Implications of Specific Deployment Scenarios in Agent for Sun Java System Application Server 8.1 (Sun Java System Access Manager Policy Agent 2.2 Guide for Sun Java System Application Server 8.1)

Sun Java System Access Manager Policy Agent 2.2 Guide for Sun Java System Application Server 8.1

Previous: Example of Installation Program Interaction in Agent for Sun Java System Application Server 8.1
Next: Summary of a J2EE Agent Installation in Policy Agent 2.2

Implications of Specific Deployment Scenarios in Agent for Sun Java System Application Server 8.1

The following sections refer to specific deployment scenarios involving Policy Agent 2.2 for Sun Java System Application Server 8.1. These scenarios are likely to affect how you respond to prompts during the installation process. You might also need to perform additional configurations.

Installing a J2EE Agent on Multiple Sun Java System Application Server 8.1 Instances on the Same Domain

Once a J2EE agent is installed for a particular domain configuration directory, you can install the agent on more than one Sun Java System Application Server 8.1 instance associated with the same domain by running the agentadmin --install command. Once prompted to enter the appropriate server instance name, enter the domain configuration directory and unique instance name that will enable the agent to distinguish the first instance from consecutive instances.

Installing a J2EE Agent for a Sun Java System Application Server 8.1 Instance on a Different Server Domain

Caution –

Once a J2EE agent is installed for a specific domain, the J2EE agent binaries cannot be used on that same host for a different Sun Java System Application Server 8.1 domain. If you attempt to use previously installed J2EE agent binaries on the same host, but on a different domain, the installation fails.

J2EE agents associate a specific set of agent binaries with a particular domain for Sun Java System Application Server 8.1. If you want to install a J2EE agent on a different domain, unpack a new set of bits and copy them to a separate location before running the agentadmin --install command for the second domain.

Installing a J2EE Agent on a Remote Sun Java System Application Server 8.1 Instance

The agent installation for each remote Sun Java System Application Server 8.1 instance requires one installation run on the remote host and one configuration run for the remote agent on the DAS host. The following task is based on the assumption that the remote instance has been set up correctly.

To install Sun Java System Application Server 8.1 on a Remote Application Server 8.1 Instance

Before You Begin

Shutdown both the DAS domain and remote server instance before installing Agent for Sun Java System Application Server 8.1.

Install Agent for Sun Java System Application Server 8.1 on a remote server instance.

For general information on installing the agent, see Using the Installation Program of Agent for Sun Java System Application Server 8.1.

During the installation of this instance of the agent, answer the following questions as indicated.

Enable this field only when the agent is being installed on a remote server
instance host.
[ ? : Help, < : Back, ! : Exit ]
Is Domain administration server host remote ? [false]: True


Enter true only if agent is being installed on a remote instance from the
Domain Administration server host.
[ ? : Help, < : Back, ! : Exit ]
Is the agent being installed on the DAS host for a remote instance ? [false]: 
false

Install Agent for Sun Java System Application Server 8.1 on DAS host for the same remote server instance.

During the installation of this instance of the agent, answer the following questions as indicated.

Enable this field only when the agent is being installed on a remote server
instance host.
[ ? : Help, < : Back, ! : Exit ]
Is Domain administration server host remote ? [false]: false


Enter true only if agent is being installed on a remote instance from the
Domain Administration server host.
[ ? : Help, < : Back, ! : Exit ]
Is the agent being installed on the DAS host for a remote instance ? [false]: 
true

The following two questions are asked only when the answer to the previous question is true:

Enter the value of the agent instance name provided by the agent installation
on the remote instance.
[ ? : Help, < : Back, ! : Exit ]
Agent instance name []: agent_001

Note –

agent_001, as indicated as the response to the to the preceding prompt, is the agent instance name generated in Step 1 for the remote server instance. The agent installation generates an agent instance name, which is displayed at the end of the installation and is available in the install log. The instance name must be valid.

Enter the value of the agent install directory on the remote instance host.
[ ? : Help, < : Back, ! : Exit ]
Agent install directory on remote instance host
[/opt/j2ee_agents/am_as81_agent]:

For the preceding prompt, enter the directory where the agent has been installed on the remote server instance host. This is the agent binary directory on the remote server instance host, not the agent binary directory on the DAS host.

Edit the appropriate files to allow the agent to work on the remote server instance as indicated in the following substeps:

On the DAS host, open the DAS domain's domain.xml file.

The following is an example of a full path to the domain.xml file:
```
/var/opt/SUNWappserver/domains/domain1/config/domain.xml
```

Delete the following code snippet:

<jvm-options>
-Djava.util.logging.config.file=PolicyAgent-base-on-DAS-host
/j2ee_agents/am_as81_agent/config/AMAgentLogConfig.properties
</jvm-options>

Add the following code snippet:

<jvm-options>
-Djava.util.logging.config.file=
PolicyAgent-base-on-remote-server-instance-host
/j2ee_agents/am_as81_agent/config/AMAgentLogConfig.properties
</jvm-options>

On the DAS host, open the DAS domain's server.policy file.

Delete the following code snippet:

grant codeBase "file:PolicyAgent-base-on-DAS-host/
j2ee_agents/am_as81_agent/lib/*" {
       permission java.security.AllPermission;
};

Add the following code snippet:

grant codeBase "file:PolicyAgent-base-on-remote-server-instance-host/
j2ee_agents/am_as81_agent/lib/*" {
       permission java.security.AllPermission;
};

Installing Agent for Sun Java System Application Server 8.1 on the Access Manager Host

If a J2EE agent and Access Manager are collocated on the same container, enter true for the following question:

Enter true if the Agent is being installed on the same instance of Application
Server on which Access Manager is deployed. Enter false if that is not the
case.
[ ? : Help, < : Back, ! : Exit ]
Are the Agent and Access Manager installed on the same instance of
Application Server ? [false]: true

In this case, the agentadmin program will make the necessary changes to install and configure the agent on the same Sun Java System Application Server 8.1 instance that hosts Access Manager.

However, this deployment scenario changes the agent configuration in a manner that requires your attention. For details, see Combining J2EE Agents With Access Manager.