Is there a Forum for Sun Access Manager
Please send me the forum link for Sun Access Manager
Yes
http://forum.java.sun.com/forum.jspa?forumID=760
Similar Messages
-
Does sun provide a training for sun access manager customizations
Hi,
Is there any training available from sun for sun access manager customizations.
I am aware of the following training from sun AM-3480
TIA,
SureshHi, Suresh,
There's some material about customization in AM-3480. What areas are you interested in?
Regards,.
David -
Username and password for Sun Access Manager 7.1
Hi
Thank you for reading my post
I ge the new Java Application Platform SDK Update 2 which has access manager and portlet management inside it.
Can you tell me what is username and password for Sun access Manager 7.1 administration cosole?
thankswith me it was amadmin : admin123
in the readme file in the addons directory:
Done! Access the AM server URL and see if the Access Manager is working or not -
<amserver_protocol>://<amserver_host>:<amserver_port>/amserver
user : 'amadmin', password : <admin password>
in a config file i found the password was admin123 -
Need running java sample for sun access manager deployed on weblogic 8.1
Hi All,
I have deployed amserver.war in weblogic 8.1 through amserver.war.
I am able to login through user amAdmin. It's working fine. I have used file system at the time of configuration of access manager.
I want to communicate with the sunaccess manager deployed on weblogic through stand alone application. for example i want to access information stored in access manager from application by passing some input. What are the configuration that i need to do for this.
Use case: I have created a subject(user) now i want to retrieve user information that is stored in access manager or want to authenticate the user by passing the user name and password from a stand alone java application.
Thanks & Regs,
Deepak Dabas
[email protected]
Edited by: Deepak.Dabas on Jan 16, 2008 9:37 PMDeepak.Dabas wrote:
Hi All,
I have deployed amserver.war in weblogic 8.1 through amserver.war.
I am able to login through user amAdmin. It's working fine. I have used file system at the time of configuration of access manager.
I want to communicate with the sunaccess manager deployed on weblogic through stand alone application. for example i want to access information stored in access manager from application by passing some input. What are the configuration that i need to do for this.
Use case: I have created a subject(user) now i want to retrieve user information that is stored in access manager or want to authenticate the user by passing the user name and password from a stand alone java application.
please refer http://docs.sun.com/app/docs/doc/819-4675/6n6qfk0ne?a=view#gbdlr
http://docs.sun.com/app/docs/doc/819-2139/adubn?a=view
you need to download the client samples SUNWamclnt from sun.com
>
Thanks & Regs,
Deepak Dabas
[email protected]
Edited by: Deepak.Dabas on Jan 16, 2008 9:37 PM -
Is there a forum for Adobe Download manager?
I always seem to have trouble with this item. It
either loads and hangs
Loads but green progress bar doesn't "fill"Thanks Pat
So in my situation when I updated just the other day the
adobe download manager box popped up.
As it was installing I could see the completion percentage increasing.
However, the progress bar that usually fills green as it installs, was not filling green but empty, But the percentage complete did hit 100%
After that the box for flash player insatllation appeared and I checked agree and then install. It seemed to indicate installation was done.
Does the progress bar showing empty not matter as long as the percentage complete showed 100%?
is this just one of the quirks of the adobe download manager?
Is my installtion of the flash player ok eeven though the download manager did not get the progress bar to fill Green? -
BO Authentication with Sun Access Manager
Post Author: aboucher
CA Forum: Authentication
Hi,
Is there a way to use Sun Access Manager (Role base) with BO. We are using XIR2 but we are willing to move to XIR3 if this version can do this job. I know that BO can be configured with LDAP, AD, Enterprise but is there a Custom choice. Any idea?
ThanksPost Author: TAZ
CA Forum: Authentication
So quickly reviewing sun access manager it doesn't seem to be an LDAP server per se. It's more like a portal used for SSO. If that's the case then you would integrate LDAP accounts and then use technology like trusted authentication for SSO from the sun access maanger portal. In that case trusted auth will support just about any front end as long as the user info can be forwarded to us in one of 7 methods. You can read more about trusted authentication in the XIR2 deployment guide
http://support.businessobjects.com/documentation/product_guides/default.asp
Integrations of this level typically involvel in depth planning and should probably be done with the assistance of a BO consultant.
