Use the Access Manager console to configure policy for the Web Policy Agents.
Access the Access Manager server, http://AccessManager-1.example.com:1080/amserver/UI/Login, from a web browser.
Log in to the Access Manager console as the administrator.
amadmin
4m4dmin1
Modify the referral policy for access to Load Balancer 5.
On the Access Control tab, click the top-level realm example.
Click the Policies tab.
Click the Referral URL Policy for users realm link.
On the Edit Policy page, under Rules, click New.
On the resulting page, select URL Policy Agent (with resource name) and click Next.
This selection is used to define policies that protect HTTP and HTTPS URLs.
On the resulting page, provide the following information:
URL Rule for LoadBalancer-5
http://LoadBalancer-5.example.com:90/*
Click Finish.
On the resulting page, click Save.
The new rule is in the Rules list.
Create a policy in the users sub-realm.
On the Access Control tab, click the users link.
Click the Policies tab, and then New Policy.
In the Name field, enter URL Policy for LoadBalancer-5.
Under Rules, click New.
On the resulting page, accept the default URL Policy Agent (with resource name) and click Next.
On the resulting page, provide the following information:
LoadBalancer-5.
In the list, select http://LoadBalancer-5.example.com:90/*.
http://LoadBalancer-5.example.com:90/* is automatically entered when you select the Parent Resource Name.
Mark this checkbox and select Allow.
Mark this checkbox and select Allow.
Click Finish.
On the New Policy page again, under Subjects, click New.
On the resulting page, verify that Access Manager Identity Subject is selected, and click Next.
On the resulting page, provide the following information:
LoadBalancer-5_Groups
In the drop-down list, select Group and click Search.
The search returns a list of available groups.
Select Employee-Group and Manager-Group and click Add.
The Employee-Group and Manager-Group groups are in the Selected List.
Click Finish.
On the resulting page, click OK.
The policy you just created is now included in the list of Policies.
Log out of the Access Manager console and close the browser.