Documentation Home
> Sun Java System Access Manager Policy Agent 2.2 Guide for IBM WebSphere Application Server 6.1
Sun Java System Access Manager Policy Agent 2.2 Guide for IBM WebSphere Application Server 6.1
Book Information
Index
A
B
C
D
F
G
I
L
N
P
R
S
U
W
Preface
Chapter 1 Introduction to J2EE Agents for Policy Agent 2.2
Uses of J2EE Agents
J2EE Agents and an Online Auction Application
J2EE Agents and a Web-Based Commerce Application
J2EE Agents and a Content-Based Web Application
How J2EE Agents Work
What’s New About J2EE Agents
Removal of J2EE Agent Dependency on LDAP and on Administrative Accounts
Removal of J2EE Agent Dependency on LDAP
Removal of J2EE Agent Dependency on Administrative Accounts
Enhanced J2EE Agent Installation Process
J2EE Agent Support for Installation Using Non-Administrative User Accounts
Secure Handling of Sensitive Information by J2EE Agents
Self-Contained Installation of J2EE Agents
J2EE Agent Support for Multiple Physical Installations
J2EE Agent Coexistence With Access Manager
J2EE Agent Support for Client Identification Based on Custom HTTP Headers
J2EE Agent Specific Application for Housekeeping Tasks
J2EE Agent URL Policy Enhancements
Remote Policy Evaluation Failover in J2EE Agents
Configurable Policy Evaluation Mechanism in J2EE Agents
Composite Advice in J2EE Agents
Policy Based Response Attributes in J2EE Agents
J2EE Agent Support for Flexible User Mapping Mechanisms
J2EE Agent Support for Fetching User Session Attributes
J2EE Agent Support for Version Checking
J2EE Agent Support for Not-Enforced IP List
J2EE Agent Support for Custom Response Headers
J2EE Agent Support for Application Logout Integration
J2EE Agent Support for Application Specific Agent Filter Operation Modes
J2EE Agent Support for Affinity-Based Login URL Selection
J2EE Agent Support for a Sample Application
J2EE Agent Backward Compatibility With Access Manager 6.3
Information About Using J2EE Agents in Policy Agent 2.2
Enhanced Installation Process for J2EE Agents in Policy Agent 2.2
Increased Functionality of the agentadmin Program for J2EE Agents in Policy Agent 2.2
The Sample Application
Chapter 2 Vital Installation Information for a J2EE Agent in Policy Agent 2.2
Format of the Distribution Files for a J2EE Agent Installation in Policy Agent 2.2
To Unpack Non-Package Formatted Deliverables of a J2EE Agent in Policy Agent 2.2
To Unpack Package Formatted Deliverables of a J2EE Agent in Policy Agent 2.2
To Unpack a .zip Compressed file of a J2EE Agent in Policy Agent 2.2
Role of the agentadmin Program in a J2EE Agent for Policy Agent 2.2
agentadmin --install
agentadmin --uninstall
agentadmin --listAgents
agentadmin --agentInfo
agentadmin --version
agentadmin --encrypt
agentadmin --getEncryptKey
agentadmin --uninstallAll
agentadmin --getUuid
agentadmin --usage
agentadmin --help
J2EE Agent Directory Structure in Policy Agent 2.2
Location of the J2EE Agent Base Directory in Policy Agent 2.2
Inside the J2EE Agent Base Directory in Policy Agent 2.2
Configuring A J2EE Agent With Access Manager 6.3
To Prepare to Install a J2EE Agent With Access Manager 6.3
To Install a J2EE Agent With Access Manager 6.3
To Configure a J2EE Agent With Access Manager 6.3
To Enable the Sample Application to Work With Access Manager 6.3
Creating a J2EE Agent Profile
To Create an Agent Profile
Chapter 3 Installing the IBM WebSphere Application Server 6.1 Agent
Installation Related Information About Agent for WebSphere Application Server 6.1
Supported Platforms and Compatibility of Agent for WebSphere Application Server 6.1
Platform and Version Support of Agent for WebSphere Application Server 6.1
Compatibility of Agent for WebSphere Application Server 6.1 With Access Manager
Compatibility of Policy Agent 2.2 With Access Manager 7 2005Q4 and Access Manager 7.1
Compatibility of Policy Agent 2.2 With Access Manager 6.3
High-Level Architecture of Agent for WebSphere Application Server 6.1
Key Functionality of Agent for WebSphere Application Server 6.1
Components of Agent for WebSphere Application Server 6.1
Component Interaction in Agent for WebSphere Application Server 6.1
Preparing to Install Agent for WebSphere Application Server 6.1
To Prepare to Install Agent for WebSphere Application Server 6.1
Launching the Installation Program of Agent for WebSphere Application Server 6.1
To Launch the Installation Program of Agent for WebSphere Application Server 6.1
