Problem with apache web server and policy agent

This topic has 5 replies, 4 voices, and was last updated 6 years, 11 months ago by miky7.

  • Author
  • #5892

    Hi guys,
    I’m a newbie ;)
    I installed opendj e openam on a virtual machine with centos 6.7 32 bit.
    After the installation i follow the step on this page to install the web policy agent for apache web server 32 bit:!/docs/openam-policy-agents/3.3.0/web-install-guide/chap-apache-22
    I tried with httpd 2.2 and httpd 2.4 but after the correct installation of the policy agent, I use the command /path/to/apache22/bin/apachectl -k start and the answer is:
    httpd: Syntax error on line 1012 of /etc/httpd/conf/httpd.conf: Could not open configuration file /root….apache22_agent/Agent_001/config/dsame.conf: Permission denied
    the file have the rw-r–r– permission and I run httpd with the root user
    What could I do? Any suggestion?
    Openam and opendj work fine and also apache webserver without: include /root/Scrivania/agent/web_agents/apache22_agent/Agent_001/config/dsame.conf
    I’m sorry for my terrible English ;)

    • This topic was modified 6 years, 11 months ago by miky7.
     Matt Miller

    Have you tried turning off SELinux?


    Thank you!!! Now apache starts. It shows me the 403 forbidden page


    Can you post the apache virtual host configuration you’ve setup?



    Have you configured any policy for Apache Agent profile, if not enable sso mode only.
    that might work.



    Thanks to everybody! But the problem perists…
    I’ll explain what I am to do. The structure of my test project is: one apache web server where I have installed the policy agent and a tomcat apache web server where I put Openam.
    All is on localhost in the same virtual machine. I want to protect a simple jsp on the tomcat server. I would like to write an url in my browser: and access to a resource on tomcat but before that I want that OpenAM authenticates the user.
    I add two url in the file hosts on localhost:
    In the apache web server htppd.conf I add this line
    ProxyPass /OpenAM
    ProxyPassReverse /OpenAM

    In OpenAM the real is top level realm and I add realm/dns aliases
    In Policies I create a policy, the configuration is:
    Name MyApp Resources*/MyApp/test.jsp
    Actions all allowed
    Subjects Only AuthenticatedUsers
    in enviroments and response attributes nothing

    I create one agent testagent:

    the current agent root url is
    Fqdn check enabled fqdn default

    ignore path info for not enforced urls enabled
    not enforced urls:**

    cross domain sso not enabled
    cdsso servlet url:

    OpenAM Services
    OpenAM Login URL:

    In the first page of OpenAM in Configuration under servers and sites:
    Servers: with parent site applicazioni
    In Sites I add one applicazioni with primary url: with assigned servers

    With this configuration It doesn’t work… any suggestion?

    Thanks :)

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?