To Configure Policy for the J2EE Policy Agents

The policies you create here are used in To Verify the J2EE Policy Agent Load Balancer Configuration is Working Properly.

Before You Begin

This procedure assumes that you have just completed To Add Load Balancer 5 as a Virtual Host by Modifying the J2EE Policy Agent Properties and are still logged into the OpenSSO Enterprise console.

1. Under the Access Control tab, click / (Top Level Realm).

2. Click the Policies tab.

3. Click New Policy.

   The New Policy page is displayed.

4. On the New Policy page, enter URL Policy for LoadBalancer-5 in the Name field.

5. Click New under Rules.

   The New Rules page is displayed.

6. On the New Rules page, accept the default URL Policy Agent (with resource name) and click Next.

7. On the resulting page, provide the following information.

   Name:

   Rule for LoadBalancer-5.

   Resource Name:

   http://lb-5.example.com:91/*

   GET

   Mark this checkbox and verify that Allow is selected.

   POST

   Mark this checkbox and verify that Allow is selected.

8. Click Finish.

9. On the New Policy page again, under Subjects, click New.

10. On the resulting page, verify that Access Manager Identity Subject is selected, and click Next.

11. On the resulting page, provide the following information:

    Name:

    LoadBalancer-5_Groups

    Filter:

    In the drop-down list, select Group and click Search.

    The search returns a list of available groups.

12. Select Employee-Group and Manager-Group and click Add.

    The Employee-Group and Manager-Group groups are in the Selected List.

13. Click Finish.

14. On the resulting page, click OK.

    The created policy is displayed in the list of Policies.

15. Log out of the OpenSSO Enterprise console and close the browser.