[jboss-user] [Security & JAAS/JBoss] - Jboss Sun Access Manager Policy Agent
cristi.ciuc
do-not-reply at jboss.com
Mon Jan 15 05:41:16 EST 2007
Hi,
I have installed SAM (together with S1DS, Web Server and Administration Server (from JES installer)).
I have installed and configured Policy Agent 2.2 for JBoss AS (using 4.0.5), but i'm getting a browser "Redirect loop" (Redirection limit for this URL exceeded. Unable to load the requested page. This may be caused by cookies that are blocked.) error after I login with a correct user/password combination when I try to access the sample application.
My browser accepts cookies from all domains.
My AMAgent.properties looks like this:
com.sun.identity.agents.config.user.mapping.mode = USER_ID
| com.sun.identity.agents.config.user.attribute.name = employeenumber
| com.sun.identity.agents.config.user.principal = false
| com.sun.identity.agents.config.user.token = UserToken
|
| com.sun.identity.agents.config.client.ip.header =
| com.sun.identity.agents.config.client.hostname.header =
|
| com.sun.identity.agents.config.load.interval = 0
|
| com.sun.identity.agents.config.locale.language = en
| com.sun.identity.agents.config.locale.country = US
|
| com.sun.identity.agents.config.organization.name = /
|
| com.sun.identity.agents.config.audit.accesstype = LOG_BOTH
| com.sun.identity.agents.config.log.disposition = ALL
| com.sun.identity.agents.config.remote.logfile = amAgent_11_126_14_20_8080.log
| com.sun.identity.agents.config.local.logfile = /home/ciuc/stuff/src/j2ee_agents/am_jboss_agent/agent_001/logs/audit/amAgent_11_126_14_20_8080.log
| com.sun.identity.agents.config.local.log.rotate = false
| com.sun.identity.agents.config.local.log.size = 52428800
|
| com.sun.identity.agents.config.webservice.enable = false
| com.sun.identity.agents.config.webservice.endpoint[0] =
| com.sun.identity.agents.config.webservice.process.get.enable = true
| com.sun.identity.agents.config.webservice.authenticator =
| com.sun.identity.agents.config.webservice.internalerror.content = WSInternalErrorContent.txt
| com.sun.identity.agents.config.webservice.autherror.content = WSAuthErrorContent.txt
|
| com.sun.identity.agents.config.access.denied.uri =
|
| com.sun.identity.agents.config.login.form[0] =
| com.sun.identity.agents.config.login.error.uri[0] =
| com.sun.identity.agents.config.login.use.internal = true
| com.sun.identity.agents.config.login.content.file = FormLoginContent.txt
|
| com.sun.identity.agents.config.auth.handler[] =
| com.sun.identity.agents.config.logout.handler[] =
| com.sun.identity.agents.config.verification.handler[] =
|
| com.sun.identity.agents.config.redirect.param = goto
|
| com.sun.identity.agents.config.login.url[0] = http://sam.domain:80/amserver/UI/Login
|
| com.sun.identity.agents.config.login.url.prioritized = true
|
| com.sun.identity.agents.config.agent.host =
| com.sun.identity.agents.config.agent.port =
| com.sun.identity.agents.config.agent.protocol =
|
| com.sun.identity.agents.config.login.attempt.limit = 0
|
| com.sun.identity.agents.config.sso.decode = true
|
| com.sun.identity.agents.config.amsso.cache.enable = true
|
| com.sun.identity.agents.config.cookie.reset.enable = false
| com.sun.identity.agents.config.cookie.reset.name[0] =
| com.sun.identity.agents.config.cookie.reset.domain[] =
| com.sun.identity.agents.config.cookie.reset.path[] =
|
| com.sun.identity.agents.config.cdsso.enable = false
| com.sun.identity.agents.config.cdsso.redirect.uri = /agentapp/sunwCDSSORedirectURI
| com.sun.identity.agents.config.cdsso.cdcservlet.url[0] = http://dm-test-win-1:80/amserver/cdcservlet
| com.sun.identity.agents.config.cdsso.clock.skew = 0
| com.sun.identity.agents.config.cdsso.trusted.id.provider[0] = http://dm-test-win-1:80/amserver/cdcservlet
|
| com.sun.identity.agents.config.logout.application.handler[] =
| com.sun.identity.agents.config.logout.uri[] =
| com.sun.identity.agents.config.logout.request.param[] =
| com.sun.identity.agents.config.logout.introspect.enabled = false
| com.sun.identity.agents.config.logout.entry.uri[] =
|
| com.sun.identity.agents.config.fqdn.check.enable = true
| com.sun.identity.agents.config.fqdn.default = jbossAS.domain
| com.sun.identity.agents.config.fqdn.mapping[] =
|
| com.sun.identity.agents.config.legacy.support.enable = false
| com.sun.identity.agents.config.legacy.user.agent[0] = Mozilla/4.7*
