Access Manager 7.1 features the Platform Service which provides centralized configuration management for an Access Manager deployment. In this procedure, you configure the two Access Manager servers to work as a single unit. Once configured as a site, all client requests go through either the internal or external load balancer. Use the following list of procedures as a checklist for completing this task.
It is not necessary to repeat this procedure on Access Manager 2.
Access http://AccessManager-1.example.com:1080/amserver/console in a web browser.
Log in to the Access Manager console as the administrator.
amadmin
4m4dmin1
Under the Access Control tab, click example, the top-level Realm Name.
Enter LoadBalancer-3.example.com, the name of the internal load balancer, in the Realm/DNS Aliases field and click Add.
Do not remove the host names AccessManager-1 and AccessManager-2 from the alias list. These allow administrators to log in to the console directly in the event of a load balancer failure.
Enter loadbalancer-3.example.com, a second entry for the same host name in all lowercase, and click Add.
The Access Manager site will not be configured properly unless you use all lowercase when entering this second host name. This is a known issue.
Click Save.
Click Back to Realms.
Click the Configuration tab.
Under System Properties, click Platform.
Under Site Name, click New, and enter the following values for the external load balancer.
https://loadbalancer-3.example.com:9443
11
Click OK.
Click Save
Under Site Name, click New again, and enter the following values for the internal load balancer.
http://loadbalancer-3.example.com:7070
12
Click OK.
Click Save
On the same Platform page, under Instance Name, click AccessManager-1.example.com:1080.
Change the site ID to 01|11|12
Click OK.
Click Save
On the Platform page again, under Instance Name, click AccessManager-2.example.com:1080.
Change the site ID to 02|11|12
Click OK.
Click Save
Log out of the Access Manager console.
Log in to the AccessManager–1 host machine and restart Access Manager for the changes to take effect.
# cd /opt/SUNWwbsvr/https-AccessManager-1.example.com/bin # ./stopserv; ./startserv |
Log in to the AccessManager–2 host machine and restart Access Manager for the changes to take effect.
# cd /opt/SUNWwbsvr/https-AccessManager-2.example.com/bin # ./stopserv; ./startserv |
Log out of both Access Manager host machines.
Access the internal load balancer at http://LoadBalancer-3.example.com:7070/amserver/UI/Login.
If an error message is displayed indicating that the browser cannot connect to either AccessManager- 1.example.com or AccessManager-2.example.com, the site configuration is not correct. If the site configuration is correct, all browser interactions will occur as expected.
If you have an issue accessing the Access Manager load balancer, read about reference number 6472662 in Appendix G, Known Issues and Limitations.
When the Access Manager login page is displayed, verify that the browser URL still contains the Site URL for the internal load balancer.
If it does not contain the Site URL, the site configuration is incorrect. If the site configuration is correct, all browser interactions will occur through the Site URL.
Log in to the Access Manager console as the administrator.
amadmin
4m4dmin1
A successful login occurs when the site configuration is correct.
Log out of the Access Manager console.