Following is the procedure to complete the installation of the Policy Agent 2.2 for Sun Java System Application Server 9.0 / Web Services.
The initial step in installing the Policy Agent 2.2 for Sun Java System Application Server 9.0 / Web Services is to deploy the Access Manager WAR as a web application using the Application Server administration console. See Installing Access Manager if this has not been done.
javaee.home is a variable that should be replaced with the installation directory of the Java EE 5 SDK.
Note the directory name and the path to the directory into which the following files are placed:
amWebServicesProvider.jar
amclientsdk.jar
AMConfig.properties
amclientkeystore.jks
.storepass
.keypass
If you used one of the installers, the files were put in a particular directory: /javaee.home/addons/accessmanager for installations of Java Application Platform SDK (when Download or Download with JDK is selected), and /javaee.home/addons/amserver for installations of Java Application Platform SDK or Java EE 5 SDK Update 1 (when Download with Tools is selected), and NetBeans Enterprise Pack 5.5. Be sure to make a note of this directory and path. Otherwise, put the files in a directory and make a note of the directory and path in which they were placed.
Modify the global Java Virtual Machine (JVM) settings in Application Server by adding the following to the classpath suffix:
amwebServiceProvider.jar (including the complete path)
amclientsdk.jar (including the complete path)
The complete path to the directory which contains the client's AMConfig.properties:
/javaee.home/domains/domain_name/config for installations of Java Application Platform SDK (when Download or Download with JDK is selected).
/javaee.home/addons/amserver for installations of Java Application Platform SDK or Java EE 5 SDK Update 1 (when Download with Tools is selected) and NetBeans Enterprise Pack 5.5.
Add the following web services security providers configurations to the domain.xml file as per Application Server guidelines.
domain.xml is located in the /ApplicationServer-install/domains/domain1/config directory and contains most of the Application Server configuration information.
More information can be found in Chapter 1, The domain.xml File, in Sun Java System Application Server Platform Edition 9 Administration Reference.
The following provider code fragment needs to be added under the <message-security-config auth-layer="HttpServlet"> tag:
The following provider code fragments need to be added under the <message-security-config auth-layer="SOAP"> tag:
Modify AMConfig.properties as follows:
JAVA_HOME=/usr/java # AM Server Information # Protocol can be either http or https SERVER_PROTOCOL=amserver_protocol SERVER_HOSTNAME=amserver_host SERVER_PORT=amserver_port # Application username and password APPLICATION_USERNAME=amadmin APPLICATION_PASSWORD=admin123 NAMING_URL=amserver_protocol://amserver_host:amserver_port/amserver/namingservice # Debug information DEBUG_LEVEL=error DEBUG_DIR=/tmp/amclient # Cookie information AM_COOKIE_NAME=iPlanetDirectoryPro # SAML xml signature keystore file, keystore password file, # key password file and Liberty trusted CA aliases. # path_to_file should be replaced by the appropriate value as below: # /javaee.home/addons/accessmanager for installations of Java Application Platform SDK # (when Download or Download with JDK is selected), and /javaee.home/addons/amserver # for installations of Java Application Platform SDK or Java EE 5 SDK Update 1 # (when Download with Tools is selected), and NetBeans Enterprise Pack 5.5 (when Download is selected). SAML_KEYSTORE=/path_to_file/amclientkeystore.jks SAML_STOREPASS=/path_to_file/.storepass SAML_KEYAPSS=/path_to_file/.keypass LIBERTY_TRUSTEDCA_ALIASES=amserver:<amserver_host> # Login URL and Authentication service URL for Liberty use case LOGIN_URL=amserver_protocol://amserver_host:amserver_port/amserver/UI/Login LIBERTY_AUTHSVC_URL=amserver_protocol://amserver_host:amserver_port/amserver/Liberty/authnsvc
The directory specified as a value for DEBUG_DIR in AMConfig.properties should be different than the one specified as the value for BASE_DIR in Installing Access Manager.
Restart the Application Server.