Sun Java System Access Manager 2005Q1 
Sample 
 
Main Page

Authentication PostProcessing SPI Sample : ISAuthPostProcessSample

This file explains how to compile , deploy and configure the Authentication Post Processing SPI Sample.

PRODUCT_DIR setting on different Platforms:

  • Solaris Sparc/x86 : PRODUCT_DIR = <install_root>/SUNWam

  • Linux             : PRODUCT_DIR = <install_root>/sun/identity

Steps to compile the ISAuthPostProcessSample Sample program on Solaris Sparc/x86, Linux 

Follow the steps given below to compile the sample found under <PRODUCT_DIR>/samples/authentication/spi/postprocess .
 
  • Set the following environment variables. These variables will be used to run the gmake command. You can also set these variables in the Makefile. This Makefile is in <PRODUCT_DIR>/samples/authentication/spi/postprocess.
    • JAVA_HOME

    • Set this variable to your installation of JDK. The JDK should be version 1.3.1_06 or higher.
       
    • CLASSPATH

    • Set this variable to refer to am_services.jar which can be found in the <PRODUCT_DIR>/lib directory. (Note: Include jaas.jar in your classpath if you are using JDK version less than JDK1.4)
       
    • BASE_DIR

    • Set this variable to the directory where the Access Manager is installed.
       
    • BASE_CLASS_DIR

    • Set this variable to the directory where all the Sample compiled classes are located.
       
    • JAR_DIR

    • Set this variable to the directory where the JAR files of the Sample compiled classes will be created. 
  • Go to the <PRODUCT_DIR>/samples/authentication/spi/postprocess directory and run gmake. 
  • Steps to "deploy" the ISAuthPostProcess Sample program

    • Copy ISAuthPostProcess.jar from JAR_DIR to <PRODUCT_DIR>/lib. 
    • Update Web Container configuration file "server.xml" to add ISAuthPostProcessSample.jar to the classpath. "server.xml" file for different web containers can be found at:

    •  WebServer   -  /<WS-home-dir>/https-<WS-instance-name>/config/
    •  AppServer - /<AS-home-dir>/domain/domain1/server1/config/
          For all other web containers consult their documentation. 

      • Restart web container. 
    • WebServer - /<WS-home-dir>/https-<WS-instance-name>/restart
    • Application Server - /<AS-install-dir>/<domains>/<domain name>/<server instance>/bin/restartserv  (eg. /<AS-home-dir>/domains/domain1/server1/bin/restartserv)
    • For all other web containers consult their documentation. 

    Steps to configure Authentication Post Processing SPI:

          The Authentication PostProcessing Sample can be configured at the Organization,Service or 
           Role level. 
           Configuring ISAuthPostProcess Sample for Organization :
    • Log in to Access Manager console as amAdmin to http://<host>.<domain>:<port>/<Console-Deploy-URI>
    • Select the "Identity Management" tab view and select your organization. 
    • Select "Services" from the "View" menu. 
    • Click on "Core" in the navigation frame under "Authentication". 
    • Add "com.iplanet.am.samples.authentication.spi.postprocess.ISAuthPostProcessSample" to "Authentication PostProcessing Class" attribute 
    • Click on "Save" to save the changes. 
    • Log out 
    • Enter URL http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login(If you choose to use an organization other than the default, please specify that in the URL using the 'org' parameter.) 
    • The postprocessing SPI will get executed on successful authentication, failed authentication and on  Logout. 
    Configuring ISAuthPostProcess Sample for Service:
      • Log in to Access Manager console as amAdmin to http://<host>.<domain>:<port>/<Console-Deploy-URI>
      • Select the "Identity Management" tab view and select your organization. Select "Services" from the "View" menu. 
      • Select Authentication Configuration 
      • Select "New Instance" from the Service Instance frame displayed on the right. 
      • Define service name. 
      • Add "com.iplanet.am.samples.authentication.spi.postprocess.ISAuthPostProcessSample" to "Authentication PostProcessing Class" attribute. 
      • Click on "Submit" to save the changes. 
      • Select Service Name and defined the Authentication Configuration for the new service. 
      • Log out 
      • Enter URL http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login?service=<servicename> (If you choose to use an organization other than the default, please specify that in the URL using the "org" parameter.) 
      • The postprocessing SPI will get executed on successful authentication,failed authentication and on Logout for the service accessed. 
    Configuring ISAuthPostProcess Sample for Role:
      • Log in to Access Manager console as amAdmin to http://<host>.<domain>:<port>/<Console-Deploy-URI>
      • Select the "Identity Management" tab view and select your organization. Select "Roles" from the "View" menu. 
      • Select Role and View Properties for the Role. 
      • Select Services from the Role "View" Menu. 
      • Select "Edit" to edit Authentication Configuration 
      • Add "com.iplanet.am.samples.authentication.spi.postprocess.ISAuthPostProcessSample" to "Authentication PostProcessing Class" attribute. 
      • Click on "Submit" to save the changes. 
      • Log out 
      • Enter URL http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login?role=roleName

      • (If you choose to use an organization other than the default, please specify that in the URL using the "org" parameter.) 
      • The postprocessing SPI will get executed on successful authentication,failed authentication and on Logout for the service accessed. 
      • Log out

    On Windows2000

    Steps to compile the ISAuthPostProcessSample program on Windows2000

      • Go to the <install-root>\samples\authentication\spi\postprocess directory and run make. 

    Steps to deploy the ISAuthPostProcessSample Sample program

    • Copy ISAuthPostProcess.jar from JAR_DIR to <install-root>\lib
    • Update classpath with  ISAuthPostProcess.jar  in the Web Container  from which this sample has to run.
    • Restart Access Manager ("<install-root>\bin\amserver start). 

    Steps to configure Authentication Post Processing SPI:

    This sample can be can be set in the Core Auth Service for Organization and  Authentication Configuration Service for Role OR Service. 

    Refer to this in the "Solaris"  section in this document.