test

Deployment Example 1: Access Manager 7.1 Load Balancing, Distributed Authentication UI, and Session Failover

ProcedureTo Create Polices for the Agent Resources

The policies you create here are used in To Verify the J2EE Policy Agent Load Balancer Configuration is Working Properly.

  1. Access the Access Manager server, http://AccessManager-1.example.com:1080/amserver/UI/Login, from a web browser.

  2. Log in to the Access Manager console as the administrator.

    Username

    amadmin

    Password

    4m4dmin1

  3. Modify the referral policy for access to Load Balancer 6.

    1. On the Access Control tab, click the top-level realm example.

    2. Click the Policies tab.

    3. Click the Referral URL Policy for users realm link.

    4. On the Edit Policy page, under Rules, click New.

    5. On the resulting page, select URL Policy Agent (with resource name) and click Next.

      This selection is used to define policies that protect HTTP and HTTPS URLs.

    6. On the resulting page, provide the following information:

      Name:

      URL Rule for LoadBalancer-6

      Resource Name:

      http://loadbalancer-6.example.com:91/*

      Note –

      Make sure all letters are lowercase.

    7. Click Finish.

    8. On the resulting page, click Save.

      The new rule is in the Rules list.

  4. Create a policy in the users sub-realm.

    1. On the Access Control tab, click the users link.

    2. Click the Policies tab, and then New Policy.

    3. In the Name field, enter URL Policy for LoadBalancer-6.

    4. Under Rules, click New.

    5. On the resulting page, accept the default URL Policy Agent (with resource name) and click Next.

    6. On the resulting page, provide the following information:

      Name:

      LoadBalancer-6.

      Parent Resource Name:

      From the list, select, http://loadbalancer-6.example.com:91/*.

      Resource Name:

      http://loadbalancer-6.example.com:91/* is automatically entered when you select the Parent Resource Name.

      GET

      Mark the checkbox and select Allow.

      POST

      Mark the checkbox and select Allow.

    7. Click Finish.

    8. On the New Policy page again, under Subjects, click New.

    9. On the resulting page, verify that Access Manager Identity Subject is selected, and click Next.

    10. On the resulting page, provide the following information:

      Name:

      LoadBalancer-6_Groups

      Filter:

      In the drop-down list, select Group and click Search.

      The search returns a list of available groups.

    11. Select Employee-Group and Manager-Group and click Add.

      The Employee-Group and Manager-Group groups are in the Selected List.

    12. Click Finish.

    13. On the resulting page, click OK.

    The policy you just created is now included in the list of Policies.

  5. Log out of the Access Manager console and close the browser.