Access Manager provides authentication and authorization services for most other Java ES components. In any particular solution, the components that use Access Manager services depend on the specific solution, but almost every other Java EScomponent is a possible consumer of Access Manager services.
Access Manager has only one solution-level dependency, on a source of user and group data. Therefore, it is logical to install and configureAccess Manager immediately after Directory Server and Administration Server, before any possible consumers of Access Manager services are installed and configured.
Access Manager has a local dependency on a web container.
Access Manager has two operating modes. Legacy mode (6.x style) supports Access Manager 6 features. If you are installing Access Manager with Portal Server, Messaging Server, Calendar Server, Delegated Administrator, or Instant Messaging, you must select the Access Manager Legacy (6.x) installation type.
Realm mode (7.x style) supports Access Manager 7 features, including the new Access Manager 7 Console. However, realm (7.x) can only be used in solutions that include none of the components listed above.
If your deployment architecture places Portal Server and Access Manager on separate computers, some considerations apply. For more information, see Portal Server Using a Remote Access Manager Example in Sun Java Enterprise System 2005Q4 Installation Guide for UNIX.
The basic steps for installing and configuring Access Managerare the following:
Use the Java ES installer to install Access Manager on all computers systems specified in your deployment architecture.
When you install Access Manager you must specify the web container in which Access Manager runs.
When you install Access Manager you must specify the repository for user and group data (typically a Directory Server instance, specified with a URL).
Installing Access Manager modifies the LDAP directory to support single sign-on (sometimes referred to as schema 2). For more information about LDAP schemas, see Specifying the LDAP Schema for a Solution.
Start and verify all instances of Access Manager.
If your solution uses load balancing for the Access Manager instances, verify that the load balancer is working properly.
For each Access Manager instance in your solution, you must specify configuration values that configure the instance to interoperate with the other components in the solution.
Table 3–8 Key Configuration Values for Access Manager Instances
To add installation and configuration instructions for Access Manager, do the following:
If theAccess Manager instances are load balanced, the first instruction in your installation plan is confirming that the load balancer is functioning before anyJava ES software is installed.
Next, in your plan, list all of the computers with Access Manager instances.
Access Manager has a local dependency on a web container. Each computer that runs an instance of Access Manager must also run an instance of the specified web container. Your deployment architecture should indicate which web container your solution is using.
For each computer, add an instruction to run the Java ES installer and select Access Manager. If you are using Web Server or Application Server as your web container, add an instruction to select the web container, too. The installer is capable of automatically deploying Access Manager to the selected web container.
If the computers that run Access Managerare already listed in your plan (for example, if Directory Server is installed on the same computer) add an instruction to select Access Manager. You can install Access Manager at the same time as Directory Server, even if you use the configure now option, but your plan must put the instructions for configuring, starting, and verifying the Directory Server instances before the instructions for configuring or starting any instance Access Manager.
Underneath each Access Manager instance, list the key values for configuring the instance. Use Table 3–8 to help you select configuration values.
Underneath each Web Server or Application Server instances, list the key values for configuring the instance. For information on selecting configuration values for these components, see Web Server or Application Server.
If your solution uses one of the third-party web containers that supports Access Manager, you install Access Manager in configure later mode. To configure and deploy the Access Manager instance, you run an Access Manager configuration tool named amconfig. For more information, see Access Manager amconfig Script in Sun Java System Access Manager 7 2005Q4 Administration Guide. The third-party web container must be installed and running before you run the amconfig configuration tool.
For each computer, add an instruction to start and verify the Access Manager instance. If the instances are load balanced, add an instruction to verify operation of the load balancer.