Federation Manager is based on Access Manager 6.3. Thus, the shared components are conflict with those in JES4 (which includes Access Manager 7.0).
WORKAROUND: The following procedure will install Federation Manager correctly.
Install Java Enterprise System 4 with Application Server 8 selected.
This will install the shared components.
Install the Federation Manager Linux rpm only using the command: fmsetup install -s silent_installation_file -p
Ignore error messages complaining about an rpm file conflict or that the installed rpm is newer than that bundled with Federation Manager.
Force install imq using the following command: rpm -i --force imq-3_5-03.i386.rpm
Run fmwar to generate the WAR using the following command: fmwar -n federation -d /var/opt/sun/identity/fm/war_staging -s silent_installation_file -g
Deploy the generated WAR on Application Server.
Add the follow lines to java.policy:
// Federation Manager RELATED ADDITIONS grant { permission java.util.PropertyPermission "user.language", "write"; }; grant codeBase "file:${BASEDIR}/${PROD_DIR}/fm/web-src/WEB-INF/lib/am_sdk.jar" { permission java.net.SocketPermission "*", "connect,accept,resolve"; }; grant codeBase "file:${BASEDIR}/${PROD_DIR}/fm/web-src/WEB-INF/lib/am_services.jar" { permission java.net.SocketPermission "*", "connect,accept,resolve"; }; grant codeBase "file:$AS81_VARDIR/domains/$AS81_DOMAIN/applications/j2ee-modules/${DEPLOY_WARPREFIX}/-" { permission java.net.SocketPermission "*", "connect,accept,resolve"; }; grant { permission java.lang.RuntimePermission "modifyThreadGroup"; permission java.lang.RuntimePermission "setFactory"; permission java.lang.RuntimePermission "accessClassInPackage.*"; permission java.util.logging.LoggingPermission "control"; permission java.lang.RuntimePermission "shutdownHooks"; permission javax.security.auth.AuthPermission "insertProvider.Mozilla-JSS"; permission java.security.SecurityPermission "putProviderProperty.Mozilla-JSS"; permission javax.security.auth.AuthPermission "getLoginConfiguration"; permission javax.security.auth.AuthPermission "setLoginConfiguration"; permission javax.security.auth.AuthPermission "modifyPrincipals"; permission javax.security.auth.AuthPermission "createLoginContext.*"; permission java.security.SecurityPermission "insertProvider.Mozilla-JSS"; permission javax.security.auth.AuthPermission "putProviderProperty.Mozilla-JSS"; permission java.io.FilePermission "ALL FILES", "execute,delete"; permission java.io.FilePermission "$VAR_SUBDIR/logs/*", "delete,write"; permission java.util.PropertyPermission "java.util.logging.config.class", "write"; permission java.security.SecurityPermission "removeProvider.SUN"; permission java.security.SecurityPermission "insertProvider.SUN"; permission java.security.SecurityPermission "removeProvider.Mozilla-JSS"; permission javax.security.auth.AuthPermission "doAs"; permission java.util.PropertyPermission "java.security.krb5.realm", "write"; permission java.util.PropertyPermission "java.security.krb5.kdc", "write"; permission java.util.PropertyPermission "java.security.auth.login.config", "write"; permission javax.security.auth.kerberos.ServicePermission "*", "accept"; permission javax.net.ssl.SSLPermission "setHostnameVerifier"; };