Step-1: Deploy amauthdistui.war that you get with installation or by building it.
Step-2: Copy AMConfig.properties to WEB-INF/classes of web-app directory. File is pasted below. Change it depending upon environment
Step-3: Copy amclientsdk.jar to WEB-INF/lib of web-app directory.
Restart container.
--- Working AMConfig.properties file from my setup ---
/* The following keys are used to configure the Debug service.
* Possible values for the key 'level' are: off | error | warning | message.
* The key 'directory' specifies the output directory where the debug files
* will be created.
* Trailing spaces are significant.
* Windows: Use forward slashes "/" separate directories, not backslash "\".
* Windows: Spaces in the file name are allowed for Windows.
*/
com.iplanet.services.debug.level=error
com.iplanet.services.debug.directory=/var/opt/SUNWam/distauth/debug
/*
* Naming URL
*/
com.iplanet.am.naming.url=http://avatar.red.iplanet.com:80/amserver/namingservice
/*
* Notification URL
*/
com.iplanet.am.notification.url=
/*
* Security Credentials to identify the client to AccessManager and
* used to get the configuration data from AccessManager.
* com.sun.identity.agents.app.username is the name to identitfy
* the application.
* It is recommended that you create an agent identity to identify
* each client in the Access Manager.
* Then, use the agent identity corresponding to the client.
* This would provide better security and provide a better audit trail.
* The default for com.sun.identity.agents.app.username in this file may be
* set as "anonymous" only for ease of use.
*
* com.iplanet.am.service.password is the password corresponding to
* com.sun.identity.agents.app.username.
* Please remember to change this password when you change the value for
* com.sun.identity.agents.app.username
*/
com.sun.identity.agents.app.username=distauth
com.iplanet.am.service.password=password
/*
* Property to set JCE as the default encryption classes
*/
com.iplanet.security.encryptor=com.iplanet.services.util.JCEEncryption
/*
* Cache update time (in minutes) for user management cache,
* if notification URL is not provided
*/
com.iplanet.am.sdk.remote.pollingTime=1
/*
* Cache update time (in minutes) for service configutation data,
* if notification URL is not provided
*/
com.sun.identity.sm.cacheTime=1
/*
* Server protocol, host and port
*/
com.iplanet.am.server.protocol=http
com.iplanet.am.server.host=avatar.red.iplanet.com
com.iplanet.am.server.port=80
/*
* Distributed Authentication Server protocol, host and port
*/
com.iplanet.distAuth.server.protocol=http
com.iplanet.distAuth.server.host=jackal.red.iplanet.com
com.iplanet.distAuth.server.port=7070
com.iplanet.am.cookie.name=iPlanetDirectoryPro
com.iplanet.am.cookie.secure=false
com.iplanet.am.cookie.encode=false
/*
* Distributed Authentication Server deploy URI
*/
com.iplanet.am.services.deploymentDescriptor=/amauthdistui
com.iplanet.am.version=7.1
/*
* Distributed Authentication deploy URI
*/
com.iplanet.am.distauth.deploymentDescriptor=/amauthdistui
/*
* List of comma separated trusted Distributed Authentication servers in cluster
*/
com.sun.identity.distauth.cluster=
/*
* Identify cert db directory path, prefix and password file
* to initialize JSS Socket Factory when Web Container is configured SSL
*/
com.iplanet.am.admin.cli.certdb.dir=CONTAINER_CERTDB_DIR
com.iplanet.am.admin.cli.certdb.prefix=CONTAINER_CERTDB_PREFIX
com.iplanet.am.admin.cli.certdb.passfile=CONFIG_DIR/.wtpass
/*
* Since the notification handler is not registered on Distributed
* authentication side, the following polling parameters need to be specified
* to enable the SessionPoller thread.
*/
com.iplanet.am.session.client.polling.enable=true
com.iplanet.am.session.client.polling.period=180
/*
* Load Balancer cookie name and value to be used when there are multiple
* Distributed authentication web application servers behind Load Balancer.
*/
#com.iplanet.am.lbcookie.name=DistAuthLBCookieName
#com.iplanet.am.lbcookie.value=DistAuthLBCookieValue
com.sun.identity.auth.cookieName=AMDistAuthCookie
Binary Search Tree
9 years ago
No comments:
Post a Comment