How to integrate opeanam ,web agent and java application?

Question

I have followed the below link for integration: http://docs.forgerock.org/en/openam/11.0.0/getting-started/

Step -1.configured our host file as 127.0.0.1 localhost openam.example.com www.example.com step:2.Installed Apache HTTP Server 2.2 and I am able to Browse to the home page, such as http://www.example.com:8383

Step.3.Installed Apache Tomcat(apache-tomcat-7.0.55) I deployed opeam.war inside the webapps andable to access through browser with openam.example.com:8080/openam/ Step:4: Configured a Policy in OpenAM

step:5:Created a Web Policy Agent Profile Name WebAgent Password password Configuration Centralized Server URL openam.example.com:8080/openam Agent URL example.com:8383

Step:6:Installed OpenAM Web Policy Agent It is working fine .

But, When I try to protect our java application using the Agent Url as openam.example.com:8080/ApplicationName We get the following error when we click on the Create option -> Error "Deployment URI in agent URL is not allowed". please do guide me or give me feedback in case, I am following a wrong approach while giving Agent Url as our "java Application URL" .

Answer 1

openam has a J2EE agent to protect java applications. You seem to be using the web agent which isn't recommended for j2ee agents.

Answer 2

In order for this to work you have to use either HTTP_HEADER or HTTP_COOKIE comm mechanism between web server (with web agent) and your J2EE application. You could use Profile Attributes processing section to map LDAP attributes to HTTP headers and in your java application you could read that headers.