-
In the OpenAM console under Access Control > Realm > Authentication click "All Core Settings" and add com.sun.identity.authentication.spi.ReplayPasswd to the Authentication Post Processing Classes.
-
Run java -classpath amserver.jar:opensso-sharedlib.jar com.sun.identity.common.DESGenKey to generate a shared key for the OpenAM Authentication plugin and OpenIG. As an example, if you have OpenAM installed under $HOME on Tomcat you would run the command java -classpath $HOME/tomcat7/webapps/openam/WEB-INF/lib/amserver.jar:$HOME/tomcat7/webapps/openam/WEB-INF/lib/opensso-sharedlib.jar com.sun.identity.common.DESGenKey.
-
In the OpenAM console under Configuration > Servers and Sites click on your server name, go to Advanced and add com.sun.am.replaypasswd.key with the value of the key generated in the previous step.
You must restart the OpenAM server after changing Advanced properties.
