0 Replies Latest reply on Jan 15, 2007 5:41 AM by cristi.ciuc

    Jboss Sun Access Manager Policy Agent

    cristi.ciuc

      Hi,

      I have installed SAM (together with S1DS, Web Server and Administration Server (from JES installer)).

      I have installed and configured Policy Agent 2.2 for JBoss AS (using 4.0.5), but i'm getting a browser "Redirect loop" (Redirection limit for this URL exceeded. Unable to load the requested page. This may be caused by cookies that are blocked.) error after I login with a correct user/password combination when I try to access the sample application.

      My browser accepts cookies from all domains.

      My AMAgent.properties looks like this:

      com.sun.identity.agents.config.user.mapping.mode = USER_ID
      com.sun.identity.agents.config.user.attribute.name = employeenumber
      com.sun.identity.agents.config.user.principal = false
      com.sun.identity.agents.config.user.token = UserToken
      
      com.sun.identity.agents.config.client.ip.header =
      com.sun.identity.agents.config.client.hostname.header =
      
      com.sun.identity.agents.config.load.interval = 0
      
      com.sun.identity.agents.config.locale.language = en
      com.sun.identity.agents.config.locale.country = US
      
      com.sun.identity.agents.config.organization.name = /
      
      com.sun.identity.agents.config.audit.accesstype = LOG_BOTH
      com.sun.identity.agents.config.log.disposition = ALL
      com.sun.identity.agents.config.remote.logfile = amAgent_11_126_14_20_8080.log
      com.sun.identity.agents.config.local.logfile = /home/ciuc/stuff/src/j2ee_agents/am_jboss_agent/agent_001/logs/audit/amAgent_11_126_14_20_8080.log
      com.sun.identity.agents.config.local.log.rotate = false
      com.sun.identity.agents.config.local.log.size = 52428800
      
      com.sun.identity.agents.config.webservice.enable = false
      com.sun.identity.agents.config.webservice.endpoint[0] =
      com.sun.identity.agents.config.webservice.process.get.enable = true
      com.sun.identity.agents.config.webservice.authenticator =
      com.sun.identity.agents.config.webservice.internalerror.content = WSInternalErrorContent.txt
      com.sun.identity.agents.config.webservice.autherror.content = WSAuthErrorContent.txt
      
      com.sun.identity.agents.config.access.denied.uri =
      
      com.sun.identity.agents.config.login.form[0] =
      com.sun.identity.agents.config.login.error.uri[0] =
      com.sun.identity.agents.config.login.use.internal = true
      com.sun.identity.agents.config.login.content.file = FormLoginContent.txt
      
      com.sun.identity.agents.config.auth.handler[] =
      com.sun.identity.agents.config.logout.handler[] =
      com.sun.identity.agents.config.verification.handler[] =
      
      com.sun.identity.agents.config.redirect.param = goto
      
      com.sun.identity.agents.config.login.url[0] = http://sam.domain:80/amserver/UI/Login
      
      com.sun.identity.agents.config.login.url.prioritized = true
      
      com.sun.identity.agents.config.agent.host =
      com.sun.identity.agents.config.agent.port =
      com.sun.identity.agents.config.agent.protocol =
      
      com.sun.identity.agents.config.login.attempt.limit = 0
      
      com.sun.identity.agents.config.sso.decode = true
      
      com.sun.identity.agents.config.amsso.cache.enable = true
      
      com.sun.identity.agents.config.cookie.reset.enable = false
      com.sun.identity.agents.config.cookie.reset.name[0] =
      com.sun.identity.agents.config.cookie.reset.domain[] =
      com.sun.identity.agents.config.cookie.reset.path[] =
      
      com.sun.identity.agents.config.cdsso.enable = false
      com.sun.identity.agents.config.cdsso.redirect.uri = /agentapp/sunwCDSSORedirectURI
      com.sun.identity.agents.config.cdsso.cdcservlet.url[0] = http://dm-test-win-1:80/amserver/cdcservlet
      com.sun.identity.agents.config.cdsso.clock.skew = 0
      com.sun.identity.agents.config.cdsso.trusted.id.provider[0] = http://dm-test-win-1:80/amserver/cdcservlet
      
      com.sun.identity.agents.config.logout.application.handler[] =
      com.sun.identity.agents.config.logout.uri[] =
      com.sun.identity.agents.config.logout.request.param[] =
      com.sun.identity.agents.config.logout.introspect.enabled = false
      com.sun.identity.agents.config.logout.entry.uri[] =
      
      com.sun.identity.agents.config.fqdn.check.enable = true
      com.sun.identity.agents.config.fqdn.default = jbossAS.domain
      com.sun.identity.agents.config.fqdn.mapping[] =
      
      com.sun.identity.agents.config.legacy.support.enable = false
      com.sun.identity.agents.config.legacy.user.agent[0] = Mozilla/4.7*
      com.sun.identity.agents.config.legacy.redirect.uri = /agentapp/sunwLegacySupportURI
      
