Sun Java System Access Manager 7 2005Q4 Administration Guide

Chapter 20 The amsecuridd Helper

This chapter provides information on the amsecuiridd helper and contains the following section:

The amsecuridd Helper Command Line Executable

The Access Manager SecurID authentication module is implemented using the Security Dynamic ACE/Client C API and the amsecruidd helper, which communicates between the Access Manager SecurID authentication module and the SecurID Server. The SecurID authentication module invokes the amsecuridd daemon by opening a socket to localhost:57943 to listen for SecurID authentication requests.

Note –

57943 is the default port number. If this port number is already used, you can specify a different port number in the SecurID Helper Authentication Port attribute in the SecurID Authentication module. This port number must be unique accross all organizations.

Because the interface to amsecuridd is in clear text through stdin, only local host connections are permitted. amsecuridd uses the SecurID remote API (version 5.x) on the back end for data encryption.

The amsecuridd helper listens on port number 58943 (by default) to receive its configuration information. If this port is already used, you can change it in the securidHelper.ports attribute in the file (by default, located in AccessManager-base /SUNWam/config/). The securidHelp.ports attribute contains a space-separated list of the ports for each amsecuridd helper instance. Restart Access Manager once the changes to are saved.

Note –

A separate instance of amsecuridd should run for each organization that communicates with a separate ACE/Server (containing different sdconf.rec files).

amsecuridd Syntax

The syntax is as follows:

amsecuridd [-v] [-c portnum]

amsecuridd Options

verbose (-v)

Turns on verbose mode and logs to /var/opt/SUNWam/debug/securidd_client.debug .

configure portnumber (-c portnm)

Configures the listening port number. The default is 58943.

Running the amsecuridd helper

amsecuridd is located, by default, in AccessManager-base /SUNWam/share/bin. To run the helper on the default ports, enter the following command (without options):


To run the helper on non-default port, enter the following command:

./amsecuridd [-v] [-c portnm]

amsecuridd can also be run through the amserver command line utitility, but it will only run on the default ports.

Required Libraries

In order to run the helper, the following libraries are required (most can be found in the operating system in /usr/lib/):

Note –

Set LD_LIBRARY_PATH to AccessManager-base /Sunwam/lib/ to find