test

Deployment Example: Single Sign-On, Load Balancing and Failover Using Sun OpenSSO Enterprise 8.0

ProcedureTo Verify that J2EE Policy Agent 2 is Configured Properly

Use these steps to access the agent sample application and test policies against it.

  1. Access http://pr-2.example.com:1081/agentsample/index.html, the sample application URL, from a web browser.

    The Sample Application welcome page is displayed.

  2. Click the J2EE Declarative Security link.

  3. On the resulting page, click Invoke the Protected Servlet.

    You are redirected to the OpenSSO Enterprise login page.

  4. Log in to OpenSSO Enterprise as testuser1.

    Username

    testuser1

    Password

    password

    If you can successfully log in as testuser1 and the J2EE Policy Agent Sample Application page is displayed, the first part of the test has succeeded and authentication is working as expected.

  5. Click the J2EE Declarative Security link again.

  6. On the resulting page, click Invoke the Protected Servlet.

    If the Success Invocation message is displayed, the second part of the test has succeeded as the sample policy for the manager role has been enforced as expected.

  7. Click the J2EE Declarative Security link to return.

  8. On the resulting page, click Invoke the Protected EJB via an Unprotected Servlet.

    If the Failed Invocation message is displayed, the third part of the test has succeeded as the sample policy for the employee role has been enforced as expected.

  9. Close the browser.

  10. In a new browser session, access http://pr-2.example.com:1081/agentsample/index.html, the sample application URL, again.

    The Sample Application welcome page is displayed.

  11. Click the J2EE Declarative Security link.

  12. On the resulting page, click Invoke the Protected EJB via an Unprotected Servlet.

    You are redirected to the OpenSSO Enterprise login page.

  13. Log in to OpenSSO Enterprise as testuser2.

    Username

    testuser2

    Password

    password

    Note –

    The Failed Invocation message is displayed. This is a known issue.

  14. Click the J2EE Declarative Security link.

  15. On the resulting page, click Invoke the Protected EJB via an Unprotected Servlet.

    The Successful Invocation message is displayed as the sample policy for the employee role has been enforced as expected.

  16. Click the J2EE Declarative Security link to return.

  17. On the resulting page, click Invoke the Protected Servlet.

    If the Access to Requested Resource Denied message is displayed, this part of the test has succeeded as the sample policy for the manager role has been enforced as expected.

  18. Close the browser.