This topic has 3 replies, 2 voices, and was last updated 4 years, 10 months ago by Scott Heger.

  • Author
  • #19634

    I’ve been using the now legacy OpenAM Policy Agent v3.5.1 for a Tomcat-hosted application that relies on Java authentication filters for access management.

    Everything’s been fine when older versions of the application were hosted on Tomcat 8.0. A new version of the hosted application relies on Tomcat 8.5 which the agent installer fails as an unsupported Tomcat version.

    There are bugs and issues pointing this out that say Tomcat 8.5 is supported in versions 4+, however there are no installation instructions for installing the Web Policy Agent on a Tomcat server (just IIS, Nginx and Apache Webserver).

     Scott Heger

    For Tomcat you would not use a Web Policy Agent, you would use a J2EE Policy Agent. The latest version of the J2EE Policy Agent is 3.5.1.


    Unfortunately J2EE Policy Agent 3.5.1 is at end-of-life, doesn’t support Tomcat 8.5, and a new version does not appear to be forthcoming.

     Scott Heger

    First stage EOSL for J2EE Policy Agent 3.5.1 is Feburary 25, 2018 and Final EOSL data is February 25, 2019. So really you have over a year before it is end-of-life. But, that still doesn’t help with your need to use an agent with Tomcat 8.5. So, until ForgeRock releases an J2EE agent that does support it, you would need to front-end your Tomcat 8.5 instance with a reverse proxy that has a supported agent (i.e. apache web server or OpenIG).

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?