Regards,
Tim -
Securing web services with Sun Access Manager
Hi!
I have gone through some documentation about Sun Access Manager, and I'm a little bit confused.
What I want is to secure some web services which are deployed on a BEA WebLogic 9.1 server (WLS). Two solutions are possible: To install some kind of plugin into WLS or to place some kind of proxy in front of WLS. In both cases, the purpose would be to authenticate the caller based on some kind of ticket (SAML or similar) and authorize access to the web service.
I have read about the "Sun Java System Access Manager Policy Agent 2.2 for Weblogic 9.1" (those guys really like long names....), but in this documentation web services aren't mentioned at all. They only seem to care about HTTP requests from a browser.
I have also read about the Policy Agent 2.2 in the documentation called "Sun Java System Access Manager Policy Agent 2.2 Guide for Sun Java System Application Server 9.0/Web Services" (puh...). This document explicitly talks about securing web services the way I want.
My questions are:
1) Is it possible to secure WLS based web services in the same way using the Policy Agent for WLS?
2) Are there any documentation/tutorials/etc?
Thanks in advance :-)
Anderswhat you need is a webservices agent that would enable you to "protect" your webservice provider, which I assume is on a BEA weblogic provider.
the "Sun Java System Access Manager Policy Agent 2.2 for Weblogic 9.1" is "NOT" awebservices agent, but a normal J2EE policy agent.
So.. having said that. here's what I'd recommend.
1. install the webservices agent on bea weblogic. (note: NOT the J2EE policy agent)
2. configure it to use your access manager instance for authentication.
3. configure your webservices client to use the webservice provider. (note: you'd need the webservices APi's available on the client too... so the quick dirty method would be to install the webservices agent on your client too....) you can later bundle the webservices client independently and provide your"customers" with a webservices client bundle...
4. voila... your webservices are not "protected" by acces manager ;-) -
Policy Agent doesn't reset Sun Access Manager session time idle value
Hi,
We have the following setup in our environment:
- apache web server/web and policy agent 2.2 for apache 2.0.54
- webmethods portal server (jetty)
-Sun Access Manager (with Sun Directory Server)
We use policy agent for authentication purpose only (via Sun Access Manager/LDAP) when the users access the portal. We have custom code that creates session in Sun Access Manager for custom LDAP services. For testing purpose, we configure SAM session to have Max Session Timeout at 120mins and Time Idle at 15mins. I would assume that, after the initial login request, for all subsequent accesses to the portal the policy agent should intercept the request and reset the Time Idle value of SAM session. However, when I monitor time idle value using SAM console, session tab, the time idle value didn't change when the portal user access pages, submit actions, etc. I can see in the debug log of policy agent that requests are being intercepted/processed, but the time idle didn't get reset.
Does anyone know if this is a bug in configuration or in policy agent itself or am I making the wrong assumption?
Thanks a lot for the help.Thanks for the reply, Shivaram. The issue appears to occur at random time, not accurately at the 3 min interval as you mention. I tested changing this value to 1, theoretically, after one 1 minute of idle time, accessing a link would make the agent reset the time idle value for the user session in SAM, but it didn't even after 3 minutes. This seems to be either a policy agent or system access manager bug.
We performed a 'vanilla' test using the apache server manual pages (only plain HTML, no POST requests), the pages are protected by the policy agent. At the first login, rwe were prompted to enter credential to be validated by SAM/LDAP, and then a user session is created in SAM session table. We browse around the manual pages, once in a while, certain pages cause the policy agent to reset the time idle. However, revisiting these links after a few minutes doesn't reset the idle value. Caching setting has been disable as well. Could there be or lack of some settings in AMConfig.properties or AMAgent.properties that might have caused this behavior?
Thanks for all your help, -
Sun Access Manager Resource & password resets
Hi,
I've got IDM 7.1 and AM 7.1, with a Sun Access Manager Realm resource. The LDAP directory (DS EE 6.0) sitting behind the AM resource has been set up to "Require Password Change at First Login and After Reset".
However, if a user in IDM changes their AM password, the connection to AM is done as the resource adapter user, not themselves; this means that the pwdReset flag is not cleared on their account in AM, and AM will demand a password change on next login.
