Access Manager 7 1 Configuration and Customization

AM-3480 Access Manager 7.1: Configuration and Customization
Course Content :: Duration :: Course Fees
5 days

INR 25666.0 plus service taxes

Overview
Sun Java System Access Manager is a security foundation that helps organizations manage secure access to an enterprise web application both within the enterprise and across business-to-business value chains. It provides open, standards-based authentication and policy-based authorization with a single, unified framework. It secures the delivery of essential identity and application information to meet current needs and to scale with growing business needs, by offering single sign-on, as well as enabling federation across trusted networks of partners, suppliers, and customers. The Sun Java System Access Manager: Configuration and Customization course provides students with a description of the role of Access Manager in an identity management solution. Students learn to configure, manage, administer, and customize Access Manager services, authentication, authorization, and federated identity. This comprehensive course covers a number of identity management concepts and Access Manager functions that range in complexity from introductory to advanced. This course does not cover basic installation, Java technology programming, Extensible Markup Language (XML), Lightweight Directory Access Protocol (LDAP), and Sun Java System Directory Server (Directory Server) concepts. These topics are covered in other Sun courses. The hands-on labs offered in this course might involve accessing equipment that resides at a location other than where the training is delivered.

Objectives

Upon completion of this course, students should be able to:
· Define the role of Access Manager and list the features and functions of Access Manager that address key business challenges
· Configure Access Manager and Policy Agents
· Configure and customize authentication and SSO
· Configure, administer, personalize, and customize authorization
· Describe the Security Assertions Markup Language (SAML) and federated identity, and their implementation in Access Manager
· Implement advanced deployment scenarios, including high availability

PreRequisites

To succeed fully in this course, students should be able to:
· Demonstrate proficiency with the Solaris Operating System (Solaris OS)
· Navigate a directory information tree (DIT)
· Install the Sun Java Enterprise System
· Demonstrate proficiency with XML and interpret Document Type Definition (DTD) files
· Demonstrate familiarity with Hypertext Markup Language (HTML)
· Demonstrate familiarity with Java programming and JavaServer Pages [JSP(TM)pages]
· Demonstrate familiarity with Hypertext Markup Language (HTML)
· Demonstrate familiarity with Java programming and JavaServer Pages(JSP(TM)pages)

Who Can Benefit

Students who can benefit from this course are system engineers, professional services consultants, application developers, architects, and other technical personnel. The course is designed for those who must implement Access Manager in an existing infrastructure and adapt the product appearance and functionality to suit the specific enterprise requirements.

Duration :5 days

Course Fees :INR 25666.0 plus service taxes

INR 28838.32 inclusive of service taxes

Course Content :
Installing Sun Java System Access Manager
· Define identity and federated identity
· Describe the Sun Java System identity management framework
· Identify Access Manager components
· Describe Policy Agent software
· Describe the hardware and pre-installed files on your lab system
· Install the Sun Java System Directory Server Enterprise Edition and Sun Java System Web Server software
· Install the Access Manager software

Configuring and Deploying Access Manager and Policy Agent Software
· Identify deployment components
· List basic deployment scenarios
· Identify Java ES installation options that impact deployment
· Describe Access Manager configuration
· Configure Policy Agent instances
· Configure the secure sockets layer (SSL) with Access Manager
· Start and stop Access Manager and Policy Agent instances
· Secure the Access Manager web container
· Configure the Access Manager instance
· Configure the Example Chocolates web site
· Install and configure Policy Agent software

Configuring Access Manager Realms
· Describe the types of data that Access Manager uses
· Describe Access Manager realms
· Describe realm and legacy modes
· Describe data store types
· Configure data stores
· Describe Access Manager management tools
· Create and configure realms
· Prepare the Example Chocolates user directory
· Create a realm using the CLI
· Create and configure realms using the console and the CLI

Configuring Access Manager Services
· Describe Access Manager services
· Configure Access Manager services using the console
· Configure Access Manager services using the CLI
· Describe service configuration for new realms
· Locate service files
· Configure the Session Service using the CLI
· Configure the Session Service using the console
· Describe the service configuration for a new realm

Logging, Debugging, and Monitoring
· Locate, configure, and interpret Access Manager log files and database tables
· Locate and configure debug files
· Locate and configure Policy Agent log files
· Monitor Access Manager instances using Java ES monitoring
· Review Access Manager log files
· Log on to a relational database
· Enable message-level debugging
· Monitor Java ES objects (optional)

Configuring Authentication
· Describe the Access Manager authentication process
· Configure Access Manager authentication
· Configure Access Manager sessions
· Describe SSO
· Configure a customized authentication interface
· Configure data store authentication
· Configure an authentication chain with multiple authentication module instances
· Configure account lockout for a realm
· Use Access Manager for programmatic authentication (optional)
· Customize the authentication interface templates for a realm (optional)
· Localize the authentication interface for a realm (optional)

Configuring Policy
· Describe policy
· Describe the policy architecture
· Describe policy components
· Describe policy storage
· Administer policy
· Configure policies using the console
· Delegate administration
· Configure a different default login URL in the Policy Agent
· Create policies for the Example Chocolates web site
· Create a policy that uses realm authentication
· Delegate administration to users

Exploring Policy Evaluation
· Describe policy evaluation principles
· Examine a policy evaluation example
· Locate policy evaluation request and policy decision documents and review the Access Manager policy log files

Analyzing Federated Identity Scenarios
· Define federated identity
· Identify business scenarios addressed by federated identity
· Describe basic federated identity technologies and how they solve business problems
· Describe federation frameworks
· Describe the Security Assertion Markup Language (SAML)
· Analyze business problems addressed by federated identity and describe technologies that provide solutions

Configuring SAML Version 1 Single Sign-On
· Describe SAML 1 assertions, protocols, and bindings
· Describe SAML 1 profiles
· Configure SAML 1 support on Access Manager
· Sign SAML assertions
· Configure SSO using SAML version 1.1

Examining Advanced Federation
· Describe advanced federated identity technologies
· Identify advanced identity federation frameworks
· Describe framework implementation in Access Manager
· Federate accounts on an identity provider and a service provider
· Federate and defederate accounts

Deploying Access Manager for High Availability
· Describe cross-domain single sign-on (CDSSO)
· Describe and configure distributed authentication
· Describe and configure high availability
· Perform advanced configuration
· Configure and secure new Web Server instances
· Configure a second Access Manager instance
· Configure the Policy Agent to fail over to the second Access Manager instance
· Configure the Policy Agent to work with load-balanced Access Manager instances

Related Courses (Before)

Related Courses (After)