This section contains component descriptions and configurations for the software and hardware used in this deployment example.
This appendix collects the information regarding the Directory Server instances. It contains the following tables:
Components |
Description | |
---|---|---|
Host Name |
DirectoryServer–1.example.com |
|
Installation Directory |
/var/opt/mps/serverroot/ |
|
Administrator User |
cn=Directory Manager |
|
Administrator Password |
d1rm4n4ger |
|
Access Manager Configuration Data Instance |
Directory Server instance that stores Access Manager configuration data. |
|
Instance Name |
am-config |
|
Instance Directory |
/var/opt/mps/am-config |
|
Port Number |
1389 |
|
Base Suffix |
dc=example,dc=com |
|
Administrative User |
cn=Directory Manager |
|
Administrative User Password |
d1rm4n4ger |
|
Replication Manager |
cn=replication manager,cn=replication,cn=config |
|
Replication Manager Password |
replm4n4ger |
|
User Data Instance |
Directory Server instance that stores user data. Note – In this deployment, user data is stored on the same host machine as the Access Manager configuration data. User data can also be stored on a different host machine. |
|
Instance Name |
am-users |
|
Instance Directory |
/var/opt/mps/am-users |
|
Port Number |
1489 |
|
Base Suffix |
dc=company,dc=com |
|
Users Suffix |
ou=users,dc=company,dc=com |
|
Administrative User |
cn=Directory Manager |
|
Administrative User Password |
d1rm4n4ger |
|
Replication Manager |
cn=replication manager,cn=replication,cn=config |
|
Replication Manager Password |
replm4n4ger |
Table A–2 DirectoryServer–2 Host Machine Configuration
Component |
Description | |
---|---|---|
Host Name |
DirectoryServer–2.example.com |
|
Installation Directory |
/var/opt/mps/serverroot/ |
|
Administrator User |
cn=Directory Manager |
|
Administrator Password |
d1rm4n4ger |
|
Access Manager Configuration Data Instance |
Directory Server instance that stores Access Manager configuration data. |
|
Instance Name |
am-config |
|
Instance Directory |
/var/opt/mps/am-config |
|
Port Number |
1389 |
|
Base suffix |
dc=example,dc=com |
|
Administrative User |
cn=Directory Manager |
|
Administrative User Password |
d1rm4n4ger |
|
Replication Manager |
cn=replication manager,cn=replication,cn=config |
|
Replication Manager Password |
replm4n4ger |
|
User Data Instance |
Directory Server instance that stores user data. Note – In this deployment, user data is stored on the same host machine as the Access Manager configuration data. User data can also be stored on a different host machine. |
|
Instance Name |
am-users |
|
Instance Directory |
/var/opt/mps/am-users |
|
Port Number |
1489 |
|
Base Suffix |
dc=company,dc=com |
|
Users Suffix |
ou=users,dc=company,dc=com |
|
Administrative User |
cn=Directory Manager |
|
Administrative User Password |
d1rm4n4ger |
|
Replication Manager |
cn=replication manager,cn=replication,cn=config |
|
Replication Manager Password |
replm4n4ger |
Table A–3 User Entries
UserID |
Description | |
---|---|---|
testuser1 |
Used to verify that the policy agents work properly. |
|
Password |
password |
|
DN |
uid=testuser1,ou=users,dc=company,dc=com |
|
testuser2 |
Used to verify that the policy agents work properly. |
|
Password |
password |
|
DN |
uid=testuser2,ou=users,dc=company,dc=com |
This appendix collects the information regarding the Access Manager servers. It contains the following tables:
Table B–1 AccessManager–1 Host Machine Configuration
Component |
Description | |
---|---|---|
Host Name |
AccessManager-1.example.com |
|
Non-Root User |
am71adm |
|
Non-Root User Password |
am71a6m |
|
Web Server Administration Server |
Manages the Web Server application and all instances. |
|
Instance Name |
admin-server |
|
Instance Directory |
/opt/SUNWwbsvr/admin-server |
|
SSL Port |
8989 |
|
SSL Service URL |
https://AccessManager–1.example.com:8989 |
|
Administrative User |
admin |
|