This is obviously non-optimal for us, as we'd like them to change their password through IDM.
Is there any way to change the DS policies to allow for this situation, OR to set the pwdReset flag through the resource adapter, OR to get the resource adapter to connect as the user when the Change Password flow is performed?
Thanks,
Michael.Hi Michael,
Could you please share the solution for the problem you are facing.
I am facing a similar issue.
When an admin resets the password of a user and when the user logs in, he/she needs to be redirected to IDM change password page. Instead the redirection to AM change password functionality is displayed.
Thanks,
Vinu -
Integrate IdM roles with Sun Access Manager roles
Hi all,
I am currently working on a solution involving Sun Identity Manager 7.1 and Sun Access Manager 7.1 as well. We use AM for overall authentication and SSO across the application, and IdM for user provisioning.
I need to create roles in Identity Manager, and I would like that when I assign a role to a user in Identity Manager, he gets the same role in my Access Manager repository (Sun LDAP). Identity Manager does provide a way to set attribute values in resources when a role is set. Access Manager on the other hand has both dynamic roles, based on an LDAP search, and static roles.
What are the important differences between static and dynamic roles in AM?
Does anybody know a good way to propagate roles from Identity Manager to Access Manager?
Thanks.I found answers to my question. I succeeded in setting the Access Manager role from Identity Manager using the nsRoleDN attribute. Here are some references to begin with:
About directory server roles:
http://docs.sun.com/app/docs/doc/820-2493/fvbrn?a=view
Forum thread reference:
http://forums.sun.com/thread.jspa?threadID=5208694
Here are roughly the steps I followed to get this working.
Access Manager roles setup:
1. In Access Manager, create a new static role named test_role under the identities realm (in Subjects > Role).
Identity Manager roles setup:
1. Create a new role in Identity Manager: tab Roles, click New....
2. Assign the LDAP resource to synchronize the role with.
3. On the Assigned Resources line, click the Set Attributes Values button. This shows up the attributes listing allowing you to bind your IdM role to your LDAP repository.
4. Set the attribute nsRoleDN to the LDAP DN of the role that was created in AM (nsRoleDN must be added in the resource attributes mapping before).
* In the column Value override, select Text.
* In the column How to set, select Authoritative merge with value, clear existing. (* See IDM Admin guide about this setting, I am still not sure how it reacts with multi-value attributes)
* In the text box, enter the role DN text (ex: cn=test_role,dc=com).
5. Save the role. You can now add the role to a user. -
HELP GETTING Started with Sun Access Manager without TEARS.
I am new to Sun Access Manager.
I am quite familiar with how Sun Java Identity Manager works.
The following is the issue I am facing.
I've downloaded the following images from the sun website
java_es_05Q4-ga1-solaris-x86-1-iso
and
java_es_05Q4-ga1-solaris-x86-2-iso
I've installed the components on sun solaris 10
The following components were installed
/opt/SUNWcomds
I am not sure what this is for
/opt/SUNWdsvmn
I am not sure what it is.
/opt/SUNWma
What is this I was expecting SUNWam the access management software!
/opt/SUNWwbsvr -- This is the Web Server.
I know how to use it.
Can anyone tell me on how to go about it?
Is there any online tutorial for the same.
What is the difference between sparc version and x86. Can i use any of these on solaris 10?
Anyhelp getting started would be highly appreciated.
I am looking at doing the following things.
ssl,fed, auth, custauth etc
Thanks a ton in Advance.
Regards,
VinodI documented my installation procedure for Access Manager 7.0 (2005Q4) and Portal 7.0. Take a look at my wiki page:
http://wiki.its.queensu.ca/display/JES/Access+Manager+installation
It's a two node Access manager Legacy site and I also implemented session-failover using Message Queue and Berkeley Database. -
Configuring IIS6.0 with Sun Access manager
As I am new to Sun java Access manager .I have installed and configured the Sun Access manager 7.1 on Tomcat and able to login to the console also.Now I am looking to configure the web application which resides in IIS 6.0 with Sun Access manager,To do this are there any documents about how to configure the Windows IIS 6.0Policy agent with Sun Accessmanager?In the Sun website I didnt see any document related to this configuration,could anyone please help how to work on this?
