test

Sun Java Enterprise System 2005Q4 Release Notes

Administration Server Installation

Possible security exposure via HTTP administration interface (6252097)

The HTTP administrator interface and related files may be susceptible to DOS attacks.

Solution It is recommended that you temporarily remove the help.exe file until a fix is available. Also, do not run Administration server as a privileged system user. It is also recommended that you firewall and filter Administration Server access to allow trusted hosts only.

Deployment on Administration Server 8.1 with non-default URIs is inaccessible (6308426)

If you install Access Manager 7.0 on Application Server 8.1 and choose non-default URIs for Access Manager (for example, idserver instead of amconsole and idconsole instead of amconsole). Specifically, in the amas81configfile, the configureServerPolicy() does not account for the use case in which Access Manager is being configured with default URIs. Instead it assumes that the Access Manager war files will be deployed with the default URIs and grant permissions to amserver.war, amconsole.war, and ampassword.war.

Solution Perform the following procedure:

  1. Stop the application server instance on which Access Manager was deployed.

  2. Change to the following directory: ${AS_DOMAINS_DIR}/${AS_DOMAIN}/config

  3. Type the following command: cp server.policy server.policy.orig

  4. Locate the following policies grant codeBase: "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amserver/-" { permission java.net.SocketPermission "*", "connect,accept,resolve"; permission java.util.PropertyPermission "*", "read, write"; }; grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amconsole/-" { permission java.net.SocketPermission "*", "connect,accept,resolve"; permission java.util.PropertyPermission "*", "read, write"; }; grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/ampassword/-" { permission java.net.SocketPermission "*", "connect,accept,resolve"; permission java.util.PropertyPermission "*", "read, write"; };

  5. Replace "amserver" with the URI for the services web application in the line grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amserver/-" {

  6. For legacy mode installations, replace "amconsole" with the URI for the console web application in the line grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/amconsole/-" {

  7. Replace "ampassword" with the URI for the password web application in the line grant codeBase "file:\${com.sun.aas.instanceRoot}/applications/j2ee-modules/ampassword/-" {

  8. Start the application server instance on which Access Manager was deployed.

Administration Server patch fails to apply when server is stopped (6273652)

When stopping the Administration Server and using patchadd to apply a patch the process fails.

Solution You must start the Administration Server before applying the patch.