Administrative User Password |
web4dmin |
|
Web Server Instance |
Contains the deployed Access Manager applications |
|
Instance name |
AccessManager-1.example.com |
|
Instance Directory |
/opt/SUNWwbsvr/https-AccessManager-1.example.com |
|
Port |
1080 |
|
Service URL |
http://AccessManager-1.example.com:1080 |
|
Administrative User |
amadmin |
|
Administrative User Password |
4m4dmin1 |
|
Deployment URI |
amserver |
Table B–2 AccessManager–2 Host Machine Configuration
Component |
Description | |
---|---|---|
Host Name |
AccessManager-2.example.com |
|
Non-Root User |
am71adm |
|
Non-Root User Password |
am71a6m |
|
Web Server Administration Server |
Manages the Web Server application and all instances. |
|
Instance Name |
admin-server |
|
Instance Directory |
/opt/SUNWwbsvr/admin-server |
|
SSL Port |
8989 |
|
SSL Service URL |
https://AccessManager–2.example.com:8989 |
|
Administrative User |
admin |
|
Administrative User Password |
web4dmin |
|
Web Server Instance |
Contains the Access Manager applications |
|
Instance Name |
AccessManager-2.example.com |
|
Instance Directory |
/opt/SUNWwbsvr/https-AccessManager-2.example.com |
|
Port |
1080 |
|
Service URL |
http://AccessManager-2.example.com:1080 |
|
Administrative User |
amadmin |
|
Administrative User Password |
4m4dmin1 |
|
Deployment URI |
amserver |
This appendix collects the information regarding the Distributed Authentication User Interfaces. It contains the following tables:
Table C–1 AuthenticationUI–1 Host Machine Configuration
Component |
Description | |
---|---|---|
Host Name |
AuthenticationUI-1.example.com |
|
Non-Root User |
da71adm |
|
Non-Root User Password |
6a714dm |
|
Web Server Administration Server |
Manages the Web Server application and all instances. |
|
Instance Name |
admin-server |
|
Instance Directory |
/opt/SUNWwbsvr/admin-server |
|
SSL Port |
8989 |
|
SSL Service URL |
https://AuthenticationUI-1.example.com:8989 |
|
Agent Profile |
admin |
|
Agent Profile Password |
web4dmin |
|
Web Server Instance |
Contains the Distributed Authentication User Interface module. |
|
Instance Name |
AuthenticationUI-1.example.com |
|
Instance Directory |
/opt/SUNWwbsvr/https-AuthenticationUI-1.example.com |
|
Port |
1080 |
|
Service URL |
http://AuthenticationUI-1.example.com:1080 |
|
Application User |
authuiadmin |
|
Application User Password |
4uthu14dmin |
|
Deployment URI |
distAuth |
Table C–2 AuthenticationUI–2 Host Machine Configuration
Component |
Description | |
---|---|---|
Host Name |
AuthenticationUI-2.example.com |
|
Non-Root User |
da71adm |
|
Non-Root User Password |
6a714dm |
|
Web Server Administration |
Manages the Web Server and all its instances. |
|
Instance Name |
admin-server |
|
Instance Directory |
/opt/SUNWwbsvr/admin-server |
|
Port Number |
8989 |
|
Service URL |
https://AuthenticationUI-2.example.com:8989 |
|
Administrative User |
admin |
|
Administrative User Password |
web4dmin |
|
Web Server Instance |
Contains the Distributed Authentication User Interface module. |
|
Instance Name |
AuthenticationUI-2.example.com |
|
Instance Directory |
/opt/SUNWwbsvr/https-AuthenticationUI-2.example.com |
|
Port |
1080 |
|
Service URL |
http://AuthenticaitonUI-2.example.com:1080 |
|
Agent Profile |
authuiadmin |
|
Agent Profile Password |
4uthu14dmin |
|
Deployment URI |
distAuth |
This appendix collects the information regarding the Protected Resource host machines. It contains the following tables:
Protected Resource 1 Web Server and Web Policy Agent Host Machine Configurations
Protected Resource 1 Application Server and J2EE Policy Agent Host Machine Configurations
Protected Resource 2 Web Server and Web Policy Agent Host Machine Configurations
Protected Resource 2 Application Server and J2EE Policy Agent Host Machine Configurations
Component |
Description | |
---|---|---|
Host Name |
ProtectedResource-1.example.com |
|
Web Server Administration Server |
Manages the Web Server application and all instances. |
