Host

Computer system that hosts the Directory Server.

Host Name

DirectoryServer–3SP.siroe.com

Directory Server Administration Instance

Administration server that manages Directory Server and all its instances.

Port Number

1391

Service URL

http://DirectoryServer–3SP.siroe.com:1391

Instance Directory

/var/opt/mps/serverroot/admin-serv

Directory Server Configuration Instance

Instance that stores Directory Server configuration data.

Instance name

DirectoryServer-3SP

Port Number

1390

Service URL

http://DirectoryServer-3SP.siroe.com:1390

Base suffix

dc=siroe,dc=com

Super User

cn=Directory Manager

Super User password

admin123

Administrative User

admin

Administrative User Password

admin123

Instance Directory

/var/opt/mps/serverroot/slapd-DirectoryServer-3SP

Federation Manager Configuration Instance

Stores Federation Manager configuration data.

Instance name

fm-config

Port Number

1389

Service URL

http://DirectoryServer–3SP.siroe.com:1389

Base Suffix

o=siroe.com

Replication Manager

cn=replication manager,cn=replication,cn=config

Replication Manager Password

11111111

Instance Directory

/var/opt/mps/serverroot/slapd-fm-config

User Data Store

Stores Federation Manager user data. In this deployment example, the user data store is located on the same computer system as the Federation Manager configuration data store. The user data store could also be installed on a different computer system.

Instance Name

fm-users

Port Number

1489

Service URL

http://DirectoryServer-3SP.siroe.com:1489

Base Suffix

dc=siroe, dc=com

Users Suffix

o=siroeusers

Replication Manager

cn=replication manager, cn=replication,cn=config

Replication Manager Password

11111111

Instance Directory

/var/opt/mps/serverroot/slapd-fm-users

Host

Computer system that hosts the Directory Server.

Host Name

DirectoryServer–4SP.siroe.com

Directory Server Administration Instance

Administration server that manages Directory Server and all its instances.

Port Number

1391

Service URL

http://DirectoryServer–4SP.siroe.com:1391

Instance Directory

/var/opt/mps/serverroot/admin-serv

Directory Server Configuration Instance

Instance that stores Directory Server configuration data.

Instance name

DirectoryServer-4SP

Port Number

1390

Service URL

http://DirectoryServer-4SP.siroe.com:1390

Base suffix

dc=siroe,dc=com

Super User

cn=Directory Manager

Super User password

admin123

Administrative User

admin

Administrative User Password

admin123

Instance Directory

/var/opt/mps/serverroot/slapd-DirectoryServer-4SP

Federation Manager Configuration Instance

Stores Federation Manager configuration data.

Instance name

fm-config

Port Number

1389

Service URL

http://DirectoryServer–4SP.siroe.com:1389

Base Suffix

o=siroe.com

Replication Manager

cn=replication manager,cn=replication,cn=config

Replication Manager Password

11111111

Instance Directory

/var/opt/mps/serverroot/slapd-fm-config

User Data Store

Stores Federation Manager user data. In this deployment example, the user data store is located on the same computer system as the Federation Manager configuration data store. The user data store could also be installed on a different computer system.

Instance Name

fm-users

Port Number

1489

Service URL

http://DirectoryServer-4 SP.siroe.com:1489

Base Suffix

dc=siroe, dc=com

Users Suffix

o=siroeusers

Replication Manager

cn=replication manager, cn=replication,cn=config

Replication Manager Password

11111111

Instance Directory

/var/opt/mps/serverroot/slapd-fm-users

spuser

Used for testing Federation Manager login.

Password

spuser

DN

uid=spuser,o=siroeusers,dc=siroe,dc=com

idpuser

Used for testing single sign-on configuration and Web Policy Agents configuration.

Password

idpuser

DN

uid=idpuser,o=siroeusers,dc=siroe,dc=com

testuser1

Used to verify fm-users data store configuration.

Password

11111111

DN

uid=testuser1,o=siroeusers,dc=siroe,dc=com

idp

Used to verify that the configuration of Application Server sample application with J2EE Policy Agents.

Password

idp

DN

uid=idp,o=siroeusers,dc=siroe,dc=com

Host

Computer system that hosts the Federation Manager 1 server.

Host Name

FederationManager-1.siroe.com

Web Server Administration

Manages the entire Web Server an all its instances.

