test

Sun Java System Access Manager Policy Agent 2.2 Guide for IBM WebSphere Application Server 6.1

Configuring A J2EE Agent With Access Manager 6.3

Policy Agent 2.2 was released with Access Manager 7 and is designed to take advantage of functionality present in this release. However, J2EE agents in the Policy Agent 2.2 release can be configured to run with Access Manager 6.3 Patch 1 or greater.

Certain features that version 2.2 policy agents support in Access Manager 7 2005Q4 and Access Manager 7.1, such as composite advices and policy-based response attributes, are not available in Access Manager 6.3.

You can configure a J2EE agent in the Policy Agent 2.2 release to communicate with Access Manager 6.3 Patch 1 or greater as described in the following tasks, which are divided into pre-installation, installation, and post-installation steps.

ProcedureTo Prepare to Install a J2EE Agent With Access Manager 6.3

Caution – Caution –

Policy Agent 2.2 is only compatible with Access Manager 6.3 when Patch 1 or greater has been applied. Without the patch, the deployment will fail.

  1. Ensure that the instance of Access Manager 6.3 you are using has been updated with a patch of level 1, at a minimum.

  2. Create an agent profile in Access Manager 6.3 Console that matches the agent profile information provided during J2EE agent installation.

    For information about creating the agent profile in Access Manager 6.3, see information referring to the “agent object” in Sun Java System Access Manager 6 2005Q1 Administration Guide.

ProcedureTo Install a J2EE Agent With Access Manager 6.3

  1. Install the J2EE agent, providing details for the Access Manager 6.3 Patch 1 or greater instance.

    For instructions on how to install the agent, see Chapter 3, Installing the IBM WebSphere Application Server 6.1 Agent.

ProcedureTo Configure a J2EE Agent With Access Manager 6.3

  1. Change to the following directory:

    PolicyAgent-base/lib

  2. Create a backup copy of the amclientsdk.jar file, giving the copy a name such as amclientsdk70.jar.

  3. Copy the amclientsdk63.jar file to the lib directory and change the name from amclientsdk63.jar to something such as amclientsdk.jar.

    Full path to amclientsdk63.jar file:
    PolicyAgent-base/etc/amclientsdk63.jar
    Full path to lib directory:
    PolicyAgent-base/lib

ProcedureTo Enable the Sample Application to Work With Access Manager 6.3

The sample application, PolicyAgent-base/sampleapp/dist/agentsample.ear, is designed to work with Access Manager 7 2005Q4 and Access Manager 7.1. However, you can change the deployment descriptors in the sample application to enable the application to work with Access Manager 6.3.

  1. Change the role-to-principal values in the deployment descriptors of the sample application.

    Therefore, replace the Access Manager 7 2005Q4 or Access Manager 7.1 values with Access Manager 6.3 values as follows:

    Access Manager 7 2005Q4 or Access Manager 7.1

    "id=manager,ou=role,dc=iplanet,dc=com"

    Access Manager 6.3

    "cn=manager,dc=iplanet,dc=com"

  2. Restart the WebSphere Application Server 6.1 instance.

  3. Execute the sample application tests.