|
Instance Name |
admin-server |
|
Instance Directory |
/opt/SUNWwbsvr/admin-server |
|
SSL Port |
8989 |
|
SSL Service URL |
https://ProtectedResource-1.example.com:8989 |
|
Administrative User |
admin |
|
Administrative User Password |
web4dmin |
|
Web Server Instance |
Contains the web policy agent. |
|
Instance Name |
ProtectedResource-1.example.com |
|
Instance Directory |
/opt/SUNWwbsvr/https-ProtectedResource-1.example.com |
|
Port |
1080 |
|
Protected Resource URL |
http://ProtectedResource–1.example.com:1080 |
|
Web Agent Profile |
webagent-1 |
|
Web Agent Profile Password |
web4gent1 |
Table D–2 Protected Resource 1 Application Server and J2EE Policy Agent Host Machine Configurations
Component |
Description | |
---|---|---|
Host Name |
ProtectedResource-1.example.com |
|
BEA WebLogic Application Server Home |
/usr/local/bea/ |
|
BEA WebLogic Application Server Domain |
/usr/local/bea/user_projects/domains/ProtectedResource-1 |
|
WebLogic Administration Server |
Manages the domain and all managed servers |
|
Server Name |
AdminServer |
|
Server Directory |
/usr/local/bea/user_projects/domains/ProtectedResource-1/servers/AdminServer |
|
Port |
7001 |
|
Console URL |
http://protectedresource–1.example.com:7001/console |
|
Administrative User |
weblogic |
|
Administrative User Password |
w3bl0g1c |
|
WebLogic Managed Server |
Contains configuration information for this managed server and the J2EE Policy Agent. |
|
Server Name |
ApplicationServer-1 |
|
Server Directory |
/usr/local/bea/user_projects/domains/ProtectedResource-1/servers/ApplicationServer-1 |
|
Port |
1081 |
|
J2EE Policy Agent Profile |
j2eeagent-1 |
|
J2EE Policy Agent Profile Password |
j2ee4gent1 |
Table D–3 Protected Resource 2 Web Server and Web Policy Agent Host Machine Configurations
Component |
Description | |
---|---|---|
Host Name |
ProtectedResource-2.example.com |
|
Web Server Administration Server |
Manages the Web Server application and all instances. |
|
Instance Name |
admin-server |
|
Instance Directory |
/opt/SUNWwbsvr/admin-server |
|
SSL Port |
8989 |
|
SSL Service URL |
https://ProtectedResource-2.example.com:8989 |
|
Administrative User |
admin |
|
Administrative User Password |
web4dmin |
|
Web Server Instance |
Contains the web policy agent. |
|
Instance Name |
ProtectedResource-2.example.com |
|
Instance Directory |
/opt/SUNWwbsvr/https-ProtectedResource-2.example.com |
|
Port |
1080 |
|
Protected Resource URL |
http://ProtectedResource–2.example.com:1080 |
|
Web Agent Profile |
webagent-2 |
|
Web Agent Profile Password |
web4gent2 |
Table D–4 Protected Resource 2 Application Server and J2EE Policy Agent Host Machine Configurations
Component |
Description | |
---|---|---|
Host Name |
ProtectedResource-2.example.com |
|
BEA WebLogic Application Server Home |
/usr/local/bea/ |
|
BEA WebLogic Application Server Domain |
/usr/local/bea/user_projects/domains/ProtectedResource-2 |
|
WebLogic Administration Server |
Manages the domain and all managed servers |
|
Server Name |
AdminServer |
|
Server Directory |
/usr/local/bea/user_projects/domains/ProtectedResource-2/servers/AdminServer |
|
Port |
7001 |
|
Console URL |
http://protectedresource–2.example.com:7001/console |
|
Administrative User |
weblogic |
|
Administrative User Password |
w3bl0g1c |
|
WebLogic Managed Server |
Contains configuration information for this managed server and the J2EE Policy Agent. |
|
Server Name |
ApplicationServer-2 |
|
Server Directory |
/usr/local/bea/user_projects/domains/ProtectedResource-2/servers/ApplicationServer-2 |
|
Port |
1081 |
|
J2EE Policy Agent Profile |
j2eeagent-2 |
|
J2EE Policy Agent Profile Password |
j2ee4gent2 |
This appendix collects the information regarding the load balancers. It contains the following table:
The BIG-IP load balancer login page and configuration console for all load balancers in this deployment example is accessed from the URL, is-f5.example.com.