Using the Installation Program of Agent for WebSphere Application Server 6.1
About Installation Prompts in Agent for WebSphere Application Server 6.1
Example of Installation Program Interaction in Agent for WebSphere Application Server 6.1
Implications of Specific Deployment Scenarios in Agent for WebSphere Application Server 6.1
Installing a J2EE Agent on Multiple WebSphere Application Server 6.1 Instances
Installing Agent for WebSphere Application Server 6.1 on the Access Manager Host
Summary of a J2EE Agent Installation in Policy Agent 2.2
Chapter 4 Post-Installation Tasks for the IBM WebSphere Application Server 6.1 Policy Agent
Common Post-Installation Tasks for All Version 2.2 J2EE Agents
Deploying the Agent Application for Version 2.2 J2EE Agents
Updating the Agent Profile for Version 2.2 J2EE Agents
To Update the Agent Profile for Version 2.2 J2EE Agents
Post-Installation Tasks Specific to the WebSphere Application Server 6.1 Agent
Creating the Agent Profile User and Role, WebSphere Primary Administrative User, and WebSphere Administrative Role
Creating a New J2EE Agent Profile User
To Create a New J2EE Agent Profile User
Creating a New J2EE Agent Profile Role and Assign the Role to the Agent Profile User
To Create a New J2EE Agent Profile Role and Assign the Role to the Agent Profile User
Assigning Read Access to the Agent Profile Role
To Assign Read Access to the Agent Profile Role
Creating the Primary Administrative User in Access Manager
To Create the Primary Administrative User in Access Manager
Creating the WebSphere Administrative Role in Access Manager
To Create the WebSphere Administrative Role in Access Manager
Editing the AMConfig.properties File to Get a Non-Expiring SSO Token for the New Agent Profile User's SSO Session
To Get a Non-Expiring SSO Token
Global Configuration Tasks for WebSphere Application Server 6.1
Setting the Custom Registry of WebSphere Application Server 6.1
To Set the Custom Registry of WebSphere Application Server 6.1
Adding an Access Manager Trust Association Interceptor to WebSphere Application Server 6.1
To Add an Access Manager Trust Association Interceptor to WebSphere Application Server 6.1
Turning On Global Security for WebSphere Application Server 6.1
To Turn On Global Security for WebSphere Application Server 6.1
Granting Access to the WebSphere Application Server 6.1 Administration Console
To Grant Access to the WebSphere Application Server 6.1 Administration Console
Editing the AMAgent.properties File
Deploying the Agent Application
Installing the Agent Filter for the WebSphere Application Server 6.1 Administration Console
To Install the Agent Filter for the WebSphere Application Server 6.1 Administration Console
Allowing Access to the WebSphere Application Server 6.1 Administration Console
Verifying Access to the WebSphere Application Server 6.1 Administration Console
To Verify Access to the WebSphere Application Server 6.1 Administration Console
Configuring Applications Protected by the WebSphere Application Server 6.1 Agent
Installing the Agent Filter for a Deployed Application on the WebSphere Application Server 6.1 Agent
To Install the Agent Filter for the Deployed Application on the WebSphere Application Server 6.1 Agent
Conditional Post-Installation Task for Version 2.2 J2EE Policy Agents
Creating the Necessary URL Policies
Chapter 5 Managing Policy Agent 2.2 for WebSphere Application Server 6.1
Key Features and Tasks Performed With the J2EE AMAgent.properties Configuration File
Hot-Swap Mechanism in J2EE Agents
List Constructs in the J2EE AMAgent.properties Configuration File
Map Constructs in the J2EE AMAgent.properties Configuration File
J2EE Property Configuration: Application Specific or Global
J2EE Agent Filter Modes
J2EE Agent Filter Mode-NONE
J2EE Agent Filter Mode - SSO_ONLY
J2EE Agent Filter Mode - J2EE_POLICY
J2EE Agent Filter Mode - URL_POLICY
J2EE Agent Filter Mode - ALL
Enabling Web-Tier Declarative Security in J2EE Agents
To Enable J2EE Agents to Handle Security Constraint Settings
Web-Tier Security Details
Customizing Agent Response for Form Login
To Customize the Agent Response to Form Login
Enabling Failover in J2EE Agents
To Enable Failover in J2EE Agents
Login Attempt Limit in J2EE Agents
Redirect Attempt Limit in J2EE Agents
Not-Enforced URI List in J2EE Agents
Inverting the Not-Enforced URI List
Fetching Attributes in J2EE Agents
