Access Manager contains a number of web archive (WAR) files. These packages contain Java servlets and JavaServer PagesTM (JSP) pages you can modify to customize Access Manager to meet your needs. The chapter contains the following sections:
Access Manager is built upon the Java 2 Platform, Enterprise Edition (J2EE) platform which uses a component model to create full-scale applications. A component is self-contained functional software code assembled with other components into a J2EE application. The J2EE application components can be deployed separately on different servers. J2EE application components include the following:
Client components such as including dynamic web pages, applets, and a Web browser that run on the client machine.
Web components such as servlets and Java Server Pages (JSPs) that run within a web container.
Business components, which can be code that meets the needs of a particular enterprise domain such as banking, retail, or finance. Such business components also run within the web container.
Enterprise infrastructure software that runs on legacy machines.
When a web browser executes a J2EE application, it deploys server-side objects known as web components. Java Server Pages (JSPs) and corresponding servlets are two such web components.
Small Java programs that dynamically process requests and construct responses from a web browser. Servlets run within web containers.
Text-based documents that contain static template data such as HTML, Scalable Vector Graphics (SVG), Wireless Markup Language (WML), or eXtensible Markup Language (XML). JSPs also contain elements such as servlets that construct dynamic content.
J2EE components are usually packaged separately, and then bundled together into an Enterprise Archive (EAR) file for application deployment. Web components are packaged in web application archives, also known as WAR files. Each WAR file contains servlets, JSPs, a deployment descriptor, and related resource files.
Static HTML files and JSP are stored at the top level of the WAR directory. The top-level directory contains the WEB-INF subdirectory which contains tag library descriptor files in addition to the following:
Servlets, JavaBean components and related Java class files. These must be stored in the WEB-INF/classes directory.
Tag libraries and any utility libraries called by server-side classes. These must be stored in the WEB-INF/lib directory.
The web component deployment descriptor is stored in the WEB-INF directory
When you customize Access Manager, sometimes you must also modify the Access Manager WAR files. The modifications in turn result in changes to the web components.
Access Manager provides two types of WAR files. One type of Access Manager WAR file is automatically built and deployed for you at installation. The password.war and services.war files are of this type. Both password.war and services.warare related to features and services that power the Access Manager server. At installation, based on the source files in the staging directory AccessManager-base/web-src/, both password.war and services.war are automatically generated and deployed into the AccessManager-base/SUNWam/war directory. When you want to customize Access Manager features or services, you must make changes in the source files contained in the staging directory, and then regenerate and redeploy the appropriate WAR files.
When you apply a patch or an upgrade to Access Manager, any customizations you have implemented may be overwritten.
The second type of Access Manager WAR is a specialized WAR file that you must manually deploy. The amaduthdistui.war for the Distributed Authentication UI, and the amclient.war for the Client SDK are such WARs. You can install amaduthdistui.war or amclient.warthrough the JES installer, or you can manually deploy one or both of them.
The following Access Manager WAR files are located in this directory:
AccessManager-base/SUNWam/
Automatically deployed at installation, and builds the Liberty IDFF profile named Identity Provider Introduction which is used in implementing a circle of trust. You do not need to redeploy this WAR.
If you choose the Legacy mode option during installation, this WAR is automatically deployed at installation, and builds the legacy mode administration console. Redeploy this WAR after you make changes to AccessManager-base/web-src/services/console/* source files.
Automatically deployed at installation, and builds the password reset feature. Redeploy this WAR after you make changes to AccessManager-base/web-src/password/* source files.
Automatically deployed at installation, and builds Access Manager service components. Redeploy this WAR after you make changes to AccessManager-base/web-src/services/* source files.
The following Access Manager WARs are located in this directory:
AccessManager-base/SUNWam/war.
Use this WAR to manually install Access Manager as a stand-alone product, and without using the JES installer. For more information, see Chapter 12, Deploying Access Manager as a Single WAR File, in Sun Java System Access Manager 7.1 Postinstallation Guide.
Use this WAR to manually install the Client SDK on a container remote from the Access Manager server. For more information, see Installing the Client SDK.
Use this WAR to manually install the Distributed Authentication UI server on a container remote from the Access Manager server. You can install this WAR using the JES installer. For more information, see Chapter 11, Deploying a Distributed Authentication UI Server, in Sun Java System Access Manager 7.1 Postinstallation Guide. You can also manually deploy this WAR. For more information, see Customizing the Distributed Authentication User Interface.
Access Manager uses this WAR to build the realm mode administration console. The amconsole.war file is automatically generated and deployed, based on the source code in AccessManager-base/web-src/services/console, when Access Manager is installed. You cannot customize this WAR.
Access Manager uses this WAR to build the legacy mode administration console. The console.war file is automatically generated and deployed, based on the source code in AccessManager-base/web-src/services/console, when Access Manager is installed. You can customize this WAR. For more information, see Chapter 11, Customizing the Administration Console.
This WAR is related to the Liberty IDFF profile named Identity Provider Introduction which is used in implementing a circle of trust. The introduction.war file is automatically generated and deployed, based on the source code in AccessManager-base/web-src/services/common, when Access Manager is installed. You cannot customize this WAR.
