Policy Issues
-
3949: OCSP checking needs permission added to server.policy file
-
3796: Creation of Fedlet in console failed in a console only deployment
3952: Server samples are missing the policy samples link
The index.html under host:port/uri/samples displays:
1. Authentication Samples 2. ID-FF Sample 3. SAMLv2 Sample 4. Multi-Federation Protocols Sample
However, the following link to the policy samples is missing in index.html: host:port/uri/samples/policy/policy-plugins.html
Workaround: Open the host:port/uri/samples/policy/policy-plugins.html file in your browser.
3949: OCSP checking needs permission added to server.policy file
To enable OCSP checking for an OpenSSO web container that has enabled the Java Security Manager, add the following permission to the server.policy (or equivalent) file:
permission java.security.SecurityPermission "getProperty.ocsp.*";
3796: Creation of Fedlet in console failed in a console only deployment
If you generate a console only deployment, creating a Fedlet using the Console Common Tasks failed with an error message stating that there was no file or directory for sp-extended.xml. The com.iplanet.services.configpath property was not set by the console only Configurator.
Workaround. Edit the AMConfig.properties file and set the com.iplanet.services.configpath property to the configuration directory. For example:
com.iplanet.services.configpath=/consoleonly
2381: Access Manager Roles policy subject is supported only with Access Manager repository data store
The Access Manager Roles policy subject is supported only with the Access Manager Repository (AMSDK) data store. By default, this subject is disabled in the policy configuration. Therefore, enable the Access Manager Roles policy subject only if the data store type is configured to use the AMSDK plug-in.
For more information, see Chapter 15, Enabling the Access Manager SDK (AMSDK) Identity Repository Plug-in, in Sun OpenSSO Enterprise 8.0 Installation and Configuration Guide.
- © 2010, Oracle Corporation and/or its affiliates