Access Manager Services (Sun Java Enterprise System 5 Update 1 Installation Reference for UNIX)

Sun Java Enterprise System 5 Update 1 Installation Reference for UNIX

Access Manager Services

The installer needs different information about Access Manager services for the following Access Manager subcomponents.

Access Manager Web Container Information

This section describes the services information that the installer needs when you are specifying web container details.

Table 3–6 Access Manager Services Information for Specifying Web Container


Label and State File Parameter	Description
Host Name `IS_SERVER_HOST`	Fully qualified domain name of the host on which you are installing Java ES. The default value is the fully qualified domain name of the local host.
Services Deployment URI `SERVER_DEPLOY_URI`	Uniform Resource Identifier (URI) prefix for accessing the HTML pages, classes, and JAR files associated with the Identity Management and Policy Services Core subcomponent. This URI is used to access the realm (Access Manager 7.x compatible) console. The default value is `amserver`. Do not enter a leading slash.
Common Domain Deployment URI `CDS_DEPLOY_URI`	URI prefix for accessing the common domain services on the web container. The default value is `amcommon`. Do not enter a leading slash.
Cookie Domain `COOKIE_DOMAIN_LIST`	The names of the trusted DNS domains that Access Manager returns to a browser when Access Manager grants a session ID to a user. You can scope this value to a single top-level domain, such as `example.com` . The session ID will provide authentication for all subdomains of example.com. Alternatively, you can scope the value to a comma-separated list of subdomains, such as `.corp.example.com,.sales.example.com`. The session ID will provide authentication for all subdomains in the list. A leading dot (`.`) is required for each domain in the list. The default value is the current domain, prefixed by a dot (`.`).
Password Deployment URI `PASSWORD_SERVICE_DEPLOY_URI`	URI that determines the mapping that the web container running Access Manager will use between a string you specify and a corresponding deployed application. This is the URI for the Access Manager password reset service. The default value is `ampassword`. Do not enter a leading slash.
Console Protocol `CONSOLE_PROTOCOL`	Protocol specified for Web Server to listen on the Web Server port. A secure port uses the HTTPS protocol. A non-secure port uses HTTP. The default value is HTTP.

Access Manager Console Information for Services

This section describes the services information the installer needs for the Access Manager console.

Table 3–7 Access Manager Services Information for Access Manager Console


Label and State File Parameter	Description
Administration Console: Deploy new console or use existing console `USE_DSAME_SERVICES_WEB_CONTAINER` `CONSOLE_REMOTE`	Choose Deploy new console to deploy the console into the web container of the host on which Access Manager is being installed. Choose Use existing console to use an existing console that is, or will be, deployed on a remote host in Realm mode. The default value is False. In both cases, you specify the Console Deployment URI and Password Deployment URI. If you choose to use an existing console, you must also specify the Console Host Name and Console Port.
Console Deployment URI `CONSOLE_DEPLOY_URI`	URI prefix for accessing the HTML pages, classes, and JAR files associated with the Access Manager Legacy mode (Access Manager 6.x compatible) console. Only applies to Legacy mode. The default value is `amconsole`. Note: If `AM_REALM` is enabled (setting Realm mode 7.x), then `CONSOLE_DEPLOY_URI` is ignored.
Console Host Name `CONSOLE_HOST`	Fully qualified domain name for the server hosting the existing console. This value is not needed if you are deploying a new console. In graphical installation mode, you can edit the field only if you are using an existing console. The default value contains the value that you provided for Host (`IS_SERVER_HOST` ), a dot, and then the value that you provided for DNS Name in the Common Server Settings. For example, if the host is `siroe` and the domain is `example.com`, the default value is `siroe`.`example` .`com`.
Console Port `CONSOLE_PORT`	Port on which the existing console is listening or will listen for connections. Permitted values are any valid and unused port number, in the range 0 (zero) through 65535. This value is not needed if you are deploying a new console. In graphical installation mode, you can edit the field only if you are using an existing console. The default value is the value you provided for one of the following web container ports: Web Server default value is `80.` Application Server default value is `8080.`

Installing Access Manager Console (Core Already Installed)

This section describes the services information the installer needs when the following are both true:

You are installing only the Access Manager Administration Console subcomponent.
The Identity Management and Policy Services Core subcomponent is already installed on the same host.

