Information about Java System Enterprise installation issues is contained in the Java Enterprise System 5 Release Notes. See the section Access Manager Installation Issues in Sun Java Enterprise System 5 Release Notes for UNIX.
This section contains the following Known Issues:
There is a known issue with the single WAR deployed on Weblogic 8.1, with JAX-RPC initialization. In order for Access Manager to communicate with the client SDK, you need to replace the JAX-RCP 1.1 jar files with JAX-RPC 1.0 jar files.
Workaround:
There are two ways to obtain the WAR file. One is through the Java Enterprise System 5 installer with Access Manager set to the Configure Later option, the other is from Sun's download site.
If you have generated the WAR file through the Java Enterprise System 5 installer with the Configure Later option:
Remove the following JAXRPC 1.1 .jar files from AccessManager-base/SUNWam/web-src/WEB-INF/lib:
jaxrpc-api.jar
jaxrpc-spi.jar
jaxrpc-impl.jar
Copy the following .jar files from their respective locations to AccessManager-base/SUNWam/web-src/WEB-INF/lib:
jaxrpc-api.jar from /opt/SUNWam/lib/jaxrpc 1.0
jaxrpc_ri.jar from /opt/SUNWam/lib/jaxrpc 1.0
commons-logging.jar from /opt/SUNWmfwk/lib
Goto AccessManager-base/SUNWam/bin/ and run the following command:
amconfig —s samplesilent
For more information on configuring Access Manager using the amconfig script, see Running the Access Manager amconfig Script in the Access Manager Post Installation Guide.
If you have obtained the WAR file through the Oracle download site (http://www.oracle.com/technetwork/indexes/downloads/index.html):
Acquire the ZIP_ROOT/applications/jdk14/amserver.war file and explode it into a staging area, such as /tmp/am-staging.
Remove the following JAXRPC 1.1 .jar files from /tmp/am-staging/WEB-INF/lib:
jaxrpc-api.jar
jaxrpc-spi.jar
jaxrpc-impl.jar
Copy the following JAXRPC 1.0 .jar files and the commons logging .jar file, located in the ZIP_ROOT/applications/jdk14/jarFix directory to /tmp/am-staging/WEB-INF/lib:
jaxrpc-api.jar
jaxrpc-ri.jar
commons-logging.jar
Recreate and deploy the Access Manager WAR. For more information, see Deploying Access Manager as a Single WAR File in the Access Manager Post Installation Guide.
If the Access Manager single WAR is generated using the Java Enterprise System 5 installer with the Configure Later option, additional .jar files are required before you deploy Websphere 5.1.
Workaround:
Copy jsr173_api.jar from /usr/share/lib to the AcessManager-base/opt/SUNWam/web-src/WEB-INF/lib directory.
Goto AccessManager-base/SUNWam/bin/ and run the following command:
amconfig —s samplesilent
For more information on configuring Access Manager using the amconfig script, see Running the Access Manager amconfig Script in the Access Manager Post Installation Guide.
In order for the Access Manager single WAR deployment with Websphere 5.1 to successfully communicate with the client SDK, you must make changes to the server.xml file.
Workaround:
To correctly change the server.xml file, see the following steps:
Acquire the amserver.war file. There are two ways to get the single WAR file; through the Java Enterprise System 5 installer with the Configure Later option, or through the sun download site.
If you have generated the WAR file through the Java Enterprise System 5 installer, make sure that you complete the steps outlined in Known Issue #6550261.
Explode the Access Manager WAR into a staging area, for instance /tmp/am-staging.
Copy the following shared .jar files from /tmp/am-staging/WEB-INF/lib to a shared location, such as/export/jars:
jaxrpc-api.jar jaxrpc-spi.jar jaxrpc-impl.jar saaj-api.jar saaj-impl.jar xercesImpl.jar namespace.jar xalan.jar dom.jar jax-qname.jar jaxb-api.jar jaxb-impl.jar jaxb-libs.jar jaxb-xjc.jar jaxr-api.jar jaxr-impl.jar xmlsec.jar swec.jar acmecrypt.jar iaik_ssl.jar iaik_jce_full.jar mail.jar activation.jar relaxngDatatype.jar xsdlib.jar mfwk_instrum_tk.jar FastInfoset.jar jsr173_api.jar
Remove the same .jar files from the /tmp/am-staging/WEB-INF/lib in the staging area.
