Streszczenie treści zawartej na stronie nr. 1
SunJavaSystemAccessManager
7.1ReleaseNotes
SunMicrosystems,Inc.
4150NetworkCircle
SantaClara,CA95054
U.S.A.
PartNo:819–4683–10
March2007����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Streszczenie treści zawartej na stronie nr. 2
Copyright2007SunMicrosystems,Inc. 4150NetworkCircle,SantaClara,CA95054U.S.A. Allrightsreserved. SunMicrosystems,Inc.hasintellectualpropertyrightsrelatingtotechnologyembodiedintheproductthatisdescribedinthisdocument.Inparticular,andwithout limitation,theseintellectualpropertyrightsmayincludeoneormoreU.S.patentsorpendingpatentapplicationsintheU.S.andinothercountries. U.S.GovernmentRights–Commercialsoftware.GovernmentusersaresubjecttotheSunMicrosystems,Inc.standardlicenseagreementandapplicableprovi
Streszczenie treści zawartej na stronie nr. 3
Contents SunJavaSystemAccessManager7.1ReleaseNotes .......................................................................5 RevisionHistory .....................................................................................................................................6 AboutSunJavaSystemAccessManager7.1........................................................................................6 What’sNewinThisRelease ..............................................................................
Streszczenie treści zawartej na stronie nr. 4
Contents AMSDKIssues..............................................................................................................................27 SSLIssue ........................................................................................................................................28 SamplesIssue ................................................................................................................................29 LinuxOSIssues .............................................
Streszczenie treści zawartej na stronie nr. 5
SunJavaSystem AccessManager7.1ReleaseNotes March2007 PartNumber819-4683-10 TM TheSunJava SystemAccessManager7.1ReleaseNotescontainimportantinformation availablefortheSunJavaEnterpriseSystem(JavaES)release,includingnewAccessManager featuresandknownissueswithworkarounds,ifavailable.Readthisdocumentbeforeyou installandusethisrelease. ToviewtheJavaESproductdocumentation,includingtheAccessManagercollection,see http://docs.sun.com/prod/entsys.05q4. Checkthissitepriortoinstallingandsettingupyoursoftwar
Streszczenie treści zawartej na stronie nr. 6
RevisionHistory RevisionHistory ThefollowingtableshowstheAccessManager7.1ReleaseNotesrevisionhistory. TABLE1 RevisionHistory Date DescriptionofChanges July2006 Betarelease. March2007 JavaEnterpriseSystem5release AboutSunJavaSystemAccessManager7.1 SunJavaSystemAccessManagerispartoftheSunIdentityManagementinfrastructurethat allowsanorganizationtomanagesecureaccesstoWebapplicationsandotherresourcesboth withinanenterpriseandacrossbusiness-to-business(B2B)valuechains. AccessManagerprovidesthesemainfu
Streszczenie treści zawartej na stronie nr. 7
What’sNewinThisRelease devices,applications,andservice-drivennetworks.TypicalusesoftheJMXtechnologyinclude: consultingandchangingapplicationconfiguration,accumulatingstatisticsaboutapplication behavior,notificationofstatechangesanderroneousbehaviors.Dataisdeliveredtocentralized monitoringconsole. AccessManager7.1usestheJavaESMonitoringFrameworktocapturestatisticsand service-relateddatasuchasthefollowing: ■ Numberofattempted,successful,andfailedauthentications ■ Policycachingstatistics ■ Policyev
Streszczenie treści zawartej na stronie nr. 8
