The Policy Agent provides these capabilities:
Retrieve and map an OpenSSO Enterprise user session attribute (UserToken), to an Identity Manager attribute (sois_user), so that Identity Manager can perform the single sign-on from OpenSSO Enterprise.
Access protection for the Identity Manager pages in addition to the protection offered by the specific capabilities that can be explicitly assigned to a user from the Identity Manager administrator interface.
The sois_user is the authentication property in Identity Manager that is used during single sign-on between OpenSSO Enterprise and Identity Manager. The name sois_user given to the property was an abbreviation for Sun ONE Identity Server User. The Sun ONE Identity Server product was a predecessor to OpenSSO Enterprise.
Follow instructions in the policy agent documentation for installing the Policy Agent on Application Server.
Deploy the agentapp.war on the Sun Application Server.
When the policy agent installation is complete, verify that the agent is installed and functioning properly.
Install the sample application agentsample that is ships with the agent and test the application. Instructions to install and test the sample application are available on the OpenSSO website.
Before you deploy and test the agentsample application, you must remove the following entries in the GlassFish JVM path: :
/opt/SUNWappserver91/domains/idm/applications/j2ee-modules/idm/WEB-INF/lib/openssoclientsdk.jar |
/opt/SUNWappserver91/domains/idm/applications/j2ee-modules/idm/WEB-INF/classes |
These entries were added in the procedure To Configure Application Server to Work with Identity Manager.
If you do not remove these entries before deploying the agentsample application, you will get a 500 error on the browser when you try to access the agentsample application.