Friday Oct 23, 2009
Friday Oct 23, 2009
This question has come up a couple of times so I thought I will write a quick blog about it. In Sun Identity Manager (IdM), the password policy can be setup with character type rules that apply to the policy. What is the list of Special Characters in the password policy?
The list of Special Characters that is used by IdM password policy is in the UserUIConfig object. You can look at this using /idm/debug page and find this list in Configuration->UserUIConfig object. There is a tag called <PolicySpecialChars> in this UserUIConfig Configuration object where these characters are defined.
Friday Aug 28, 2009
Check out the recently released book - "Sun Web Server: The Essential Guide". In my opinion, this book is a must have for all Sun Web Server administrators. Reading product documentation from docs.sun.com is always a good thing but in my view this can sometimes become somewhat monotonous when compared to reading a well written book that captivates and gets your attention. This Sun Web Server book has been carefully thought of and is very well written. It has concrete and easy to understand examples with good explanations about web server internals. Apart from web administrators, I think this book will also be useful for developers and architects interested in understanding Sun Web Server internals and extending the server functionality. So go ahead and check this book out, I bet you will like it!
Friday Aug 14, 2009
If Sun Identity Manager version 8.1 is deployed with a Load Balancer or Reverse HTTP Proxy server in front of it and you need to log the IP address of the actual client in Audit logs then you need to configure Identity Manager (IdM) to pick the client IP address from the HTTP request headers. For example, if the Load Balancer sends the actual client IP address in the "X-Forwarded-For" HTTP request header then you would have to modify the IdM “Waveset.properties” file to make it read this header and log the client IP address from this header. To do this, edit the "Waveset.properties" file and set "client.headerIPVariable" as follows:
client.headerIPVariable=X-Forwarded-For
Save the “Waveset.properties” file and restart IdM server. Now when a user logs in to IdM, you should see the actual IP address of the actual client rather than the Load Balancer IP address being logged in IdM Audit logs. Some times the "X-Forwarded header" of an incoming HTTP request can contain multiple IP addresses like "<Client IP>, <Proxy IP>, <Load Balancer IP>". In this case, I noticed that IdM 8.1 logs all three IP addresses, which is nice.
Monday Aug 03, 2009
I have come across many customers trying to integrate Sun Identity Manager (IdM) and Sun Role Manager (SRM) products and I thought this will be a good topic to write about. In an environment where Sun IdM is already deployed, Sun Role Manager (SRM) can connect to IdM using SPML interface and then it can be used to import user data. In such integration, Sun IdM and SRM need to be configured to allow using SPML as the way of exchanging provisioning information.
Here are the high level steps to configure this integration between SRM and IdM:
- Log in to SRM and navigate to Administration->Configuration->Provisioning Servers. Click on the New Provisioning Server Connection button and select Sun from the list.
- Enter the following information on "New Provisioning Server Connection" screen -
- Log in to Sun IdM as "configurator" and navigate to Configure->Import Exchange File and import "rm_idm_init.xml" and "spml.xml" files. The "rm_idm_init.xml" file can be obtained from SRM installation(look under $SRM_HOME/conf/spml directory). This completes the SRM-IdM integration configuration.
- To import users or accounts from Sun IDM, log in to SRM and navigate to Administration->Configuration->Import/Export Click on Schedule Job and Select the Sun IDM connection that was set up in step 2 and click on Next. You can check the "Run Job Now?" check box to trigger the user import job immediately. Or you can schedule the user import job on a future date. Similarly, you can import accounts by clicking on the Import Accounts link in the schedule job window.
Connection Name - Enter a name
for the new connection being
created with the Sun IdM. This connection name is used during import
process instead of the Host Name and Port, which is difficult to
remember. e.g. "Sun IDM Connection"
SPML URL - Here, SPML URL pattern is - http://host:port/idm/servlet/rpcrouter2
e.g. http://localhost:8080/idm/servlet/rpcrouter2
* User Name - “configurator”
* Password - “**********”
* Check Role Consumer if you want to enable ad-hoc roles transfer and update between SRM and Sun IdM
SPML URL - Here, SPML URL pattern is - http://host:port/idm/servlet/rpcrouter2
e.g. http://localhost:8080/idm/servlet/rpcrouter2
* User Name - “configurator”
* Password - “**********”
* Check Role Consumer if you want to enable ad-hoc roles transfer and update between SRM and Sun IdM
Tuesday Jan 23, 2007
The all new Sun Java System Web Server 7.0 in standalone form has been released and is now available for download. This release features an entirely re-designed Administration interface designed around clusters, easy access to frequently performed tasks, simplification of frequently performed tasks, and a fully scriptable command line interface(CLI) featuring functional parity with the browser-based interface.