What’sNewinThisRelease ■ Numberofsuccessfulauthentications ■ Numberoffailedauthentications ■ Numberofsuccessfullogoutoperations ■ Numberoffailedlogoutoperations ■ Transactiontimeforeachmoduleifpossible(runningandwaitingstates) 2. Sessions ■ Sizeofthesessiontable(hencemaximumnumberofsessions) ■ Numberofactivesessions(incrementalcounter) 3. ProfileService ■ Maximumcachesize ■ Transactiontimeforoperations(runningandwaiting) 4. Policy ■ Policyevaluationinandoutrequests ■ Policyconnectionpoolstatisti
Streszczenie treści zawartej na stronie nr. 9
What’sNewinThisRelease ■ AnewpolicyconditionAuthenticateToRealmConditionadded,toenforcetheuseris authenticatedtoaspecificrealm. ■ AnewpolicyconditionLDAPFilterConditionisadded,toenforcetheusermatchesthe specifiedldapfilter. ■ Supportforonelevelwildcardcomparetofacilitateprotectingthecontentsofthedirectory withoutprotectingsub-directory. ■ Policiescanbecreatedinsubrealmswithoutexplicitreferralpoliciesfromparentrealmif organizationaliasreferralisenabledinglobalpolicyconfiguration. ■ AuthLevelCondi
Streszczenie treści zawartej na stronie nr. 10
HardwareandSoftwareRequirements ■ SupportJCEBasedSecureLogHelper-makingitpossibletouseJCE(inadditiontoJSS)as asecurityproviderforSecureLoggingimplementation DeprecationNotificationandAnnouncement SunJava(TM)SystemAccessManager7.1identitymanagementAPIsandXMLtemplates enablesystemadministratorstocreate,delete,andmanageidentityentriesinSunJavaSystem DirectoryServer.AccessManageralsoprovidesAPIsforidentitymanagement.Developersuse thepublicinterfacesandclassesdefinedinthecom.iplanet.am.sdkpackagetoin
Streszczenie treści zawartej na stronie nr. 11
HardwareandSoftwareRequirements TABLE2 HardwareandSoftwareRequirements Component Requirement TM ■ Operatingsystem(OS) Solaris 10onSPARC,x86,andx64based systems,includingsupportforwholerootlocal andsparserootzones. ■ Solaris9onSPARCandx86basedsystems. TM ■ RedHat EnterpriseLinux3and4,allupdates AdvancedServer(32and64–bitversions)and EnterpriseServer(32and64–bitversions) ■ Windows Windows2000AdvancedServer,DataCenter ServerversionSP4onx86 Windows2003Standard(32and64–bitversions), Enterprise(32and6
Streszczenie treści zawartej na stronie nr. 12
HardwareandSoftwareRequirements TABLE2 HardwareandSoftwareRequirements (Continued) Component Requirement Webcontainers SunJavaSystemWebServer7.0Onsupported platform/OScombinationsyoumayelecttorunthe WebServerinstanceina64bitJVM.Support platforms:Solaris9/SPARC,Solaris10/SPARC,Solaris 10/AMD64,RedHatASorES3.0/AMD64,RedHat ASorES4.0/AMD64 SunJavaSystemApplicationServerEnterprise Edition8.2 BEAWebLogic8.1SP4 IBMWebSphereApplicationServer5.1.1.6 RAM Basictesting:512Mbytes Actualdeployment:1Gbytefort
Streszczenie treści zawartej na stronie nr. 13
GeneralCompatibilityInformation TABLE3 SupportedBrowsers (Continued) Browser Platform TM Mozilla 1.7.12 SolarisOS,versions9and10 WindowsXP Windows2000 RedHatLinux3and4 MacOSX TM Netscape Communicator8.0.4 WindowsXP Windows2000 NetscapeCommunicator7.1 SolarisOS,versions9and10 GeneralCompatibilityInformation ■ “AMSDKintersystemincompatibilitywithAccessManagerserver”onpage13 ■ “UpgradenotsupportedforAccessManagerHPUXversion”onpage13 ■ “AccessManagerLegacyMode”onpage14 ■ “AccessManagerPolicyAgents”o
Streszczenie treści zawartej na stronie nr. 14
