Documentation Home
> Sun Java System Access Manager Policy Agent 2.2 Release Notes
Sun Java System Access Manager Policy Agent 2.2 Release Notes
Book Information
Preface
Sun Java System Access Manager Policy Agent 2.2 Release Notes
About Access Manager Policy Agent 2.2
What’s New in This Release
What’s New About Web Agents in This Release
Support for Fetching User Session Attributes
Log Rotation
Policy-Based Response Attributes
Composite Advice
Additional Method for Fetching the REMOTE_USER Server Variable
Malicious Header Attributes Automatically Cleared by Agents
Load Balancing Enablement
Support for Heterogeneous Agent Types on the Same Machine
Support for Turning Off FQDN Mapping
Web Agents and Backward Compatibility With Access Manager 6.3
What’s New About J2EE Agents in This Release
Removal of Dependencies on LDAP and on Administrative Accounts
Enhanced Installation Process
Coexistence With Access Manager
Support for Client Identification Based on Custom HTTP Headers
Agent Specific Application for Housekeeping Tasks
URL Policy Enhancements
Support for Flexible User Mapping Mechanisms
Support for Fetching User Session Attributes (J2EE Agents)
Support for Version Checking
Support for Not-Enforced IP Lists
Support for Custom Response Headers
Support for Application Logout Integration
Support for Application Specific Agent Filter Operation Modes
Support for Affinity-Based Login URL Selection
Support for a Sample Application
J2EE Agents and Backward Compatibility With Access Manager 6.3
Policy Agent 2.2–04 Update Release
Web Agents in the Policy Agent 2.2-04 Update Release
Key Fixes and Enhancements in the Policy Agent 2.2-04 Update Release
IIS 6.0 agent behind a load balancer now evaluates requests against not-enforced client IP list (6894700, 6864977)
Sticky cookie support added for web agents behind a load balancer with POST data preservation (6836393)
Apache HTTP Server 2.0.x and 2.2.x agents can encode special characters in cookies by URL encoding (6814694)
Web agents have changes in the path info related properties (6854806)
NSS and NSPR libraries are bundled with web agents on Solaris and Linux systems (6794995)
Policy Agent 2.2–03 Update Release
Java EE Agents in the Policy Agent 2.2–03 Update Release
Patch IDs for Java EE Agents in the Policy Agent 2.2–03 Update Release
Web Agents in the Policy Agent 2.2–03 Update Release
Patch IDs for Web Agents in the Policy Agent 2.2–03 Update Release
Web Agents: Key Fixes and Enhancements in the Policy Agent 2.2-03 Update
IIS 6.0 agent supports POST data preservation (6735280)
Web Proxy Server 4.0 agent can send GET request without header (6787007)
Web agents libxml2.so library is upgraded (6817868)
Not-enforced POST requests can be accessed in CDSSO mode (6789020)
Web agent can handle new Access Manager 7.1 policy advices (6785022)
Log entry added if web agent causes Apache Web Server to hang when the agent's log rotation fails (6804139)
IIS 6.0 agent supports agent URL override functionality (6829880)
IIS 6.0 SharePoint agent redirects to access-denied page if user doesn't exist in Active Directory (6854317)
Web Agents: Known Issues in the Policy Agent 2.2–03 Update Release
Agent for Apache HTTP Server 2.0.x on IBM AIX 5.3 requires bos.rte.libc fileset upgrade
NSPR libraries need to be upgraded to version 4.7.0
Version 2.2-02 agent for Apache HTTP Server 2.2.3 fails to start on Linux 5.0
Policy Agent 2.2–02 Update Release
Policy Agent 2.2-02 Update For Web Agents
New Certifications and Support Added in 2.2–02 Web Agents
Large File Support For Apache 2.0 Agent
New Platform Support for 2.2-02 Web Agents
Policy Agent 2.2-02 Update For J2EE Agents
New Platform Support for 2.2-02 J2EE Agents
Key Fixes and Enhancements in the Policy Agent 2.2-02 Update
J2EE_POLICY and ALL filter modes do not work on 2.2-02 J2EE Agent on Oracle Application Server 10g (6790321)
J2EE policy agent fails to log when the log action is LOG_DENY (6729386)
Performance issue resolved for policy agent (6768406)
For web agents, sunwMethod parameter is removed from the URL in CDSSO mode (6725383)
