Policy Agent 3.0 is coming out soon enough and the properties are still complicated. You can set them in the Federated Access Manager Console now, which is good, but it's still complicated. It's the details that are difficult to get. And yet, some times you just gotta have the details.

What Do You Want to Know About Agent Properties?

What would you like to see in terms of property descriptions? Yes, YOU! Please tell us what you need to know, what you want to know.

The property details need to be filled in, so let us know which properties you would like described. We might as well start providing details for properties that the community wants. More on this later (see Questions)

Goal of the Policy Agent 3.0 Wiki

Let me exaplain. In an effort to capture all the details that come in for Policy Agent properties starting with Policy Agent 3.0, I'm putting together the following wiki page:

Policy Agent 3.0 Property Page

I'm just getting this Policy Agent 3.0 properties wiki put together now. However, if you perform an Internet search (using Google or whatever) by a specific Policy Agent property name, the search results will probably include this wiki (and relatively high in the results, too) as such: "agent3properties - OpenSSO - wikis.sun.com." This wiki should soon become THE place to go for reference info on Policy Agent 3.0 properties.

Policy Agent developer, Sean Brydon, has been instrumental in getting this wiki going. The problem in the past has been that even when a property description seems clear, which they often are not, other details can come in later  about how the property interacts with other agent properties, or how certain settings affect how the agent interacts with Federated Access Manager, or a myriad of other details.

Clearly, it would be best if the property descriptions could be living descriptions that can be updated by a variety of stakeholders, especially those right in there working with the properties. That is the type of structure I hope to provide with the agent property wiki.

This Wiki and Federated Access Manager Console: The Connection

By following the link to the  Policy Agent 3.0 Property Page, you'll notice that the wiki lays out the Policy Agent 3.0 properties in the same manner they are presented in the Federated Access Manager Console. Below is a snapshot of the Console, specifically showing a view of a J2EE agent. The snapshot shows the first few J2EE agent properties in the Global tab. Those first few properties are all in the Profile category:

---

---

The table that follows shows how the Policy Agent wiki lists the properties in the following category (Notice that the Details links in the table are live):

J2EE agent > Global > Profile

Profile (Global J2EE agent properties)

Property Label	Property Name	Online Help	More Details
Group	N/A	Help	Details
Password	N/A	Help	Details
Password (confirm)	N/A	Help	Details
Status	N/A	Help	Details
Agent Notification URL	com.sun.identity.client.notification.url	Help	Details
Location of Agent Configuration Repository	N/A	Help	Details
Configuration Reload Interval	com.sun.identity.agents.config.load.interval	Help	Details
Agent Configuration Change Notification	com.sun.identity.agents.config.change.notification.enable	Help	Details

The table that follows shows how the Policy Agent wiki lists the properties in the following category (Notice that the Details links in the table are live):

Web agent > Global > Profile

Profile (Global web agent properties)

Property Label	Property Name	Online Help	More Details
Group	N/A	Help	Details
Password	N/A	Help	Details
Password (confirm)	N/A	Help	Details
Status	N/A	Help	Details
Location of Agent Configuration Repository	N/A	Help	Details
Agent Configuration Change Notification	com.sun.identity.agents.config.change.notification.enable	Help	Details
Enable Notifcations	com.sun.identity.agents.config.notification.enable	Help	Details
Agent Notifcation URL	com.sun.identity.client.notification.url	Help	Details
Agent Deploymet URI Prefix	com.sun.identity.agents.config.agenturi.prefix	Help	Details
Configuration Reload Interval	com.sun.identity.agents.config.polling.interval	Help	Details
Configuration Cleanup Interval	com.sun.identity.agents.config.cleanup.interval	Help	Details

The Details Links

I'd like to get comments from the OpenSSO community on the property descriptions. At this point, in the  Policy Agent 3.0 wiki,  not too many of the Details links are filled in. However, for both web agents and J2EE agents, I've filled in all the properties in the Profile category. In the properties wiki, you have to click the Details link and look at each property description one by one. That will probably suit folks who are looking up info on a specific property.

Since I'd like to get community feedback on the property descriptions, I've listed the properties for the Profile category in the table below, so you can see them all in one shot. I've copied the descriptions exactly as they are in the Details links and pasted them in the table. However, since the properties in the Profile category don't align perfectly between web agents and J2EE agents, I've moved the J2EE properties around slightly in the table, so they now align.

Here are some questions to consider when you look at the property descriptions and when you look at the Policy Agent properties wiki in general:

• Which of the properties in the table below have descriptions that you think are lacking?
• What type of info do you want for a given property?
• Do you have a better suggestion for a property description?
• Besides the Profile properties, which other properties would you like to see descriptions for first?
• Do you have any comments about the structure and such of the Policy Agent Properties Wiki Page?:
  http://wikis.sun.com/display/OpenSSO/agent3properties
• Do you have any comments on the structure of the Details pages?

