Configuring Applications Protected by the WebSphere Application Server 6.1 Agent
This section describes the configuration necessary for the specific applications that the agent will protect, including Installing the Agent Filter for a Deployed Application on the WebSphere Application Server 6.1 Agent.
Installing the Agent Filter for a Deployed Application on the WebSphere Application Server 6.1 Agent
The following task explain how to install the agent filter for the application you want the agent to protect. Install the agent filter for each deployed application by modifying the deployment descriptor of the application that is going to be protected.
To Install the Agent Filter for the Deployed Application
on the WebSphere Application Server 6.1 Agent
-
To install the agent filter, ensure that the application is not currently deployed on WebSphere Application Server 6.1.
If it is currently deployed, remove it before continuing.
-
Create the necessary backups before proceeding to modify these descriptors.
Since you will modify the deployment descriptor in the next step, creating backup files is important.
-
Edit the application's web.xml descriptor, as follows:
-
Set the <DOCTYPE> element as shown in the following example:
<!DOCTYPE web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
Note: WebSphere Application Server 6.1 supports the Java Servlet Specification version 2.4. Because Servlet API version 2.4 is backward compatible with version 2.3, all existing servlets should work without modification or recompilation. For more information, see, the Sun Java System Application Server Developer's Guide.
-
Edit the application's web.xml descriptor.
Add the <filter> elements in the deployment descriptor by specifying the <filter>, <filter-mapping>, and <dispatcher> elements immediately following the description element of the <web-app> element in the web.xml descriptor. The following example shows a sample web.xml descriptor with the <filter>, <filter-mapping>, and <dispatcher> elements added.
<web-app> ... <filter> <filter-name>Agent</filter-name> <filter-class> com.sun.identity.agents.filter.AmAgentFilter </filter-class> </filter> <filter-mapping> <filter-name>Agent</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>INCLUDE</dispatcher> <dispatcher>FORWARD</dispatcher> <dispatcher>ERROR</dispatcher> </filter-mapping> ... </web-app>
To protect an application with J2EE declarative security, refer to the PolicyAgentBase/sampleapp directory to learn how to build and deploy an application. The sampleapp directory is not a complete J2EE application. Rather it is a simple application that provides you with a quick reference to application specific deployment descriptors and various deployment modes of a J2EE agent. Once you successfully deploy sampleapp and test its features, you can use it as a reference to other applications that will be protected by the J2EE agent.
Once the web.xml deployment descriptor is modified to reflect the new <DOCTYPE> and <filter> elements, the agent filter is added to the application. You can now redeploy the application on WebSphere Application Server 6.1.
Note –Ensure that role-to-principal mappings in container specific deployment descriptors are replaced with Access Manager roles or principals. You can retrieve Access Manager roles or principals for Access Manager by issuing the agentadmin --getUuid command. For more information, see agentadmin --getUuid.
You can also retrieve the universal ID for the user (UUID) using Access Manager Console to browse the user profile.
-
- © 2010, Oracle Corporation and/or its affiliates