Skip to end of metadata
Go to start of metadata

When setting up Whydah you have to consider how secure you want your installation.
The security corresponds somewhat to the IAM_MODE as one would expect PROD to be more secure than DEV.

Mode / security What to setup Server recommendation
1. Development mode
  • Download the docker image and start rolling on your local computer or all components on one server
  • None (your local comuter with Java 8 installed will do fine)
2. Test mode
  • Setup a separate UIB and LDAP behind firewall.
  • Download the docker image and change the user identity backend configuration to point to your UIB
  • All in one server or with separate UIB and Front end
3. Production mode
  • Get a SSL certificate for the domain you wish to run whydah on, i.e.
  • Setup a separate UIB and LDAP behind firewall.
  • Setup a separate front-end server with UAS, UAWA and STS.
See Installing Whydah for deployment diagram.
  • LDAP server: Amaxon Linux AMI m3.medium 8GB
    (Or AD can be used, see User directory strategy)
  • UIB server: Amazon Linux AMI t2.micro 8GB
  • Frontend server: 1-4 Amazon Linux AMI t2.micro 8GB
  • RoleDB: Mysql, db.m1.small, 10GB

Note that installation can be provisioned using Ansible once you have the infrastructure setup.
You'll find it at

Whydah development Express-route for linux and osx/mac

Pre-requisites: JDK 8, maven 3 and wget installed
  1. run (wget which will do the following
    1. clone all main Whydah repositories
    2. build all modules on local machine
    3. start all built modules in a TEST_LOCALHOST configuration
  2. verify that it is working before starting to code (http://localhost:9997/sso/welcome u:useradmin pw:useradmin567)

Notes when setting up new Server environment in Amazon AWS

  • Apply "Protect against accidental termination"
  • Keep instances as physically close to on another (Subnet)
  • Set Naming strategy as quickly as possible to avoid confusion. Example:
    • MyCompany-PROD-UserIdentityBackend
    • MyCompany-PROD-SecurityTokenService
    • MyCompany-PROD-SSOLoginWebapp
    • MyCompany-PROD-UserAdmin
  • Create new keys for PROD and don't reuse test-keys. They can't be changed afterwards.

Zone recommendation


Key recommendation


Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.