Access Manager uses this WAR for the password reset service. The password.war file is automatically generated and deployed, based on the source code in AccessManager-base/web-src/services/password, when Access Manager is installed. You can customize this WAR. For more information, see the section password.war.
Access Manager uses this WAR to build the UI for various Access Manager Services. The services.war file is automatically generated and deployed, based on the source code in AccessManager-base/web-src/services/services, when Access Manager is installed. You can customize this WAR. For more information, see the section services.war.
The password.war contains files used by the Access Manager password reset service.
You can modify the following password.war files:
web.xml and related XML files used for constructing it are located in AccessManager-base/SUNWam/web-src/password/WEB-INF/.
JSPs located in /SUNWam/web-src/password/password/ui/ .
Image files located in SUNWam/web-src/password/password/images/ .
Stylesheets located in AccessManager-base/SUNWam/web-src/password/password/css/.
Do not modify the following password.war files. Modifying the following files may cause unintended Access Manager behaviors.
JARs located in AccessManager-base/SUNWam/web-src/password/WEB-INF/lib/.
Tag library descriptor (.tld) files located in AccessManager-base/web-src/password/WEB-INF/.
The services.war contains files used by various Access Manager services.
You can modify the following services.war files:
web.xml and related XML files used for constructing it are located in AccessManager-base/SUNWam/web-src/services/WEB-INF/.
JavaScript files are located in AccessManager-base/SUNWam/web-src/services/js/.
JSP are located in the following directories:
AccessManager-base/SUNWam/web-src/services/config/auth/default/
AccessManager-base/SUNWam/web-src/services/config/federation/default/
Image files are located in the following directories:
AccessManager-base/SUNWam/web-src/services/images/
AccessManager-base/SUNWam/web-src/services/fed_images/
AccessManager-base/SUNWam/web-src/services/login_images/
Stylesheets are located in the following directories:
AccessManager-base/SUNWam/web-src/services/css/.
AccessManager-base/SUNWam/web-src/services/fed_css/.
Do not modify the following services.war files. Modifying the following files may cause Access Manager to fail:
Non-modifiable JARs are located in AccessManager-base/SUNWam/web-src/services/WEB-INF/lib/.
Non-modifiable Tag Library Descriptor (.tld) files are located in AccessManager-base/SUNWam/web-src/services/WEB-INF/.
Once a file within a WAR is modified, the WAR itself needs to be updated with the newly modified file. Following is the procedure to update a WAR.
Go to the directory where the WAR files are kept.
# cd AccessManager-base/ SUNWam/war |
Run the jar command.
jar -uvf WARfilename.war path_to_modified_file |
The -uvf option replaces the old file with the newly modified file. For example:
# jar -uvf console.war newfile/index.html |
This command replaces the index.html file in console.war with the index.html file located in AccessManager-base/SUNWam/newfile.
Delete the modified file.
# rm newfile/index.html |
Delete the modified file.
Once updated, the WARs must be redeployed to their web container. The web container provides services such as request dispatching, security, concurrency, and life cycle management. The web container also gives the web components access to the J2EE APIs.
The BEA WebLogic Server 6.1 and Sun Java System Application Server web containers do not require WARs to be exploded. The servers themselves are deployed as WARs. After WAR files are installed on these servers, you must restart all related servers.
Run the Java command on the BEA WebLogic 6.1 Server using the following form:
java weblogic.deploy -url protocol://server_host:server_port -component amconsole:WL61 _server_name deploy WL61_admin_password deployment_URI AccessManager-base/SUNWam/WARname.war
where the following variables are used:
The protocol [http | https] and fully-qualified name of the Access Manager server.
The name of the WebLogic server.
The WebLogic administrator password.
For console.war, the deployment URI is amconsole.
For services.war, the deployment URI is amserver.
For password.war, the deployment UIR is ampassword.
The directory where the Access Manager server is installed.
The name of the WAR file to deploy.
[console.war | server.war | password.war]
For more complete information on the Java utility weblogic.deploy and its options, see the http://edocs.bea.com/wls/docs61/index.html.
On the Application Server, run the asadmin command using the following form:
asadmin deploy -u S1AS_administrator -w S1AS_administrator_password -H console_server_host -p S1AS_server_port --type web secure_flag --contextroot deploy_uri --name deploy_uri --instance S1AS_instanceAccessManager-base/SUNWam/WARname
where the following variables are used:
Application Server administrator
Application Server administrator password
Access Manager server host name
Application Server port number
For console.war, the deployment URI is amconsole.
For password.war, the deployment URI is ampassword.
For services.war, the deployment URI is amservices.
Application Server directory where Access Manager server is installed
The name of the WAR file to deploy.
[console.war | services.war | password.war]
For more information on the asadmin deploy command and its options, see the Sun Java System Application Server 7.0 Developer’s Guide.
For detailed instructions on how to deploy WARs in an IBM WebSphere Application Server container, see the documentation that comes with the product:http://www-306.ibm.com/software/webservers/appserv/was/