Instance name

admserv

Port Number

8888

Service URL

http://FederationManager–1.siroe.com:8888

Administrative User

admin

Administrative User Password

11111111

Instance Directory

/opt/SUNWwbsvr/https-admserv

Federation Manager Web Server

Contains the Federation Manager applications.

Instance name

FedeartionManager-1.siroe.com

Port Number

8080

Service URL

http://FederationManager-1.siroe.com:1080

Administrative User

amadmin

Administrative User Password

11111111

Instance Directory

/opt/SUNWwbsvr/https-FederationManager-1.siroe.com

Host

Computer system that hosts the Federation Manager 2 server.

Host Name

FederationManager-2.siroe.com

Web Server Administration

Manages the entire Web Server an all its instances.

Instance name

admserv

Port Number

8888

Service URL

http://FederationManager–2.siroe.com:8888

Administrative User

admin

Administrative User Password

11111111

Instance Directory

/opt/SUNWwbsvr/https-admserv

Federation Manager Web Server

Contains the Federation Manager applications.

Instance name

FedeartionManager-2.siroe.com

Port Number

8080

Service URL

http://FederationManager-2.siroe.com:1080

Administrative User

amadmin

Administrative User Password

11111111

Instance Directory

/opt/SUNWwbsvr/https-FederationManager-2.siroe.com

Host

Computer system that hosts Application Server 3

Host Name

ProtectedResource-3.siroe.com

Application Server Administration

Manages the entire Application Server and all its instances

Instance Name

AdminServer

Port Number

8080

Administrative User

admin

Administrative User Password

11111111

Instance Directory

/opt/SUNWappserver/ProtectedResource-3

Application Server

Stores configuration information for this Application Server instance.

Instance Name

ProtectedResource-3

Instance Directory

/opt/SUNWappserver/ProtectedResource-3

J2EE Policy Agent Instance

Server instance which contains the Application Server and J2EE policy agent.

Instance Name

ProtectedResource-3

Port Number

8080

Instance Directory

/export/j2ee_agents/am_as81_agent/agent_001

J2EE Policy Agent Profile

Administrative User

asagent

Administrative User Password

This encrypted password is generated using ampassword.

Host

Computer system that hosts Application Server 4

Host Name

ProtectedResource-4.siroe.com

Application Server Administration

Manages the entire Application Server and all its instances

Instance Name

AdminServer

Port Number

8080

Administrative User

admin

Administrative User Password

11111111

Instance Directory

/opt/SUNWappserver/ProtectedResource-4

Application Server

Stores configuration information for this Application Server instance.

Instance Name

ProtectedResource-4

Instance Directory

/opt/SUNWappserver/ProtectedResource-4

J2EE Policy Agent Instance

Server instance which contains the Application Server and J2EE policy agent.

Instance Name

ProtectedResource-4

Port Number

8080

Instance Directory

/export/j2ee_agents/am_as81_agent/agent_001

J2EE Policy Agent Profile

Administrative User

asagent

Administrative User Password

This encrypted password is generated using ampassword.

Host

Computer system that hosts Web Server 3

Host Name

ProtectedResource-3.siroe.com

Web Server Administration

Manages the entire Web Server and all its instances.

Instance Name

admserv

Port Number

8888

Administrative User

admin

Administrative User Password

web4dmin

Instance Directory

/opt/SUNWwbsvr/https-admserv

Web Policy Agent Instance

Server instance that contains the web server and web policy agent.

Instance Name

ProtectedResource-3.siroe.com

Port Number

2080

Instance Directory

/opt/SUNWwbsvr/https-ProtectedResource-3.siroe.com

Web Agent Profile

Administrative User

webagent

Administrative User Password

web4gent

Host

Computer system that hosts Web Server 4

Host Name

ProtectedResource-4.siroe.com

Web Server Administration

Manages the entire Web Server and all its instances.

Instance Name

admserv

Port Number

8888

Administrative User

admin

Administrative User Password

web4dmin

Instance Directory

/opt/SUNWwbsvr/https-admserv

Web Policy Agent Instance

Server instance that contains the web server and web policy agent.

Instance Name

ProtectedResource-4.siroe.com

Port Number

2080

Instance Directory

/opt/SUNWwbsvr/https-ProtectedResource-4.siroe.com

Web Agent Profile

Administrative User

webagent

Administrative User Password

web4gent

Host

Computer system that hosts all virtual servers in this deployment example.

