Sun Java System Access Manager 7 2005Q4 Administration Guide

Resource—Based Authentication

Some organizations require an advanced authentication scenario where a user authenticates against a particular module based on the resource that they are attempting to access. Resource-based authentication is a feature of Access Manager in which a user must authenticate to a specific authentication module protecting the resource, and not to the default authentication module. This feature is only applicable to first time user authentications.

Note –

This is a separate feature than the resource-based authentication described in Session Upgrade. That particular feature does not have any limitations.


Resource—based authentication contains the following limitations:

ProcedureTo Configure Resource—based Authentication

Once both the Access Manager and a policy agent have been installed, resource—based authentication can be configured. To do this, it is necessary to point Access Manager to the Gateway servlet.

  1. Open can be found (in a Solaris environment) in /etc/opt//SUNWam/agents/config/ .

  2. Comment out the following line: = http://Access Manager_server_host.domain_name:port/amserver/UI/Login.

  3. Add the following line to the file: = http://AccessManager_host.domain_name:port/amserver/gateway

    Note –

    The gateway servlet is developed using the Policy Evaluation APIs and can be used to write a custom mechanism to accomplish resource-based authentication. See the Chapter 6, Using the Policy APIs, in Sun Java System Access Manager 7 2005Q4 Developer’s Guide in the Access Manager Developer's Guide.

  4. Restart the agent.