| com.sun.identity.agents.config.legacy.redirect.uri = /agentapp/sunwLegacySupportURI
|
| com.sun.identity.agents.config.response.header[] =
|
| com.sun.identity.agents.config.redirect.attempt.limit = 0
|
| com.sun.identity.agents.config.port.check.enable = false
| com.sun.identity.agents.config.port.check.file = PortCheckContent.txt
| com.sun.identity.agents.config.port.check.setting[8080] = http
|
| com.sun.identity.agents.config.notenforced.uri[0] = /agentsample/public/*
| com.sun.identity.agents.config.notenforced.uri[1] = /agentsample/images/*
| com.sun.identity.agents.config.notenforced.uri[2] = /agentsample/styles/*
| com.sun.identity.agents.config.notenforced.uri[3] = /agentsample/index.html
| com.sun.identity.agents.config.notenforced.uri[4] = /agentsample
| com.sun.identity.agents.config.notenforced.uri.invert = false
| com.sun.identity.agents.config.notenforced.uri.cache.enable = true
| com.sun.identity.agents.config.notenforced.uri.cache.size = 1000
|
| com.sun.identity.agents.config.notenforced.ip[0] =
| com.sun.identity.agents.config.notenforced.ip.invert = false
| com.sun.identity.agents.config.notenforced.ip.cache.enable = true
| com.sun.identity.agents.config.notenforced.ip.cache.size = 1000
|
| com.sun.identity.agents.config.attribute.cookie.separator = |
| com.sun.identity.agents.config.attribute.date.format = EEE, d MMM yyyy hh:mm:ss z
| com.sun.identity.agents.config.attribute.cookie.encode = true
|
| com.sun.identity.agents.config.profile.attribute.fetch.mode = NONE
| com.sun.identity.agents.config.profile.attribute.mapping[] =
|
| com.sun.identity.agents.config.session.attribute.fetch.mode = NONE
| com.sun.identity.agents.config.session.attribute.mapping[] =
|
| com.sun.identity.agents.config.response.attribute.fetch.mode = NONE
| com.sun.identity.agents.config.response.attribute.mapping[] =
|
| com.sun.identity.agents.config.bypass.principal[0] =
|
| com.sun.identity.agents.config.default.privileged.attribute[0] = AUTHENTICATED_USERS
| com.sun.identity.agents.config.privileged.attribute.type[0] = Role
| com.sun.identity.agents.config.privileged.attribute.tolowercase[Role] = false
| com.sun.identity.agents.config.privileged.session.attribute[0] =
|
| com.sun.identity.agents.config.service.resolver = com.sun.identity.agents.jboss.v40.AmJBossAgentServiceResolver
|
| com.sun.identity.agents.app.username = amagent
| com.iplanet.am.service.secret = AQICJmGvlBWYuAYQndALuvNKiw==
|
| am.encryption.pwd = /mY/WidDT34aJtbcFS0pCKFEt6evPeTF
|
| com.sun.identity.client.encryptionKey= /mY/WidDT34aJtbcFS0pCKFEt6evPeTF
|
|
| com.iplanet.services.debug.level=error
| com.iplanet.services.debug.directory=/home/ciuc/stuff/src/j2ee_agents/am_jboss_agent/agent_001/logs/debug
|
| com.iplanet.am.cookie.name=iPlanetDirectoryPro
|
| com.iplanet.am.naming.url=http://sam.domain:80/amserver/namingservice
|
| com.iplanet.am.notification.url=http://jbossAS.domain:8080/agentapp/notification
| com.iplanet.am.session.client.polling.enable=false
| com.iplanet.am.session.client.polling.period=180
|
| com.iplanet.security.encryptor=com.iplanet.services.util.JCEEncryption
|
| com.iplanet.am.sdk.remote.pollingTime=1
|
| com.sun.identity.sm.cacheTime=1
|
| com.iplanet.am.localserver.protocol=http
| com.iplanet.am.localserver.host=jbossAS.domain
| com.iplanet.am.localserver.port=8080
|
| com.iplanet.am.server.protocol=http
| com.iplanet.am.server.host=sam.domain
| com.iplanet.am.server.port=80
|
| com.sun.identity.agents.server.log.file.name=amRemotePolicyLog
| com.sun.identity.agents.logging.level=BOTH
| com.sun.identity.agents.notification.enabled=true
| com.sun.identity.agents.notification.url=http://jbossAS.domain:8080/agentapp/notification
| com.sun.identity.agents.polling.interval=3
| com.sun.identity.policy.client.cacheMode=subtree
| com.sun.identity.policy.client.booleanActionValues=iPlanetAMWebAgentService|GET|allow|deny:iPlanetAMWebAgentService|POST|allow|deny
| com.sun.identity.policy.client.resourceComparators=serviceType=iPlanetAMWebAgentService|class=com.sun.identity.policy.plugins.HttpURLResourceName|wildcard=*|delimiter=/|caseSensitive=false
| com.sun.identity.policy.client.clockSkew=10
|
|
Do you have any idea why this error may occur?
Thank you in advance,
Cristi
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4001725#4001725
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4001725
More information about the jboss-user
mailing list