Table of Contents
Advertisement
If users are not getting access to a resource when they should, you need to enable tracing (see
Section 9.11, "Viewing Log Files," on page
is occurring.
Login: The Identity Server supports a variety of contracts that can be used for logging in. You
need to create a contract that is compatible with the J2EE server, if it has been configured to
verify login credentials. You can select an Any Contract option, but if you configure the J2EE
Agent to use this option, be sure that all defined contracts are compatible with the J2EE server.
If a user logs into another Access Manager resource with a contract that is not compatible, the
Any Contract option allows the J2EE Agent to accept those login credentials, but the J2EE
server denies access.
Access Manager Authorization Policy: To enable an Access Manager authorization policy,
you must select the Enforce additional authorization policy option, create a protected resource,
create a policy for the resource, then enable the policy.
Protected Resource: If you have enabled the Enforce additional authorization policy option
but have not created a protected resource that matches the requested application URL or
JavaBean, the user is denied access to the resource.
Web Authorization Policy or Enterprise JavaBean Authorization Policy: If the only
requirement you have for granting access is authentication, you should create a policy that
grants access based on the authenticated role. All users are assigned this role when they
successfully authenticate to the Identity Server.
Application Server Authorization Policy: To enable the policies you have configured on the
J2EE server, you must enable the Enforce application server policy option. You must also
create Access Manager Role policies for the roles that you have configured the J2EE server to
use for authorization. Depending upon the application, role names can be case sensitive, so
when you create the role, make sure to use the case the application expects.
126 Novell Access Manager 3.1 SP2 J2EE Agent Guide
124) and view the log files to determine where the error
Advertisement
Chapters
Table of Contents
Related Manuals for Novell ACCESS MANAGER 3.1 SP2 - J2EE AGENT GUIDE 2010
Related Products for Novell ACCESS MANAGER 3.1 SP2 - J2EE AGENT GUIDE 2010
- NOVELL CLIENT FOR LINUX 2.0 SP2 - 03-2009
- NOVELL SENTINEL 6.1 SP2 - 02-2010
- NOVELL SP2 - S
- NOVELL BUSINESS CONTINUITY CLUSTERING 1.1 SP1 - 9-21-2010 ADMINISTRATION GUIDE FOR OPEN ENTERPRISE SERVER 1 SP2 LINUX
- NOVELL CLIENT FOR LINUX 2.0 SP1 - 08-2008
- NOVELL CLIENT FOR LINUX 2.0 SP3 - 11-2009
- NOVELL SUSE LINUX ENTERPRISE DESKTOP 11 SP1 - 8-18-2010 VIRTUALIZATION WITH ZEN
- NOVELL ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - NETWORK DISCOVERY DATABASE STRUCTURE