Host Name

is-f5.siroe.com

Load Balancer 1

Load Balancer 2

These load balancers are not discussed in this manual. See 1.2 System Architecture and 1.2 System Architecture for more information.

Load Balancer 3

Access Manager Servers

Virtual Service Address for the Access Manager Web Server instances.

SSL is terminated at this at this load balancer before the request is forwarded to the Access Manager Servers. This load-balancer is the single point-of-failure for Access Manager and can be considered a limitation of this deployment example.

Configured for cookie and IP— based stickiness and TCP (HTTP and LDAP) load balancing.

External users access port 9443, while internal users will access port 90.

Instance Name

LoadBalancer-3

Port Number

90 and 9443

Pool Name

AccessManager-Pool

Virtual Server and Port Number

LoadBalancer-3.example.com:90

Monitor

HTTP

Load Balancer 4

Load Balancer 5

Load Balancer 6

These load balancers are not discussed in this manual. See 1.2 System Architecture and 1.2 System Architecture for more information.

Load Balancer 7

Federation Manager Configuration Stores

Virtual Service Address for the Federation Manager configuration store.

Configured for cookie and IP-based stickiness and TCP (HTTP and LDAP) load balancing.

Instance Name

LoadBalancer-7

Port Number

389

Pool Name

federation_ds_pool

Virtual Server and Port Number

LoadBalancer-7.siroe.com:389

Monitor

LDAP-tcp

Load Balancer 8

Federation Manager User Data Stores

Virtual Service Address for the Federation Manager User Data store.

Configured for cookie and IP-based stickiness and TCP (HTTP and LDAP) load balancing.

Instance Name

LoadBalancer-8

Port Number

1389

Pool Name

DirectoryServer-UserData-Pool

Virtual Server and Port Number

LoadBalancer-8.siroe.com:1389

Monitor

LDAP-tcp

Load Balancer 9

Federation Manager Web Servers

Virtual Service Address for the Federation Manager Web Server instances.

SSL is terminated at this load balancer before the request is forwarded to the Access Manager servers.

Configured for cookie and IP-based stickiness and TCP (HTTP and LDAP) load balancing.

External users will access port 3443, while non-SSL port 1080 is used for proxying.

Instance Name

LoadBalancer-9

Port Number

1080

Pool Name

fm_server_pool

Virtual Server and Port Number

LoadBalancer-9.siroe.com:1080

Monitor

HTTP

Load Balancer 10

J2EE Policy Agents

Virtual Service Address for J2EE Policy Agents

SSL is terminated at this load balancer before the request is forwarded to J2EE Policy Agents.

Configured for cookie and IP-based stickiness and TCP (HTTP and LDAP) load balancing.

Instance Name

LoadBalancer-10

Port Number

4080

Pool Name

federation_j2ee_agents

Virtual Server and Port Number

LoadBalancer-10.siroe.com:1080

LoadBalancer-10.siroe.com:2443

Monitor

HTTP

Load Balancer 11

Web Policy Agents

Virtual Service Address for Web Policy Agents.

SSL is terminated at this load balancer before the request is forwarded to Web Policy Agents.

Configured for cookie and IP— based stickiness and TCP (HTTP and LDAP) load balancing.

Instance Name

LoadBalancer-11

Port Number

5080

Pool Name

federation_web_agents

Virtual Server and Port Number

LoadBalancer-11.siroe.com:2080

LoadBalancer-11.siroe.com:5443

Monitor

HTTP

Identity Provider Keystore

/etc/opt/SUNWam/config/amkeystore

Keystore Password

passwordam

Key Password

keypasswordam

Key Algorithm

RSA

Strength

1024

Service Provider Keystore

/etc/opt/SUNWam/config/fmkeystore

Keystore Password

password

Key Password

keypassword

Key Algorithm

RSA

Strength

1024

OpenSSL

Self

Root CA

OpenSSL_CA_Cert

OpenSSL

LoadBalancer-9.siroe.com

Server SSL

LoadBalancer-9.siroe.com_OpenSSL

OpenSSL

LoadBalancer-10.siroe.com

Server SSL

LoadBalancer-10.siroe.com_OpenSSL

OpenSSL

LoadBalancer-11.siroe.com

Server SSL

LoadBalancer-11.siroe.com_OpenSSL