September 26, 2016 at 3:53 pm #13287T.HiranoParticipant
Hi and sorry for many question…
Now, try to run agentsample but all user can see the pages.
1. go to subjects and create user “ichiro” to group “manager”, “hideo” to group “employee”.
2. create new policy in “iPlanetAMWebAgentService” policy set like this.
All of Authenticated Users
3. create agent to J2EE, name “nomonomo”
I access to http://j2ee.example.com:8080/agentsample/, and go to OpenAM login.
But both user can access to /protectedservlet…
Is there more settings?September 26, 2016 at 4:14 pm #13288Rogerio RondiniParticipant
I believe the Policy with “/*” and “/*?*” grant access to “All of authenticated users” are overlaying other policies.September 28, 2016 at 12:59 pm #13359T.HiranoParticipant
Hi Rogerio, thank you for your reply.
I only set the Policy above…but I found the cause by your reply!
There’s no config for “privileged attribute mapping” under application tab, j2ee-agent.
I added two values like this.
map-key : id=employee,ou=group,dc=opensso,dc=java,dc=net
map-value : SR_EMPLOYEE_ROLE
map-key : id=manager,ou=group,dc=opensso,dc=java,dc=net
map-value : SR_MANAGER_ROLE
Each key-value is written in agentsampe’s web.xml.
I can’t solve this without your reply, thanks!
You must be logged in to reply to this topic.