Realm Mode and Legacy Mode (Sun Java System Access Manager 7 2005Q4 Technical Overview)

Sun Java System Access Manager 7 2005Q4 Technical Overview

Realm Mode and Legacy Mode

When you install Access Manager, you are asked to choose either Realm Mode or Legacy Mode.

Realm mode is new in Access Manager 7.0, and is based on the Access Manager information tree and Identity Repository Management Service described in the previous sections. Realm mode is appropriate in most new Access Manager deployments where you want to keep identity repositories independent of access management, or where you cannot maintain user data within the required object classes of Sun Java System Directory Server.

If you choose Realm Mode at installation, then after installation your identity repositories can exist in any of the following configurations:

In the same Directory Server instance and the same suffix as the Access Manager information tree.
In the same Directory Server instance but in a different suffix as the Access Manager information tree.
In a different directory server instance from the Access Manager information tree.

Figure 1–6 Realm Mode User Interface

This is figure illustrates the Access Manager administration
console in Realm Mode.

Legacy Mode is based on the Access Manager 6.3 architecture. This legacy Access Manager architecture uses the LDAP directory information tree (DIT) that comes with Sun Java System Directory Server. In Legacy Mode, both user information and access control information are stored in LDAP organizations. When you choose Legacy Mode, an LDAP organization is the equivalent of an access control realm. Realm information is integrated within LDAP organizations.

Legacy Mode is appropriate in deployments where you want to use Access Manager user management. Legacy Mode is typically used in deployments where Access Manager is built upon Sun Java System Portal Server or other Sun Java System communication products that require the use of Sun Java System Directory Server as the central identity repository.

If you choose Legacy Mode during installation, then after installation the top-level ream resides in the same Directory Server branch as the Access Manager information tree, and user information is intermingled with access information.

Figure 1–7 Legacy Mode User Interface

In Legacy Mode, a Directory Management tab is added to the Access
Manager administration console.

The following table compares realm mode and legacy mode.

Table 1–4 Comparison of Realm and Legacy Modes


	Realm Mode	Legacy Mode
Supports all new Access Manager 7 2005Q4 features.	Yes	Yes
Supports identity repositories in Sun Java System Directory Server and in other data stores.	Yes	Yes
Supports Access Manager 6 user management features.	No	Yes
Can coexist with Access Manager 6 2005Q1 in multiple-server installations.	No	Yes
Before installation, identity repository can exist in Sun Java Directory Server .	Yes	Yes
Before installation, identity repository can exist in an LDAP version 3 compliant directory server.	Yes	No

For more information about realm and legacy modes, see the Sun Java System Access Manager 7 2005Q4 Release Notes.