After you install the agent, you can change the agent profile password, if required for your deployment.
On the OpenSSO Enterprise server:
On the server where the Application Server and GlassFish agent is installed:
In the agent profile password file, replace the old password with the new unencrypted password.
Change to the PolicyAgent-base/bin directory.
Encrypt the new password using the agentadmin --encrypt command following this syntax.
agentadmin --encrypt agent-instance password-file
For example:
# ./agentadmin --encrypt Agent_001 /export/temp/as9agentpw
The agentadmin --encrypt command returns the new encrypted password. For example:
ASEWEJIowNBJHTv1UGD324kmT==
In the agent-instance/config/OpenSSOAgentBootstrap.properties file, set the following property to the new encrypted password from the previous step. For example:
com.iplanet.am.service.secret=ASEWEJIowNBJHTv1UGD324kmT==
Restart the Application Server or GlassFish instance that is being protected by the policy agent.
If the Application Server and GlassFish agent is configured to operate in the URL_POLICY or ALL filter mode, you must create the appropriate URL policies. For instance, if Application Server and GlassFish is available on port 8080 using the HTTP protocol, you must create at minimum, a policy to allow access to the following resource:
http://myhost.mydomain.com:8080/agentsample |
where agentsample is the context URI for the sample application.
If no policies are defined and the agent is configured to operate in the URL_POLICY or ALL filter mode, then no user is allowed access to the resources protected by the Application Server and GlassFish agent.
For information about how to create these policies using the OpenSSO Enterprise Console or command-line utilities, see the Sun OpenSSO Enterprise 8.0 Administration Guide.
After you install the Application Server and GlassFish agent, consider deploying the J2EE policy agent sample application to help you better understand the key features, functions, and configuration options of J2EE agents, including:
Single sign-on (SSO)
Web-tier declarative security
Programmatic security
URL policy evaluation
Session, policy, and profile attribute fetch
The sample application can be especially useful if you are writing a custom agent application.
After you install the Application Server and GlassFish agent, the sample application is available as:
PolicyAgent-base/sampleapp/dist/agentsample.ear
For information about compiling, deploying, and running the sample application, see the readme.txt file in the /sampleapp directory.