Technical Note: Precautions Against Cookie Hijacking in an Access Manager Deployment

ProcedureTo Update the Agent Profile Credentials in the Web Agent

This task applies to web agents only, not to J2EE agents. This task description provides alternatives for steps that differ according to platform: UNIX-based systems or Windows systems. For a more thorough explanation about updating the agent profile for a web agent, see the corresponding Policy Agent 2.2 documentation.

  1. Update the following property in the web agent AMAgent.properties configuration file:

    com.sun.am.policy.am.username

    Replace the value of this property with the agent profile ID (name) you just updated in Access Manager Console. Therefore, this property would then appear similarly to the following:

    com.sun.am.policy.am.username = agent-profile-ID
    
  2. Change directories to the following:

    • UNIX-based Systems

      PolicyAgent-base/bin

    • Windows Systems

      PolicyAgent-base\bin

  3. Execute the following script in the command line:

    • UNIX-based Systems

      crypt_util agent-profile-password

    • Windows Systems

      cryptit agent-profile-password

    where agent-profile-password represents the agent profile password you updated in Access Manager Console.

  4. Copy the output obtained after issuing the script in the previous step and paste it as the value for the following property:

    com.sun.am.policy.am.password

    This property would appear similarly to the example that follows, where encrypted-password-string is a place holder for the real encrypted password:

    com.sun.am.policy.am.password = encrypted-password-string
    
  5. Ensure that protected web resources are accessible.

    1. Restart the web container.

    2. Attempt to access any resource protected by the web agent.

    If the attempt to access a protected resource results in a redirection to Access Manager, then the preceding steps were executed properly.