value=true)
      {
         "outcome" => "success",
         "response-headers" => {
            "operation-requires-reload" => true,
            "process-state" => "reload-required"
          }
      }
             

   6. Restart Wildfly.

5. Now deploy the openam.war file into the appropriate deployment directory. The directory varies depending on whether you are running in standalone or domain mode.

To prepare AM to run with JBoss or WildFly, you need to change the default AM war file. JBoss and WildFly deploy applications from different temporary directories every time you restart the container, which would require reconfiguring AM. To avoid problems, change the AM war file as follows:

1. If you have not already done so, create a temporary directory and expand the AM-7.1.4.war file. For example:

   $ cd /tmp
   $ mkdir /tmp/openam ; cd /tmp/openam
   $ jar xvf ~/Downloads/AM-7.1.4.war

2. Locate the bootstrap.properties file in the WEB-INF/classes directory of the expanded war archive. Update the # configuration.dir= line in this file to specify a path with read and write permissions, and then save the change.

   # This property should also be used when the system user that
   # is running the web/application server process does not have
   # a home directory. i.e. System.getProperty("user.home") returns
   # null.
   
   configuration.dir=/my/readwrite/config/dir

3. If you are deploying AM on JBoss AS or JBoss EAP, remove the jboss-all.xml file from the WEB-INF directory of the expanded war archive.

   Be sure not to remove this file if you are deploying AM on WildFly.

4. If you are deploying AM on Wildfly 12, remove the jul-to-slf4j-1.7.21.jar file from the WEB-INF/lib directory of the expanded war archive.

5. Rebuild the openam.war file.

   $ jar cvf ../openam.war *