Here's my top 10 list of what's cool in this release:
- Full 64-bit support for Solaris SPARC and Solaris AMD64 platforms
- Regular expression pattern matching for URL re-writing and mass hosting
- Elliptic Curve Cryptography (ECC)
- Built in request mapping for protection against abnormal load patterns and Denial of Service protection
- Out-of-box Java support for Servlets 2.4, JSP 2.0, JSF 1.1, JSTL 1.1, JWSDP 2.0 based web services
- Java session failover and recovery within a cluster of peers
- Integrated HTTP reverse proxy User-Agent
- Bundled FastCGI client for use with third party scripting environments like Perl, PHP, Ruby on Rails etc
- If/Then/Else constructs within request processing
- Advanced sed based input and output filters
For additional information, check out the Product Documentation. Download this release and send us your feedback. To discuss any features or if you have any questions, you can post to the web server forum.
Saturday Dec 23, 2006
Wish you all a Merry Christmas and a Very Happy New Year!
Yesterday we went to Christmas in the Park . Christmas in the Park is a San Jose Community tradition that is organized as a non-profit corporation known as Christmas in the Park, Inc. Each year, Plaza de Cesar Chavez in San Jose is transformed into a holiday fantasy with musical and animated exhibits and glittering lights and the 60-foot City Community Giving Tree. Here are some pictures.
Wednesday Nov 29, 2006
Java SE team has come out with the TZupdater tool some time back. This TZupdater tool is provided to allow the updating of installed JDK/JRE images with more recent timezone data in order to accommodate the U.S. 2007 daylight saving time changes (US2007DST) originating with the U.S. Energy Policy Act of 2005.
This tool is available now for download from the Sun Java SE download site.
For more information, check out the README file.
Note: This tool is currently a Beta release.
Sunday May 21, 2006
There is nothing quite like JavaOne conference, its one event that I look forward to every year. Thanks for stopping by at the Sun Java System Web Server booth last week at JavaOne. It was good talking and meeting you all. We received very encouraging feedback. For those who were not able to visit us at Booth 702, the Sun Java System Web Server 7 Technology Preview release is out now, and it's *free*. Check it out and send us your feedback!
Saturday May 13, 2006
Joe McCabe has written an excellent article about using PHP on Sun Java System Web Server. The PHP engine can run with Web Server 6.1 as a CGI program, as a FastCGI server, or as a plugin using the Web Server's NSAPI and this article covers all this in great details.
JavaOne 2006
Time flies, its JavaOne days again! The countdown for 2006 JavaOne Conference has started. I believe that JavaOne is the most exciting event for any Java developer or for anyone working on Java technology. Don't miss this event, be there. Remember to visit the Sun Java System Web Server 7.0 Technology Preview booth. Looking forward to seeing you all!
Tuesday Dec 20, 2005
Google launched Gmail Mobile a few days back. You can access your Gmail account from your mobile phone or device by pointing your phone's web browser to http://m.gmail.com. I tried Gmail Mobile using a Nokia 6200 phone and it worked just fine. The interface is pretty clean, easy to use and is mobile phone friendly. Here is the list of carriers and phones that currently support Gmail Mobile.
Friday Dec 02, 2005
Thinkers 50 website has been providing a list of most influential living management thinkers. Take a look at the 2005 top 50 global thinkers list.
The candidates are judged on parameters like originality of ideas, their practical application, rigor of research, the impact of their ideas, global outlook and loyalty of followers.
Wednesday Oct 19, 2005
With gas prices skyrocketing, I feel fortunate to work for a Commuter-friendly company. The Environmental Protection Agency(EPA) has released a "Best Workplaces for Commuters" list.
The Top 20 employers on this list of Best Workplaces for Commuters from the FORTUNE 500 Companies are ranked by the percentage of their total U.S. workforce eligible for outstanding commuter benefits that meet EPA's National Standard of Excellence.
Wednesday Sep 07, 2005
The NC05Q3 Web Event is coming up on Monday, September 12, 2005.
Sign up for e-mail reminder and stay tuned for some big announcements about new x64-based systems!