Thanks in advance.http://docs.sun.com/app/docs/doc/819-4771?l=en
should give you all the information you need. For server changes like policy refer to AM 7.1 docs on docs.sun.com -
Training in Sun access manager
Looking for training in sun access manager. If any one of you interested in giving me training send me email at [email protected]
I will pay for it.
ThxHi,
Sun offers a 5-day instructor-led course on Access Manager 7.1. Class schedule and course description here: http://www.sun.com/training/catalog/courses/AM-3480.xml
There's also a web-based version of the class for 7.0 (but not for 7.1).
HTH,
David -
How to check amsilent file in Sun Access manager patch or redeploying WAR's
h1. How to check amsilent file in Sun Access manager patch or redeploying WAR's
I had a hard time getting all the passwords correct, so I wrote a shell (bash) script that uses most passwords and other parameters in searches and queries. It let's you know before you start if a value is wrong. It does not change anything, only queries.
h2. One pitfall I found ...
during the postinstall of patch 05. I told Sun about it, but I suspect it was too late and is also an issue with patch 06:
Look at the documentation regarding amconfig and the amsilent file:
http://docs.sun.com/app/docs/doc/819-2137/adsav?l=en&q=amconfig&a=view
Two problems that are clear to me now:
1. ADMINPASSWD in practice, this password is used for cn=puser, not amadmin as it says. Perhaps there is something that makes them the same. It was the same for me, so it probably does not matter.
2. AS81_ADMINPASSWD is not the same as ADMINPASSWD using either my definition or the document's definition. However, in the amsilent template, it is set like this, which I found is incorrect and the cause of my recent hair loss:
<blockquote>AS81_ADMINPASSWD="$ADMINPASSWD"</blockquote>
Also, this one if you use the web server:
<blockquote>WL8_PASSWORD="$ADMINPASSWD"</blockquote>
Delete the $ADMINPASSWD and replace it with the password for the app/web server.
h2. The Script.
It tests for the above problem, but I just realized it does not check $ADMINPASSWD. If that is set incorrectly in your amsilent, you'll get errors immediately from amconfig, so no big deal. If you make improvements, please post a reply!
Paste this into a file named checkamsilent. LDAP and appserver must be running. It reads /opt/SUNWam/amsilent. Run it as root or use sudo:
sudo ./checkamsilent
#!/usr/bin/bash
echo "This will test several important parameters of the amsilent file "
echo "run this as root."
echo "### read in the amsilent parameters"
echo "source /opt/SUNWam/amsilent "
source /opt/SUNWam/amsilent
echo "### look for the *server port* with LISTNER, otherwise it's not listening. "
echo "netstat -a | grep $SERVER_PORT "
echo "--------------"
netstat -a | grep $SERVER_PORT
echo "--------------"
echo "."
echo "### *admin port* with LISTNER, otherwise it's not listening. "
echo "netstat -a | grep $ADMIN_PORT "
echo "--------------"
netstat -a | grep $ADMIN_PORT
echo "--------------"
echo "."
echo "### Expect to see a line of XML, otherwise the SERVER_PORT is incorrect in the amsilent file."
echo "grep $SERVER_PORT ${AS81_INSTANCE_DIR}/config/domain.xml "
echo "--------------"
grep $SERVER_PORT ${AS81_INSTANCE_DIR}/config/domain.xml
echo "--------------"
echo "."
echo "### Expect to see a line of XML, otherwise the ADMIN_PORT is incorrect in the amsilent file."
echo "grep $ADMIN_PORT ${AS81_INSTANCE_DIR}/config/domain.xml "
echo "--------------"
grep $ADMIN_PORT ${AS81_INSTANCE_DIR}/config/domain.xml
echo "--------------"
echo "."
echo "### bind as the directory manager "
echo "ldapsearch -v -h $DS_HOST -p 3892 -L -s sub -D \"$DS_DIRMGRDN\" -w \"$DS_DIRMGRPASSWD\" -b 'dc=nsf, dc=gov' \"cn=amldapuser\""
ldapsearch -v -h $DS_HOST -p 3892 -L -s sub -D "$DS_DIRMGRDN" -w "$DS_DIRMGRPASSWD" -b 'dc=nsf, dc=gov' "cn=amldapuser"
echo "."
