Agents in the Policy Agent software set must authenticate with the OpenSSO Enterprise server in order for the two components to interact. To authenticate, the agent must provide its name (the agent profile name) and agent profile password. This password was established and encrypted as part of the J2EE agent installation process. For more information, see Creating a J2EE Agent Profile in Policy Agent 3.0 Using OpenSSO Enterprise Console. However, you can change this password if you choose.
The agent profile password can be reset with a combination of configuration steps involving both the OpenSSO Enterprise Console and the OpenSSOAgentBootstrap.properties file. The agent profile password should originally be created prior to agent installation. However, after you install a J2EE agent, you can update the agent profile password at anytime.
The instructions that follow describe how to change agent profile password.
Using a browser, navigate through OpenSSO Enterprise Console to the J2EE agent properties of the agent that you want to configure.
For the steps to navigate to the J2EE agent properties, see To Navigate in OpenSSO Enterprise 8.0 Console to the J2EE Agent Properties.
Update the agent profile password in the J2EE agent properties section as described in the substeps that follow:
Update or create an agent profile password in a password file as described in the substeps that follow.
The password file should originally have been created as a J2EE agent pre-installation task.
(Conditional) If an ASCII text agent password file does not already exist, create one .
For example, create a file such as the following: /tmp/pwf1
Using your text editor of choice, enter in clear text on the first line, (or replace the original password, if one already exists with) the password you just updated in OpenSSO Enterprise Console.
Secure the password file appropriately, depending on the requirements for your deployment.
In the command line, issue the agentadmin --encrypt command to encrypt the new password.
PolicyAgent-base/bin/agentadmin --encrypt Agent_001 /tmp/pwf1
The agentadmin program returns the new encrypted password with a message such as the following:
The encrypted value is: AQICFtkDruE1iBJrZvPW2Yfpgitm/3NjmpIQ
For more information on this command, see agentadmin --encrypt.
Copy the encrypted value that is returned.
Using your text editor of choice, access the J2EE agent OpenSSOAgentBootstrap.properties configuration file at the following location:
In the bootstrap configuration file, edit the property for the agent password as follows:
com.iplanet.am.service.secret = encryptedPassword
where encryptedPassword represents the new encrypted password you created when you issued the agentadmin --encrypt command.
This property is set in a manner similar to the following:
Restart the J2EE agent container.
The container must be restarted for the changes to the bootstrap file to take effect.