Deploying Sun Java System Access Manager: Must Know Info
By Identity Writer: J Domenichini on Apr 27, 2007
There are two deployment example documents in the Access Manager documentation collection that you absolutely, positively need to know about.
My advice is, "Don't get caught up in specfics." I mean, deployment examples almost never match exactly what you're trying to do. All the same, these deployment examples bring you through the whole gambit. You can see it all from beginning to end. From a complex Access Manager deployment (including high availability and more) right on through the deployment of a service provider site and an identity provider site to form a federated circle of trust.
No matter, how simple or complex your deployment is, these examples will be of use to you. Spend a total of 15 minutes looking at these two documents and you'll walk away with a pretty clear understanding of what's involved. It takes some of the intimidation out of the task for sure. I used to think that a Sun Java System Access Manager deployment was complex until I saw how other players in the Web access management market do the same things (see my entry on this), and I realize that, in comparison, deploying Sun Java Access Manager is a walk in the park, especially with these two documents to guide you:
Deployment Example 1: Access Manager Load Balancer, Distributed Authentication, and Session Failover:
This is the Third Edition of "Deployment Example 1." The book is updated for Access Manager 7 Patch 5, and includes corrections and other information based on user feedback. This book can be used as a stand-alone document for deploying Access Manager features most commonly encountered during customer deployments.
Deployment Example 2: Federation Using SAMLv2:
"Deployment Example 2" is published for the first time. Used together with its companion "Deployment Example 1," this book provides detailed instructions for an end-to-end deployment of a federated environment.
Both of these detailed documents were written by Technical writer Cina Gariaga. That's not her/his real name. I had to change it to protect the innocent, namely me and other Access Manager technical writers. We don't want the competition to know who wrote these deployment examples because they'd surely try to steal him/her away. Furthermore, various engineers, who will remain anonymous, contributed extensively throughout the process.
Personally, up until now, I've contributed nothing to these two literary masterpieces. That's why I'm blogging about them. Now I can say that I was involved with both of these guides.
Being the technical writer of Policy Agent software documentation, I'm happy to see both web agents and J2EE agents represented. Basically, you name it, it's in there: load balancers, application servers, the kitchen sink, web servers, etc. There are directory servers strewn evenly across the landscape. Well, a picture speaks a thousand words, so let me grab one of the images from the first example. I'll leave you with this image of the system architecture to ponder the possibilities and to be enlightened.