Update the Webshpere instance's server.xml. Make the changes to jvmEntries in server.xml if your default instance location is/opt/WebSphere/AppServer/config/cells/node-name/nodes/node-name/servers/server1, as shown below:
<classpath>/export/jars/jaxrpc-api.jar:/export/jars/jaxrpc-spi.jar: /export/jars/jaxrpc-impl.jar:/export/jars/saaj-api.jar: /export/jars/saaj-impl.jar:/export/jars/xercesImpl.jar: /export/jars/namespace.jar:/export/jars/xalan.jar:/export/jars/dom.jar: /export/jars/jax-qname.jar:/export/jars/jaxb-api.jar:/export/jars/jaxb-impl.jar: /export/jars/jaxb-libs.jar:/export/jars/jaxb-xjc.jar:/export/jars/jaxr-api.jar: /export/jars/jaxr-impl.jar:/export/jars/xmlsec.jar:/export/jars/swec.jar: /export/jars/acmecrypt.jar:/export/jars/iaik_ssl.jar: /export/jars/iaik_jce_full.jar:/export/jars/mail.jar: /export/jars/activation.jar::/export/jars/relaxngDatatype.jar: /export/jars/xsdlib.jar:/export/jars/mfwk_instrum_tk.jar: /export/jars/FastInfoset.jar:/export/jars/jsr173_api.jar</classpath>
Restart the container.
Recreate and deploy the Access Manager WAR from /tmp/am-staging. For more information, see Deploying Access Manager as a Single WAR File in the Access Manager Deployment Planning Guide.
The Distributed Authentication WAR requires additional jar files for parsing for both Weblogic 8.1 and Websphere 5.1 because the container is version JDK14. The JDK14 .jar files are located in the following directory of the .zip file:
ZIP-ROOT/applications/jdk14/jarFix
Workaround:
For Weblogic 8.1:
Configure Distributed Authentication using the setup scripts. See Deploying a Distributed Authentication UI Server in the Access Manager Post Installation Guide.
Explode the updated Distributed Authentication WAR into a temporary location, such as /tmp/dist-auth.
Copy xercesImpl.jar, dom.jar and xalan.jar to the /tmp/dist_auth/WEB-INF/lib directory from ZIP-ROOT/applications/jdk14/jarFix.
Regenerate the Distributed Authentication WAR from the temporary location and deploy it. For more information, see Deploying a Distributed Authentication UI Server WAR File in the Access Manager Post Installation Guide.
For Websphere 5.1:
Configure Distributed Authentication using the setup scripts. See Deploying a Distributed Authentication UI Server in the Access Manager Post Installation Guide.
Explode the updated Distributed Authentication WAR into a temporary location, such as /tmp/dist_auth/.
Copy xercesImpl.jar, dom.jar and xalan.jar to the /tmp/dist_auth/WEB-INF/lib directory from ZIP-ROOT/applications/jdk14/jarFix.
Edit theWEB-INF/web.xml file and replace jar://web-app_2_3.dtd with http://java.sun.com/dtd/web-app_2_3.dtd.
Regenerate the Distributed Authentication WAR from the temporary location and deploy it. For more information, see Deploying a Distributed Authentication UI Server WAR File in the Access Manager Post Installation Guide.
Access Manager deployed as a single WAR fails to configure on Directory Server 6 with a single component root suffix, for example. dc=example. However, it works with multi component root suffix, for example dc=example,dc=com. After running the configurator with configuration datastore as Sun Java System Directory server, it is always advised to go and edit the serverconfig.xml to replace the cn=directory manager with less privileged user, such as cn=dsameuser. This user should be available in the directory server with proper access permissions to the Access Manager service tree.
Workaround: Use the multi component root suffix, for example dc=example,dc=com.
When configuring the second instance of Access Manager single WAR on the same host against Directory Server, it throws an exception while updating the Organization Alias. This issue does not occur if the second instance configured is on a different host.