test

Deployment Example 1: Access Manager 7.0 Load Balancing, Distributed Authentication UI, and Session Failover

ProcedureTo Verify that Session Failover Works Properly

Before You Begin

Both Access Manager 1 and Access Manager 2 should be up and running before you begin this verification procedure.

  1. Stop Access Manager 1.


    # cd /opt/SUNWwbsvr/https-AccessManager-1
# ./stop

  2. Open a browser (Browser 1) and go to the following Access Manager load balancer URL:


    https://LoadBalancer-3.example.com:9443/amserver/UI/Login?realm=users

  3. Log in to the Access Manager console using the following information:

    Username

    testuser1

    Password

    password

    The Edit User page for testuser1 is displayed.

    This indicates that although Access Manager 1 was stopped (see step 1), the Access Manager load balancer (LoadBalancer-3) directed your login request to Access Manager 2, and the session for testuser1 was successfully created in Access Manager 2.

    Leave Browser 1 open.

  4. On the host AccessManager–1, at the command line, start Access Manager 1.


    # cd /opt/SUNWwbsvr/https-AccessManager-1
# ./start

    Both Access Manager 1 and Access Manager 2 are now up and running.

  5. Open a second browser (Browser 2) and go to the following Access Manager URL:


    http://accessmanager-1.example.com:1080/amserver/UI/Login

  6. Log in to the Access Manager console using the following information:

    Username

    amadmin

    Password

    4m4dmin1

  7. On the Realms page, click the Sessions tab.

    1. In the View: field, select Access Manager-2.example.com:1080.

      Verify that only one User Id, named testuser1, exists in the Sessions list.

    2. In the View: field, select Access Manager-1.example.com:1080

      Verify that only one User Id, named amAdmin, exists in the Sessions list.

      Leave Browser 2 open.

  8. Stop Access Manager 2.


    # cd /opt/SUNWwbsvr/https-AccessManager-2
# ./stop

    Access Manager 1 is still up and running, and Access Manager 2 is now stopped.

  9. In Browser 1, in the Edit User page for testuser1, modify the user profile.

    In the Full Name field, enter NewTestUser1, and then click Save.

    The message “Profile was updated” is displayed.

  10. In Browser 2, in the Realms page, click the Sessions tab.

    In the View: list, select AccessManager-1.example.com:1080.

    Verify that now two UserIds, named amAdmin and testuser1, exist in the Sessions list. This indicates that the session successfully failed over to Access Manager 1.

    Close Browser 2.

  11. Start Access Manager 2.


    # cd /opt/SUNWwbsvr/https-AccessManager-2
# ./start

    Both Access Manager 1 and Access Manager 2 are now up and running.

  12. Stop Access Manager 1.


    # cd /opt/SUNWwbsvr/https-AccessManager-1
# ./stop

    Access Manager now down, and Access Manager 2 is still up and running.

  13. In a new browser (Browser 3), go to the following Access Manager URL:


    http://accessmanager-2.example.com:1080/amserver/UI/Login

  14. Log in to the Access Manager console using the following information:

    Username

    amadmin

    Password

    4m4dmin1

    Leave the browser open.

    1. On the Realms page, click the Sessions tab.

    2. In the View field, select AccessManager-2.example.com:1080.

    3. Click the Search button.

      Under Sessions, only one UserID named amAdmin exists in the Session list.

      Leave the Browser 3 open.

  15. In Browser 1, in the Edit User page for testuser1, modify the user profile.

    In the Full Name field, change NewTestUser1 back to TestUser1, and then click Save.

    The message “Profile is updated” is displayed.

  16. In Browser 3, on the Sessions tab, click Search to refresh the page.

    Under Sessions, two UserIDs, named amAdmin and testuser1 , are now displayed in the Sessions list. This indicates that the session successfully failed back to Access Manager 2.