GeneralCompatibilityInformation AccessManagerLegacyMode IfyouareinstallingAccessManagerwithanyofthefollowingproducts,youmustselectthe AccessManagerLegacy(6.x)mode: ■ SunJavaSystemPortalServer ■ SunJavaSystemCommunicationsServicesservers,includingMessagingServer,Calendar Server,InstantMessaging,orDelegatedAdministrator YouselecttheAccessManagerLegacy(6.x)mode,dependingonhowyouarerunningtheJava ESinstaller: ■ “JavaESSilentInstallationUsingaStateFile”onpage14 ■ ““ConfigureNow”InstallationOptioninGr
Streszczenie treści zawartej na stronie nr. 15
GeneralCompatibilityInformation “ConfigureLater”InstallationOption IfyourantheJavaESInstallerwiththe“ConfigureLater“option,youmustruntheamconfig scripttoconfigureAccessManagerafterinstallation.ToselectLegacy(6.x)mode,setthe followingparameterinyourconfigurationscriptinputfile(amsamplesilent): ... AM_REALM=disabled ... FormoreinformationaboutconfiguringAccessManagerbyrunningtheamconfigscript,refer totheSunJavaSystemAccessManager7.1AdministrationGuide. DeterminingtheAccessManagerMode Todeterminewh
Streszczenie treści zawartej na stronie nr. 16
KnownIssuesandLimitations KnownIssuesandLimitations Thissectiondescribesthefollowingknownissuesandworkarounds,ifavailable,atthetimeof theAccessManager7.1release. ■ “InstallationIssues”onpage16 ■ “UpgradeIssues”onpage16 ■ “CompatibilityIssues”onpage16 ■ “ConfigurationIssues”onpage19 ■ “AccessManagerConsoleIssues”onpage21 ■ “CommandLineIssue”onpage22 ■ “SDKandClientIssues”onpage23 ■ “AuthenticationIssues”onpage23 ■ “SessionandSSOIssues”onpage25 ■ “PolicyIssues”onpage26 ■ “ServerStartupIssues”onpag
Streszczenie treści zawartej na stronie nr. 17
KnownIssuesandLimitations ■ “Incompatibilitiesexistincoreauthenticationmoduleforlegacymode(6305840)”onpage 18 ■ “DelegatedAdministratorcommadminutilitydoesnotcreateauser(6294603)”onpage18 ■ “DelegatedAdministratorcommadminutilitydoesnotcreateanorganization(6292104)” onpage18 AccessManagerSingleSign-OnfailsonUniversalWebClient(6367058, 6429573) TheproblemoccursafteryouinstallAccessManager,MessagingServer,andCalendarServer andconfigurethemtoworktogether,andtheninstalltheJES5120955-01patch.Theuser
Streszczenie treści zawartej na stronie nr. 18
KnownIssuesandLimitations Incompatibilitiesexistincoreauthenticationmoduleforlegacymode (6305840) AccessManager7.1legacymodehasthefollowingincompatibilitiesinthecoreauthentication modulefromAccessManager62005Q1: ■ OrganizationAuthenticationModulesareremovedinlegacymode. ■ Thepresentationofthe“AdministratorAuthenticationConfiguration”and“Organization AuthenticationConfiguration”haschanged.IntheAccessManager7.1Console,the drop-downlisthasldapServiceselectedbydefault.IntheAccessManager62005Q1 Conso
Streszczenie treści zawartej na stronie nr. 19
KnownIssuesandLimitations ConfigurationIssues ■ “NotificationURLneedstobeupdatedforAccessManagerSDKinstallationwithoutweb container(6491977)”onpage19 ■ “PasswordResetservicereportsnotificationerrorswhenapasswordischanged(6455079)” onpage19 ■ “PlatformserverlistandFQDNaliasattributearenotupdated(6309259,6308649)”onpage 20 ■ “Datavalidationforrequiredattributesintheservices(6308653)”onpage20 ■ “DocumentworkaroundfordeploymentonasecureWebLogic8.1instance(6295863)” onpage20 ■ “Theamconfigscriptdoesn
Streszczenie treści zawartej na stronie nr. 20
KnownIssuesandLimitations PlatformserverlistandFQDNaliasattributearenotupdated (6309259,6308649) Inamultipleserverdeployment,theplatformserverlistandFQDNaliasattributearenot updatedifyouinstallAccessManageronthesecond(andsubsequent)servers. Workaround:AddtheRealm/DNSaliasesandplatformserverlistentriesmanually.Forthe steps,seethesection“AddingAdditionalInstancestothePlatformServerListandRealm/DNS Aliases”inSunJavaSystemAccessManager7.1PostinstallationGuide. Datavalidationforrequiredattributesinth
