Sun Java System Access Manager Policy Agent 2.2 Guide for IBM WebSphere Application Server 6.0

Configuring A J2EE Agent With Access Manager 6.3

Policy Agent 2.2 was released with Access Manager 7 and is designed to take advantage of functionality present in this release. However, J2EE agents in the Policy Agent 2.2 release can be configured to run with Access Manager 6.3 Patch 1 or greater.

Certain features that Policy Agent 2.2 takes advantage of in Access Manager 7 are not available in Access Manager 6.3, such as “composite advices,” “policy-based response attributes,” and others.

You can configure a J2EE agent in the Policy Agent 2.2 release to communicate with Access Manager 6.3 Patch 1 or greater as described in the following tasks, which are divided into pre-installation, installation, and post-installation steps.

To Prepare to Install a J2EE Agent With Access Manager 6.3

Caution –

Policy Agent 2.2 is only compatible with Access Manager 6.3 when Patch 1 or greater has been applied. Without the patch, the deployment will fail.

Ensure that the instance of Access Manager 6.3 you are using has been updated with a patch of level 1, at a minimum.

Create an agent profile in Access Manager 6.3 Console that matches the agent profile information provided during J2EE agent installation.

For information about creating the agent profile in Access Manager 6.3, see information referring to the “agent object” in Sun Java System Access Manager 6 2005Q1 Administration Guide.

To Install a J2EE Agent With Access Manager 6.3

Install the J2EE agent, providing details for the Access Manager 6.3 Patch 1 or greater instance.

For instructions on how to install the agent, see Chapter 3, Installing Policy Agent 2.2 for IBM WebSphere Application Server 6.0.

To Configure a J2EE Agent With Access Manager 6.3

Change to the following directory:
```
PolicyAgent-base/lib
```

Create a backup copy of the amclientsdk.jar file, giving the copy a name such as amclientsdk70.jar.

Copy the amclientsdk63.jar file to the lib directory and change the name from amclientsdk63.jar to something such as amclientsdk.jar.
Full path to amclientsdk63.jar file:
```
PolicyAgent-base/etc/amclientsdk63.jar
```
Full path to lib directory:
```
PolicyAgent-base/lib
```

To Enable the Sample Application to Work With Access Manager 6.3

The sample application, PolicyAgent-base/sampleapp/dist/agentsample.ear, is designed to work with Access Manager 7. However, you can change the deployment descriptors in the sample application to enable the application to work with Access Manager 6.3.

Change the role-to-principal values in the deployment descriptors of the sample application.

Therefore, replace the Access Manager 7 values with Access Manager 6.3 values as follows:

Access Manager 7

"id=manager,ou=role,dc=iplanet,dc=com"

Access Manager 6.3

"cn=manager,dc=iplanet,dc=com"

Restart the IBM WebSphere Application Server 6.0 instance.

Execute the sample application tests.