Resumo do conteúdo contido na página número 1
SunJavaSystemAccessManager
7.1ReleaseNotes
SunMicrosystems,Inc.
4150NetworkCircle
SantaClara,CA95054
U.S.A.
PartNo:819–4683–10
March2007����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Resumo do conteúdo contido na página número 2
Copyright2007SunMicrosystems,Inc. 4150NetworkCircle,SantaClara,CA95054U.S.A. Allrightsreserved. SunMicrosystems,Inc.hasintellectualpropertyrightsrelatingtotechnologyembodiedintheproductthatisdescribedinthisdocument.Inparticular,andwithout limitation,theseintellectualpropertyrightsmayincludeoneormoreU.S.patentsorpendingpatentapplicationsintheU.S.andinothercountries. U.S.GovernmentRights–Commercialsoftware.GovernmentusersaresubjecttotheSunMicrosystems,Inc.standardlicenseagreementandapplicableprovi
Resumo do conteúdo contido na página número 3
Contents SunJavaSystemAccessManager7.1ReleaseNotes .......................................................................5 RevisionHistory .....................................................................................................................................6 AboutSunJavaSystemAccessManager7.1........................................................................................6 What’sNewinThisRelease ..............................................................................
Resumo do conteúdo contido na página número 4
Contents AMSDKIssues..............................................................................................................................27 SSLIssue ........................................................................................................................................28 SamplesIssue ................................................................................................................................29 LinuxOSIssues .............................................
Resumo do conteúdo contido na página número 5
SunJavaSystem AccessManager7.1ReleaseNotes March2007 PartNumber819-4683-10 TM TheSunJava SystemAccessManager7.1ReleaseNotescontainimportantinformation availablefortheSunJavaEnterpriseSystem(JavaES)release,includingnewAccessManager featuresandknownissueswithworkarounds,ifavailable.Readthisdocumentbeforeyou installandusethisrelease. ToviewtheJavaESproductdocumentation,includingtheAccessManagercollection,see http://docs.sun.com/prod/entsys.05q4. Checkthissitepriortoinstallingandsettingupyoursoftwar
Resumo do conteúdo contido na página número 6
RevisionHistory RevisionHistory ThefollowingtableshowstheAccessManager7.1ReleaseNotesrevisionhistory. TABLE1 RevisionHistory Date DescriptionofChanges July2006 Betarelease. March2007 JavaEnterpriseSystem5release AboutSunJavaSystemAccessManager7.1 SunJavaSystemAccessManagerispartoftheSunIdentityManagementinfrastructurethat allowsanorganizationtomanagesecureaccesstoWebapplicationsandotherresourcesboth withinanenterpriseandacrossbusiness-to-business(B2B)valuechains. AccessManagerprovidesthesemainfu
Resumo do conteúdo contido na página número 7
What’sNewinThisRelease devices,applications,andservice-drivennetworks.TypicalusesoftheJMXtechnologyinclude: consultingandchangingapplicationconfiguration,accumulatingstatisticsaboutapplication behavior,notificationofstatechangesanderroneousbehaviors.Dataisdeliveredtocentralized monitoringconsole. AccessManager7.1usestheJavaESMonitoringFrameworktocapturestatisticsand service-relateddatasuchasthefollowing: ■ Numberofattempted,successful,andfailedauthentications ■ Policycachingstatistics ■ Policyev
Resumo do conteúdo contido na página número 8
