URL Policy Enhancements

Starting with this release of J2EE agents, the following features are available that enhance Uniform Resource Locator (URL) policy:

• Remote Policy Evaluation Failover

  J2EE agents can now leverage session failover functionality to ensure that remote policy evaluation failover can occur if an Access Manager instance becomes unavailable.

• Configurable Policy Evaluation Mechanism

  Starting with this release, J2EE agents can be configured to use two different mechanisms to remotely evaluate policies as follows:

  • The agent remotely requests policy evaluation for all resources applicable to a user within the agent’s scope of protection.

  • The agent remotely requests policy evaluation for the resource accessed by the user and not any other resources that the user might access later.

• Composite Advice

  In the 2.2 release, J2EE agents provide a composite advice feature. This feature allows the policy and authentication services of Access Manager to decouple the advice handling mechanism of the agents. This allows you to introduce and manage custom advices by writing solely Access Manager side plug-ins. Starting with this release, you are not required to make changes on the agent side. Such advices are honored automatically by the composite advice handling mechanism.

• Policy Based Response Attributes

  The policy-based response attribute feature allows the policy service to provide static and dynamic attributes based on the resource accessed by the user. These attributes can be made available to the agent protected application as HTTP headers, request attributes, or cookies.