test

Deployment Example 1: Access Manager 7.0 Load Balancing, Distributed Authentication UI, and Session Failover

ProcedureTo Verify that J2EE Policy Agent 1 is Configured Properly

Use these steps to access the agent sample application, and then test policies against that sample application.

  1. Go to the Sample Application URL:

    http://protectedresource-1.example.com:1081/agentsample/index.html

    The Sample Application welcome page is displayed.

  2. Click J2EE Declarative Security > “Invoke the Protected Servlet”

    The Policy Agent redirects to the Access Manager login page.

  3. Log in to the Access Manager console using the following information:

    Username

    testuser1

    Password

    password

    If you can successfully log in as testuser1, and the J2EE Policy Agent Sample Application page is displayed, then this part of the test succeeded and authentication is working as expected.

  4. Click the “J2EE Declarative Security” link.

  5. On the J2EE Declarative Security page, click the “Invoke the Protected Servlet link”.

    If the Success Invocation message is displayed, then this part of the test succeeded , and the sample policy for the manager role has been enforced as expected.

  6. Click the “J2EE Declarative Security” link to go back.

  7. Click the “Invoke the Protected EJB via an Unprotected Servlet” link.

    If the Failed Invocation message is displayed, then this part of the test succeeded, and the sample policy for the employee role has been enforced as expected.

  8. Close the browser.

  9. In a new browser session, go to the Sample Application URL:

    http://protectedresource-1.example.com:1081/agentsample/index.html

    The Policy Agent redirects to the Access Manager login page.

  10. Log in to the Access Manager console using the following information:

    Username

    testuser2

    Password

    password

    The Failed Invocation message is displayed.

  11. Click the “J2EE Declarative Security” link.

  12. On the J2EE Declarative Security page, click the “Invoke the Protected EJB via an Unprotected Servlet” link.

    The Successful Invocation message is displayed. The sample policy for the employee role has been enforced as expected.

  13. Click the “J2EE Declarative Security” link to go back.

  14. Click the “Invoke the Protected Servlet” link.

    If the Access to Requested Resource Denied message is displayed, then this part of the test is successful. The sample policy for the manager role has been enforced as expected.