What’sNewinThisRelease ■ Numberofsuccessfulauthentications ■ Numberoffailedauthentications ■ Numberofsuccessfullogoutoperations ■ Numberoffailedlogoutoperations ■ Transactiontimeforeachmoduleifpossible(runningandwaitingstates) 2. Sessions ■ Sizeofthesessiontable(hencemaximumnumberofsessions) ■ Numberofactivesessions(incrementalcounter) 3. ProfileService ■ Maximumcachesize ■ Transactiontimeforoperations(runningandwaiting) 4. Policy ■ Policyevaluationinandoutrequests ■ Policyconnectionpoolstatisti
Resumo do conteúdo contido na página número 9
What’sNewinThisRelease ■ AnewpolicyconditionAuthenticateToRealmConditionadded,toenforcetheuseris authenticatedtoaspecificrealm. ■ AnewpolicyconditionLDAPFilterConditionisadded,toenforcetheusermatchesthe specifiedldapfilter. ■ Supportforonelevelwildcardcomparetofacilitateprotectingthecontentsofthedirectory withoutprotectingsub-directory. ■ Policiescanbecreatedinsubrealmswithoutexplicitreferralpoliciesfromparentrealmif organizationaliasreferralisenabledinglobalpolicyconfiguration. ■ AuthLevelCondi
Resumo do conteúdo contido na página número 10
HardwareandSoftwareRequirements ■ SupportJCEBasedSecureLogHelper-makingitpossibletouseJCE(inadditiontoJSS)as asecurityproviderforSecureLoggingimplementation DeprecationNotificationandAnnouncement SunJava(TM)SystemAccessManager7.1identitymanagementAPIsandXMLtemplates enablesystemadministratorstocreate,delete,andmanageidentityentriesinSunJavaSystem DirectoryServer.AccessManageralsoprovidesAPIsforidentitymanagement.Developersuse thepublicinterfacesandclassesdefinedinthecom.iplanet.am.sdkpackagetoin
Resumo do conteúdo contido na página número 11
HardwareandSoftwareRequirements TABLE2 HardwareandSoftwareRequirements Component Requirement TM ■ Operatingsystem(OS) Solaris 10onSPARC,x86,andx64based systems,includingsupportforwholerootlocal andsparserootzones. ■ Solaris9onSPARCandx86basedsystems. TM ■ RedHat EnterpriseLinux3and4,allupdates AdvancedServer(32and64–bitversions)and EnterpriseServer(32and64–bitversions) ■ Windows Windows2000AdvancedServer,DataCenter ServerversionSP4onx86 Windows2003Standard(32and64–bitversions), Enterprise(32and6
Resumo do conteúdo contido na página número 12
HardwareandSoftwareRequirements TABLE2 HardwareandSoftwareRequirements (Continued) Component Requirement Webcontainers SunJavaSystemWebServer7.0Onsupported platform/OScombinationsyoumayelecttorunthe WebServerinstanceina64bitJVM.Support platforms:Solaris9/SPARC,Solaris10/SPARC,Solaris 10/AMD64,RedHatASorES3.0/AMD64,RedHat ASorES4.0/AMD64 SunJavaSystemApplicationServerEnterprise Edition8.2 BEAWebLogic8.1SP4 IBMWebSphereApplicationServer5.1.1.6 RAM Basictesting:512Mbytes Actualdeployment:1Gbytefort
Resumo do conteúdo contido na página número 13
GeneralCompatibilityInformation TABLE3 SupportedBrowsers (Continued) Browser Platform TM Mozilla 1.7.12 SolarisOS,versions9and10 WindowsXP Windows2000 RedHatLinux3and4 MacOSX TM Netscape Communicator8.0.4 WindowsXP Windows2000 NetscapeCommunicator7.1 SolarisOS,versions9and10 GeneralCompatibilityInformation ■ “AMSDKintersystemincompatibilitywithAccessManagerserver”onpage13 ■ “UpgradenotsupportedforAccessManagerHPUXversion”onpage13 ■ “AccessManagerLegacyMode”onpage14 ■ “AccessManagerPolicyAgents”o
Resumo do conteúdo contido na página número 14
