Sun OpenSSO Enterprise Policy Agent 3.0 User's Guide for J2EE Agents

Resetting the J2EE Agent Profile Password in Policy Agent 3.0

Agents in the Policy Agent software set must authenticate with the OpenSSO Enterprise server in order for the two components to interact. To authenticate, the agent must provide its name (the agent profile name) and agent profile password. This password was established and encrypted as part of the J2EE agent installation process. For more information, see Creating a J2EE Agent Profile in Policy Agent 3.0 Using OpenSSO Enterprise Console. However, you can change this password if you choose.

The agent profile password can be reset with a combination of configuration steps involving both the OpenSSO Enterprise Console and the file. The agent profile password should originally be created prior to agent installation. However, after you install a J2EE agent, you can update the agent profile password at anytime.

ProcedureTo Update a J2EE Agent Profile Password in Policy Agent 3.0

The instructions that follow describe how to change agent profile password.

  1. Using a browser, navigate through OpenSSO Enterprise Console to the J2EE agent properties of the agent that you want to configure.

    For the steps to navigate to the J2EE agent properties, see To Navigate in OpenSSO Enterprise 8.0 Console to the J2EE Agent Properties.

  2. Update the agent profile password in the J2EE agent properties section as described in the substeps that follow:

    1. In the Global tab ( which is the default tab), locate the property labeled Password.

    2. Update the Password property to a password of your choice.

    3. Update the property labeled “Password (confirm)” to the same value you chose for the Password property.

    4. Click Save at the top of that Global page.

  3. Update or create an agent profile password in a password file as described in the substeps that follow.

    The password file should originally have been created as a J2EE agent pre-installation task.

    1. (Conditional) If an ASCII text agent password file does not already exist, create one .

      For example, create a file such as the following: /tmp/pwf1

    2. Using your text editor of choice, enter in clear text on the first line, (or replace the original password, if one already exists with) the password you just updated in OpenSSO Enterprise Console.

    3. Secure the password file appropriately, depending on the requirements for your deployment.

  4. In the command line, issue the agentadmin --encrypt command to encrypt the new password.

    For example:

    PolicyAgent-base/bin/agentadmin --encrypt Agent_001 /tmp/pwf1 

    The agentadmin program returns the new encrypted password with a message such as the following:

    The encrypted value is: AQICFtkDruE1iBJrZvPW2Yfpgitm/3NjmpIQ

    For more information on this command, see agentadmin --encrypt.

  5. Copy the encrypted value that is returned.

  6. Using your text editor of choice, access the J2EE agent configuration file at the following location:

  7. In the bootstrap configuration file, edit the property for the agent password as follows: = encryptedPassword

    where encryptedPassword represents the new encrypted password you created when you issued the agentadmin --encrypt command.

    This property is set in a manner similar to the following:
  8. Restart the J2EE agent container.

    The container must be restarted for the changes to the bootstrap file to take effect.