echo "### check the amldapuser password. "
echo "ldapsearch -w $AMLDAPUSERPASSWD -v -h $DS_HOST -p 3892 -L -s sub -D cn=amldapuser,ou=DSAME Users,dc=nsf,dc=gov -b ou=DSAME Users,dc=nsf,dc=gov cn=* cn "
ldapsearch -w "$AMLDAPUSERPASSWD" -v -h $DS_HOST -p 3892 -L -s sub -D "cn=amldapuser,ou=DSAME Users,dc=nsf,dc=gov" -b "ou=DSAME Users,dc=nsf,dc=gov" cn=* cn
echo "."
echo "### check the app server admin: AS81_ADMIN password: AS81_ADMINPASSWD and port: ADMIN_PORT "
echo "### That's actually a bug in the template. "
echo "### Do not use AS81_ADMINPASSWD=\$ADMINPASSWD Make sure they are different passwords! Don\'t use the default!"
echo "Expect to see a WARNING about --password option. "
echo "/opt/SUNWappserver/appserver/bin/asadmin list-http-listeners --user $AS81_ADMIN --port $ADMIN_PORT -w $AS81_ADMINPASSWD "
/opt/SUNWappserver/appserver/bin/asadmin list-http-listeners --user $AS81_ADMIN --port $ADMIN_PORT -w "$AS81_ADMINPASSWD"
echo "done!"I change the product machine from LG optimus to Samsung Galaxy but the file writing is not working, too.
I copied the source code from Adobe website about FileStream but it is needless too.
-----------------program code------------------------
import flash.filesystem.*;
import flash.filesystem.FileStream;
import flash.events.Event;
//txtFld is a standard textField component
txtFld.text = "Start";var file:File = new File();
//btnSaveFile is a standard button component
btnSaveFile.addEventListener(MouseEvent.CLICK,handlerBtnSaveFile);
function handlerBtnSaveFile(e:Event){
txtFld.text = "Pressed";
file = File.documentsDirectory;
file = file.resolvePath("test.txt");
var fileStream:FileStream = new FileStream();
fileStream.openAsync(file, FileMode.WRITE);
fileStream.writeUTFBytes("Hello");
txtFld.text = file.nativePath.toString();
//fileStream.addEventListener(Event.CLOSE, fileClosed);
fileStream.close();
fcnFileName();
function fcnFileName(){
txtFld.text = file.name.toString();
function fileClosed(event:Event):void {
trace("closed");
txtFld.text = "FileClosed"; -
Not able to login to Sun Access Manager
Hi All,
I am new to Sun Access Manager. I changed the LDAP Configuration in Identity Management->Authentication Module->LDAP to some incorrect LDAP Server. Now i am not able to login to the amconsole of Access Manager. I am getting an Authentication fail error. Is there any way i can revert the changes for the LDAP i have made as i am not able to open the console to revert the changes.
Thanks in advance,
AnnuCheck your AppServer to see it up and running or not.
Maybe you are looking for
-
I have an online etsy shop. There is a page on which to list a new item to be added to one's shop. When it is time to upload the pic or pics, I cannot find them,eventhough each has a name and all are in an i photo album. On my old computer I would
-
Mac will not START UP after software update. Help?
I just updated my 24" iMac to Snow Leopard and also put on the new iLife package. Everything was working fine, Then i tried to get onto the internet using my Bigpond wifi (usb stick) the software started fine and connected to the internet, but in sa
-
Saving a pdf document to my iPod Touch Gen 1
I have a 16gb Generation 1 (Dec 2007) iPod Touch running system iOS 3.1.3 and I love it! I shall be taking a trip and do NOT want to carry my MBP this time (vacation!) - but do want my iPod Touch with me. I'd like to have a large (28 mb, 262 page) G
-
Develop module is disabled.
I have spoken with a David in Chat and he told me to follow some instructions in the SLStore. I did that and nothing has changed AND now I cannot access chat anymore. Apparently looks like they don't want to know me. What am I doing wrong? How ca
-
PO Receipt Accounting Includes Tax
Hi, In the scenario where PO is created from a Drop Ship Sales Order, PO receipt accounting value includes tax and the same is appearing in the distributions. When the PO is created manually or from min max process, PO receipt accounting does not inc