test

Deployment Example 2: Federation Using SAML v2

13.1 Creating J2EE Policy Agent Profiles on the Federation Manager Servers

When you install the J2EE Policy Agent, the agent profile is used to retrieve the J2EE Policy Agent user password. At this point, the J2EE Policy Agent authentication still occurs through flat files. This new account will be used by J2EE Policy Agent to authenticate to the Federation Manager servers.

Use the following as your checklist for creating J2EE Policy Agent profiles on the Federation Manager Servers:

  1. Create an Agent Profile on Federation Manager 1.

  2. Create an Agent Profile on Federation Manager 2.

ProcedureTo Create a J2EE Policy Agent Profile on Protected Resource 3

  1. As a root user, log into the Protected Resource 3 host.

  2. Create an agent profile.

    Create a text file named agent_profile_password, and add to it a name for the new agent profile. Example:


    # cd /export
# vi agent_profile_password
asagent

    Save the file.

  3. Generate an encrypted password for the new agent profile.


    # cd /var/opt/SUNWam/fm/federation/users
# /opt/SUNWam/fm/bin/ampassword -i /var/opt/SUNWam/fm/war_staging --hash asagent
EW1Ck/Yw4kpyYs9jbu5Dx5pJaH8=

  4. Create a text file named asagent.properties, and add the agent profile password to the file.

    The J2EE Policy Agent installer requires this file for installation.


    # vi asagent.properties
password=EW1Ck/Yw4kpyYs9jbu5Dx5pJaH8=

    Save the file.

ProcedureTo Create an J2EE Policy Agent Profile on Protected Resource 4

  1. As a root user, log into the Protected Resource 4 host.

  2. Create an agent profile.

    Create a text file named agent_profile_password, and add to it a name for the new agent profile. Example:


    # cd /export
# vi agent_profile_password
asagent

    Save the file.

  3. Generate an encrypted password for the new agent profile.


    # cd /var/opt/SUNWam/fm/federation/users
# /opt/SUNWam/fm/bin/ampassword -i /var/opt/SUNWam/fm/war_staging --hash asagent
EW1Ck/Yw4kpyYs9jbu5Dx5pJaH8=

  4. Create a text file named asagent.properties, and add the agent profile password to the file.

    The J2EE Policy Agent installer requires this file for installation.


    # vi asagent.properties
password=EW1Ck/Yw4kpyYs9jbu5Dx5pJaH8=

    Save the file.