ページ1に含まれる内容の要旨
SunJavaSystemAccessManager
7.1ReleaseNotes
SunMicrosystems,Inc.
4150NetworkCircle
SantaClara,CA95054
U.S.A.
PartNo:819–4683–10
March2007����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
ページ2に含まれる内容の要旨
Copyright2007SunMicrosystems,Inc. 4150NetworkCircle,SantaClara,CA95054U.S.A. Allrightsreserved. SunMicrosystems,Inc.hasintellectualpropertyrightsrelatingtotechnologyembodiedintheproductthatisdescribedinthisdocument.Inparticular,andwithout limitation,theseintellectualpropertyrightsmayincludeoneormoreU.S.patentsorpendingpatentapplicationsintheU.S.andinothercountries. U.S.GovernmentRights–Commercialsoftware.GovernmentusersaresubjecttotheSunMicrosystems,Inc.standardlicenseagreementandapplicableprovi
ページ3に含まれる内容の要旨
Contents SunJavaSystemAccessManager7.1ReleaseNotes .......................................................................5 RevisionHistory .....................................................................................................................................6 AboutSunJavaSystemAccessManager7.1........................................................................................6 What’sNewinThisRelease ..............................................................................
ページ4に含まれる内容の要旨
Contents AMSDKIssues..............................................................................................................................27 SSLIssue ........................................................................................................................................28 SamplesIssue ................................................................................................................................29 LinuxOSIssues .............................................
ページ5に含まれる内容の要旨
SunJavaSystem AccessManager7.1ReleaseNotes March2007 PartNumber819-4683-10 TM TheSunJava SystemAccessManager7.1ReleaseNotescontainimportantinformation availablefortheSunJavaEnterpriseSystem(JavaES)release,includingnewAccessManager featuresandknownissueswithworkarounds,ifavailable.Readthisdocumentbeforeyou installandusethisrelease. ToviewtheJavaESproductdocumentation,includingtheAccessManagercollection,see http://docs.sun.com/prod/entsys.05q4. Checkthissitepriortoinstallingandsettingupyoursoftwar
ページ6に含まれる内容の要旨
RevisionHistory RevisionHistory ThefollowingtableshowstheAccessManager7.1ReleaseNotesrevisionhistory. TABLE1 RevisionHistory Date DescriptionofChanges July2006 Betarelease. March2007 JavaEnterpriseSystem5release AboutSunJavaSystemAccessManager7.1 SunJavaSystemAccessManagerispartoftheSunIdentityManagementinfrastructurethat allowsanorganizationtomanagesecureaccesstoWebapplicationsandotherresourcesboth withinanenterpriseandacrossbusiness-to-business(B2B)valuechains. AccessManagerprovidesthesemainfu
ページ7に含まれる内容の要旨
What’sNewinThisRelease devices,applications,andservice-drivennetworks.TypicalusesoftheJMXtechnologyinclude: consultingandchangingapplicationconfiguration,accumulatingstatisticsaboutapplication behavior,notificationofstatechangesanderroneousbehaviors.Dataisdeliveredtocentralized monitoringconsole. AccessManager7.1usestheJavaESMonitoringFrameworktocapturestatisticsand service-relateddatasuchasthefollowing: ■ Numberofattempted,successful,andfailedauthentications ■ Policycachingstatistics ■ Policyev
ページ8に含まれる内容の要旨
