Access Manager 7.1 patch 5 fixes a number of problems, as listed in the README file included with the patch. For a list of the patch IDs, see Access Manager 7.1 Patch Releases. Patch 5 also includes the following new features and changes:
Time to Live (TTL) is implemented for the Service Management (SMS) cache (6973683)
Access Manager 7.1 patch Readme lists the required LDAP JDK patches (6959325)
Patch 5 includes the following new properties to implement the TTL for the SMS cache. The TTL is the period of time before data in the SMS cache is discarded.
com.sun.identity.sm.cache.ttl.enable enables the TTL function for the SMS cache, if set to true.
com.sun.identity.sm.cache.ttl specifies the time in minutes before data in the cache is discarded. The default is 30 minutes.
To use these new properties, add them with appropriate values to the AMConfig.properties file and then restart the Access Manager web container.
Patch 5 includes the following new properties to implement the retry mechanism in the PLL server:
com.sun.identity.notification.retry.limit enables the Access Manager 7.1 server to repeat sending notifications until the notification is delivered successfully. The default is 3 retries, if the value is set to any nonnumeric character. A value of 0 (zero) specifies that no retries are sent.
com.sun.identity.notification.retry.interval species the time interval in milliseconds between re-sending the retries, if com.sun.identity.notification.retry.limit is set to a nonnumeric character (or not set). The default is 500 milliseconds.
To use these new properties, add them with appropriate values to the AMConfig.properties file and then restart the Access Manager web container.
The Access Manager 7.1 Readme file included with the patch now lists the required LDAP JDK patches. For more information, see the patch 5 Readme file.
Patch 5 allows you to access the HttpServletRequest object and modify the HttpServletResponse object through a custom authentication module for Access Manager 7.1 server deployments with the Distributed Authentication User Interface (DAUI), as well as for Access Manager 7.1 server deployments without the DAUI.
To use this new feature, you must modify your existing custom authentication modules using the authentication SPI framework. (If you don't want to use this feature, your existing custom authentication modules do not need to be modified. The current APIs for getHttpServletRequest and getHttpServletResponse will continue to be supported but only for Access Manager 7.1 server deployments without the DAUI.)
Changes to custom authentication modules include both JAVA class files and callback XML files. No UI changes are required. Patch 5 adds these new callbacks:
HttpRequestCallback: equivalent to the container HttpServletRequest object
HttpResponseCallback: equivalent to the container HttpServletResponse object
For more information, see the Sun Java System Access Manager 7.1 Developer’s Guide.