username
password
Load Balancer |
Description | |
---|---|---|
Load Balancer 1 |
Distribution for the two Directory Server instances that contain Access Manager configuration data instance. |
|
Virtual Server |
LoadBalancer-1.example.com |
|
Port |
389 |
|
Pool Name |
DirectoryServer-ConfigData-Pool |
|
Access URL |
LoadBalancer-1.example.com:389 |
|
Monitor |
ldap-tcp |
|
Load Balancer 2 |
Distribution for the two Directory Server instances that contains user data. |
|
Virtual Server |
LoadBalancer-2.example.com |
|
Port |
489 |
|
Pool Name |
DirectoryServer-UserData-Pool |
|
Access URL |
LoadBalancer-2.example.com:489 |
|
Monitor |
ldap-tcp |
|
Load Balancer 3 |
Distribution for the two Web Server applications installed on the Access Manager host machines. Note – SSL is terminated at this load balancer before the request is forwarded to Access Manager. This load-balancer is the single point-of-failure for Access Manager and can be considered a limitation of this deployment example. |
|
Virtual Server |
LoadBalancer-3.example.com |
|
Port (external access) |
9443 |
|
Port (internal access) |
7070 |
|
Pool Name |
AccessManager-Pool |
|
External Access URL |
LoadBalancer-3.example.com:9443 |
|
Internal Access URL |
LoadBalancer-3.example.com:7070 |
|
Monitor |
AccessManager-http |
|
Load Balancer 4 |
Distribution for the two Web Server applications installed on the Distributed Authentication UI host machines. Note – SSL is terminated at this load balancer before the request is forwarded to the Distributed Authentication User Interface. |
|
Virtual Server |
LoadBalancer-4.example.com |
|
Port (external access) |
9443 |
|
Port (internal access) |
90 |
|
Pool Name |
AuthenticationUI-Pool |
|
External Access URL |
LoadBalancer-4.example.com:9443 |
|
Internal Access URL |
LoadBalancer-4.example.com:90 |
|
Monitor |
HTTP |
|
Load Balancer 5 |
Distribution for Web Policy Agents. |
|
Virtual Server |
LoadBalancer-5 |
|
Port |
90 |
|
Pool Name |
WebAgent-Pool |
|
Access URL |
LoadBalancer-5.example.com:90 |
|
Monitor |
WebAgent-http |
|
Load Balancer 6 |
Distribution for J2EE Policy Agents |
|
Virtual Server |
LoadBalancer-6 |
|
Port |
91 |
|
Pool Name |
J2EEAgent-Pool |
|
Access URL |
LoadBalancer-6.example.com:91 |
|
Monitor |
tcp |
Message Queue serves as a communications broker that enables Access Manager to communicate data with the session store. This appendix collects the information regarding the Message Queue servers. It contains the following tables:
Table F–1 Message Queue 1 Host Machine Configuration
Component |
Description | |
---|---|---|
Host Name |
MessageQueue-1.example.com |
|
Session Tools Scripts Directory |
/export/AMSFO/amSessionTools/amserver |
|
Message Queue Directory |
/export/AMSFO/amSessionTools/jmq |
|
Berkeley Database Directory |
/export/AMSFO/amSessionTools/bdb |
|
Instance Name |
msgqbroker |
|
Port Number |
7777 |
|
Administrative User |
msgquser |
|
Administrative User Password |
m5gqu5er |
Table F–2 Message Queue 2 Host Machine Configuration
Component |
Description | |
---|---|---|
Host Name |
MessageQueue-2.example.com |
|
Session Tools Scripts Directory |
/export/AMSFO/amSessionTools/amserver |
|
Message Queue Directory |
/export/AMSFO/amSessionTools/jmq |
|
Berkeley Database Directory |
/export/AMSFO/amSessionTools/bdb |
|
Instance Name |
msgqbroker |
|
Port Number |
7777 |
|
Administrative User |
msgquser |
|
Administrative User Password |
m5gqu5er |
The issues in this appendix will be updated as more information becomes available.
Table G–1 Known Issues and Limitations