What’sNewinThisRelease ■ Numberofsuccessfulauthentications ■ Numberoffailedauthentications ■ Numberofsuccessfullogoutoperations ■ Numberoffailedlogoutoperations ■ Transactiontimeforeachmoduleifpossible(runningandwaitingstates) 2. Sessions ■ Sizeofthesessiontable(hencemaximumnumberofsessions) ■ Numberofactivesessions(incrementalcounter) 3. ProfileService ■ Maximumcachesize ■ Transactiontimeforoperations(runningandwaiting) 4. Policy ■ Policyevaluationinandoutrequests ■ Policyconnectionpoolstatisti
ページ9に含まれる内容の要旨
What’sNewinThisRelease ■ AnewpolicyconditionAuthenticateToRealmConditionadded,toenforcetheuseris authenticatedtoaspecificrealm. ■ AnewpolicyconditionLDAPFilterConditionisadded,toenforcetheusermatchesthe specifiedldapfilter. ■ Supportforonelevelwildcardcomparetofacilitateprotectingthecontentsofthedirectory withoutprotectingsub-directory. ■ Policiescanbecreatedinsubrealmswithoutexplicitreferralpoliciesfromparentrealmif organizationaliasreferralisenabledinglobalpolicyconfiguration. ■ AuthLevelCondi
ページ10に含まれる内容の要旨
HardwareandSoftwareRequirements ■ SupportJCEBasedSecureLogHelper-makingitpossibletouseJCE(inadditiontoJSS)as asecurityproviderforSecureLoggingimplementation DeprecationNotificationandAnnouncement SunJava(TM)SystemAccessManager7.1identitymanagementAPIsandXMLtemplates enablesystemadministratorstocreate,delete,andmanageidentityentriesinSunJavaSystem DirectoryServer.AccessManageralsoprovidesAPIsforidentitymanagement.Developersuse thepublicinterfacesandclassesdefinedinthecom.iplanet.am.sdkpackagetoin
ページ11に含まれる内容の要旨
HardwareandSoftwareRequirements TABLE2 HardwareandSoftwareRequirements Component Requirement TM ■ Operatingsystem(OS) Solaris 10onSPARC,x86,andx64based systems,includingsupportforwholerootlocal andsparserootzones. ■ Solaris9onSPARCandx86basedsystems. TM ■ RedHat EnterpriseLinux3and4,allupdates AdvancedServer(32and64–bitversions)and EnterpriseServer(32and64–bitversions) ■ Windows Windows2000AdvancedServer,DataCenter ServerversionSP4onx86 Windows2003Standard(32and64–bitversions), Enterprise(32and6
ページ12に含まれる内容の要旨
HardwareandSoftwareRequirements TABLE2 HardwareandSoftwareRequirements (Continued) Component Requirement Webcontainers SunJavaSystemWebServer7.0Onsupported platform/OScombinationsyoumayelecttorunthe WebServerinstanceina64bitJVM.Support platforms:Solaris9/SPARC,Solaris10/SPARC,Solaris 10/AMD64,RedHatASorES3.0/AMD64,RedHat ASorES4.0/AMD64 SunJavaSystemApplicationServerEnterprise Edition8.2 BEAWebLogic8.1SP4 IBMWebSphereApplicationServer5.1.1.6 RAM Basictesting:512Mbytes Actualdeployment:1Gbytefort
ページ13に含まれる内容の要旨
GeneralCompatibilityInformation TABLE3 SupportedBrowsers (Continued) Browser Platform TM Mozilla 1.7.12 SolarisOS,versions9and10 WindowsXP Windows2000 RedHatLinux3and4 MacOSX TM Netscape Communicator8.0.4 WindowsXP Windows2000 NetscapeCommunicator7.1 SolarisOS,versions9and10 GeneralCompatibilityInformation ■ “AMSDKintersystemincompatibilitywithAccessManagerserver”onpage13 ■ “UpgradenotsupportedforAccessManagerHPUXversion”onpage13 ■ “AccessManagerLegacyMode”onpage14 ■ “AccessManagerPolicyAgents”o
ページ14に含まれる内容の要旨
GeneralCompatibilityInformation AccessManagerLegacyMode IfyouareinstallingAccessManagerwithanyofthefollowingproducts,youmustselectthe AccessManagerLegacy(6.x)mode: ■ SunJavaSystemPortalServer ■ SunJavaSystemCommunicationsServicesservers,includingMessagingServer,Calendar Server,InstantMessaging,orDelegatedAdministrator YouselecttheAccessManagerLegacy(6.x)mode,dependingonhowyouarerunningtheJava ESinstaller: ■ “JavaESSilentInstallationUsingaStateFile”onpage14 ■ ““ConfigureNow”InstallationOptioninGr