      com.sun.identity.agents.config.response.header[] =
      
      com.sun.identity.agents.config.redirect.attempt.limit = 0
      
      com.sun.identity.agents.config.port.check.enable = false
      com.sun.identity.agents.config.port.check.file = PortCheckContent.txt
      com.sun.identity.agents.config.port.check.setting[8080] = http
      
      com.sun.identity.agents.config.notenforced.uri[0] = /agentsample/public/*
      com.sun.identity.agents.config.notenforced.uri[1] = /agentsample/images/*
      com.sun.identity.agents.config.notenforced.uri[2] = /agentsample/styles/*
      com.sun.identity.agents.config.notenforced.uri[3] = /agentsample/index.html
      com.sun.identity.agents.config.notenforced.uri[4] = /agentsample
      com.sun.identity.agents.config.notenforced.uri.invert = false
      com.sun.identity.agents.config.notenforced.uri.cache.enable = true
      com.sun.identity.agents.config.notenforced.uri.cache.size = 1000
      
      com.sun.identity.agents.config.notenforced.ip[0] =
      com.sun.identity.agents.config.notenforced.ip.invert = false
      com.sun.identity.agents.config.notenforced.ip.cache.enable = true
      com.sun.identity.agents.config.notenforced.ip.cache.size = 1000
      
      com.sun.identity.agents.config.attribute.cookie.separator = |
      com.sun.identity.agents.config.attribute.date.format = EEE, d MMM yyyy hh:mm:ss z
      com.sun.identity.agents.config.attribute.cookie.encode = true
      
      com.sun.identity.agents.config.profile.attribute.fetch.mode = NONE
      com.sun.identity.agents.config.profile.attribute.mapping[] =
      
      com.sun.identity.agents.config.session.attribute.fetch.mode = NONE
      com.sun.identity.agents.config.session.attribute.mapping[] =
      
      com.sun.identity.agents.config.response.attribute.fetch.mode = NONE
      com.sun.identity.agents.config.response.attribute.mapping[] =
      
      com.sun.identity.agents.config.bypass.principal[0] =
      
      com.sun.identity.agents.config.default.privileged.attribute[0] = AUTHENTICATED_USERS
      com.sun.identity.agents.config.privileged.attribute.type[0] = Role
      com.sun.identity.agents.config.privileged.attribute.tolowercase[Role] = false
      com.sun.identity.agents.config.privileged.session.attribute[0] =
      
      com.sun.identity.agents.config.service.resolver = com.sun.identity.agents.jboss.v40.AmJBossAgentServiceResolver
      
      com.sun.identity.agents.app.username = amagent
      com.iplanet.am.service.secret = AQICJmGvlBWYuAYQndALuvNKiw==
      
      am.encryption.pwd = /mY/WidDT34aJtbcFS0pCKFEt6evPeTF
      
      com.sun.identity.client.encryptionKey= /mY/WidDT34aJtbcFS0pCKFEt6evPeTF
      
      
      com.iplanet.services.debug.level=error
      com.iplanet.services.debug.directory=/home/ciuc/stuff/src/j2ee_agents/am_jboss_agent/agent_001/logs/debug
      
      com.iplanet.am.cookie.name=iPlanetDirectoryPro
      
      com.iplanet.am.naming.url=http://sam.domain:80/amserver/namingservice
      
      com.iplanet.am.notification.url=http://jbossAS.domain:8080/agentapp/notification
      com.iplanet.am.session.client.polling.enable=false
      com.iplanet.am.session.client.polling.period=180
      
      com.iplanet.security.encryptor=com.iplanet.services.util.JCEEncryption
      
      com.iplanet.am.sdk.remote.pollingTime=1
      
      com.sun.identity.sm.cacheTime=1
      
      com.iplanet.am.localserver.protocol=http
      com.iplanet.am.localserver.host=jbossAS.domain
      com.iplanet.am.localserver.port=8080
      
      com.iplanet.am.server.protocol=http
      com.iplanet.am.server.host=sam.domain
      com.iplanet.am.server.port=80
      
      com.sun.identity.agents.server.log.file.name=amRemotePolicyLog
      com.sun.identity.agents.logging.level=BOTH
      com.sun.identity.agents.notification.enabled=true
      com.sun.identity.agents.notification.url=http://jbossAS.domain:8080/agentapp/notification
      com.sun.identity.agents.polling.interval=3
      com.sun.identity.policy.client.cacheMode=subtree
      com.sun.identity.policy.client.booleanActionValues=iPlanetAMWebAgentService|GET|allow|deny:iPlanetAMWebAgentService|POST|allow|deny
      com.sun.identity.policy.client.resourceComparators=serviceType=iPlanetAMWebAgentService|class=com.sun.identity.policy.plugins.HttpURLResourceName|wildcard=*|delimiter=/|caseSensitive=false
      com.sun.identity.policy.client.clockSkew=10
      
      



      Do you have any idea why this error may occur?

      Thank you in advance,
      Cristi