Access Manager 7.1: Configuration and Customization (AM-3480)
Sun Java System Access Manager is a security foundation that helps organizations manage secure access to an enterprise web application both within the enterprise and across business-to-business value chains. It provides open, standards-based authentication and policy-based authorization with a single, unified framework. It secures the delivery of essential identity and application information to meet current needs and to scale with growing business needs, by offering single sign-on, as well as enabling federation across trusted networks of partners, suppliers, and customers. The Sun Java System Access Manager: Configuration and Customization course provides students with a description of the role of Access Manager in an identity management solution. Students learn to configure, manage, administer, and customize Access Manager services, authentication, authorization, and federated identity. This comprehensive course covers a number of identity management concepts and Access Manager functions that range in complexity from introductory to advanced. This course does not cover basic installation, Java technology programming, Extensible Markup Language (XML), Lightweight Directory Access Protocol (LDAP), and Sun Java System Directory Server (Directory Server) concepts. These topics are covered in other Sun courses. The hands-on labs offered in this course might involve accessing equipment that resides at a location other than where the training is delivered.
Skills Gained
Upon completion of this course, students should be able to:
Define the role of Access Manager and list the features and functions of Access Manager that address key business challenges
Configure Access Manager and Policy Agents
Configure and customize authentication and SSO
Configure, administer, personalize, and customize authorization
Describe the Security Assertions Markup Language (SAML) and federated identity, and their implementation in Access Manager
Implement advanced deployment scenarios, including high availability
Who Can Benefit
Students who can benefit from this course are system engineers, professional services consultants, application developers, architects, and other technical personnel. The course is designed for those who must implement Access Manager in an existing infrastructure and adapt the product appearance and functionality to suit the specific enterprise requirements.
Prerequisites
To succeed fully in this course, students should be able to:
Demonstrate proficiency with the Solaris Operating System (Solaris OS)
Navigate a directory information tree (DIT)
Install the Sun Java Enterprise System
Demonstrate proficiency with XML and interpret Document Type Definition (DTD) files
Demonstrate familiarity with Hypertext Markup Language (HTML)
Demonstrate familiarity with Java programming and JavaServer Pages [JSP(TM)pages]
Demonstrate familiarity with Hypertext Markup Language (HTML)
Demonstrate familiarity with Java programming and JavaServer Pages(JSP(TM)pages)
Code:
AM-3480
Length:
5 days
Type:
Instructor-Led
Certified By:
Sun Microsystems
Tuition:
$3,500 / $2,975 GSA GOV.
This course is taught by Certified Sun Microsystems instructors. There is a difference. Learn More
This course is in the following categories. Click the categories to find similar courses and topics of interest.
Module 1 - Installing Sun Java System Access Manager
Define identity and federated identity
Describe the Sun Java System identity management framework
Identify Access Manager components
Describe Policy Agent software
Describe the hardware and pre-installed files on your lab system
Install the Sun Java System Directory Server Enterprise Edition and Sun Java System Web Server software
Install the Access Manager software
Module 2 - Configuring and Deploying Access Manager and Policy Agent Software
Identify deployment components
List basic deployment scenarios
Identify Java ES installation options that impact deployment
Describe Access Manager configuration
Configure Policy Agent instances
Configure the secure sockets layer (SSL) with Access Manager
Start and stop Access Manager and Policy Agent instances
Secure the Access Manager web container
Configure the Access Manager instance
Configure the Example Chocolates web site
Install and configure Policy Agent software
Module 3 - Configuring Access Manager Realms
Describe the types of data that Access Manager uses
Describe Access Manager realms
Describe realm and legacy modes
Describe data store types
Configure data stores
Describe Access Manager management tools
Create and configure realms
Prepare the Example Chocolates user directory
Create a realm using the CLI
Create and configure realms using the console and the CLI
Module 4 - Configuring Access Manager Services
Describe Access Manager services
Configure Access Manager services using the console
Configure Access Manager services using the CLI
Describe service configuration for new realms
Locate service files
Configure the Session Service using the CLI
Configure the Session Service using the console
Describe the service configuration for a new realm
Module 5 - Logging, Debugging, and Monitoring
Locate, configure, and interpret Access Manager log files and database tables
Locate and configure debug files
Locate and configure Policy Agent log files
Monitor Access Manager instances using Java ES monitoring
Review Access Manager log files
Log on to a relational database
Enable message-level debugging
Monitor Java ES objects (optional)
Module 6 - Configuring Authentication
Describe the Access Manager authentication process
Configure Access Manager authentication
Configure Access Manager sessions
Describe SSO
Configure a customized authentication interface
Configure data store authentication
Configure an authentication chain with multiple authentication module instances
Configure account lockout for a realm
Use Access Manager for programmatic authentication (optional)
Customize the authentication interface templates for a realm (optional)
Localize the authentication interface for a realm (optional)
Module 7 - Configuring Policy
Describe policy
Describe the policy architecture
Describe policy components
Describe policy storage
Administer policy
Configure policies using the console
Delegate administration
Configure a different default login URL in the Policy Agent
Create policies for the Example Chocolates web site
Create a policy that uses realm authentication
Delegate administration to users
Module 8 - Exploring Policy Evaluation
Describe policy evaluation principles
Examine a policy evaluation example
Locate policy evaluation request and policy decision documents and review the Access Manager policy log files
Module 9 - Analyzing Federated Identity Scenarios
Define federated identity
Identify business scenarios addressed by federated identity
Describe basic federated identity technologies and how they solve business problems
Describe federation frameworks
Describe the Security Assertion Markup Language (SAML)
Analyze business problems addressed by federated identity and describe technologies that provide solutions
Module 10 - Configuring SAML Version 1 Single Sign-On
Describe SAML 1 assertions, protocols, and bindings
Describe SAML 1 profiles
Configure SAML 1 support on Access Manager
Sign SAML assertions
Configure SSO using SAML version 1.1
Module 11 - Examining Advanced Federation
Describe advanced federated identity technologies
Identify advanced identity federation frameworks
Describe framework implementation in Access Manager
Federate accounts on an identity provider and a service provider
Federate and defederate accounts
Module 12 - Deploying Access Manager for High Availability
Describe cross-domain single sign-on (CDSSO)
Describe and configure distributed authentication
Describe and configure high availability
Perform advanced configuration
Configure and secure new Web Server instances
Configure a second Access Manager instance
Configure the Policy Agent to fail over to the second Access Manager instance
Configure the Policy Agent to work with load-balanced Access Manager instances
When you take a certified course with ExitCertified, you are learning from
the creators of the products you use. Our commitment to your IT
community, along with our authorization to deliver certified courses,
ensures you receive a premium training experience.
