my dog learned polymorphism*
The moose likes Security and the fly likes Authentication using Sun Access Manager 7 and webmethods portal Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Authentication using Sun Access Manager 7 and webmethods portal" Watch "Authentication using Sun Access Manager 7 and webmethods portal" New topic
Author

Authentication using Sun Access Manager 7 and webmethods portal

ben thompson
Greenhorn

Joined: Oct 18, 2006
Posts: 3
Hi,

I'm trying to figure out how to use Sun Access Manager 7 (realms, policies). I deployed a web app on a webMethods server and I want to control access to the resources inside the web application.

I'm able to authenticate a user programmatically using the AuthContext class but I'm thinking this could be done automatically. I thought that the answer would be found in the policy agents, but they only exist for other servers (weblogic, websphere, etc).

Also, if I access my server like this: http://localhost/MyApp/login.jsp, what would MyApp be inside the Access Manager Console? A realm, a policy?

Any help would be appreciated, thanks!
raj sekar
Ranch Hand

Joined: Mar 11, 2002
Posts: 79
Hi Bob,
There are two types of Sun Policy Agent.

1. URL Policy Agent (URL based)
2. J2EE Policy Agent (Realm based)

You can install URL Policy Agent on any supported web server and deploy the application on Web Methods.

Hope this helps,

Thanks,
Raj


Thanks,
RajN - (SCJP,SCWCD,SCBCD,SCSA,IBM XML 142 )
http://www.geocities.com/n_rajasekar/index.html
You do what you love, love what you do and always deliver more than you promise
ben thompson
Greenhorn

Joined: Oct 18, 2006
Posts: 3
Originally posted by raj sekar:

1. URL Policy Agent (URL based)
You can install URL Policy Agent on any supported web server and deploy the application on Web Methods.

Raj


Hi Raj,

Still a bit confused because I can't find a URL policy agent.

If you look at the agents on http://www.sun.com/download/index.jsp?cat=Identity%20Management&tab=3, those are J2EE Policy agents, right?

Other documentation I have found makes me think the URL policy agent is in the Sun Access Manager Console, under Policies (which I then have to define), would that be right?

Thanks.
raj sekar
Ranch Hand

Joined: Mar 11, 2002
Posts: 79
Hi Ben,
Check the sun docs on URL Agent (Web Agent) and J2ee Agent.

http://docs.sun.com/app/docs/doc/819-2143

Thanks,
Raj
raj sekar
Ranch Hand

Joined: Mar 11, 2002
Posts: 79
http://docs.sun.com/app/docs/doc/819-2143/6n4f0tger?a=view

Web Agents

Web agents control access to content on web servers and proxy servers. The content that web agents can protect include a multitude of services and web resources based on policies configured by an administrator. When a user points a browser to a URL deployed on a protected web or proxy server, the agent intercepts the request and validates the user�s session token, if any exists. If the token�s authentication level is insufficient (or none exists), the appropriate Authentication Service is called for a login page, prompting the user for (further) authentication. The Authentication Service verifies that the user credentials are valid. For example, the LDAP service verifies that the user name and password are stored in an LDAP v3 compliant directory server, such as Sun Java System Directory Server. After the user�s credentials are properly authenticated, the agent examines all the roles and groups (which contain the policies) assigned to the user. Based on the aggregate of all policies assigned to the user, the individual is either allowed or denied access to the URL.
J2EE Agents

Access Manager provides agents for protecting J2EE applications in a variety of deployment containers, such as application and portal servers.

A J2EE policy agent can be installed for protecting a variety of hosted J2EE applications, which might require a varying set of security policy implementation. The security infrastructure of J2EE provides declarative as well as programmatic security that are platform-independent and are supported by all the J2EE-compliant servers. For details on how to use J2EE platform declarative as well as programmatic security, refer to J2EE documentation at http://java.sun.com/j2ee.

The agent helps enable role-to-principal mapping for protected J2EE applications with Access Manager principals. Therefore, at runtime, when a J2EE policy is evaluated, the evaluation is against the information available in Access Manager. Using this functionality, you can configure hosted J2EE applications so that they are protected by the J2EE agent, which provides real security services and other key features such as single sign-on. Apart from enabling J2EE security for hosted applications, J2EE agents also provide complete support for Access Manager based URL policies for enforcing access control over web resources hosted in deployment containers, such as an application servers.

While web agents and J2EE agents both work with Access Manager to implement authentication and authorization processes, the design of the J2EE agents allows them to also enforce J2EE security. The J2EE agents are generally comprised of two components (although this is partially subject to the interfaces exposed and supported by the deployment container): an agent filter for authentication and an agent realm for authorization.
ben thompson
Greenhorn

Joined: Oct 18, 2006
Posts: 3
Ok, I just can't see how to tie it up with WebMethods. Every download of the "Sun Java System Access Manager Policy Agent 2.2" is for a specific server and, again, I can't see which one to use or how to use it with WebMethods.

Thanks
raj sekar
Ranch Hand

Joined: Mar 11, 2002
Posts: 79
Hi Bob,
Check with Sun Support team. They will esculate the issue to engineering to create a Policy Agent for Web Methods.

Other options is to use the Policy Agent jar files and create a custom Policy Agent for web methods. You need understand how the policy agent works.

I have done some customization to the oracle policy agent 2.1.

Thanks,
Raj
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Authentication using Sun Access Manager 7 and webmethods portal
 
Similar Threads
Why can't not been run two broswers at the same time in Tomcat server
problem in Struts2 while running an application
message-resources reload
page cannot be displayed error
Getting root of my application?