A.5 Connecting Access Manager with the Java Data Injection Module

After you have created your Java module, you must configure a policy in Access Manager to govern how the data you extract is injected into your application. This is done by establishing policy conditions, rules, and actions as outlined below.

  1. Copy your Java plug-in files to the Access Gateway. If the Access Gateway is a member of a cluster, copy them to each Access Gateway in the cluster.

    • JAR File: If you created a .jar file, copy the files to the Tomcat lib directory.

       <tomcat_home>/webapps/nesp/WEB-INF/lib

    • JAVA Files: If you created .java files (such as the sample code), copy the files to the Tomcat classes directory. For the sample code, this is the following directory: 

       <tomcat_home>/webapps/nesp/WEB-INF/classes/com/acme/policy/injection

  2. In the Administration Console, click Access Manager > Policies > Edit.

  3. In the Policy List, click New and provide the following values:

    Name: Specify a name for the policy.

    Type: Select Access Gateway: Identity Injection from the drop-down menu.

  4. Click OK to accept the values and open the Edit Policy page.

  5. (Optional) In the Description field, type a description for the policy.

  6. In the Actions pane, click New and select the location for injection information. For the sample code, select Inject into Custom Header.

    After you select the value, this window closes and you return to the Edit Policy page.

  7. In the Actions pane of the Edit Policy screen, provide values for the policy type. For the sample code, enter the following values:

    Custom Header Name: Name.

    Value: Select Java Data Injection Module from the drop-down menu.

    [text box]: Specify the package name of your plug-in. For the sample code, this value is com.acme.policy.injection.AccountDataFillerFactory. In your own implementation, you would provide the full package name to the location of your Java module.

  8. (Conditional) If your plug-in injects more than one value, repeat Step 7. For the sample code, you need to create a second password action, using all of the same values, except you use Password in the Custom Header Name field.

  9. Click OK.

    The Rule List pane in the Edit Policy window opens.

  10. To enable the changes in the new policy, click the Policies Panel link in the Rule List.

  11. Click OK when you are requested to save the changes and go to the Policies Panel.

  12. Click Apply Changes, then click.

    These steps create the Identity Injection policy. For the policy to be used, it must be assigned to protect a resource. For these instructions, see Assigning an Identity Injection Policy to a Protected Resource.