By leroyk on May 17, 2007
The following is information I have gotten from other sources but felt it would be interesting to share. It documents how CACAO, Portal, Access Manager and Directory interact. 1. When would the cacao servers talk to each other? When you try to perform a "remote" task. For example, when you go to the psconsole running on server1 to create a PS instance on server2, or alternatively, you go to server2 and run psadmin create-instance to create a PS instance on server1. This is a unique feature of PS administration. No other JES products or components (e.g. Sun Cluster or JES-MF) require connections between Cacao agents. 2. What type of data is passed between the cacao server? Uh, many different types, depending on what the task is. Did this answer your question? :-) The protocol is JMXMP over TLS. There are other ways to talk to Cacao (e.g. SNMP), but portal uses none of that. 3. How does one cacao server know about the other? For every PS instance created, we record the host and port (and other config data too) to the Portal Domain Repository. Cacao itself doesn't know about other Cacao agents running on other nodes, but our portal MBeans do. 4. Does the cacao server store any data in the DS (via the AMSDK) and if so, do we know the DN's for those settings? Cacao doesn't. The PDR is stored in DS (not via AM SDK) by PAS. It's a subtree with root sunPortalAdminPortalDomainID=defaultDomain,
Also, are the certs that we copied only used when the cacao server talk to each other, or also when other components talk to the cacao server to use the portal mbeans?
Our Cacao clients (psconsole, psadmin, psconfig) use the same truststore that the local Cacao agent does. This is true only for PS7.0. We start to use our own truststore in PS7.1 per the recommendation of the Cacao team.