Domino 7.0 agent redirects client to URL instead of displaying a 500 error if Access Manager server is not responding (6715064)
Composite advice can be included in the query instead of through a POST request (6676032)
Apache 2.0 agent supports additional HTTP methods for a Subversion repository (6647805)
For web agents, support is added to adjust the policy clock skew (6608463)
Policy Agent 2.2–01 Update Release
Policy Agent 2.2-01 Web Agents
Determining the Version of a Policy Agent 2.2 Web Agent
Key Fixes and Enhancements in Policy Agent 2.2-01 Web Agents
Policy Agent 2.2 for Microsoft IIS 6.0 does not function properly when Basic Authentication is set (6415948)
Request for specific session attributes to be populated in HTTP headers (6409146)
In Policy Agent 2.2 for Microsoft IIS 6.0, Replay Password Encryption is lacking for Basic Authentication (6475899)
Web agents in the Policy Agent 2.2 release fail with Access Manager 6.3 (6490037)
Disabling Internet Explorer pop up when protocol changes from HTTP to HTTPS (6532260)
Web Distributing Authoring and Versioning (WebDAV) support is necessary to allow for a wider range of HTTP methods (6567164)
Program Database (.pdb) files should be part of agent binaries to help in debugging issues (6581272)
Other Additions to Policy Agent 2.2-01 Web Agents
The Key New Properties Added for Policy Agent 2.2-01 Web Agents
Property Added: com.sun.am.tcp_nodelay.enable
Property Added: com.sun.am.cookie.secure
Property Made Available: com.sun.am.replaypasswd.key
Property Added: com.sun.am.policy.agents.config.encode_url_special_chars.enable
Property Made Available: com.sun.am.policy.agents.config.no_child_thread_activation_delay
Properties Made Available for Microsoft Office SharePoint and Outlook Web Access
Access Manager and Policy Agent 2.2–01 Web Agents: Allowing Requests Using Non-Standard HTTP Methods
Supported HTTP Methods of Web Agents in Policy Agent 2.2–01
Policy Agent 2.2–01 Web Agents: Newly Supported HTTP Methods
Policy Agent 2.2–01 Web Agents: Support for INVALID Methods
Policy Agent 2.2-01 J2EE Agents
Determining the Version of a Policy Agent 2.2 J2EE Agent
Key Fixes and Enhancements in Policy Agent 2.2-01 J2EE Agents
If you restart Access Manager but not the J2EE agent, future attempts to access an agent protected page from a browser result in a 403 Forbidden message (6636155)
IBM WebSphere Administration Console can not be used to access the users, roles and group identities in the Access Manager identity repository (6462779)
The Key New Properties Added for Policy Agent 2.2-01 J2EE Agents
Property Made Available: com.sun.identity.enableUniqueSSOTokenCookie
Policy Agent 2.2–01: Enabling Access Manager Identities to Access the IBM WebSphere Administration Console
Policy Agent 2.2: Problem Accessing Identities With IBM WebSphere Administration Console
Policy Agent 2.2–01: Overview of Fix for IBM WebSphere Administration Console Access Problem
Supplemental Instructions for Installing and Configuring Policy Agent 2.2–01 for IBM WebSphere Application Server
To Install and Configure Policy Agent 2.2–01 for IBM WebSphere Application Server
Supported Servers in Policy Agent 2.2
Understanding Server and Operating System Support for Policy Agent 2.2
Web Agents and Minor Version Support of Servers and Operating Systems
J2EE Agents and Minor Version Support of Servers and Operating Systems
Supported Servers for Web Agents in Policy Agent 2.2
Supported Servers for J2EE Agents in Policy Agent 2.2
Compatibility With Access Manager and OpenSSO Enterprise
Installation Notes
Installation Notes for Web Agents in Policy Agent 2.2
Uninstallation Script for Web Agents in Policy Agent 2.2
Installation Notes for J2EE Agents in Policy Agent 2.2
Using the agentadmin Program with J2EE Agents
Policy Agent Directories
Deploying the Agent Application
Combining a J2EE Agent With Access Manager (Conditional)
Known Issues and Limitations
All Agents in Policy Agent 2.2
Individual Policy Agent 2.2 Guides Do Not Describe Precautions Against Cookie Hijacking
Web Agents in Policy Agent 2.2
All Web Agents in Policy Agent 2.2
On UNIX-based machines, all web agents require that the X11 DISPLAY variable be set properly.
