Portal 7.1 + Access Manager in realm mode

OS Solaris SPARC 9.
Components already installed: SJES Directory Server + SJES5 Web Server + SJES5 Access Manager (configured in realm mode with 'Configure now' option selected).
Web Server is listenin on port 8088.
It is said in "SJES5 Installation Guide for UNIX) that Portal Server supports Realm mode only if Access Manager is configured with Directory Server, with AMSDK configured for the data store.
I've installed AMSDK at the same time when installed AM itself. No postinstallition configuration was made.
But when I try to install Portal 7.1 (using SJES5 GUI installer, in 'configure now' mode) in realm mode, i receive following errors during installition:
Sun enterprise system 5 - installed
Java DB - installed (configure after install)
System Registry 3.1 installed (configure after install)
Java System Portal - installed (configuration failed)
Exploring /var/opt/SUNWportal/logs/config/portal.fabric.0.0.log shows following errors:
WARNING     SJS Portal Server     debug.com.sun.portal.fabric.config     "ThreadID=10; ClassName=com.sun.portal.fabric.config.ValidatePortalInputData; MethodName=validateSharedComponents; "     PSFB_CSPFC0301:The Directory PrivateLibDir is *not* being validated.
SEVERE     SJS Portal Server     debug.com.sun.portal.fabric.config     "ThreadID=10; ClassName=com.sun.portal.fabric.config.ValidatePortalInputData; MethodName=checkPSAMInstallData; "     PSFB_CSPFC0061:The Access Manager Configuration File /etc/opt/SUNWam/config/AMConfig.properties exists with required permissions.     
SEVERE     SJS Portal Server     debug.com.sun.portal.fabric.util     "ThreadID=10; ClassName=com.sun.portal.fabric.util.NetworkUtil; MethodName=isPortValid; "     PSFB_CSPFU0011: The Port 8989 on server.org.com is being used.     
SEVERE     SJS Portal Server     debug.com.sun.portal.fabric.util     "ThreadID=10; ClassName=com.sun.portal.fabric.util.NetworkUtil; MethodName=isPortValid; "     PSFB_CSPFU0011: The Port 8088 on server.org.com is being used.     
SEVERE     SJS Portal Server     debug.com.sun.portal.fabric.config     "ThreadID=10; ClassName=com.sun.portal.fabric.config.PortalConfigurator; MethodName=createPortalInstances; "     PSFB_CSPFC0041:Failed invoking mbean action : create instance.
javax.management.MBeanException: Exception thrown in operation createAndFinalizeInstance                              
"     at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:435)"                              
"     at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)"                              
"     at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)"                              
"     at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)"                              
"     at com.sun.jdmk.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:203)"                              
"     at com.sun.jdmk.interceptor.MBeanServerInterceptorWrapper.invoke(MBeanServerInterceptorWrapper.java:512)"                              
"     at com.sun.portal.admin.server.PortalServerLoggingInterceptor.invoke(PortalServerLoggingInterceptor.java:422)"                              
"     at com.sun.cacao.agent.DispatchInterceptor.invoke(DispatchInterceptor.java:662)"                              
"     at com.sun.cacao.agent.auth.impl.AccessControlInterceptor.invoke(AccessControlInterceptor.java:618)"                              
"     at com.sun.jdmk.JdmkMBeanServerImpl.invoke(JdmkMBeanServerImpl.java:764)"                              
"     at com.sun.cacao.common.instrum.impl.InstrumDefaultForwarder.invoke(InstrumDefaultForwarder.java:106)"                              
"     at javax.management.remote.generic.ServerIntermediary.handleRequest(ServerIntermediary.java:280)"                              
"     at javax.management.remote.generic.ServerIntermediary$PrivilegedRequestJob.run(ServerIntermediary.java:951)"                              
"     at java.security.AccessController.doPrivileged(Native Method)"
"     at javax.management.remote.generic.ServerIntermediary$RequestHandler.handleMBSReqMessage(ServerIntermediary.java:727)"
"     at javax.management.remote.generic.ServerIntermediary$RequestHandler.execute(ServerIntermediary.java:629)"
"     at com.sun.jmx.remote.generic.ServerSynchroMessageConnectionImpl$RemoteJob.run(ServerSynchroMessageConnectionImpl.java:249)"
"     at com.sun.jmx.remote.opt.util.ThreadService$ThreadServiceJob.run(ThreadService.java:208)"
"     at com.sun.jmx.remote.opt.util.JobExecutor.run(JobExecutor.java:59)"
Caused by: com.sun.portal.admin.common.PSMBeanException: java.lang.SecurityException: authentication failure: Authentication failed: Error occurred while processing XML request.
Connection refused
com.sun.cacao.agent.impl.CacaoJmxConnectorProvider.newJMXConnector(CacaoJmxConnectorProvider.java:388)
javax.management.remote.JMXConnectorFactory.getConnectorAsService(JMXConnectorFactory.java:415)
javax.management.remote.JMXConnectorFactory.newJMXConnector(JMXConnectorFactory.java:307)
javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:247)
com.sun.portal.admin.common.util.AdminUtil.getConnector(AdminUtil.java:813)
com.sun.portal.admin.server.AdminServerUtil.getJMXConnector(AdminServerUtil.java:81)
com.sun.portal.fabric.mbeans.Portal.createAndFinalizeInstance(Portal.java:549)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)
com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
com.sun.jdmk.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:203)
com.sun.jdmk.interceptor.MBeanServerInterceptorWrapper.invoke(MBeanServerInterceptorWrapper.java:512)
com.sun.portal.admin.server.PortalServerLoggingInterceptor.invoke(PortalServerLoggingInterceptor.java:422)
com.sun.cacao.agent.DispatchInterceptor.invoke(DispatchInterceptor.java:662)
com.sun.cacao.agent.auth.impl.AccessControlInterceptor.invoke(AccessControlInterceptor.java:618)
com.sun.jdmk.JdmkMBeanServerImpl.invoke(JdmkMBeanServerImpl.java:764)
com.sun.cacao.common.instrum.impl.InstrumDefaultForwarder.invoke(InstrumDefaultForwarder.java:106)
javax.management.remote.generic.ServerIntermediary.handleRequest(ServerIntermediary.java:280)
javax.management.remote.generic.ServerIntermediary$PrivilegedRequestJob.run(ServerIntermediary.java:951)
java.security.AccessController.doPrivileged(Native Method)     
javax.management.remote.generic.ServerIntermediary$RequestHandler.handleMBSReqMessage(ServerIntermediary.java:727)     
javax.management.remote.generic.ServerIntermediary$RequestHandler.execute(ServerIntermediary.java:629)     
com.sun.jmx.remote.generic.ServerSynchroMessageConnectionImpl$RemoteJob.run(ServerSynchroMessageConnectionImpl.java:249)     
com.sun.jmx.remote.opt.util.ThreadService$ThreadServiceJob.run(ThreadService.java:208)     
com.sun.jmx.remote.opt.util.JobExecutor.run(JobExecutor.java:59)     
"     at com.sun.portal.fabric.mbeans.Portal.createAndFinalizeInstance(Portal.java:564)"     
"     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)"     
"     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)"     
"     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)"     
"     at java.lang.reflect.Method.invoke(Method.java:585)"     
"     at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)"     
"     ... 18 more"     
[#     2007-06-14T19:35:27.195+0400     SEVERE     SJS Portal Server     debug.com.sun.portal.fabric.config     "ThreadID=10; ClassName=com.sun.portal.fabric.config.PortalConfigurator; MethodName=configurePortal; "     PSFB_CSPFC0034:Encountered Exception while configuring the Portal
com.sun.portal.fabric.tasks.ConfigurationException: javax.management.MBeanException: Exception thrown in operation createAndFinalizeInstance                              
"     at com.sun.portal.fabric.config.PortalConfigurator.createPortalInstances(PortalConfigurator.java:1314)"                              
"     at com.sun.portal.fabric.config.PortalConfigurator.configurePortal(PortalConfigurator.java:842)"                              
"     at com.sun.portal.fabric.config.ConfigurePortal.main(ConfigurePortal.java:189)"                              
Caused by: javax.management.MBeanException: Exception thrown in operation createAndFinalizeInstance                              
"     at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:435)"                              
"     at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)"                              
"     at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)"                              
"     at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)"                              
"     at com.sun.jdmk.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:203)"                              
"     at com.sun.jdmk.interceptor.MBeanServerInterceptorWrapper.invoke(MBeanServerInterceptorWrapper.java:512)"                              
"     at com.sun.portal.admin.server.PortalServerLoggingInterceptor.invoke(PortalServerLoggingInterceptor.java:422)"                              
"     at com.sun.cacao.agent.DispatchInterceptor.invoke(DispatchInterceptor.java:662)"                              
"     at com.sun.cacao.agent.auth.impl.AccessControlInterceptor.invoke(AccessControlInterceptor.java:618)"                              
"     at com.sun.jdmk.JdmkMBeanServerImpl.invoke(JdmkMBeanServerImpl.java:764)"                              
"     at com.sun.cacao.common.instrum.impl.InstrumDefaultForwarder.invoke(InstrumDefaultForwarder.java:106)"
"     at javax.management.remote.generic.ServerIntermediary.handleRequest(ServerIntermediary.java:280)"
"     at javax.management.remote.generic.ServerIntermediary$PrivilegedRequestJob.run(ServerIntermediary.java:951)"
"     at java.security.AccessController.doPrivileged(Native Method)"
"     at javax.management.remote.generic.ServerIntermediary$RequestHandler.handleMBSReqMessage(ServerIntermediary.java:727)"
"     at javax.management.remote.generic.ServerIntermediary$RequestHandler.execute(ServerIntermediary.java:629)"
"     at com.sun.jmx.remote.generic.ServerSynchroMessageConnectionImpl$RemoteJob.run(ServerSynchroMessageConnectionImpl.java:249)"
"     at com.sun.jmx.remote.opt.util.ThreadService$ThreadServiceJob.run(ThreadService.java:208)"
"     at com.sun.jmx.remote.opt.util.JobExecutor.run(JobExecutor.java:59)"
Caused by: com.sun.portal.admin.common.PSMBeanException: java.lang.SecurityException: authentication failure: Authentication failed: Error occurred while processing XML request.
Connection refused
com.sun.cacao.agent.impl.CacaoJmxConnectorProvider.newJMXConnector(CacaoJmxConnectorProvider.java:388)
javax.management.remote.JMXConnectorFactory.getConnectorAsService(JMXConnectorFactory.java:415)
javax.management.remote.JMXConnectorFactory.newJMXConnector(JMXConnectorFactory.java:307)
javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:247)
com.sun.portal.admin.common.util.AdminUtil.getConnector(AdminUtil.java:813)
com.sun.portal.admin.server.AdminServerUtil.getJMXConnector(AdminServerUtil.java:81)
com.sun.portal.fabric.mbeans.Portal.createAndFinalizeInstance(Portal.java:549)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)
com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
com.sun.jdmk.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:203)
com.sun.jdmk.interceptor.MBeanServerInterceptorWrapper.invoke(MBeanServerInterceptorWrapper.java:512)
com.sun.portal.admin.server.PortalServerLoggingInterceptor.invoke(PortalServerLoggingInterceptor.java:422)
com.sun.cacao.agent.DispatchInterceptor.invoke(DispatchInterceptor.java:662)
com.sun.cacao.agent.auth.impl.AccessControlInterceptor.invoke(AccessControlInterceptor.java:618)
com.sun.jdmk.JdmkMBeanServerImpl.invoke(JdmkMBeanServerImpl.java:764)
com.sun.cacao.common.instrum.impl.InstrumDefaultForwarder.invoke(InstrumDefaultForwarder.java:106)
javax.management.remote.generic.ServerIntermediary.handleRequest(ServerIntermediary.java:280)
javax.management.remote.generic.ServerIntermediary$PrivilegedRequestJob.run(ServerIntermediary.java:951)
java.security.AccessController.doPrivileged(Native Method)
javax.management.remote.generic.ServerIntermediary$RequestHandler.handleMBSReqMessage(ServerIntermediary.java:727)
javax.management.remote.generic.ServerIntermediary$RequestHandler.execute(ServerIntermediary.java:629)
com.sun.jmx.remote.generic.ServerSynchroMessageConnectionImpl$RemoteJob.run(ServerSynchroMessageConnectionImpl.java:249)
com.sun.jmx.remote.opt.util.ThreadService$ThreadServiceJob.run(ThreadService.java:208)
com.sun.jmx.remote.opt.util.JobExecutor.run(JobExecutor.java:59)
"     at com.sun.portal.fabric.mbeans.Portal.createAndFinalizeInstance(Portal.java:564)"
"     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)"
"     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)"
"     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)"
"     at java.lang.reflect.Method.invoke(Method.java:585)"
"     at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)"
"     ... 18 more"                              
[#     2007-06-14T19:35:27.792+0400     SEVERE     SJS Portal Server     debug.com.sun.portal.fabric.config     "ThreadID=10; ClassName=com.sun.portal.fabric.config.ConfigurePortal; MethodName=main; "     PSFB_CSPFC0014:Failed configuring Portal Server!!
com.sun.portal.fabric.tasks.ConfigurationException: com.sun.portal.fabric.tasks.ConfigurationException: javax.management.MBeanException: Exception thrown in operation createAndFinalizeInstance                              
"     at com.sun.portal.fabric.config.PortalConfigurator.configurePortal(PortalConfigurator.java:849)"                              
"     at com.sun.portal.fabric.config.ConfigurePortal.main(ConfigurePortal.java:189)"                              
Caused by: com.sun.portal.fabric.tasks.ConfigurationException: javax.management.MBeanException: Exception thrown in operation createAndFinalizeInstance                              
"     at com.sun.portal.fabric.config.PortalConfigurator.createPortalInstances(PortalConfigurator.java:1314)"                              
"     at com.sun.portal.fabric.config.PortalConfigurator.configurePortal(PortalConfigurator.java:842)"                              
"     ... 1 more"                              
Caused by: javax.management.MBeanException: Exception thrown in operation createAndFinalizeInstance                              
"     at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:435)"                              
"     at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)"                              
"     at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)"                              
"     at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)"                              
"     at com.sun.jdmk.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:203)"
"     at com.sun.jdmk.interceptor.MBeanServerInterceptorWrapper.invoke(MBeanServerInterceptorWrapper.java:512)"
"     at com.sun.portal.admin.server.PortalServerLoggingInterceptor.invoke(PortalServerLoggingInterceptor.java:422)"
"     at com.sun.cacao.agent.DispatchInterceptor.invoke(DispatchInterceptor.java:662)"
"     at com.sun.cacao.agent.auth.impl.AccessControlInterceptor.invoke(AccessControlInterceptor.java:618)"
"     at com.sun.jdmk.JdmkMBeanServerImpl.invoke(JdmkMBeanServerImpl.java:764)"
"     at com.sun.cacao.common.instrum.impl.InstrumDefaultForwarder.invoke(InstrumDefaultForwarder.java:106)"
"     at javax.management.remote.generic.ServerIntermediary.handleRequest(ServerIntermediary.java:280)"
"     at javax.management.remote.generic.ServerIntermediary$PrivilegedRequestJob.run(ServerIntermediary.java:951)"
"     at java.security.AccessController.doPrivileged(Native Method)"
"     at javax.management.remote.generic.ServerIntermediary$RequestHandler.handleMBSReqMessage(ServerIntermediary.java:727)"
"     at javax.management.remote.generic.ServerIntermediary$RequestHandler.execute(ServerIntermediary.java:629)"
"     at com.sun.jmx.remote.generic.ServerSynchroMessageConnectionImpl$RemoteJob.run(ServerSynchroMessageConnectionImpl.java:249)"
"     at com.sun.jmx.remote.opt.util.ThreadService$ThreadServiceJob.run(ThreadService.java:208)"
"     at com.sun.jmx.remote.opt.util.JobExecutor.run(JobExecutor.java:59)"
Caused by: com.sun.portal.admin.common.PSMBeanException: java.lang.SecurityException: authentication failure: Authentication failed: Error occurred while processing XML request.
Connection refused
com.sun.cacao.agent.impl.CacaoJmxConnectorProvider.newJMXConnector(CacaoJmxConnectorProvider.java:388)
javax.management.remote.JMXConnectorFactory.getConnectorAsService(JMXConnectorFactory.java:415)
javax.management.remote.JMXConnectorFactory.newJMXConnector(JMXConnectorFactory.java:307)
javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:247)
com.sun.portal.admin.common.util.AdminUtil.getConnector(AdminUtil.java:813)
com.sun.portal.admin.server.AdminServerUtil.getJMXConnector(AdminServerUtil.java:81)
com.sun.portal.fabric.mbeans.Portal.createAndFinalizeInstance(Portal.java:549)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)
com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
com.sun.jdmk.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:203)
com.sun.jdmk.interceptor.MBeanServerInterceptorWrapper.invoke(MBeanServerInterceptorWrapper.java:512)
com.sun.portal.admin.server.PortalServerLoggingInterceptor.invoke(PortalServerLoggingInterceptor.java:422)
com.sun.cacao.agent.DispatchInterceptor.invoke(DispatchInterceptor.java:662)
com.sun.cacao.agent.auth.impl.AccessControlInterceptor.invoke(AccessControlInterceptor.java:618)
com.sun.jdmk.JdmkMBeanServerImpl.invoke(JdmkMBeanServerImpl.java:764)
com.sun.cacao.common.instrum.impl.InstrumDefaultForwarder.invoke(InstrumDefaultForwarder.java:106)
javax.management.remote.generic.ServerIntermediary.handleRequest(ServerIntermediary.java:280)
javax.management.remote.generic.ServerIntermediary$PrivilegedRequestJob.run(ServerIntermediary.java:951)
java.security.AccessController.doPrivileged(Native Method)
javax.management.remote.generic.ServerIntermediary$RequestHandler.handleMBSReqMessage(ServerIntermediary.java:727)
javax.management.remote.generic.ServerIntermediary$RequestHandler.execute(ServerIntermediary.java:629)
com.sun.jmx.remote.generic.ServerSynchroMessageConnectionImpl$RemoteJob.run(ServerSynchroMessageConnectionImpl.java:249)
com.sun.jmx.remote.opt.util.ThreadService$ThreadServiceJob.run(ThreadService.java:208)
com.sun.jmx.remote.opt.util.JobExecutor.run(JobExecutor.java:59)
"     at com.sun.portal.fabric.mbeans.Portal.createAndFinalizeInstance(Portal.java:564)"     
"     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)"     
"     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)"     
"     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)"     
"     at java.lang.reflect.Method.invoke(Method.java:585)"     
"     at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)"     
"     ... 18 more"     
May the problem be that AMSDK need additional configuration for datastore?

Yes, copy config is enabled in all organisations.
I also tried to create an ldap data store instead of amsdk, but same behavior.
I have "fixed" the issue through a hack now by creating my own ldap login module, simply copied the original one and replaced LDAPPrincipal with my own version. It returns now a correct dn for the user in portal instead of the username only.
Works this way. Alas, it is just a hack...
As far as I can see, the problem is in the IDRepository. Its somewhat:
If (username is a DN) return username;
else return UniversalID;
This universal ID is then used by ps to get desktop information and since it is not a valid dn in ldap the desktop servlet cannot proceed...
I guess the problem does not appear in your environment. Maybe it was introduced with update 1? Do you use update 2?
Thanks, Chris

Similar Messages

  • I don't Configuring Access Manager in SSL Mode

    i only install am7.1 and ws7.0 in windows2003 pack 1.
    then, i read "Sun Java SystemAccess Manager 7.1 Postinstallation Guide" .
    it said that "Login to theWeb Server console.The default port is 8888." but i can't find the default port .
    i think my web server console's default port is 8989.

    Hi,
    As a part of my requirement, I need to Configure Access Manager in SSL Mode. For that, I followed all the steps(Change http to https in web server instance in Access Manager, Install Certificate, Modify AMConfig.properties) mentioned in the PostInstallation Guide of Sun Access Manager to configure the SSL using Selfsigned certificate. so, after doing all these steps, as soon as the hit the Access Manager URL httsp://machinename:portno/amserver/UI/Login, it shows "page cannot be displayed" error. I have checked the web server with SSL enabled in it and its running fine.
    On one of forum post, I read that you need to set this property to true "com.sun.am.jssproxy.trustAllServerCerts" if you are not installing the ROOTCA certificate however this is not listed in the AM documentation.
    Any help on this would be highly appreciated. Let me know if am missing any steps.

  • Using BEA Weblogic Portal with Sun Access Manager

    Hello all,
    I am wondering if anyone has had experience with using Weblogic Portal (versions 8.1 or 9.2) with Sun's Access Manager tool (part of the Identity Management suite).
    In particular, I would like to know what access control tasks were performed through access manager, and which were performed portal-side.
    Any information would be appreciated.
    Thanks!

    Hi
    Has any one explored the below question.
    Is WLP 9.2 compatible with Sun Access Manager?
    If yes, please let know the details.
    Thanks

  • Portal 7.1 with AM in realm mode, getting HTTP 500 error after portal login

    Hi!
    I have installed AM in Realm mode and on another webserver Portal. Worked fine so far with the standard users (Enterprise sample and such)
    Now I have created an organisation with ldap authentication module which points to corporate ldap and set the flag "Return User DN to Authenticate:" to false.
    Now I get after Login on the edit User Page the following Universal ID:
    Universal ID: id=rc017706,ou=user,o=internal,o=xxx,ou=services,o=portal
    When I login to portal, I get a 500 error, and logfiles tells me:
    [#|2007-09-02T19:47:15.996+0200|SEVERE|SJS Portal Server|debug.com.sun.portal.desktop|ThreadID=14; ClassName=com.sun.portal.desktop.DesktopServlet; MethodName=doGetPost; |PSDT_CSPD0017: DesktopServlet.doGetPost()
    com.iplanet.am.sdk.AMException: Unable to get attributes from data store.
    at com.iplanet.am.sdk.ldap.DirectoryServicesImpl.getAttributes(DirectoryServicesImpl.java:791)
    amSDK:WARNING: Exception in DataLayer.getAttributes for DN: id=rc017706,ou=user,o=internal,o=xxx,ou=services,o=portal
    How to I setup an external ldap for authentication in realm mode for use with portal 7.1? Can somebody tell me where my error lies?
    Thanks for any hints, Christoph

    Yes, copy config is enabled in all organisations.
    I also tried to create an ldap data store instead of amsdk, but same behavior.
    I have "fixed" the issue through a hack now by creating my own ldap login module, simply copied the original one and replaced LDAPPrincipal with my own version. It returns now a correct dn for the user in portal instead of the username only.
    Works this way. Alas, it is just a hack...
    As far as I can see, the problem is in the IDRepository. Its somewhat:
    If (username is a DN) return username;
    else return UniversalID;
    This universal ID is then used by ps to get desktop information and since it is not a valid dn in ldap the desktop servlet cannot proceed...
    I guess the problem does not appear in your environment. Maybe it was introduced with update 1? Do you use update 2?
    Thanks, Chris

  • Legacy mode or realm mode?

    Hi!
    I am a bit confused by documentation, because it says yes and no to realm mode.
    Is it possible/supported to install portal with an access manager in realm mode?
    thanks, Chris

    Realm support is new with PS 7.1.
    PS 7.0 requires Legacy Mode.
    Also, the Comms Products (Mail, Calendar, etc) still require Legacy Mode. So if you are using portal with comms then you still need Legacy Mode even if you're using PS 7.1.
    HTH,
    Jim

  • Not able to install Access Manager 7.1 in Legacy Mode with amsamplesilent

    HI All,
    I am building test setup on Solaris Zones.Recently it was patched to following level *5.10 Generic_138888-03*
    I am trying to install Access Manager in Legacy mode with amsamplesilent file.
    SERVER_NAME=sesamesso1
    SERVER_HOST=$SERVER_NAME.example.com
    SERVER_PORT=80
    ADMIN_PORT=8989
    DS_HOST=ssoldap1.example.com
    DS_DIRMGRPASSWD=l0cuz123
    ROOT_SUFFIX="dc=example,dc=com"
    SM_CONFIG_BASEDN=$ROOT_SUFFIX
    ADMINPASSWD=l0cuz123
    AMLDAPUSERPASSWD=l0cuz123am
    DEBUG_LEVEL=error
    DEBUG_DIR=/logs/sso/debug
    COOKIE_DOMAIN=.example.com
    AM_ENC_PWD=""
    NEW_OWNER=wbsrv
    NEW_GROUP=javaes
    PAM_SERVICE_NAME=other
    WEB_CONTAINER=WS
    AM_REALM=disabledBut AM is getting installed in Realm Mode. I need to install portal server with this Access Manager.
    please confirm,I am doing any mistake in my installation and please let me know whether portal server supports access manager realm mode or not.
    Thanks in Advance
    Madhu

    Thanks for the reply.
    I will give a try to install sun portal server 7.2 with accessmanager 7.1 in realm mode.Before patch updation my solaris sparc OS level was *5.10 Generic_118833-36* and I was able to install access manager 7.1 in legacy mode
    Is there any thing to be done for new patch level(*5.10 Generic_138888-03*) to install access manager 7.1 in legacy mode.
    Please let me know
    Thanks
    Madhu

  • LifeRay Poratl & Oracle Access Manager Integration

    Hi All
    Am trying to integrate LifeRay Portal with Oracle Access Manager to provide SSO. Steps I done is Created Proxy (Required) to the application with Apache Web Server and installed Apache Web Gate on it to protect the proxy. Now I need help to configure Portal to enable SSO and Authentication with LDAP Users Customization. Any one Please try to help me in this issue please
    Version of LifeRay : 6.0.6
    Oracle Access Manager : 10g (10.1.4.3.0)

    Have you provided all the hostname and port combinations in the Host Identifier?
    What have you configured as Preferred Host in webgate configuration? What is configured in the Host Identifier?
    ~Yagnesh

  • Configure security realm for external Access Manager in App server 8.1

    Hi All,
    I would like to protect my j2ee application using access manager running on an external host.
    I would like to configure the security realm in Sun app Server 8.1 for the external Access Manager
    external host & port of AM is:
    http://svrd234d.dnn.com.au:58765
    Please verify if these are the correct settings for the agentRealm configuration on Sun App server 8.1.
    classname="com.sun.amagent.as.realm.AgentRealm"
    property name="jaas-context" value="agentRealm"
    property name="base-dn" value="ou=People,dc=dnn,dc=com,dc=au"
    property name="hostURL " value="http://svrd234d.dnn.com.au:58765"

    Did you download AS8.1 agent under http://www.sun.com/download/products.xml?id=4266924d?
    If you can unjar am_as81_agent_2_1.jar after installing the J2EE agent, you will find AgentRealm.class under com.sun.amagent.as.realm.
    Please also note that page 161 of J2EE agent guide shows how to disable AgentRealm to better fit your agent policy mode. Check it out http://docs-pdf.sun.com/816-6884-10/816-6884-10.pdf
    Jerry

  • Access Manager + Portal Server + Zones + Subnets

    Hi
    Appreciate your help.
    I'm installing Access Manager and Portal Server, this is the environment:
    - 3 machines - Solaris 10, 2 local zones per machine
    ie
    root@global1 # zoneadm list -cv
    ID NAME STATUS PATH
    0 global running /
    1 accesclbp1 running /zone-access
    2 portalclbp1 running /zone-portal
    Every local zone assigned to Portal Server and the global zone lives on the same VLAN, and every local zone assigned to AM lives on a different VLAN.
    The failover of AM is been working rigth now, but I have a problem trying to install the Portal Server's, when I try to connect to AM through the VIP I'm loosing the connections to AM, sometimes I can connect and sometimes is not possible.
    Somebody has an environment like this? PS + AM + zones + subnets???

    We have this configuration as well.
    A few things we have experienced during installation:
    1. If Access Manager is https the Portal install fails even the cert is included in the installer JVM.
    2. Zones: We use DNS and in nsswitch.conf - hosts and ipnodes were both set to files dns. Once I changed ipnodes to files only problem disappeared.
    3. Check that Password Encryption Key is the same across the AMSDKs and the Access Manager servers.

  • Urgent help requested: Access Manager integration with BEA Portal

    We're using Access Manager 7.1 and Policy Agent 2.2 to authenticate users for our BEA WL Portal 10 which contains all of our content and applications. The portal contains both anonymous pages and protected pages (for registered users).
    Problem: When an anonymous user who is going through a multi-step application flow decides to sign-in to their account (or sign-up) Policy Agent wipes out the current content of the user session, and creates a brand new user session after the user is authenticated. Therefore we cannot send the user back to the same spot in the portal where they were before signing-in.
    Is there anyway to make Policy Agent preserve the content and state of http session when authenticating a user?
    We have a business requirement to allow users to continue their application process after successfully signing in.
    Thanks in advance.

    Hi,
    I think this problem is not just related to weblogic 10 agent, it is a general problem for any agents.
    Can you please clarify what you mean by "anonymous user "? Do you mean that this user has never logged in to Access Manager, and is just browsing the site as an anonymous user, or do you have a role specified as "anonymous user " that they are currently logged into when browsing the site?
    thx,
    Sean

  • Do I have to configure realm policy in Access Manager for IDM SPML Request

    Hi all,
    I wanted to run a SPML request from my application to the IDM which is presently protected by an AM server. Somehow, I get the following error, while I run a search using SpmlClient:
    org.openspml.util.SpmlException: Unsupported response content type "text/html", must be: "text/xml".
    Do I have to set a policy in Sun Access manager for the realm? Guys, pls help.
    Thanks,
    Aneesh.

    > I believe as long as you have access to the above two you can turn the CA off if you want.
    Enterprise CAs are not intended to be offline. Therefore, you should not turn off them. If these root CAs issue certificates only to subordinate CAs, then you should consider to implement offline Standalone (not Enterprise) Root CAs.
    > I believe the location of the CRL is detailed in the CDP which is detailed on the Certs issued but a given CA, so the client can look in the Cert and see what it states about the CDP and thereby get the list of revoked certs.
    this is correct.
    > to place its CDP at a location other than the  default location in case it overwrites the existing CRL at the default location
    no, CDP locations should be defined in the post-installation script.
    > does the fully qualified X500 name of the CDP include the CA Name (and therefore be unique) and it will not over write the original
    yes, LDAP URL includes CA server's NetBIOS name to differentiate between CAs.
    My weblog: en-us.sysadmins.lv
    PowerShell PKI Module: pspki.codeplex.com
    PowerShell Cmdlet Help Editor pscmdlethelpeditor.codeplex.com
    Check out new: SSL Certificate Verifier
    Check out new:
    PowerShell FCIV tool.

  • Integrating WebSphere Portal Server with Sun Java System Access Manager

    Hi All,
    Is it possible to Integrate WebSphere Portal Server with Sun java System Access Manager?. If so plz send me any doc or web site link for the same.
    Thanks in Advance
    Rgds,
    Lessly J

    Rushi-Reliance wrote:
    Kindly let us know how to proceed further as we are waiiting some reply from your team.As I already advised in your previous posting (http://forums.sun.com/thread.jspa?threadID=5359095), you are best off re-installing solaris from scratch and installing Communication Suite 6 update 1 if you cannot get Access Manager 7.1 configured.
    Regards
    Shane.

  • Accessing managed-bean in a JSP (portal theme).

    I have a tricky situation where I need to access a managed-bean outside a JSF jsr 168 api portlet. Now I need to reference the bean in the themes jsp (just fyi themes loosely relate to JSP's which control the look and feel, navigation within portal page). I was thinking of a way to set a managed-bean variable in the jsp before the portlet where the managed-bean is declared. Is this possible ? Any ideas ?

    You can just access managed beans using JSTL EL.${myBean}or if you strictly want to specify the scope, e.g. session scope${sessionScope.myBean}where "myBean" is the managed bean name. Keep in mind that you cannot use this in input elements, but only in output elements. If you want to use this in input elements, then you should be using JSF components with deferred EL #{myBean.input} and so on.

  • Multiple Top-Level Realms in Access Manager via AMconfig?

    Is it possible to configure multiple top-level realms in Access Manager via AMconfig? It is not possible through the UI.

    Hi!
    How about this:
    String adminDN = (String)AccessController.doPrivileged(new AdminDNAction());
    String adminPwd = (String)AccessController.doPrivileged(new AdminPasswordAction());
    adminToken = adminManager.createSSOToken(new AuthPrincipal(adminDN), adminPwd);
    hth Chris

  • Access Manager installation/re-installation problems

    Good time of day for ALL!
    I have a problem, when trying to reinstall SUN JES 2005Q4. Prevously installed Q1 version was uninstalled with JES unistaller, Portal entries (this checkbox exists in one of forms) were removed, /etc/opt/.... /var/opt/... /opt/.... files & catalogues were removed.
    Then a new version JESQ4 was installed. (All products.) All configuration steps were made and all seems to work properly: I rceived working application,WEB,Calendar, Messaging servers, Instant messaging. BUT when I tried to use Access Manager, I saw
    "No such Organization found." message in my browser when tried to access http://localhost:8080/amserver.
    How can I reinstall this product to make it usefull again?!
    Sincerelly.
    PS. In 10 minutes ago The JES was fully uninstalled(look up) and then installed again. The situation restored in the same position 8-(((

    Good time of day for All!
    The problem described in my previous topic is go on 8-((((
    -System( sol10 sparc) was reinstalled.
    -JES 2005q4 was installed in several steps.
    1- Admin server,Message Queue,Web server,Directory server.
    2. Web server.
    Then all installed parts were tested. They works finely
    3. Application server.
    It was configured by default (/..../domain1) and some scripts for it's autostarting were created in rc3.d
    App server& its admin server works fine!
    4. Portal server& Access manager. AM was installed in Realm mode. When tying to access to ..../amserver page
    " Authentication Service is not initialized.<br />Contact your system administrator. " message appear in login screen.
    Who can answer:
    1-What is wrong?
    2-Where i can find REALLY TESTED STEP BY STEP workflow of JES installation?

Maybe you are looking for

  • Como cancelar uma devolução de nota fiscal de saída

    Olá, Estou precisando saber como é feito o cancelamento de uma devolução de nota fiscal de saída. Foi enviado um material parao cliente e o cliente devolveu. O usuário inseriu no B1 essa devolução de nota fiscal de saída baseada na nota fiscal de saí

  • Upload data from excel to Table maintance

    Hi, Shall we upload excel file data through Table maintanance generator and shall we download data from Table maintanance to Excel directly,  if possible how we can do? Regards Ganesh

  • Mail unexpectedly quits upon launch

    I'm new to posting bugs here: I've never had to report a problem before. When I open up Mail, it quits. That's pretty much the problem. I don't know how to solve it. iCal works, and I have no to-dos stored. iChat also quits unexpectedly, though not o

  • I accidentally deleted iMovies, how do i get it back?

    i accidentally deleted iMovies, how do i get it back? i went to app store to get it but it says to accept but when i accept it says it that it was already accepted, my mac book is still under warranty.

  • URGENT HELP !!! ORA-31011: XML parsing failed

    Hi, Oracle 9.2.0.4 I've run into ORA-31011: XML parsing failed ORA-19202: Error occurred in XML processing LPX-00247: invalid Document Type Declaration (DTD) Error at line 1 ORA-06512: at line 15 during updateXML operation under CLOB resource. It see