This chapter provides information about Sun Java System Policy Agent 2.2 as it pertains specifically to IBM Lotus Domino 7.0, including:
While the individual web agents tend to be similar in terms of installation and configuration, they can have unique characteristics that allow them to interact with unique characteristics in the underlying deployment container, such as a web server or proxy server. Therefore, this chapter describes characteristics that are unique to this agent, Sun Java System Access Manager Policy Agent 2.2 for IBM Lotus Domino 7.0, and that are unique to just the deployment container, IBM Lotus Domino 7.0. This chapter also summarizes specific tasks you might need to perform because of the unique characteristics of the deployment container.
All agents in the Policy Agent 2.2 release are compatible with versions of Sun Java System Access Manager as described in this section.
All agents in the Policy Agent 2.2 release are compatible with Access Manager 7 and Access Manager 7.1. Compatibility applies to both of the available modes of Access Manager: Realm Mode and Legacy Mode.
Install the latest Access Manager patches to ensure that all enhancements and fixes are applied. For an example of Access Manager patches that can be installed, see the compatibility information discussed in Sun Java System Access Manager Policy Agent 2.2 Release Notes.
All agents in Policy Agent 2.2 are also compatible with Access Manager 6.3 Patch 1 or greater. However, certain limitations apply. For more information about the limitations, see Backward Compatibility With Access Manager 6.3.
Support of Lotus Domino Database With the IBM Lotus Domino 7.0 Agent
Support of Lightweight Third-Party Authentication (LTPA) With the IBM Lotus Domino 7.0 Agent
The IBM Lotus Domino 7.0 agent and the IBM Lotus Domino 6.5.4 agent use the same agent binaries. However, in terms of deploying the agent, certain aspects differ between these two versions of IBM Lotus Domino. For example, the supported platforms and specific instructions can differ. Therefore, information about these two versions of IBM Lotus Domino are presented in two different guides. For information specific to Lotus Domino 6.5.4, see Sun Java System Access Manager Policy Agent 2.2 Guide for IBM Lotus Domino 6.5.4.
In this guide, you might see file or directory names that include the string domino6. Such references to domino6 are correct, even though you are installing the agent on IBM Lotus Domino 7.0.
You can configure the IBM Lotus Domino 7.0 agent to check if each user name that the agent authenticates exists in the Lotus Domino directory. A simple configuration step is required, which involves editing the web agent AMAgent.properites configuration file as described in All Systems: Using the Lotus Domino Database for the IBM Lotus Domino 7.0 Agent.
The version 2.2 for IBM Lotus Domino 7.0 agent does not support cross domain single sign-on (CDSSO). The IBM Lotus Domino 7.0 deployment container does not allow the agent to change the method type from POST to GET, which is necessary for cross domain single sign-on.
This technology for passing user authentication information between servers is supported by the IBM Lotus Domino 7.0 agent. For information on which properties in the web agent AMAgent.properties configuration file affect the configuration of this technology, see Configuring Agent for IBM Lotus Domino 7.0 with Lightweight Third-Party Authentication (LTPA).