Sun Java System Access Manager 7.1 Release Notes

New Property Allows SSO Token Restriction Other Than an IP Address

Access Manager 7.1 patch 3 (CR 6496155) includes the new com.iplanet.dpro.session.dnRestrictionOnly property to enforce the DN as the SSO token restriction rather then the IP address in cross-domain single sign-on (CDSSO) deployments and cookie-hijacking prevention mode. Values for this property can be:

Note: Older agents that use amclientsdk.jar from Access Manager 7 2005Q4 patch 5 and earlier should not set this property to true.

To require Access Manager 7.1 server to enforce that an agent send the DN as the SSO token restriction:

  1. Add this new property with a value of true in the file. For example:


  2. Restart Access Manager 7.1 server.