In order for the Access Manager Client SDK to communicate with Access Manager Server, you must initialize several properties. These properties can be set in one of the following methods:
Through the properties file – Set the properties in a file and provide a path to it at runtime using the —Damconfig=filename command. The properties files should be in the CLASSPATH. The default properties file name is AMConfig.properties and is always read at start-up. A sample AMConfig.properties can be generated using the make -f Makefile.distAuthUI properties command. The AMConfig.properties will be present in the /temp directory.
Through the Java API —
com.iplanet.am.util.SystemProperties.initializeProperties
(where the java.util.Properties file contains the properties).
Individual properties can be set at runtime using the —D flag. For example, -D propertyName=propertyValue.
The properties expected by Distributed Authentication web application are:
com.iplanet.am.naming.url and com.iplanet.am.naming.failover.url. This is a mandatory property and it specifies the Access Manager Server's Naming URL. For example:
com.iplanet.am.naming.url= http://is.example.com/amserver/namingservice
The com.iplanet.services.debug.level and com.iplanet.services.debug.directoryproperties specify the debug level and directory. The possible values for debug levels are off, error, warning, and message.
The web application can register for changes to server attributes. The com.iplanet.am.notification.url property must be set to receive such notifications.
Some of the Access Manager components such as Service Management, User Management, and so forth, require an identity for the client (application) to read configuration data and to identify the client. The identity for the client can be set up by providing either a username and password that can be authenticated, or by providing an implementation for the interface com.sun.identity.security.AppSSOTokenProvider that returns a single-sign-on (SSO) token.
The properties to set the username, password and shared secret are:
com.sun.identity.agents.app.username
com.iplanet.am.service.password
com.iplanet.am.service.secret
The property to set the SSO Token provider:
com.sun.identity.security.AdminToken
Some of the configuration attributes (such as password) are encrypted and stored in the data store. If such attributes have to be decrypted by the client, the following property must be set, and must be the same as that of the Access Manager Server:
am.encryption.pwd