Note –

You can only install AM Console by itself in Realm mode (Access Manager 7.x compatible). This cannot be done in Legacy mode (6.x compatible).

Table 3–8 Access Manager Services Information for Installing Console Only (Core Already Installed)


Label and State File Parameter	Description
Console Deployment URI `CONSOLE_DEPLOY_URI`	URI prefix for accessing the HTML pages, classes and JAR files associated with the Access Manager Legacy mode (Access Manager 6.x compatible) console. Only applies to Legacy mode. The default value is `amconsole`. If `AM_REALM` is enabled (setting Realm mode 7.x), then `CONSOLE_DEPLOY_URI` is ignored.
Password Services Deployment URI `PASSWORD_SERVICE_DEPLOY_URI`	URI that determines the mapping that the web container running Access Manager will use between a string you specify and a corresponding deployed application. This is the URI for the Access Manager password reset service. The default value is `ampassword`. Do not enter a leading slash.

Installing Access Manager Console (Core Not Already Installed)

This section describes the services information the installer needs when the following are both true:

You are installing only the Access Manager Administration Console subcomponent.
The Identity Management and Policy Services Core subcomponent is not installed on the same host.

Table 3–9 Access Manager Services Information for Installing Console (Core Not Already Installed)


Label and State File Parameter	Description
Web Container for Access Manager Administration Console
Console Host Name `CONSOLE_HOST`	Fully qualified domain name for the host on which you are installing.
Console Deployment URI `CONSOLE_DEPLOY_URI`	URI prefix for accessing the HTML pages, classes and JAR files associated with the Access Manager Legacy mode (Access Manager 6.x compatible) Console. Only applies to Legacy mode. The default value is `amconsole`. If `AM_REALM` is enabled (setting Realm mode 7.x), then `CONSOLE_DEPLOY_URI` is ignored.
Password Services Deployment URI `PASSWORD_SERVICE_DEPLOY_URI`	Deployment URI for the password service. The default value is `ampassword`. Do not enter a leading slash.
Web Container for Access Manager Services
Services Host Name `IS_SERVER_HOST`	Fully qualified domain name of the host where the Identity Management and Policy Services Core subcomponent is installed. The default value is the fully qualified domain name of this host. Use the default value as an example of format only, and edit the value to supply the correct remote host name. In a state file, supply the fully qualified domain name of a remote host.
Port `CONSOLE_PORT`	Port on which the Identity Management and Policy Services Core subcomponent listens for connections. This port is the HTTP or HTTPS port used by the web container.
Services Deployment URI `SERVER_DEPLOY_URI`	URI prefix for accessing the HTML pages, classes, and JAR files associated with the Identity Management and Policy Services Core subcomponent. This URI is used to access the realm (Access Manager 7.x compatible) console. The default value is `amserver`. Do not enter a leading slash.
Cookie Domain `COOKIE_DOMAIN_LIST`	The names of the trusted DNS domains that Access Manager returns to a browser when Access Manager grants a session ID to a user. You can scope this value to a single top-level domain, such as `example.co` m. The session ID will provide authentication for all subdomains of example.com. Alternatively, you can scope the value to a comma-separated list of subdomains, such as `.corp.example.com`. The session ID will provide authentication for all subdomains in the list. A leading dot (`.`) is required for each domain. The default value is the current domain, prefixed by a dot (`.`).

Installing Federation Management (Core Already Installed)

This section describes the services information the installer needs when you are installing only the Common Domain Services for Federation Management subcomponent.

Table 3–10 Access Manager Services Information for Installing Federation Management (Core Already Installed)


Label and State File Parameter	Description
Common Domain Deployment URI `CDS_DEPLOY_URI`	URI prefix for accessing the common domain services on the web container. The default value is `amcommon`. Do not enter a leading slash.