A harmless error message appears in the web agent log files (6334519)
Web agent log entries are written to the wrong files (6301676)
Besides Agent for Apache HTTP Server 2.0.54, web agents do not support the 64-bit version of a deployment container (6474344)
Web Servers often cannot interpret hyphens used in header names
Error message issued during installation of Policy Agent 2.2 on Linux systems
Web agents do not function properly when a load balancer exists in front of an Access Manager 6.3 host (6674827)
The web agent property com.sun.am.receive_timeout is not documented in any of the web agent guides (6523846)
Policy Agent 2.2 for Microsoft Internet Information Services 6.0 (Microsoft IIS 6.0)
When a specific environment variable is not properly set, the system might fail (6433790)
J2EE Agents in Policy Agent 2.2
All J2EE Agents in Policy Agent 2.2
A harmless error message appears in the J2EE agent log files (6301668)
The agentadmin --install command displays an error message after being issued a second time (6268136)
Resources accessed with Internet Explorer 6.0 SP1 can result in 404 Not Found Error (6362249)
Harmless error messages related to JAX-RPC appear in the J2EE agent debug files (6325238)
Exceptions thrown when Access Manager uses polling with a J2EE agent (6452320)
Policy Agent 2.2 guides do not explain configuration of J2EE Agents and Access Manager SDK on the Same Deployment Container
To Install a J2EE Agent Instance With an Access Manager SDK Instance
J2EE agent installation prompts do not allow responses with leading or trailing spaces (6452708)
The agentadmin --install command fails to install the J2EE agent because of a previous unsuccessful installation (6443460)
The first use of a resource protected by a declarative constraint results in a misdirect
The agentadmin --getUuid command fails for amadmin user on Access Manager 7 with various agents (6452713)
Policy Agent 2.2 for Sun Java System Application Server 8.1
When interacting with Application Server 8.1, the Access Manager SDK cannot initialize admin data and displays an exception message (6284280)
Policy Agent 2.2 for Apache Tomcat 5.5 Servlet/JSP Container
Apache Tomcat Servlet/JSP Container bits with the .exe extension do not allow the agent to perform properly (6371980)
Error message issued with certain versions of the deployment container starting with Apache Tomcat 5.5.23 Servlet/JSP Container
Policy Agent 2.2 for IBM WebSphere Application Server
The agentadmin --install command fails on Agent for IBM WebSphere Application Server (6385085)
To Enable the agentadmin Script to Locate the Respective JCE Implementation
Harmless error message related to the DirectoryManager class appears in the debug files of agents for IBM WebSphere Application Server (6403913)
Using the agentadmin command fails under specific conditions when Agent for IBM WebSphere Application Server is used with Access Manager 6.3 (6443463)
The sample application of Agent for IBM WebSphere Application Server provides incorrect information about the role required (6452733)
The agentadmin --install command fails to install a second instance of Agent for IBM WebSphere Application Server when using the same bits on the same host (6452719)
During the installation of Agent for IBM WebSphere Application Server on a Windows system, the IBM JVM returns an empty encryption key (6461210)
Settings for CLASPATH variable are lost after agentadmin command is issued (6653936)
Policy Agent 2.2 for Oracle Application Server 10g
The sample application requires editing to work properly (6486895)
To Configure XML Files of the Sample Application
Documentation Updates
Wrong separator used in web agent guides for com.sun.am.policy.agents.config.local.log.size property (6901494)
Policy Agent 2.2 documentation should reference OpenSSO (6857941)
Deprecation Notifications and Announcements
Redistributable Files
How to Report Problems and Provide Feedback
Release Notes Revision History
© 2010, Oracle Corporation and/or its affiliates