To Configure Policy for Web Policy Agent 1 on Protected Resource 1

Use the OpenSSO Enterprise console to configure policy for Web Policy Agent 1 that will be used to verify that the agent is working properly.

You will add additional policies later when we add a load balancer in front of the Protected Resource 1 host machine.

1. Access https://osso-1.example.com:1081/opensso/console from a web browser.

2. Log in to the OpenSSO Enterprise console as the administrator.

   Username

   amadmin

   Password

   ossoadmin

3. Under the Access Control tab, click / (Top Level Realm).

4. Click the Policies tab.

5. Click New Policy.

6. Enter URL Policy for Protected Resource 1 in the Name field.

7. Under Rules, click New.

   The Rules properties page is displayed.

8. Select URL Policy Agent (with resource name) and click Next.

9. Provide the following information on the resulting page and click Finish.

   Name:

   URL Rule for Protected Resource 1

   Resource Name:

   http://pr-1.example.com:1080/*

   GET

   Mark this check box and verify that Allow is selected.

   POST

   Mark this check box and verify that Allow is selected.

   The rule URL Rule for Protected Resource 1 is added to the list of Rules.

10. Under Subjects, click New.

    The Subjects properties page is displayed.

11. Select Access Manager Identity Subject and click Next.

12. On the resulting page, provide the following information and click Search.

    Name:

    Test Subject

    Filter:

    Choose User and click Search to display a list of available users.

    Available:

    From the available users, select testuser1 and click Add.

13. Click Finish.

14. Click OK.

    The new policy is included in the list of Policies.

15. Click Back to Access Control.

16. Log out of the console.