Exposing OpenAM 12 instance on the internet


How can we expose an OpenAM instance on the internet ?


Working with Salesforce often need to connect to an external IDP. I had previous experience working on OpenSSO 8.0 instance. So I will use the OpenSource version called OpenAM 12.0. The interface is pretty similar to OpenSSO 8.0 from SUN MicroSystem (acquired by Oracle in August 2008).


  • Install and configure a tomcat server. As you are exposing your instance on the internet, your need a *cheap but hackable* self-signed certificate. Please refer to this Apache Tomcat 8 – SSL/TLS Configuration HOW-TO
  • Configure and Open the port 4444, 50389 and 1689 in your router and authorize theses locals ports in your firewall rules setting

Below a configuration of my router:

Installation of OpenAM

The installation wizzard proposed by OpenAM is pretty easy. You MUST choose the advanced installation otherwise it will failed, as you have to specify some ports for the JMX, Admin and LDAP ports.

Below the configuration screen of my installation.




Et voila, I have now a free openAM instance for my labs testing with Salesforce !

Thanks for reading.


About Chenda Mok

19 years of hands on experience in software design and development with emphasis on Enterprise Application Integration (EAI), Services Oriented Architecture (SOA) and Identity Management (IDM) solutions. I’m a software engineer, member of the professional service delivery team working for Salesforce. Prior to this, I worked for Oracle as Solution Architect, through SeeBeyond(06/2005), then SUN’s acquisition (04/2009). After my master’s degree in computer science in 1997; I always delivered consulting on architecture, design, implementation on integration’s field. I’m interested in architecture using EAI/SOA/IDM/BPM/Cloud technologies, software development and Java’s related technologies. I may blog about my work/activities at Salesforce, but I do not speak for my employer, past, present or future.
This entry was posted in Uncategorized. Bookmark the permalink.