Federation Manager installation error on Linux if Application Server 8 is installed by JES4 (6434059) (Sun Java System Federation Manager 7.0 Release Notes)

Sun Java System Federation Manager 7.0 Release Notes

Previous: Error 404-Not Found When Deploying federation.war on WebLogic 8.1 Application Server Under Windows
Next: Escape special characters in silent install file and sample XML files (6431990)

Federation Manager installation error on Linux if Application Server 8 is installed by JES4 (6434059)

Federation Manager is based on Access Manager 6.3. Thus, the shared components are conflict with those in JES4 (which includes Access Manager 7.0).

WORKAROUND: The following procedure will install Federation Manager correctly.

Install Java Enterprise System 4 with Application Server 8 selected.

Note –
This will install the shared components.
Install the Federation Manager Linux rpm only using the command: fmsetup install -s silent_installation_file -p

Note –
Ignore error messages complaining about an rpm file conflict or that the installed rpm is newer than that bundled with Federation Manager.
Force install imq using the following command: rpm -i --force imq-3_5-03.i386.rpm
Run fmwar to generate the WAR using the following command: fmwar -n federation -d /var/opt/sun/identity/fm/war_staging -s silent_installation_file -g
Deploy the generated WAR on Application Server.

Add the follow lines to java.policy:

 // Federation Manager RELATED ADDITIONS
    grant {
       permission java.util.PropertyPermission "user.language", "write";
    };
    grant codeBase "file:${BASEDIR}/${PROD_DIR}/fm/web-src/WEB-INF/lib/am_sdk.jar" {
       permission java.net.SocketPermission "*", "connect,accept,resolve";
    };
    grant codeBase "file:${BASEDIR}/${PROD_DIR}/fm/web-src/WEB-INF/lib/am_services.jar" {
       permission java.net.SocketPermission "*", "connect,accept,resolve";
    };
    grant codeBase   "file:$AS81_VARDIR/domains/$AS81_DOMAIN/applications/j2ee-modules/${DEPLOY_WARPREFIX}/-" {
       permission java.net.SocketPermission "*", "connect,accept,resolve";
    };
    grant {
       permission java.lang.RuntimePermission "modifyThreadGroup";
       permission java.lang.RuntimePermission "setFactory";
       permission java.lang.RuntimePermission "accessClassInPackage.*";
       permission java.util.logging.LoggingPermission "control";
       permission java.lang.RuntimePermission "shutdownHooks";
       permission javax.security.auth.AuthPermission "insertProvider.Mozilla-JSS";
       permission java.security.SecurityPermission "putProviderProperty.Mozilla-JSS";
       permission javax.security.auth.AuthPermission "getLoginConfiguration";
       permission javax.security.auth.AuthPermission "setLoginConfiguration";
       permission javax.security.auth.AuthPermission "modifyPrincipals";
       permission javax.security.auth.AuthPermission "createLoginContext.*";
       permission java.security.SecurityPermission "insertProvider.Mozilla-JSS";
       permission javax.security.auth.AuthPermission "putProviderProperty.Mozilla-JSS";
       permission java.io.FilePermission "ALL FILES", "execute,delete";
       permission java.io.FilePermission "$VAR_SUBDIR/logs/*", "delete,write";
       permission java.util.PropertyPermission "java.util.logging.config.class", "write";
       permission java.security.SecurityPermission "removeProvider.SUN";
       permission java.security.SecurityPermission "insertProvider.SUN";
       permission java.security.SecurityPermission "removeProvider.Mozilla-JSS";
       permission javax.security.auth.AuthPermission "doAs";
       permission java.util.PropertyPermission "java.security.krb5.realm", "write";
       permission java.util.PropertyPermission "java.security.krb5.kdc", "write";
       permission java.util.PropertyPermission "java.security.auth.login.config", "write";
       permission javax.security.auth.kerberos.ServicePermission "*", "accept";
       permission javax.net.ssl.SSLPermission "setHostnameVerifier";
   };