Version 3.0 policy agents, including the agentadmin program, require JDK 1.5 or later on the server where you plan to install the agent. Before you install the JBoss Application Server 4.x/5.x agent, set your JAVA_HOME environment variable to point to the JDK installation directory.
Login to the server where you want to install the agent.
Create a directory to unzip the jboss_v42_agent_3.zip distribution file.
This guide uses Agent-Home to represent the directory where you unzip the distribution file.
Download and unzip the jboss_v42_agent_3.zip distribution file from the Oracle E-Delivery Web site:
The following table shows the files and directories after you unzip the agent distribution file, which are in the following directory:
Agent-Home/j2ee_agents/jboss_v42_agent, where Agent-Home is where you unzipped the agent distribution file.
For example: /agents/j2ee_agents/jboss_v42_agent
File or Directory
README.txt and license.txt
Readme and license files
agentadmin and agentadmin.bat programs
Template, properties, and XML files
license.log file. Do not edit this file.
Agent application (agentapp.war) and related files. The agent application is a housekeeping application used by the agent for notifications and other functions such as cross-domain single sign-on (CDSSO). For information, see Deploying the Agent Application.
Log files generated when you run the agentadmin or agentadmin.bat program:
Required JAR files
Required properties files
Policy agent sample application. For information, see Deploying the Java EE Policy Agent Sample Application.
A password file is an ASCII text file with only one line specifying the password in clear text. By using a password file, you are not forced to expose a password at the command line during the agent installation. When you install the JBoss Application Server 4.x/5.x agent using the agentadmin program, you are prompted to specify paths to following password files:
An agent profile password file is required for both the agentadmin default and custom installation options.
An agent administrator password file is required only if you use the custom installation option and have the agentadmin program automatically create the agent profile in OpenSSO Enterprise server during the installation.
Create an ASCII text file for the agent profile. For example: /tmp/jbossagentpw
If you want the agentadmin program to automatically create the agent profile in OpenSSO Enterprise server during the installation, create another password file for the agent administrator. For example: /tmp/agentadminpw
If you wish, you can specify amadmin as the agent administrator when you run the install program.
Using a text editor, enter the appropriate password in clear text on the first line in each file.
Secure each password file appropriately, depending on the requirements for your deployment.
Make a note of the password file names and passwords. You will need this information when you create the agent profile and install the agent using the agentadmin program.
The JBoss Application Server 4.x/5.x agent uses an agent profile to communicate with OpenSSO Enterprise server. You can create an agent profile using any of these three methods:
Allow the agentadmin program to create the agent profile during installation when you run the --custom-install option. The program prompts you for this information:
Agent profile name and path to the agent profile password file
Agent administrator name and path to the agent administrator password file
Use the OpenSSO Enterprise Console.
Use the ssoadm command-line utility with the create-agent subcommand. For more information about the ssoadm command, see the Sun OpenSSO Enterprise 8.0 Administration Reference.
Login into the OpenSSO Enterprise Administration Console as amAdmin.
Click Access Control, realm-name, Agents, and then J2EE.
Under Agent, click New.
In the Name field, enter the name for the new agent profile. For example: JBossAgentProfile
Enter and confirm the Password.
Important: This password must be the same password that you enter in the agent profile password file that you specify when you run the agentadmin program to install the agent.
In the Server URL field, enter the OpenSSO Enterprise server URL.
For example: http://opensso-host.example.com:port-number/opensso
In the Agent URL field, enter the URL for the agent application (agentapp).
For example: http://agent-host.example.com:port-number/agentapp
The agentapp is a housekeeping application used by the agent for notifications and other functions such as cross domain single sign-on (CDSSO) support.
The console creates the agent profile and displays the J2EE Agent page again with a link to the new agent profile, JBossAgentProfile.
To do additional configuration for the agent profile, click this link to display the Edit agent page. For information about the agent configuration fields, see the Console online Help. Also, see the readme.txt file for information about configuring the agent profile.
If you prefer, you can also use the ssoadm command-line utility to edit the agent profile. For more information, see the Sun OpenSSO Enterprise 8.0 Administration Reference.
Make a note of the values you specify for the agent profile, such as the Server URL and Agent URL. You will need this information when you install the agent using the agentadmin program.
An agent administrator can manage agents in OpenSSO Enterprise, including:
Agent management: Use the agent administrator to manage agents either in the OpenSSO Enterprise Console or by executing the ssoadm utility.
Agent installation: If you install the agent using the custom installation option (agentadmin --custom-install) and want to have the installation program create the agent profile, specify the agent administrator (and password file) when you are prompted.
If you prefer, you can specify amadmin as the agent administrator when you run the install program.
Login to OpenSSO Enterprise Administration Console.
Create a new agents administrator group:
Create a new agent administrator user and add the agent administrator user to the agents administrator group:
Click Access Control, realm-name, Subjects, and then User.
Click New and provide the following values:
ID: Name of the agent administrator. For example: agentadminuser
This is the name you will use to login to the OpenSSO Enterprise Console .
First Name (optional), Last Name, and Full Name.
For simplicity, use the same name for each of these values that you specified for ID.
Password (and confirmation)
User Status: Active
Click the new agent administrator name.
On the Edit User page, click Group.
Add the agents administrator group from Available to Selected.
Assign read and write access to the agents administrator group:
Login into the OpenSSO Enterprise Console as the new agent administrator. The only available top-level tab is Access Control. Under realm-name, you will see only the Agents tab and sub tabs.
The JBoss Application Server 4.x/5.x agent is supported with JBoss Application Server 5.x and Apache CXF 2.2.5. However, because Apache CXF uses JAXB 2.x, you must first make the configuration changes described in this section.
For information about Apache CXF, see http://cxf.apache.org/.
After you download and unzip the JBoss Application Server 4.x/5.x agent distribution file, locate the openssoclientsdk.jar file in the following directory:
Agent-Home is where you unzipped the agent distribution file.
Extract the files from openssoclientsdk.jar. For example:
cd /agents/j2ee_agents/jboss_v42_agent/lib jar xvf openssoclientsdk.jar
In each jaxb.properties file, set the javax.xml.bind.context.factory property to the v2 ContextFactory class:
Old value: javax.xml.bind.context.factory=com.sun.xml.bind.ContextFactory_1_0_1
New value: javax.xml.bind.context.factory=com.sun.xml.bind.v2.ContextFactory
Note: The openssoclientsdk.jar contains a number of different jaxb.properties files in various subdirectories. You must edit each of these files, so consider writing a script to edit the files.
Generate a revised openssoclientsdk.jar file. For example:
jar uvf openssoclientsdk.jar *