3949: OCSP checking needs permission added to server.policy file
3796: Creation of Fedlet in console failed in a console only deployment
The index.html under host:port/uri/samples displays:
1. Authentication Samples 2. ID-FF Sample 3. SAMLv2 Sample 4. Multi-Federation Protocols Sample
However, the following link to the policy samples is missing in index.html: host:port/uri/samples/policy/policy-plugins.html
Workaround: Open the host:port/uri/samples/policy/policy-plugins.html file in your browser.
To enable OCSP checking for an OpenSSO web container that has enabled the Java Security Manager, add the following permission to the server.policy (or equivalent) file:
permission java.security.SecurityPermission "getProperty.ocsp.*";
If you generate a console only deployment, creating a Fedlet using the Console Common Tasks failed with an error message stating that there was no file or directory for sp-extended.xml. The com.iplanet.services.configpath property was not set by the console only Configurator.
Workaround. Edit the AMConfig.properties file and set the com.iplanet.services.configpath property to the configuration directory. For example:
com.iplanet.services.configpath=/consoleonly
The Access Manager Roles policy subject is supported only with the Access Manager Repository (AMSDK) data store. By default, this subject is disabled in the policy configuration. Therefore, enable the Access Manager Roles policy subject only if the data store type is configured to use the AMSDK plug-in.
For more information, see Chapter 15, Enabling the Access Manager SDK (AMSDK) Identity Repository Plug-in, in Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide.