Configuring IIS6.0 with Sun Access manager

As I am new to Sun java Access manager .I have installed and configured the Sun Access manager 7.1 on Tomcat and able to login to the console also.Now I am looking to configure the web application which resides in IIS 6.0 with Sun Access manager,To do this are there any documents about how to configure the Windows IIS 6.0Policy agent with Sun Accessmanager?In the Sun website I didnt see any document related to this configuration,could anyone please help how to work on this?
Thanks in advance.

http://docs.sun.com/app/docs/doc/819-4771?l=en
should give you all the information you need. For server changes like policy refer to AM 7.1 docs on docs.sun.com

Similar Messages

Using BEA Weblogic Portal with Sun Access Manager

Hello all,
I am wondering if anyone has had experience with using Weblogic Portal (versions 8.1 or 9.2) with Sun's Access Manager tool (part of the Identity Management suite).
In particular, I would like to know what access control tasks were performed through access manager, and which were performed portal-side.
Any information would be appreciated.
Thanks!

Hi
Has any one explored the below question.
Is WLP 9.2 compatible with Sun Access Manager?
If yes, please let know the details.
Thanks

Siebel Integration with SUN Access Manager

Hi Guys,
We are trying to integrate siebel with Sun access Manager.
I have gone thro the sun site but unable to find any documentation and policy agent to download.
Please guide me where can i find documenttaion and policy agent software download.
Thanks
Regards,
Mohit

There is no agent to integrate with Siebel directly. However it should be possible by using Sun web server or IIS agent. Here is an old document that may still apply.
http://docs.sun.com/source/816-6901-10/Chapter.html#wp19548
There was more detailed integration document on Siebel web site. But it has been removed after Oracle acquisition (http://www.siebel.com/partners/portal/docs/integrationbriefs/siebel77_sjsam_tib.pdf)
thanks,
shivaram

Securing web services with Sun Access Manager

Hi!
I have gone through some documentation about Sun Access Manager, and I'm a little bit confused.
What I want is to secure some web services which are deployed on a BEA WebLogic 9.1 server (WLS). Two solutions are possible: To install some kind of plugin into WLS or to place some kind of proxy in front of WLS. In both cases, the purpose would be to authenticate the caller based on some kind of ticket (SAML or similar) and authorize access to the web service.
I have read about the "Sun Java System Access Manager Policy Agent 2.2 for Weblogic 9.1" (those guys really like long names....), but in this documentation web services aren't mentioned at all. They only seem to care about HTTP requests from a browser.
I have also read about the Policy Agent 2.2 in the documentation called "Sun Java System Access Manager Policy Agent 2.2 Guide for Sun Java System Application Server 9.0/Web Services" (puh...). This document explicitly talks about securing web services the way I want.
My questions are:
1) Is it possible to secure WLS based web services in the same way using the Policy Agent for WLS?
2) Are there any documentation/tutorials/etc?
Thanks in advance :-)
Anders

what you need is a webservices agent that would enable you to "protect" your webservice provider, which I assume is on a BEA weblogic provider.
the "Sun Java System Access Manager Policy Agent 2.2 for Weblogic 9.1" is "NOT" awebservices agent, but a normal J2EE policy agent.
So.. having said that. here's what I'd recommend.
1. install the webservices agent on bea weblogic. (note: NOT the J2EE policy agent)
2. configure it to use your access manager instance for authentication.
3. configure your webservices client to use the webservice provider. (note: you'd need the webservices APi's available on the client too... so the quick dirty method would be to install the webservices agent on your client too....) you can later bundle the webservices client independently and provide your"customers" with a webservices client bundle...
4. voila... your webservices are not "protected" by acces manager ;-)

Integration of sun identity manager with sun access manager

Hi i am working on integration of sun identity manager 6.0 with SP1 and sun access manager7.0.IDM was deployed on Sun application server 8.1.SAm is installed on SunOneWebserver i am working on windows 2003 server.I downloaded the agent for the application server and installed.
when i am configuring resource in IDM i am getting following error.
testconnection failed for resource(s):
sun access manager could notconnect as user 'amadmin' with specified password==>com.sun.identity.authentication.spi.AuthLoginException:failed to create new AuthenticationContext{0}\n.
i modified amagent.properties,amconfig.properties and web.xml also
can any one help me on this.

Hi i am working on integration of sun identity manager 6.0 with SP1 and sun access manager7.0.IDM was deployed on Sun application server 8.1.SAm is installed on SunOneWebserver i am working on windows 2003 server.I downloaded the agent for the application server and installed.
when i am configuring resource in IDM i am getting following error.
testconnection failed for resource(s):
sun access manager could notconnect as user 'amadmin' with specified password==>com.sun.identity.authentication.spi.AuthLoginException:failed to create new AuthenticationContext{0}\n.
i modified amagent.properties,amconfig.properties and web.xml also
can any one help me on this.

BO Authentication with Sun Access Manager

Post Author: aboucher
CA Forum: Authentication
Hi,
Is there a way to use Sun Access Manager (Role base) with BO. We are using XIR2 but we are willing to move to XIR3 if this version can do this job. I know that BO can be configured with LDAP, AD, Enterprise but is there a Custom choice. Any idea?
Thanks

Post Author: TAZ
CA Forum: Authentication
So quickly reviewing sun access manager it doesn't seem to be an LDAP server per se. It's more like a portal used for SSO. If that's the case then you would integrate LDAP accounts and then use technology like trusted authentication for SSO from the sun access maanger portal. In that case trusted auth will support just about any front end as long as the user info can be forwarded to us in one of 7 methods. You can read more about trusted authentication in the XIR2 deployment guide
http://support.businessobjects.com/documentation/product_guides/default.asp
Integrations of this level typically involvel in depth planning and should probably be done with the assistance of a BO consultant.
Regards,
Tim

Access manager policyagent 2.1 fro webspher5.0 with sun access manager in

Help It is very urgent
I have installed my sun access manager and sun direcory server on same machine solaris10.SSL is diable in directory server.Access manager working on ssl mode means it is working on Http with port 80 and Https with port443.Access manager url is
http://lhostname:80/amconsole or https://hostname:443/amconsole and
http://host:80/amserver/UI/Login or https://host:443/amserver/UI/Login.it is displaying access manager login page.It is working properly standalone.
But when i configure it with policyagent2.1 for WebSphere5.0 .WebSphere installed on windows2000 server.when i type the application URL that is running on WebSphere it does not show access manager login page.It show u r not authurised to view this page.WebSphere running on Http.
and amService log detail is*****************************************************
03/02/2006 05:57:32:018 PM GMT+05:30: Thread[Servlet.Engine.Transports : 0,5,main]
Naming service URL list: [https://my.domain.com:443/amserver/namingservice]
03/02/2006 05:57:32:018 PM GMT+05:30: Thread[Servlet.Engine.Transports : 0,5,main]
Only one naming service URL specified. NamingServiceMonitor will be disabled.
03/02/2006 05:57:32:018 PM GMT+05:30: Thread[Servlet.Engine.Transports : 0,5,main]
getServiceURL for service: auth protocol: https host: my.domain.com port: 443
03/02/2006 05:57:32:112 PM GMT+05:30: Thread[Servlet.Engine.Transports : 0,5,main]
ERROR: Naming service connection failed
com.iplanet.services.comm.client.SendRequestException: com.ibm.ws.orbimpl.transport.protocol.https.HttpsURLConnection
     at com.iplanet.services.comm.client.PLLClient.send(PLLClient.java:141)
     at com.iplanet.services.comm.client.PLLClient.send(PLLClient.java:73)
     at com.iplanet.services.naming.WebtopNaming.getNamingResponse(WebtopNaming.java:360)
     at com.iplanet.services.naming.WebtopNaming.updateNamingTable(WebtopNaming.java:421)
     at com.iplanet.services.naming.WebtopNaming.getNamingProfile(WebtopNaming.java:353)
     at com.iplanet.services.naming.WebtopNaming.getServiceURL(WebtopNaming.java:187)
     at com.sun.identity.authentication.AuthContext.setLocalFlag(AuthContext.java:1159)
     at com.sun.identity.authentication.AuthContext.createAuthContext(AuthContext.java:1100)
     at com.sun.identity.authentication.AuthContext.createAuthContext(AuthContext.java:1071)
     at com.sun.identity.authentication.AuthContext.<init>(AuthContext.java:142)
     at com.sun.identity.policy.client.AuthService.getAppSSOToken(AuthService.java:103)
     at com.sun.identity.policy.client.AuthService.getApplicationSSOToken(AuthService.java:79)
     at com.sun.identity.policy.client.PolicyEvaluator.getAppSSOToken(PolicyEvaluator.java:499)
     at com.sun.identity.policy.client.PolicyEvaluator.init(PolicyEvaluator.java:193)
     at com.sun.identity.policy.client.PolicyEvaluator.<init>(PolicyEvaluator.java:172)
     at com.sun.identity.policy.client.PolicyEvaluatorFactory.getPolicyEvaluator(PolicyEvaluatorFactory.java:118)
     at com.sun.identity.policy.client.PolicyEvaluatorFactory.getPolicyEvaluator(PolicyEvaluatorFactory.java:87)
     at com.sun.identity.agents.policy.AmWebPolicy.<init>(Unknown Source)
     at com.sun.identity.agents.policy.AmWebPolicyManager.<init>(Unknown Source)
     at com.sun.identity.agents.policy.AmWebPolicyManager.<clinit>(Unknown Source)
     at com.sun.identity.agents.filter.AmFilter.<init>(Unknown Source)
     at com.sun.identity.agents.filter.AmFilterManager.getAmFilter(Unknown Source)
     at com.sun.identity.agents.filter.AmFilterManager.getAmFilter(Unknown Source)
     at com.sun.identity.agents.filter.AmFilterManager.getAmFilterInstanceForModeConfigured(Unknown Source)
     at com.sun.identity.agents.filter.AmAgentFilter.doFilter(Unknown Source)
     at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:132)
     at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:71)
     at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.handleWebAppDispatch(WebAppRequestDispatcher.java:863)
     at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java:491)
     at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:173)
     at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.java:79)
     at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java:199)
     at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvocation(CachedInvocation.java:71)
     at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java:182)
     at com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSEListener.java:331)
     at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnection.java:56)
     at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:432)
     at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:343)
     at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:592)
Thanks & Regards
Saini

This is an SSL handshake problem of Websphere - has nothing to do with AM.
Websphere�s JDK does not trust the Signer / Cert of AM�s deployment container.
Either configure a truststore (or use an existing webshpere truststore) where you import the Cert of the Signing CA of your AM DC�s cert.
Other option - import the mentioned cert in cacert file of IBM JDK - but be aware that this might get lost when applying an Websphere fixpack/refreshpack.
BTW what have you configured for server.port,server.host and server.protocol in your AMConfig.properties?
If you have not changed that settings agent will use the port/protocol specified to communicate with AM.
-Bernhard

Integrate IdM roles with Sun Access Manager roles

Hi all,
I am currently working on a solution involving Sun Identity Manager 7.1 and Sun Access Manager 7.1 as well. We use AM for overall authentication and SSO across the application, and IdM for user provisioning.
I need to create roles in Identity Manager, and I would like that when I assign a role to a user in Identity Manager, he gets the same role in my Access Manager repository (Sun LDAP). Identity Manager does provide a way to set attribute values in resources when a role is set. Access Manager on the other hand has both dynamic roles, based on an LDAP search, and static roles.
What are the important differences between static and dynamic roles in AM?
Does anybody know a good way to propagate roles from Identity Manager to Access Manager?
Thanks.

I found answers to my question. I succeeded in setting the Access Manager role from Identity Manager using the nsRoleDN attribute. Here are some references to begin with:
About directory server roles:
http://docs.sun.com/app/docs/doc/820-2493/fvbrn?a=view
Forum thread reference:
http://forums.sun.com/thread.jspa?threadID=5208694
Here are roughly the steps I followed to get this working.
Access Manager roles setup:
1. In Access Manager, create a new static role named test_role under the identities realm (in Subjects > Role).
Identity Manager roles setup:
1. Create a new role in Identity Manager: tab Roles, click New....
2. Assign the LDAP resource to synchronize the role with.
3. On the Assigned Resources line, click the Set Attributes Values button. This shows up the attributes listing allowing you to bind your IdM role to your LDAP repository.
4. Set the attribute nsRoleDN to the LDAP DN of the role that was created in AM (nsRoleDN must be added in the resource attributes mapping before).
* In the column Value override, select Text.
* In the column How to set, select Authoritative merge with value, clear existing. (* See IDM Admin guide about this setting, I am still not sure how it reacts with multi-value attributes)
* In the text box, enter the role DN text (ex: cn=test_role,dc=com).
5. Save the role. You can now add the role to a user.

HELP GETTING Started with Sun Access Manager without TEARS.

I am new to Sun Access Manager.
I am quite familiar with how Sun Java Identity Manager works.
The following is the issue I am facing.
I've downloaded the following images from the sun website
java_es_05Q4-ga1-solaris-x86-1-iso
and
java_es_05Q4-ga1-solaris-x86-2-iso
I've installed the components on sun solaris 10
The following components were installed
/opt/SUNWcomds
I am not sure what this is for
/opt/SUNWdsvmn
I am not sure what it is.
/opt/SUNWma
What is this I was expecting SUNWam the access management software!
/opt/SUNWwbsvr -- This is the Web Server.
I know how to use it.
Can anyone tell me on how to go about it?
Is there any online tutorial for the same.
What is the difference between sparc version and x86. Can i use any of these on solaris 10?
Anyhelp getting started would be highly appreciated.
I am looking at doing the following things.
ssl,fed, auth, custauth etc
Thanks a ton in Advance.
Regards,
Vinod

I documented my installation procedure for Access Manager 7.0 (2005Q4) and Portal 7.0. Take a look at my wiki page:
http://wiki.its.queensu.ca/display/JES/Access+Manager+installation
It's a two node Access manager Legacy site and I also implemented session-failover using Message Queue and Berkeley Database.

Integrating windows authentication with Sun ACCESS MANAGER

Hi,
I have implemented sun access manager and successfully protected an application (ABC). At present iam using the SDS as the authentication and authorization directory. I login in to the machine using the network username and password which is on AD.
I want to integrate my authentication/authorization mechanism from SDS to AD. so that when i login into the machine and open application ABC it should not ask me for the credentials; instead allow me to the homepage directly.
How to do this.
Thanks in advance
Maruthi

Hi!
Maybe this helps you, it describes how to setup AM and policy agent to handle basic authentication protected sites. While the article is about sharepoint it should work for any application.
http://developers.sun.com/identity/reference/techart/sharepoint.html
Christoph

Unable to use JProfiler with SUN Access Manager (in Weblogic Server)

Whe I was trying to profiling with JProfiler , I am getting the following exception during the Weblogic startup:
<Dec 12, 2005 6:30:49 PM IST> <Warning> <HTTP> <BEA-101247> <Application: '/opt/SUNWam', Module: 'amcommon': Public ID references the old version of the Servlet DTD. You must change the public ID in web.xml file to "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN".>
Dec 12, 2005 6:30:54 PM com.sun.xml.rpc.server.http.JAXRPCContextListener contextInitialized
INFO: JAXRPCSERVLET12: JAX-RPC context listener initializing
<Dec 12, 2005 6:30:56 PM IST> <Warning> <Net> <BEA-000905> <Could not open connection with host: ctsblrsun14.gmacfs.com and port: 8001.>
<Dec 12, 2005 6:30:56 PM IST> <Warning> <Net> <BEA-000905> <Could not open connection with host: ctsblrsun14.gmacfs.com and port: 8001.>
<Dec 12, 2005 6:30:56 PM IST> <Warning> <Net> <BEA-000905> <Could not open connection with host: ctsblrsun14.gmacfs.com and port: 8001.>
<Dec 12, 2005 6:30:56 PM IST> <Warning> <Net> <BEA-000905> <Could not open connection with host: ctsblrsun14.gmacfs.com and port: 8001.>
<Dec 12, 2005 6:30:57 PM IST> <Error> <HTTP> <BEA-101216> <Servlet: "LoginLogoutMapping" failed to preload on startup in Web application: "amserver".
javax.servlet.ServletException
at weblogic.servlet.internal.ServletStubImpl.createServlet(ServletStubImpl.java:919)
at weblogic.servlet.internal.ServletStubImpl.createInstances(ServletStubImpl.java:883)
at weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubImpl.java:822)
at weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppServletContext.java:3335)
at weblogic.servlet.internal.WebAppServletContext.preloadServlets(WebAppServletContext.java:3292)
at weblogic.servlet.internal.WebAppServletContext.preloadServlets(WebAppServletContext.java:3278)
at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:3261)
at weblogic.servlet.internal.WebAppServletContext.setStarted(WebAppServletContext.java:5951)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:862)
at weblogic.j2ee.J2EEApplicationContainer.start(J2EEApplicationContainer.java:2127)
at weblogic.j2ee.J2EEApplicationContainer.activate(J2EEApplicationContainer.java:2168)
at weblogic.j2ee.J2EEApplicationContainer.activate(J2EEApplicationContainer.java:2115)
at weblogic.management.deploy.slave.SlaveDeployer$Application.setActivation(SlaveDeployer.java:3082)
at weblogic.management.deploy.slave.SlaveDeployer.setActivationStateForAllApplications(SlaveDeployer.java:1751)
at weblogic.management.deploy.slave.SlaveDeployer.resume(SlaveDeployer.java:359)
at weblogic.management.deploy.DeploymentManagerServerLifeCycleImpl.resume(DeploymentManagerServerLifeCycleImpl.java:229)
at weblogic.t3.srvr.SubsystemManager.resume(SubsystemManager.java:131)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:966)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:361)
at weblogic.Server.main(Server.java:32)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.jprofiler.agent.Agent$_E.run(Unknown Source)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.lang.NullPointerException
at com.sun.identity.authentication.UI.LoginLogoutMapping.init(LoginLogoutMapping.java:71)
at weblogic.servlet.internal.ServletStubImpl$ServletInitAction.run(ServletStubImpl.java:1028)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.ServletStubImpl.createServlet(ServletStubImpl.java:904)
... 25 more
>

This is an SSL handshake problem of Websphere - has nothing to do with AM.
Websphere�s JDK does not trust the Signer / Cert of AM�s deployment container.
Either configure a truststore (or use an existing webshpere truststore) where you import the Cert of the Signing CA of your AM DC�s cert.
Other option - import the mentioned cert in cacert file of IBM JDK - but be aware that this might get lost when applying an Websphere fixpack/refreshpack.
BTW what have you configured for server.port,server.host and server.protocol in your AMConfig.properties?
If you have not changed that settings agent will use the port/protocol specified to communicate with AM.
-Bernhard

Poor performance using policy agent 2.2 with Sun Access Manager

Even if com.sun.am.policy.agents.config.do_sso_only is set to true, the policy agent sent a request to PolicyService (svcid="Policy") and it's take more than 8 seconds to receive a respose. Any idea why ??
Agent Log
2012-10-15 08:11:42.441MaxDebug 24211:130800 PolicyService: <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RequestSet vers="1.0" svcid="Policy" reqid="9">
<Request><![CDATA[
<PolicyService version="1.0">
<PolicyRequest requestId="2" appSSOToken="AQIC5wM2LY4SfcynHuhUJZ2ol3lBzD0LJVKLpP7ULh6sgcg=@AAJTSQACMDE=#">
<GetResourceResults userSSOToken="AQIC5wM2LY4Sfczm02fTJAo4H1i82OGPsRWMs5t6D7bRaVQ=@AAJTSQACMDE=#" serviceName="iPlanetAMWebAgentService" resourceName="http://devappa11.dev.emergis:80" resourceScope="response-attributes-only">
<EnvParameters>
<AttributeValuePair>
<Attribute name="requestIp"/>
<Value>142.168.64.128</Value>
</AttributeValuePair>
</EnvParameters>
<GetResponseDecisions>
<Attribute name="uid"/>
</GetResponseDecisions>
</GetResourceResults>
</PolicyRequest>
</PolicyService>]]>
</Request>
</RequestSet>
2012-10-15 08:11:42.441MaxDebug 24211:130800 PolicyService: BaseService::sendRequest Request line: POST /amserver/policyservice HTTP/1.0
2012-10-15 08:11:42.441 Debug 24211:130800 PolicyService: BaseService::sendRequest Cookie and Headers =Host: devappf9.dev.emergis
2012-10-15 08:11:42.441 Debug 24211:130800 PolicyService: BaseService::sendRequest Content-Length =Content-Length: 778
2012-10-15 08:11:42.441 Debug 24211:130800 PolicyService: BaseService::sendRequest Header Suffix =Accept: text/xml
Content-Type: text/xml; charset=UTF-8
2012-10-15 08:11:42.441MaxDebug 24211:130800 PolicyService: BaseService::sendRequest(): Total chunks: 24.
2012-10-15 08:11:42.441MaxDebug 24211:130800 PolicyService: BaseService::sendRequest(): Sent 24 chunks.
2012-10-15 08:11:50.801 Debug 24211:130800 PolicyService: HTTP Status = 200 (OK)
2012-10-15 08:11:50.801MaxDebug 24211:130800 PolicyService: Http::Response::readAndParse(): Reading headers.
2012-10-15 08:11:50.801MaxDebug 24211:130800 PolicyService: Server: Sun-ONE-Web-Server/6.1
2012-10-15 08:11:50.801MaxDebug 24211:130800 PolicyService: Date: Mon, 15 Oct 2012 12:11:50 GMT
2012-10-15 08:11:50.801MaxDebug 24211:130800 PolicyService: Content-type: text/html
2012-10-15 08:11:50.801MaxDebug 24211:130800 PolicyService: Connection: close
2012-10-15 08:11:50.801 Debug 24211:130800 PolicyService: Http::Response::readAndParse(): No content length in response.
2012-10-15 08:11:50.802MaxDebug 24211:130800 all: Connection::waitForReply(): returns with status success.
2012-10-15 08:11:50.802MaxDebug 24211:130800 PolicyService: Http::Response::readAndParse(): Completed processing the response with status: success
2012-10-15 08:11:50.802MaxDebug 24211:130800 PolicyService: <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ResponseSet vers="1.0" svcid="policy" reqid="9">
<Response><![CDATA[<PolicyService version="1.0" revisionNumber="30">
<PolicyResponse requestId="2">
<ResourceResult name="http://devappa11.dev.emergis:80">
<PolicyDecision>
<ResponseDecisions>
<AttributeValuePair>
<Attribute name="uid"/>
<Value>cppuser1</Value>
</AttributeValuePair>
</ResponseDecisions>
</PolicyDecision>
</ResourceResult>
</PolicyResponse>
</PolicyService>
]]></Response>
</ResponseSet>

10/15/2012 08:11:48:511 AM EDT: Thread[service-j2ee-9,5,main]
PolicyCache:cacheKeys in cache:[policies/dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/selfreadattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/test jack/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_system administrator_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/selfwriteattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_testjan1_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/routetonfld-ehr/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis]
10/15/2012 08:11:48:511 AM EDT: Thread[service-j2ee-9,5,main]
Policy dc=dev^dc=emergis^^DatastoresReadOnly is Using Policy evaluation order :1
10/15/2012 08:11:48:511 AM EDT: Thread[service-j2ee-9,5,main]
Using policy evaluation order:SUBJECTS_CONDITIONS_RULES
10/15/2012 08:11:48:511 AM EDT: Thread[service-j2ee-9,5,main]
Subjects.isMember():getting subject evaluation results from resultCache of policy
10/15/2012 08:11:48:511 AM EDT: Thread[service-j2ee-9,5,main]
at Policy.getPolicyDecision() principal, resource name, action names, policyName, policyDecision = uid=cppuser1,ou=people,o=NFLD-EHR,dc=dev,dc=emergis, sms://o=nfld-ehr,dc=dev,dc=emergis/sunIdentityRepositoryService/1.0/application/user/cppuser1, [MODIFY, READ, DELEGATE], dc=dev^dc=emergis^^DatastoresReadOnly,
10/15/2012 08:11:48:511 AM EDT: Thread[service-j2ee-9,5,main]
at PolicyCache.getPolicy(orgName,policyName):orgName=o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis:policyName=dc=dev^dc=emergis^^RealmAdmincacheKey=/policies/dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis
10/15/2012 08:11:48:511 AM EDT: Thread[service-j2ee-9,5,main]
PolicyCache:cacheKeys in cache:[policies/dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/selfreadattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/test jack/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_system administrator_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/selfwriteattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_testjan1_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/routetonfld-ehr/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis]
10/15/2012 08:11:48:511 AM EDT: Thread[service-j2ee-9,5,main]
Policy dc=dev^dc=emergis^^RealmAdmin is Using Policy evaluation order :1
10/15/2012 08:11:48:511 AM EDT: Thread[service-j2ee-9,5,main]
Using policy evaluation order:SUBJECTS_CONDITIONS_RULES
10/15/2012 08:11:48:511 AM EDT: Thread[service-j2ee-9,5,main]
Subjects.isMember():getting subject evaluation results from resultCache of policy
10/15/2012 08:11:48:512 AM EDT: Thread[service-j2ee-9,5,main]
at Policy.getPolicyDecision() principal, resource name, action names, policyName, policyDecision = uid=cppuser1,ou=people,o=NFLD-EHR,dc=dev,dc=emergis, sms://o=nfld-ehr,dc=dev,dc=emergis/sunIdentityRepositoryService/1.0/application/user/cppuser1, [MODIFY, READ, DELEGATE], dc=dev^dc=emergis^^RealmAdmin,
10/15/2012 08:11:48:512 AM EDT: Thread[service-j2ee-9,5,main]
at PolicyCache.getPolicy(orgName,policyName):orgName=o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis:policyName=SelfWriteAttributescacheKey=/policies/selfwriteattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis
10/15/2012 08:11:48:512 AM EDT: Thread[service-j2ee-9,5,main]
PolicyCache:cacheKeys in cache:[policies/dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/selfreadattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/test jack/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_system administrator_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/selfwriteattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_testjan1_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/routetonfld-ehr/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis]
10/15/2012 08:11:48:512 AM EDT: Thread[service-j2ee-9,5,main]
at PolicyCache.getPolicy(orgName,policyName):orgName=o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis:policyName=o=nfld-ehr^dc=dev^dc=emergis^^DatastoresReadOnlycacheKey=/policies/o=nfld-ehr^dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis
10/15/2012 08:11:48:512 AM EDT: Thread[service-j2ee-9,5,main]
PolicyCache:cacheKeys in cache:[policies/dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/selfreadattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/test jack/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_system administrator_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/selfwriteattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_testjan1_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/routetonfld-ehr/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis]
10/15/2012 08:11:48:512 AM EDT: Thread[service-j2ee-9,5,main]
at PolicyCache.getPolicy(orgName,policyName):orgName=o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis:policyName=o=nfld-ehr^dc=dev^dc=emergis^^RealmAdmincacheKey=/policies/o=nfld-ehr^dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis
10/15/2012 08:11:48:512 AM EDT: Thread[service-j2ee-9,5,main]
PolicyCache:cacheKeys in cache:[policies/dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/selfreadattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/test jack/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_system administrator_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/selfwriteattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_testjan1_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/routetonfld-ehr/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis]
10/15/2012 08:11:48:512 AM EDT: Thread[service-j2ee-9,5,main]
at PolicyCache.getPolicy(orgName,policyName):orgName=o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis:policyName=SelfReadAttributescacheKey=/policies/selfreadattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis
10/15/2012 08:11:48:513 AM EDT: Thread[service-j2ee-9,5,main]
PolicyCache:cacheKeys in cache:[policies/dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/selfreadattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/test jack/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_system administrator_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/selfwriteattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_testjan1_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/routetonfld-ehr/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis]
10/15/2012 08:11:48:513 AM EDT: Thread[service-j2ee-9,5,main]
at PolicyCache.getPolicy(orgName,policyName):orgName=o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis:policyName=dc=dev^dc=emergis^^DatastoresReadOnlycacheKey=/policies/dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis
10/15/2012 08:11:48:513 AM EDT: Thread[service-j2ee-9,5,main]
PolicyCache:cacheKeys in cache:[policies/dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/selfreadattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/test jack/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_system administrator_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/selfwriteattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_testjan1_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/routetonfld-ehr/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis]
10/15/2012 08:11:48:513 AM EDT: Thread[service-j2ee-9,5,main]
at PolicyCache.getPolicy(orgName,policyName):orgName=o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis:policyName=dc=dev^dc=emergis^^RealmAdmincacheKey=/policies/dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis
10/15/2012 08:11:48:513 AM EDT: Thread[service-j2ee-9,5,main]
PolicyCache:cacheKeys in cache:[policies/dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^policyadmin/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/selfreadattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/test jack/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^datastoresreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_system administrator_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/o=nfld-ehr^dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/jackpolicy/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis, /policies/selfwriteattributes/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/dc=dev^dc=emergis^^realmreadonly/default/1.0/iplanetampolicyservice/o=sunamhiddenrealmdelegationservicepermissions,ou=services,dc=dev,dc=emergis, /policies/p_dis_testjan1_null/default/1.0/iplanetampolicyservice/o=nfld-ehr,dc=dev,dc=emergis, /policies/routetonfld-ehr/default/1.0/iplanetampolicyservice/dc=dev,dc=emergis]
10/15/2012 08:11:48:513 AM EDT: Thread[service-j2ee-9,5,main]
at PolicyEvaluator.getPolicyDecision() orgsToVist=[]
10/15/2012 08:11:48:513 AM EDT: Thread[service-j2ee-9,5,main]
at PolicyEvaluator.getPolicyDecision() orgsToVist(after removing already visited orgs=[]
10/15/2012 08:11:50:515 AM EDT: Thread[service-j2ee-9,5,main]
PolicyRequestHandler.processRequest(): get response from policy framework:
<PolicyService version="1.0" revisionNumber="30">
<PolicyResponse requestId="2">
<ResourceResult name="http://devappa11.dev.emergis:80">
<PolicyDecision>
<ResponseDecisions>
<AttributeValuePair>
<Attribute name="uid"/>
<Value>cppuser1</Value>
</AttributeValuePair>
</ResponseDecisions>
</PolicyDecision>
</ResourceResult>
</PolicyResponse>
</PolicyService>

Sun Access Manager 2005Q1 session failover is not working

Hi All
I m using Sun access manager 2005Q1,message queue 2005Q1, Sun Directory server 5.2 ,BerkelyDb 4.2.52 and radware hardware load balancer with sticky session.
I m have configured message queue and BerkeleyDB and both are running with any error.
I m using http://docs.sun.com/source/817-7644/ch5_scenarios.html#wp41008 doc for session failover.
Simple failover is working fine but the Session failover is not working.
Any body has done session failover with Sun Access manager 2005 Q1 I m trying to resolve this issue last two month.
Please it is urgent.

It works fine in 2005Q4, after applying a patch 120954 if I am not mistaken. But 2005Q4 and 2005Q1 are probably different in terms of session failover (site configuration etc.)
1. Stop both AM servers
2. Set logging to debug mode in AMConfig.properties.
3. Delete / move everything in /var/opt/SUNWam/debug
4. tail -f /var/opt/SUNWam/debug/amSession
5. Post that file here... you should be able to see if session failover is enabled etc....
hope this helps.

Sun Access Manager,Policy Agent 2.2, IIS7?

Hello everybody
Is it possible to protect IIS7 with policy agent 2.2 and Sun Access Manager 7.1?
Policy Agents 3.0 (for Open SSO) works with Sun Access Manager 7.1?
regards!
Alex Dávila

Tanks handat
I found
http://download.oracle.com/docs/cd/E19575-01/820-5816/galtf/index.html
http://download.oracle.com/docs/cd/E19681-01/821-0267/gfxhz.html#scrolltoc
greetings
alex davila

Sun Access Manager 7.1 configuration

I am trying to configure Sun Access Manager 7.1 update 1 on websphere 6.1.0.11 running on windows 2003 server and am getting a crypt error on SunJCE. Any suggestions on how to fix this?
The thread dump looks like this
05/16/2008 11:22:00:509 AM EDT: Thread[WebContainer : 2,5,main]
05/16/2008 11:22:00:509 AM EDT: Thread[WebContainer : 2,5,main]ERROR: Crypt: failed to set password-based key
java.security.NoSuchProviderException: no such provider: SunJCE
at sun.security.jca.GetInstance.getService(GetInstance.java:82)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.SecretKeyFactory.getInstance(Unknown Source)
at com.iplanet.services.util.JCEEncryption.setPassword(JCEEncryption.java:377)
at com.iplanet.services.util.Crypt.createInstance(Crypt.java:139)
at com.iplanet.services.util.Crypt.<clinit>(Crypt.java:103)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:192)
at com.sun.identity.setup.ServicesDefaultValues.validatePassword(ServicesDefaultValues.java:396)
at com.sun.identity.setup.ServicesDefaultValues.setServiceConfigValues(ServicesDefaultValues.java:107)
at com.sun.identity.setup.AMSetupServlet.processRequest(AMSetupServlet.java:307)
at com.ibm._jsp._configurator._jspService(_configurator.java:221)
at com.ibm.ws.jsp.runtime.HttpJspBase.service(HttpJspBase.java:85)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:989)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:930)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:145)
at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:89)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:190)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:130)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:87)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:761)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:673)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:498)
at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:464)
at com.ibm.wsspi.webcontainer.servlet.GenericServletWrapper.handleRequest(GenericServletWrapper.java:122)
at com.ibm.ws.jsp.webcontainerext.AbstractJSPExtensionServletWrapper.handleRequest(AbstractJSPExtensionServletWrapper.java:205)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3276)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:267)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:811)
at com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1455)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:113)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:454)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:383)
at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:102)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:743)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1469)
05/16/2008 11:22:00:509 AM EDT: Thread[WebContainer : 2,5,main]ERROR: JCEEncryption:: not yet initialized

Have you followed the release notes instructions? There is one specifically about changing JCE:
http://docs.sun.com/app/docs/doc/819-5899/gdpsl?a=view
http://docs.sun.com/app/docs/doc/819-4683/gfvfl?a=view
http://docs.sun.com/app/docs/doc/819-5899/gdxas?a=view
shivaram

Configuring IIS6.0 with Sun Access manager

Similar Messages

Maybe you are looking for