This section contains the following procedures.
You can create a new agent profile using the OpenSSO Enterprise console. Some of the individual steps documented do not apply to all agent profile types.
This procedure assumes you are logged into the OpenSSO Enterprise console as the administrator; by default, amadmin.
Under the Access Control tab, click the name of the realm in which you are creating the agent profile.
Click the Agents tab.
Select the tab for the appropriate agent type.
In the Agent section, click New.
The STS Client agent profile displays a pop-up from which you choose the token agent type: Discovery or STS. For more information, see STS Client in Sun OpenSSO Enterprise 8.0 Administration Reference.
In the Name field, enter the name for the new agent profile.
Enter and confirm the Password.
For web policy agents only, this password must be the same password that you enter in the agent profile password file that you specify when you run the agentadmin program to install the agent.
Steps 7–9 Apply to Web and J2EE policy agents only.
For Web and J2EE policy agents only, configure using the following sub procedure.
For other agent profile types, configure the attributes as documented in Chapter 5, Centralized Agent Configuration Attributes, in Sun OpenSSO Enterprise 8.0 Administration Reference.
Select Local or Centralized configuration.
When local configuration is selected, the properties related to this agent cannot be edited using the console. In such a scenario, the agent retrieves configuration data from the local (to the installed agent) OpenSSOAgentBootstrap.properties and OpenSSOAgentConfiguration.properties files in the agent installation directory. Property values for the locally configured agents are modified directly in the OpenSSOAgentConfiguration.properties file.
In the Server URL field, enter the OpenSSO Enterprise server URL.
For example:
http://OpenSSO-Host.example.com:8080/OpenSSO
In the Agent URL field, enter the URL for the agent application, agentapp.
For a web policy agent: http://Agent-Host.example.com:8090
For a J2EE policy agent: http://Agent-Host.example.com:8090/agentapp
Click Create.
The agent profile is created. To do additional configurations for the agent profile, click the profile name to display the Edit agent page. Agent attribute descriptions are listed and defined in Chapter 5, Centralized Agent Configuration Attributes, in Sun OpenSSO Enterprise 8.0 Administration Reference.
Agents can inherit properties from their group. For example, web policy agents can inherit properties from a web policy agent group.
The Group functionality is not supported with the web services and STS Client Agent Profiles.
This procedure assumes you are logged into the OpenSSO Enterprise console as the administrator; by default, amadmin.
Under the Access Control tab, click the name of the realm to which the group will belong.
Click the Agents tab.
Select the tab for the appropriate agent type.
In the Group section, click New.
Enter a name for the new group.
Enter the OpenSSO Enterprise Server URL (for Web and J2EE policy agents only).
For example, http://OpenSSO-Host.example.com:8080/OpenSSO Enterprise. For other agent profile types, configure the attributes as documented in Chapter 5, Centralized Agent Configuration Attributes, in Sun OpenSSO Enterprise 8.0 Administration Reference.
Click Create.
The agent group is created. To do additional configurations for the agent group, click the group name to display the Edit Group page. Attribute descriptions are listed and defined in Chapter 5, Centralized Agent Configuration Attributes, in Sun OpenSSO Enterprise 8.0 Administration Reference. (The properties you can set for a group are almost the same as those for an individual agent; the Group, Password, and Password Confirm properties are not available at the group level.)
Some group properties have variable values assigned that, in most cases, should not be changed. @AGENT_PROTO@://@AGENT_HOST@:@AGENT_PORT@/amagent is an example of such a value.
The Group functionality is not supported with the web services and STS Client Agent Profiles.
This procedure assumes you are logged into the OpenSSO Enterprise console as the administrator (by default, amadmin) and the group has been created. See To Create a New Group.
Under the Access Control tab, click the name of the realm to which the agent belongs.
Click the Agents tab.
Select the tab for the appropriate agent type.
Click the name of the agent profile you want to modify.
elect the name of the group from which you want the agent to inherit properties as a value for the Group attribute under the Global tab.
Click Save.
At the top of the page, the Inheritance Settings button becomes active.
Click Inheritance Settings.
A list of inheritance settings for the Global tab appears in alphabetical order.
Select the properties that you want the agent to inherit from the group.
At the top of the page, the Inheritance Settings button becomes active.
Click Save.
This task just describes how to change the inheritance settings for properties listed in the Global tab. For the inheritance settings of properties listed in the other tabs (such as Application and SSO), click the desired tab and edit the inheritance settings in the same manner described in the preceding steps.