Sun Java System Access Manager 2005Q4
Sample
 

Main Page
 

SECTION 1 - Identity Management using Access Manager SDK

SECTION 2 - Password Management using Access Manager SDK
 

SECTION 1

SDK Sample File

The sample files are created to help you understand the SDK part. It helps to understand how creating the organizations, users, roles, and adding services work.
 

Build the samples by executing gmake in the <install-root>/samples/um directory. Then follow the instructions given below to access the sample servlet.

copy am_tests.jar from <install-root>/samples/um    to <install-root>/web-src/services/WEB-INF/lib 

edit the file <install-root>/web-src/services/WEB-INF/web.xml and add the below lines

<servlet>
         <servlet-name>sdksample</servlet-name>
         <servlet-class>com.iplanet.am.samples.sdk.SDKSampleServlet</servlet-class>
</servlet>
 

<servlet-mapping>
       <servlet-name>sdksample</servlet-name>
       <url-pattern>/sdksample</url-pattern>
</servlet-mapping>

redeploy services war file by executing the appropriate install script depending
upon the web container on which these samples are deployed. 

for eg. if samples are deployed on 

1) Sun(tm) ONE App Server7.0, run amas70config
2) Sun(tm) ONE Web Server, run amws61config

script found under <install-root>/bin.

edit the sample silent file used to run the install scripts.
Look for the deploy level for 'uninstall server' and set the DEPLOY_LEVEL to that number to 
uninstall server first.Value is 16.
Look for the deploy level for 'server only install' and set the DEPLOY_LEVEL to that number to 
install server next.Value is 6.
 

Restart web container/server.
For iWS :
/<WebServer-install-dir>/https-<WS-instance-name>/start.
For Appserver :
/<AppServer-install-dir>/domains/domain1/server1/bin/start.

Login into Access Manager 2005Q4 product . This will help in getting SSOToken for that session. And now access the samples URL i.e. 

http://<host>:<port>/amserver/sdksample

The URL will take you to a new page where you can create Organizations, roles and users. There are lot of limitations of using these samples but a good way to start working on Access Manager 2005Q4 SDK.

Note: the above steps to access the sdksample applies to Sun Java System Webserver if you are using other web containers you need to do similar operations based on the web container.

One of the assumptions: While creating roles, users and organizations, please mention the distinguished name, DN for the organization. 

These samples can be executed through command line. The DNs for organization and user and role name are hard-coded that can be changed according to one's DIT and convenience. Also, please provide the credentials in the sample files ( SampleUserOperations.java, SampleRoleOperations.java and SampleOrgOperations.java) to authenticate as per your DIT. 

In RunSamples, SampleOrgOperations is defined that creates the organization, gets the registered services, and adds the services. Similarly, SampleUserOperations and SampleRoleOperations can also be defined there and can be used for their respective purposes. 

You need to be a super user to run RunSamples to access AMConfig.properties

Solaris:

  1. Set these variables in the "Makefile" and "RunSamples"
    • AM_HOME - Set this to refer to <install-root> 
    • JAVA_HOME - Set this variable to your installation of JDK. The JDK should be JDK 1.4.1 or newer. 
  2. LD_LIBRARY_PATH as per your install 
  3. Compile the sample program, do "gmake" 
  4. Modify  'RunSamples' file to include the 'am_tests.jar' in the classpath. 
  5. Modify 'RunSamples' file to include the 'mail.jar' to the jar_path(JAXP_JARS) to avoid 'javax/mail/MessagingException' while creating user.  JAXP_JARS=${JAXP_HOME}/jaxp-api.jar:${JAXP_HOME}/xalan.jar:${JAXP_HOME}/xercesIm

  6.   pl.jar:${JAXP_HOME}/sax.jar:${JAXP_HOME}/dom.jar:${JAXP_HOME}/mail.jar
  7. Make RunSamples executable: chmod +x RunSamples
  8. To run the sample program, do "./RunSamples" 

Windows2000:

  1. Set these variables in the "make.bat"
    • BASE - Set this to refer to <install-root>
    • JAVA_HOME - Set this variable to your installation of JDK. The JDK should be JDK 1.4.1 or newer. 
  2. LD_LIBRARY_PATH as per your install 
  3. Compile the sample program, do "make" 
  4. Include 'am_tests.jar' in the classpath.
  5. Include 'mail.jar' in the classpath.
  6. To run the sample program , do "make run"

SECTION 2

This section talks about how to implement the AMUserPasswordValidation class.
Step -1 - Implement the class.
          Public class SampleAMUserPasswordValidation extends AMUserPasswordValidation {

                public void validateUserID(java.lang.String userID) throws AMException {

                         //Put your UserId validation logic
                } 

                public void validatePassword(java.lang.String password) throws AMException {

                        //Put your password validation logic

                }

           }

Step -2 - Compile the class using the Makefile in the sample directory and create the 
    MyPassword.jar. Copy this jar into <IS_INSTALL_DIR>/SUNWam/lib. Put this jar in 
    the classpath of the web/app server container.

Step -3 - Configure this Implementation class in the Access Manager console.
        Login to Access Manager console,
        Case -A - If you want to enable this class for every organization,
                  Select Services tab on the Access Manager console. Select the "Administration" service 
                  and goto attribute "UserID & Password Validation Plugin Class:". Put this class name
                  MyPassword(with package name, if any) into this field. And save it.
        Case -B - If you want to enable this class for particular organization, say o=sun
                  Select organization "sun". Select services from the drop down list box on the left frame.
                  Check if the "Administration" service is registered for this org or not. If not registered then register
                  and create template for it. Then goto attribute "UserID & Password Validation Plugin Class:".
                  Put this class name MyPassword(with package name, if any) into this field. And save it.
Step -4 - Re-start the server and that's it.