Agent API › Implement the Pure Java Agent API

Implement the Pure Java Agent API

Applications that are built using the pure Java Agent API either directly or indirectly (through another agent) are insulated from underlying implementation details, including:

• User namespaces, such as LDAP directories, SQL databases, or NT domains
• Authentication methods as simple as username/password or as complex as PKI systems
• Authorizations based on group membership or individual profile data

Additional benefits provided by the Java Agent API include full session management support, automatic encryption key rollover, and real-time policy updates.

To implement the pure Java Agent API

1. Review the required software as listed in the accompanying release notes.
2. Review the sample code.
3. Write source code for your client application.
4. Ensure that SiteMinder can find the pure Java Agent API .jar file when you compile or run an agent that uses the Java Agent API. The JAR file, smagentapi.jar, is stored in the following locations:
   • Windows platforms:

     <install_path>\sdk\java

   • UNIX platforms:

     <install_path>/sdk/java

     Add smagentapi.jar to your CLASSPATH setting. When compiling, you can use the -classpath switch.

5. Compile the Java Agent API application using javac.

   For an example, see java-build.bat or java-build.sh in the sample directory smjavaagentapi.

6. Configure the Policy Server to use the Java Agent API application.
7. Run the application.

Backward compatibility

The pure Java Agent API maintains binary and source compatibility with the JNI Java Agent API. The pure Java Agent API supports all of the other SiteMinder Java SDK interfaces that rely on the Agent API for connectivity to the SiteMinder Policy Server, including the SiteMinder Policy Management API and the SiteMinder DMS API, in addition to extending the portability of those interfaces.

Configuration limitations

The pure Java Agent API does not change the configuration of either the SiteMinder Application Server Agents or any agents developed with the SiteMinder SDK. The configuration of the pure Java Agent API is identical to the configuration of the JNI Java Agent API with the following exceptions:

• Migration of UNIX agents from the JNI Java Agent API to the pure Java Agent API requires re-registration of the trusted host entity with the SiteMinder Policy Server because the shared secret in the JNI Java API is computed differently from the pure Java implementation.
• On both Unix and Windows systems (due to file-locking incompatibilities with the native code Agent API), the SmHost.conf file cannot be shared between agents using the C/C++ or JNI Java Agent API and agents using the pure Java Agent API. Therefore, a separate copy of the bootstrap configuration file must be kept for pure Java Agent API agents.
• Upgrades from the JNI Java Agent API on Unix systems requires users of custom 4.x-based agents that use shared secrets encrypted with the 4.x encryptkey tool to update their shared secret on the agent side for upgraded agents.
• The pure Java Agent API does not obtain Agent configuration information from the Windows Registry.