Access Manager Installation Modes
When you install Access Manager, you are asked to choose either Realm Mode or Legacy Mode. Realm Mode is the new Access Manager architecture; Legacy Mode is based on the Access Manager 6.3 architecture. The following table briefly compares these options. The sections following the table give a more in-depth explanation of each installation modes.
Table 1–1 Comparison of Realm and Legacy Modes|
Realm Mode |
Legacy Mode |
|
|---|---|---|
|
Supports all new Access Manager 7.1 features. |
Yes |
Yes |
|
Supports identity repositories in Sun Java System Directory Server and other data stores. |
Yes |
Yes |
|
Supports Access Manager 6 user management features. |
No |
Yes |
|
Can coexist with Access Manager 6 2005Q1 in multiple-server installations. |
No |
Yes |
|
Before installation, identity repository can exist in Sun Java Directory Server . |
Yes |
Yes |
|
Before installation, identity repository can exist in an LDAP version 3 compliant directory server. |
Yes |
No |
To determine if an already installed instance of Access Manager is running in realm or legacy mode, type the following into the location bar of your web browser:
protocol://FQDN_server:port/amserver/SMSServlet?method=isRealmEnabled
The server will return true if running in realm mode. More information on the installation modes can be found in the following sections:
Realm Mode
Realm mode is based on the Access Manager information tree and Identity Repository Management Service described in previous sections. Realm Mode is appropriate in most new Access Manager deployments where you want to keep identity repositories independent of access management, or where you cannot maintain user data within the required object classes of Sun Java System Directory Server. If you choose Realm Mode at installation, your identity repositories can exist in any of the following configurations:
-
In the same Directory Server instance and the same suffix as the Access Manager information tree.
-
In the same Directory Server instance but in a different suffix as the Access Manager information tree.
-
In a different directory server instance from the Access Manager information tree.
Figure 1–2 is a screen capture of the Access Manager Administration Console when the product has been installed in Realm Mode.
Figure 1–2 Realm Mode User Interface
Legacy Mode
Legacy Mode is based on the Access Manager 6.3 architecture. This legacy Access Manager architecture uses the Lightweight Directory Access Protocol (LDAP) directory information tree (DIT) that comes with Sun Java System Directory Server. In Legacy Mode, both user information and access control information are stored in LDAP organizations. When you choose Legacy Mode, an LDAP organization is the equivalent of an access control realm. Realm information is integrated within LDAP organizations.
Legacy Mode is appropriate in deployments where you want to use Access Manager user management. It is typically used in deployments where Access Manager is built upon Sun Java System Portal Server or other Sun Java System communication products that require the use of Sun Java System Directory Server as the central identity repository. If you choose Legacy Mode during installation, the top-level ream resides in the same Directory Server branch as the Access Manager information tree, and user information is intermingled with access information.
Figure 1–3 is a screen capture of the Access Manager Administration Console when the product has been installed in Legacy Mode.
Figure 1–3 Legacy Mode User Interface
- © 2010, Oracle Corporation and/or its affiliates