GeneralCompatibilityInformation AccessManagerLegacyMode IfyouareinstallingAccessManagerwithanyofthefollowingproducts,youmustselectthe AccessManagerLegacy(6.x)mode: ■ SunJavaSystemPortalServer ■ SunJavaSystemCommunicationsServicesservers,includingMessagingServer,Calendar Server,InstantMessaging,orDelegatedAdministrator YouselecttheAccessManagerLegacy(6.x)mode,dependingonhowyouarerunningtheJava ESinstaller: ■ “JavaESSilentInstallationUsingaStateFile”onpage14 ■ ““ConfigureNow”InstallationOptioninGr
Resumo do conteúdo contido na página número 15
GeneralCompatibilityInformation “ConfigureLater”InstallationOption IfyourantheJavaESInstallerwiththe“ConfigureLater“option,youmustruntheamconfig scripttoconfigureAccessManagerafterinstallation.ToselectLegacy(6.x)mode,setthe followingparameterinyourconfigurationscriptinputfile(amsamplesilent): ... AM_REALM=disabled ... FormoreinformationaboutconfiguringAccessManagerbyrunningtheamconfigscript,refer totheSunJavaSystemAccessManager7.1AdministrationGuide. DeterminingtheAccessManagerMode Todeterminewh
Resumo do conteúdo contido na página número 16
KnownIssuesandLimitations KnownIssuesandLimitations Thissectiondescribesthefollowingknownissuesandworkarounds,ifavailable,atthetimeof theAccessManager7.1release. ■ “InstallationIssues”onpage16 ■ “UpgradeIssues”onpage16 ■ “CompatibilityIssues”onpage16 ■ “ConfigurationIssues”onpage19 ■ “AccessManagerConsoleIssues”onpage21 ■ “CommandLineIssue”onpage22 ■ “SDKandClientIssues”onpage23 ■ “AuthenticationIssues”onpage23 ■ “SessionandSSOIssues”onpage25 ■ “PolicyIssues”onpage26 ■ “ServerStartupIssues”onpag
Resumo do conteúdo contido na página número 17
KnownIssuesandLimitations ■ “Incompatibilitiesexistincoreauthenticationmoduleforlegacymode(6305840)”onpage 18 ■ “DelegatedAdministratorcommadminutilitydoesnotcreateauser(6294603)”onpage18 ■ “DelegatedAdministratorcommadminutilitydoesnotcreateanorganization(6292104)” onpage18 AccessManagerSingleSign-OnfailsonUniversalWebClient(6367058, 6429573) TheproblemoccursafteryouinstallAccessManager,MessagingServer,andCalendarServer andconfigurethemtoworktogether,andtheninstalltheJES5120955-01patch.Theuser
Resumo do conteúdo contido na página número 18
KnownIssuesandLimitations Incompatibilitiesexistincoreauthenticationmoduleforlegacymode (6305840) AccessManager7.1legacymodehasthefollowingincompatibilitiesinthecoreauthentication modulefromAccessManager62005Q1: ■ OrganizationAuthenticationModulesareremovedinlegacymode. ■ Thepresentationofthe“AdministratorAuthenticationConfiguration”and“Organization AuthenticationConfiguration”haschanged.IntheAccessManager7.1Console,the drop-downlisthasldapServiceselectedbydefault.IntheAccessManager62005Q1 Conso
Resumo do conteúdo contido na página número 19
KnownIssuesandLimitations ConfigurationIssues ■ “NotificationURLneedstobeupdatedforAccessManagerSDKinstallationwithoutweb container(6491977)”onpage19 ■ “PasswordResetservicereportsnotificationerrorswhenapasswordischanged(6455079)” onpage19 ■ “PlatformserverlistandFQDNaliasattributearenotupdated(6309259,6308649)”onpage 20 ■ “Datavalidationforrequiredattributesintheservices(6308653)”onpage20 ■ “DocumentworkaroundfordeploymentonasecureWebLogic8.1instance(6295863)” onpage20 ■ “Theamconfigscriptdoesn
Resumo do conteúdo contido na página número 20
KnownIssuesandLimitations PlatformserverlistandFQDNaliasattributearenotupdated (6309259,6308649) Inamultipleserverdeployment,theplatformserverlistandFQDNaliasattributearenot updatedifyouinstallAccessManageronthesecond(andsubsequent)servers. Workaround:AddtheRealm/DNSaliasesandplatformserverlistentriesmanually.Forthe steps,seethesection“AddingAdditionalInstancestothePlatformServerListandRealm/DNS Aliases”inSunJavaSystemAccessManager7.1PostinstallationGuide. Datavalidationforrequiredattributesinth
