Modify AMAgent.properties.
Log in as a root user to the ProtectedResource–1 host machine.
Change to the config directory.
# cd /export/J2EEPA1/j2ee_agents/am_wl92_agent/agent_001/config |
Backup AMAgent.properties before you modify it.
Set the following properties in AMAgent.properties.
com.sun.identity.agents.config.notenforced.uri[0] = /agentsample/public/* com.sun.identity.agents.config.notenforced.uri[1] = /agentsample/images/* com.sun.identity.agents.config.notenforced.uri[2] = /agentsample/styles/* com.sun.identity.agents.config.notenforced.uri[3] = /agentsample/index.html com.sun.identity.agents.config.notenforced.uri[4] = /agentsample com.sun.identity.agents.config.access.denied.uri = /agentsample/authentication/accessdenied.html com.sun.identity.agents.config.login.form[0] = /agentsample/authentication/login.html com.sun.identity.agents.config.login.url[0] = http://LoadBalancer-3.example.com:7070/ amserver/UI/Login?realm=users com.sun.identity.agents.config.privileged.attribute. type[0] = group com.sun.identity.agents.config.privileged.attribute. tolowercase[group] = false |
Set these remaining properties as follows.
This is specific to this deployment example. For more information see The agentadmin -getUuid command fails for amadmin user on Access Manager 7 with various agents (6452713) in Sun Java System Access Manager Policy Agent 2.2 Release Notes.
Retrieve the Universal IDs.
They were saved in To Create Manager and Employee Groups Using Access Manager for J2EE Policy Agent Test.
Convert all uppercase to lowercase and append a back slash (\) in front of each equal sign (=).
Set the properties.
com.sun.identity.agents.config.privileged.attribute. mapping[id\=manager-group,ou\=group,o\=users,ou\=services, dc\=example,dc\=com] = am_manager_role com.sun.identity.agents.config.privileged.attribute. mapping[id\=employee-group,ou\=group,o\=users,ou\=services, dc\=example,dc\=com] = am_employee_role |
Save AMAgent.properties and close it.
Restart the Application Server 1 administration server and managed instance.
Change to the bin directory.
# cd /usr/local/bea/user_projects/domains/ProtectedResource-1/bin |
Stop the managed instance.
# ./stopManagedWebLogic.sh ApplicationsServer-1 t3://localhost:7001 |
Stop the administration server.
# ./stopWebLogic.sh |
Start the administration server.
# ./startWebLogic.sh & |
Start the managed instance.
# ./startManagedWebLogic.sh ApplicationServer-1 t3://localhost:7001 & |
Log out of the ProtectedResource-1 host machine.