Fetching Profile Attributes in J2EE Agents
Fetching Session Attributes in J2EE Agents
Fetching Policy Response Attributes in J2EE Agents
Methods for Fetching Attributes in J2EE Agents
Fetching Attributes as HTTP Headers
Fetching Attributes as Request Attributes
Fetching Attributes as Cookies
Common Attribute Fetch Processing Related Properties
Configuring FQDN Handling in J2EE Agents
Using Cookie Reset Functionality in J2EE Agents
Enabling Port Check Functionality in J2EE Agents
Key Features and Tasks Performed With the J2EE agentadmin Program
Key Features and Tasks Performed With the J2EE Agent API
Class AmFilterManager
Available API for Class AmFilterManager
Interface IAmSSOCache
Available API for Interface IAmSSOCache
Class AmSSOCache
Available API for Class AmSSOCache
Usage of New J2EE Agent API in Policy Agent 2.2
Key Features and Tasks Performed With WebSphere Application Server 6.1
Disabling the Agent Realm of Policy Agent 2.2 for WebSphere Application Server 6.1
To Disable the Agent Realm
Chapter 6 Uninstalling the IBM WebSphere Application Server 6.1 Agent
Preparing to Uninstall Agent for WebSphere Application Server 6.1
To Prepare to Uninstall Agent for WebSphere Application Server 6.1
All Systems: Uninstalling Agent for WebSphere Application Server 6.1
Launching the Uninstallation Program of Agent for WebSphere Application Server 6.1
To Launch the Uninstallation Program of Agent for WebSphere Application Server 6.1
Using the Uninstallation Program of Agent for WebSphere Application Server 6.1
Example of Uninstallation Program Interaction in Agent for WebSphere Application Server 6.1
All Systems: Removing Files of Agent for WebSphere Application Server 6.1
To Remove Files of Agent for WebSphere Application Server 6.1 on All Systems — Non-Packages
To Remove Files of Agent for WebSphere Application Server 6.1 on Solaris Systems — Packages
Appendix A Silent Installation and Uninstallation of a J2EE Agent in Policy Agent 2.2
About Silent Installation and Uninstallation of a J2EE Agent in Policy Agent 2.2
Generating a State File for a J2EE Agent Installation
To Generate a State File for a J2EE Agent Installation
Using a State File for a J2EE Agent Silent Installation
To Install a J2EE Agent Using a State File
Generating a State File for a J2EE Agent Uninstallation
To Generate a State File for a J2EE Agent Uninstallation
Using a State File for a J2EE Agent Silent Uninstallation
To Uninstall a J2EE Agent Using a State File
Appendix B J2EE Agent AMAgent.properties Configuration File in Policy Agent 2.2
Location of the J2EE AMAgent.properties Configuration File
List of Properties in the J2EE AMAgent.properties Configuration File
Description of Properties in the J2EE AMAgent.properties Configuration File
Filter Operation Mode Property
User Mapping Properties
Client Identification Properties
Configuration Reload Interval Property
Locale Identification Properties
Organization Name Property
Audit Log Properties
Web Service Processing Properties
Access Denied URI Property
Form Login Processing Properties
Local Authentication Processing Properties
Goto Parameter Name Property
Login URL Property
Login URL Prioritized Flag Property
Agent Server Properties
Login Attempt Limit Property
URL Decode SSO Token Flag Property
SSO Cache Enable Property
Cookie Reset Processing Properties
CDSSO Processing Properties
Logout Processing Properties
FQDN Processing Properties
Legacy User Agent Processing Properties
Custom Response Headers Property
Redirect Attempt Limit Property
Port Check Processing Properties
Not-Enforced URI Processing Properties
Not-Enforced Client IP Processing Properties
Common Attribute Fetch Processing Properties
Profile Attribute Processing Properties
Session Attribute Processing Properties
Response Attribute Processing Properties
Bypass Principal List Property
Privileged Attribute Processing Properties
Service Resolver Property
Agent Username and Password Properties
Encryption Key Properties
Debug Service Properties
SSO Token Cookie Name Property
Naming Service URL Property
Session Client Properties
Encryption Provider Property
User Data Cache Update Time Property
Service Data Cache Update Time Property
SAML Service Properties
Authentication Service Properties
Policy Client Properties
Appendix C Troubleshooting a J2EE Agent Deployment in Policy Agent 2.2
J2EE Agent Troubleshooting Instructions
© 2010, Oracle Corporation and/or its affiliates