ページ15に含まれる内容の要旨
GeneralCompatibilityInformation “ConfigureLater”InstallationOption IfyourantheJavaESInstallerwiththe“ConfigureLater“option,youmustruntheamconfig scripttoconfigureAccessManagerafterinstallation.ToselectLegacy(6.x)mode,setthe followingparameterinyourconfigurationscriptinputfile(amsamplesilent): ... AM_REALM=disabled ... FormoreinformationaboutconfiguringAccessManagerbyrunningtheamconfigscript,refer totheSunJavaSystemAccessManager7.1AdministrationGuide. DeterminingtheAccessManagerMode Todeterminewh
ページ16に含まれる内容の要旨
KnownIssuesandLimitations KnownIssuesandLimitations Thissectiondescribesthefollowingknownissuesandworkarounds,ifavailable,atthetimeof theAccessManager7.1release. ■ “InstallationIssues”onpage16 ■ “UpgradeIssues”onpage16 ■ “CompatibilityIssues”onpage16 ■ “ConfigurationIssues”onpage19 ■ “AccessManagerConsoleIssues”onpage21 ■ “CommandLineIssue”onpage22 ■ “SDKandClientIssues”onpage23 ■ “AuthenticationIssues”onpage23 ■ “SessionandSSOIssues”onpage25 ■ “PolicyIssues”onpage26 ■ “ServerStartupIssues”onpag
ページ17に含まれる内容の要旨
KnownIssuesandLimitations ■ “Incompatibilitiesexistincoreauthenticationmoduleforlegacymode(6305840)”onpage 18 ■ “DelegatedAdministratorcommadminutilitydoesnotcreateauser(6294603)”onpage18 ■ “DelegatedAdministratorcommadminutilitydoesnotcreateanorganization(6292104)” onpage18 AccessManagerSingleSign-OnfailsonUniversalWebClient(6367058, 6429573) TheproblemoccursafteryouinstallAccessManager,MessagingServer,andCalendarServer andconfigurethemtoworktogether,andtheninstalltheJES5120955-01patch.Theuser
ページ18に含まれる内容の要旨
KnownIssuesandLimitations Incompatibilitiesexistincoreauthenticationmoduleforlegacymode (6305840) AccessManager7.1legacymodehasthefollowingincompatibilitiesinthecoreauthentication modulefromAccessManager62005Q1: ■ OrganizationAuthenticationModulesareremovedinlegacymode. ■ Thepresentationofthe“AdministratorAuthenticationConfiguration”and“Organization AuthenticationConfiguration”haschanged.IntheAccessManager7.1Console,the drop-downlisthasldapServiceselectedbydefault.IntheAccessManager62005Q1 Conso
ページ19に含まれる内容の要旨
KnownIssuesandLimitations ConfigurationIssues ■ “NotificationURLneedstobeupdatedforAccessManagerSDKinstallationwithoutweb container(6491977)”onpage19 ■ “PasswordResetservicereportsnotificationerrorswhenapasswordischanged(6455079)” onpage19 ■ “PlatformserverlistandFQDNaliasattributearenotupdated(6309259,6308649)”onpage 20 ■ “Datavalidationforrequiredattributesintheservices(6308653)”onpage20 ■ “DocumentworkaroundfordeploymentonasecureWebLogic8.1instance(6295863)” onpage20 ■ “Theamconfigscriptdoesn
ページ20に含まれる内容の要旨
KnownIssuesandLimitations PlatformserverlistandFQDNaliasattributearenotupdated (6309259,6308649) Inamultipleserverdeployment,theplatformserverlistandFQDNaliasattributearenot updatedifyouinstallAccessManageronthesecond(andsubsequent)servers. Workaround:AddtheRealm/DNSaliasesandplatformserverlistentriesmanually.Forthe steps,seethesection“AddingAdditionalInstancestothePlatformServerListandRealm/DNS Aliases”inSunJavaSystemAccessManager7.1PostinstallationGuide. Datavalidationforrequiredattributesinth
