5.6 Creating an Access Manager Site
Access Manager 7 2005Q4 introduces the site concept which provides centralized configuration management for an Access Manager deployment. In this example, you configure two Access Manager servers to work as a single site. Once configured as a site, all client requests always go through a load balancer. In this example, requests go through either the internal or external load balancer. This flow simplifies the deployment by resolving firewall issues between the client and the back-end Access Manager servers.
Use the following as your checklist for creating an Access Manager site:
To Create an Access Manager Site
Complete the following steps on the Access Manager 1 host. It is not necessary to repeat the steps on the Access Manager 2 host.
-
Start a browser, and access the Access Manager 1 server.
http://AccessManager-1:1080/amserver/console
-
Log in to the Access Manager console using the following information:
- Username
-
amadmin
- Password
-
4m4dmin1
-
In the Access Manager console, click the Access Control tab, and then click the top-level Realm Name example.
-
In the Realm/DNS Aliases field, add the name of the internal load balancer.
For this example, enter LoadBalancer-3.example.com:90, and then click Add.
Note –Do not remove the host names AccessManager-1 and AccessManager-2 from the alias list. These allow administrators to log in to the console directly in the event of a load balancer failure.
-
For this deployment example, add an entry for the same host name using all lowercase.
Example: loadbalancer-3.example.com:90
-
Click Save.
-
In the Access Manager console, click the Realms link, and then navigate through the following:
Configuration > System Properties > Platform >
-
Under Site Name, click New, and enter the following values for the external load balancer:
- Server:
-
https://loadbalancer-3.example.com:9443
- Site Name:
-
11
-
Click OK, and then click Save.
-
Under Site Name, click New. Enter the following values for the internal load balancer:
- Server:
-
http://loadbalanacer-3.example.com:90
- Site Name:
-
12
-
Click OK, and then click Save.
-
On the same Platform page, under Instance Name, click AccessManager-1.
Change the site ID from 01 to 01|11|12.
http://AccessManager-1.example.com:1080:01|11|12
-
Click OK, and then click Save.
-
On the Platform page, under Instance Name, click AccessManager-2.
Change the site ID from 02 to 02|11|12.
http://AccessManager-2.example.com:1080:02|11|12
-
Click OK, and then click Save.
-
Restart AccessManager-1 and AccessManager-2 for the changes to take effect.
To Verify that the Site was Configured Properly
-
Go to the Access Manager Site URL:
http://LoadBalancer-3.example.com:90/amserver/UI/Login
If an error message is displayed indicating that the browser cannot connect to either AccessManager- 1.example.com or AccessManager-2.example.com, then the site configuration is not correct. If the site configuration is correct, all browser interactions will always occur with the Site URL.
-
If the Access Manager login page is displayed, verify that the browser URL still contains the Site URL.
If it does not contain the Site URL, then the site configuration is incorrect. If the site configuration is correct, all browser interactions will always occur with the Site URL
-
If the Access Manager login page is displayed, and the browser URL contains the Site URL, log in to the Access Manager console using the following information:
- User Name:
-
amadmin
- Password:
-
4m4dmin1
-
Verify that you can successfully login to the Access Manager console.
-
Log out of the Access Manager console.
- © 2010, Oracle Corporation and/or its affiliates