The Authentication SPI includes the AMPostAuthProcessInterface which can be implemented for post-processing tasks. The AMPostProcessInterface Javadoc are available at:
AccessManager-base/SUNWam/docs/com/sun/identity/authentication/spi/ AMPostAuthProcessInterface.html
The SPI is configurable at the organization, service and role levels. The Authentication Service invokes the post processing SPI methods on successful or failed authentication and on logout.
<PRODUCT_DIR> or AccessManager-base directory on different Platforms:
Solaris Sparc/x86: AccessManager-base/SUNWam
Linux: AccessManager-base/sun/identity
Follow these steps given below to compile the sample found under AccessManager-base/samples/authentication/spi/postprocess.
Set the following environment variables.
JAVA_HOME: Set this variable to your installation of JDK. The JDK should be version 1.3.1_06 or higher.
CLASSPATH: Set this variable to refer to am_services.jar which can be found in the AccessManager-base/lib directory. Include jaas.jar in your classpath if you are using JDK version lower than JDK1.4
BASE_DIR: Set this variable to the directory where Access Manager is installed.
BASE_CLASS_DIR: Set this variable to the directory where all the Sample compiled classes are located.
JAR_DIR: Set this variable to the directory where the JAR files of the Sample compiled classes will be created.
These variables will be used to run the gmake command. You can also set these variables in the Makefile. This Makefile is in the following directory: AccessManager-base/samples/authentication/spi/postprocess.
In the directory AccessManager-base /samples/authentication/spi/postprocess, run the gmake command.
Copy ISAuthPostProcess.jar from JAR_DIR to AccessManager-base/lib.
Update the Web Container configuration file server.xml.
Add ISAuthPostProcessSample.jar to the classpath. The server.xml file for different web containers can be found at the following locations:
Web Server: <WS-home-dir>/https-<WS-instance-name>/config/
Application Server:<AS-home-dir>/domain/domain1/server1/config/
For all other web containers consult, the manufacturer’s documentation.
Restart the web container.
Web Server: <WS-home-dir>/https-<WS-instance-name>/restart
Application Server: <AS-install-dir>/<domains>/<domain name>/<server instance>/bin/restartserv Example: /<AS-home-dir>/domains/domain1/server1/bin/restartserv
For all other web containers consult their documentation.
The Authentication PostProcessing Sample can be configured at the Organization, Service or Role level.
Log in to Access Manager console as amAdmin. Use the following URL:
http://host.domain:port/Console-Deploy-URI
Click Identity Management, and select your organization.
From the View menu, click Services.
In the navigation frame, under Authentication, click Core.
Add the following to the Authentication PostProcessing Class attribute:
com.iplanet.am.samples.authentication.spi.postprocess
Add the following to the Authentication PostProcessing Class attribute:
ISAuthPostProcessSample
Click Save.
Log out.
Go to the following URL
If you choose to use an organization other than the default, be sure to specify that in the URL using the org parameter.
The postprocessing SPI will be executed on successful authentication, on failed authentication, and on Logout.
Log in to Access Manager console as amAdmin. Use the following URL:
http://<host>.<domain>:<port>/<Console-Deploy-URI>
Click Identity Management, and select your organization.
From the View menu, select Services.
Select Authentication Configuration
From the Service Instance frame, select New Instance.
Enter a name for the service.
Add the following to the Authentication PostProcessing Class attribute: com.iplanet.am.samples.authentication.spi.postprocess. ISAuthPostProcessSampl
Click Submit to save the changes.
Click Service Name and define the Authentication Configuration for the new service.
Log out.
Go to the following URL: http://host.domain:port/Service-Deploy-URI/UI/Login?service=servicename
If you choose to use an organization other than the default, be sure to specify that in the URL using the org parameter.
The postprocessing SPI will get executed on successful authentication, failed authentication and on Logout for the service accessed.
Log in to Access Manager console as amAdmin. Use the following URL:
http://host.domain:port/Console-Deploy-URI
Click the Identity Management tab, and select your organization.
From the View menu, select Roles to view the role properties.
From the View menu, select Services.
Click Edit to edit the authentication configuration.
Add the following to the Authentication post Processing Class attribute:
com.iplanet.am.samples.authentication.spi.postprocess. ISAuthPostProcessSample
Click Submit to save the changes.
Log out.
Go to the following URL:
http://host.domain:port/Service-Deploy-URI/UI/Login?role=roleName
If you choose to use an organization other than the default, be sure to specify that in the URL using the org parameter. Example: org=orgName
The postprocessing SPI will be executed for the service accessed on successful authentication, on failed authentication, and on Logout.
Go to the base-directory\samples\authentication\spi\postprocess directory and run the make command.
Copy ISAuthPostProcess.jar from JAR_DIR to base-directory\lib
In the Web Container from which this sample has to run, update the classpath with ISAuthPostProcess.jar.
Restart Access Manager.
base-directory\bin\amserver start
This sample can be can be set in the Core Authentication Service for Organization and Authentication Configuration Service for Role OR Service.
See the section Configuring the Authentication Post Processing SPI.