When you install Access Manager, you are asked to choose either Realm Mode or Legacy Mode.
Realm mode is new in Access Manager 7.0, and is based on the Access Manager information tree and Identity Repository Management Service described in the previous sections. Realm mode is appropriate in most new Access Manager deployments where you want to keep identity repositories independent of access management, or where you cannot maintain user data within the required object classes of Sun Java System Directory Server.
If you choose Realm Mode at installation, then after installation your identity repositories can exist in any of the following configurations:
In the same Directory Server instance and the same suffix as the Access Manager information tree.
In the same Directory Server instance but in a different suffix as the Access Manager information tree.
In a different directory server instance from the Access Manager information tree.
Legacy Mode is based on the Access Manager 6.3 architecture. This legacy Access Manager architecture uses the LDAP directory information tree (DIT) that comes with Sun Java System Directory Server. In Legacy Mode, both user information and access control information are stored in LDAP organizations. When you choose Legacy Mode, an LDAP organization is the equivalent of an access control realm. Realm information is integrated within LDAP organizations.
Legacy Mode is appropriate in deployments where you want to use Access Manager user management. Legacy Mode is typically used in deployments where Access Manager is built upon Sun Java System Portal Server or other Sun Java System communication products that require the use of Sun Java System Directory Server as the central identity repository.
If you choose Legacy Mode during installation, then after installation the top-level ream resides in the same Directory Server branch as the Access Manager information tree, and user information is intermingled with access information.
The following table compares realm mode and legacy mode.
Table 1–4 Comparison of Realm and Legacy Modes
Realm Mode |
Legacy Mode |
|
---|---|---|
Supports all new Access Manager 7 2005Q4 features. |
Yes |
Yes |
Supports identity repositories in Sun Java System Directory Server and in other data stores. |
Yes |
Yes |
Supports Access Manager 6 user management features. |
No |
Yes |
Can coexist with Access Manager 6 2005Q1 in multiple-server installations. |
No |
Yes |
Before installation, identity repository can exist in Sun Java Directory Server . |
Yes |
Yes |
Before installation, identity repository can exist in an LDAP version 3 compliant directory server. |
Yes |
No |
For more information about realm and legacy modes, see the Sun Java System Access Manager 7 2005Q4 Release Notes.