If you have any comments please leave them in this blog entry.

Web Agents	J2EE Agent
Property Label: Group Property Name: N/A Description: The "group" property is available starting with Sun Federated Access Manager Policy Agent 3.0. The property allows you to assign an individual web agent to a previously configured web agent group. The individual web agent can then inherit selected properties from the group.	Property Label: Group Property Name: N/A Description: The "group" property is available starting with Sun Federated Access Manager Policy Agent 3.0. The property allows you to assign an individual J2EE agent to a previously configured J2EE agent group. The individual J2EE agent can then inherit selected properties from the group.
Property Label: Password Property Name: N/A Description: The value for the "Password" property was set when the agent was created using the Federated Access Manager Console or the famadm utility. It was also the password that was in the agent profile password file when the agentadmin program was issued to install the agent. You can change the password at any time in the future.	Property Label: Password Property Name: N/A Description: The value for the "Password" property was set when the agent was created using the Federated Access Manager Console or the famadm utility. It was also the password that was in the agent profile password file when the agentadmin program was issued to install the agent. You can change the password at any time in the future.
Property Label: Password (confirm) Property Name: N/A Description: The value for the "Password(confirm)" property must match the "Password" property. If you change the "Password" property you must also change the "Password(confirm)" property.	Property Label: Password (confirm) Property Name: N/A Description: The value for the "Password(confirm)" property must match the "Password" property. If you change the "Password" property you must also change the "Password(confirm)" property.
Property Label: Status Property Name: N/A Description: This property is set to Active by default. When set to Active, the agent is able to authenticate to and communicate with Federated Access Manager. When set to Inactive, the agent is not able to authenticate to Federated Access Manager.	Property Label: Status Property Name: N/A Description: This property is set to Active by default. When set to Active, the agent is able to authenticate to and communicate with Federated Access Manager. When set to Inactive, the agent is not able to authenticate to Federated Access Manager.
Property Label: Location of Agent Configuration Repository Property Name: N/A Description: The value for this property is originally set when the agent profile is created. If desired, change the configuration location to whichever of the two options is available: centralized or local. The centralized location allows you to control the configuration in a centralized manner, such as from the Console. The local option is provided for backward compatibility purposes. If the local configuration option is selected, the agent will use its local configuration in the FAMAgentConfiguration.properites file in the agent installation directory. In addition, the Console will only display the following properties: Password , Password (confirmation) , and Status	Property Label: Location of Agent Configuration Repository Property Name: N/A Description: The value for this property is originally set when the agent profile is created. If desired, change the configuration location to whichever of the two options is available: centralized or local. The centralized location allows you to control the configuration in a centralized manner, such as from the Console. The local option is provided for backward compatibility purposes. If the local configuration option is selected, the agent will use its local configuration in the FAMAgentConfiguration.properites file in the agent installation directory. In addition, the Console will only display the following properties: Password , Password (confirmation) , and Status
Property Label: Agent Configuration Change Notification Property Name: com.sun.identity.agents.config.change.notification.enable Description: When this property is enabled, the agent receives notification messages from the Federated Access Manager server about configuration changes.	Property Label: Agent Configuration Change Notification Property Name: com.sun.identity.agents.config.change.notification.enable Description: When this property is enabled, the agent receives notification messages from the Federated Access Manager server about configuration changes.
Property Label: Enable Notifcations Property Name: com.sun.identity.agents.config.notification.enable Description: When this property is enabled, notifications help maintain the following agent caches: SSO, policy, and configuration.	N/A
Property Label: Agent Notifcation URL Property Name: com.sun.identity.client.notification.url Description: The value for this property is the URL used by the agent to register notification listeners.	Property Label: Agent Notification URL Property Name: com.sun.identity.client.notification.url Description: The value for this property is the URL used by the agent to register notification listeners.
Property Label: Agent Deploymet URI Prefix Property Name: com.sun.identity.agents.config.agenturi.prefix Description: The value for this property is the value of the Universal Resource Identifier (URI). The default value is /amagent.	N/A
Property Label: Configuration Reload Interval Property Name: com.sun.identity.agents.config.polling.interval Description: The value for this property is the interval in minutes to fetch the agent configuration from Federated Access Manager.	Property Label: Configuration Reload Interval Property Name: com.sun.identity.agents.config.load.interval Description: The value for this property is the interval in seconds between configuration reloads. Setting this property to 0 disables the hot-swap mechanism.
Property Label: Configuration Cleanup Interval Property Name: com.sun.identity.agents.config.cleanup.interval Description: The value for this property is the interval in minutes to cleanup old agent configuration entries.	N/A

Summary

That sums things up. If you ever have any questions about a property, ask me here. I'll try to get the answer, and if applicable, I'll add the information to the Policy Agent 3.0 properties wiki.