Overview of Access Manager Upgrades
The following sections describe general aspects of Access Manager that affect upgrading to Java ES release 5:
About Java ES 5 Access Manager
Java ES Release 5 Access Manager 7.1 is a minor release that contains several bugs fixes and RFE's to the Java ES 4 Access Manager 7.0 release. Access Manager 7.1 includes the Java ES Monitoring Framework, which creates are new shared component dependencies. No major changes occurred in terms of functionality. In order to maintain backward compatibility with other components in the Java ES Stack, Access Manager 7.1 can be run in the legacy mode.
Access Manager Upgrade Roadmap
The following table shows the supported Access Manager upgrade paths to Java ES Release 5.
Table 9–1 Upgrade Paths to Java ES Release 5: Sun Java System Access Manager 7.1|
Java ES Release |
Access Manager Release |
General Approach |
Reconfiguration Required |
|---|---|---|---|
|
Release 4 |
Sun Java System Access Manager 7.0 2005Q4 |
Direct upgrade: Performed by doing a full installation and reconfiguration of Release 5 |
Configuration data Web container Customized JavaServer PagesTM (JSPTM) for Access Manager console and authentication UI Directory schema |
Note –
Before starting the upgrade process for Access Manager, the upgrade for Web container and Directory Server should have been completed.
Access Manager Data
Access Manager, like other Java ES components, makes use of various kinds of data that for any specific upgrade might need to be migrated to an upgraded version. The following table shows the type of data that could be impacted by an upgrade of Access Manager software.
Table 9–2 Access Manager Data Usage|
Type of Data |
Location |
Usage |
|---|---|---|
|
Configuration data |
AccessManager-base\config\AMConfig.properties AccessManager-base\config\serverconfig.xml Java Archive (JAR) files for authentication and customized modules AccessManager-base\lib |
Configuration of Access Manager and its integration with a back-end data store |
|
Web container configuration |
Web Server: server.policy and server.xml files in WebServer-base\https-hostname\config Application Server: server.policy and domain.xml files in ApplicationServer-base\domain\domain1\config |
Configuration of Access Manager web container instance |
|
Customization data (Web container customized JSP files) |
Admin Console: AccessManager-base\web-src\applications Authentication UI: AccessManager-base\web-src\services |
Configuration of Access Manager administration interfaces |
|
Directory schema Services configuration User data |
Directory Server |
Access Manager provides authentication and authorization services for end users, based on services configuration, user, and policy data that is stored in a directory |
|
Dynamic application data |
None |
Access Manager does not persistently store application data such as session state |
Access Manager Compatibility Issues
Release 5 Access Manager is backwardly compatible with Release 4 Access Manager. Note that Release 4 Access Manager was a major release that, except when configured to run in Legacy mode, broke compatibility with earlier releases. Likewise, Release 5 Access Manager, unless configured to run in Legacy mode, is not backwardly compatible with the Java ES 4 Access Manager running in Legacy mode.
Legacy mode is necessary to support other Java ES components, as well as older versions of Access Manager policy agents that which cannot interoperate with Access Manager in Realm mode. This incompatibility is an important upgrade consideration, and means in most Java ES deployments that Access Manager should be upgraded to Release 5 Legacy mode even when configured to run in Legacy mode.
Access Manager Dependencies
Access Manager dependencies on other Java ES components can affect the procedure for upgrading and reconfiguring Access Manager software. Changes in Access Manager interfaces or functions, for example, could require upgraded version of components upon which Access Manager depends. The need to upgrade such components depends upon the specific upgrade path.
Access Manager has dependencies on the following Java ES components:
-
Shared components. Access Manager has dependencies on specific Java ES shared components, as listed inTable 1–7. Access Manager upgrades might depend upon upgraded versions of these shared components.
-
Web Container. Access Manager depends upon web container services, which can be provided either by Java ES Web Server and Java ES Application Server. Access Manager upgrades must therefore be reconfigured for a web container instance. In addition, any customized JSPs for the Access Manager console or for the authentication UI need to be migrated to the upgraded Access Manager environment.
-
Directory Server. Access Manager stores configuration data and also accesses user data stored in Directory Server. As a result, Access Manager upgrades might require extensions of directory schema.
Web Container Upgrade Scenarios
Access Manager can be deployed in a web container provided by either Web Server or Application Server. As a result, the upgrade of Access Manager to Release 5 can be complicated by the possibility of also having upgraded to Release 5 the web container in which it is deployed. In this regard, there are a number of web container upgrade scenarios possible, enumerated in the following table:
Table 9–3 Web Container Upgrade Scenarios for Access Manager Upgrade|
Scenario |
Web Container in which Access Manager is Originally Deployed |
Web Container in which Access Manager is Deployed After Upgrade |
Applicable Access Manager Upgrade Paths: Upgrades From |
|---|---|---|---|
|
Scenario 1 |
Web Server 6.x |
Web Server 7.0 |
Release 4 |
|
Scenario 2 |
Application Server 8.1 |
Application Server 8.2 |
Release 4 |
You must be careful when upgrading Access Manager (for example when using the amconfig.bat) to provide values appropriate to the upgrade scenario in Table 9–3that applies, especially when there is a major version upgrade of the web container.
- © 2010, Oracle Corporation and/or its affiliates