Installation guide

Setting the REMOTE_USER Server Variable

Chapter 2 Policy Agents on Solaris and HP-UX 53

3. In the command above, the variables represent the following:

❍ cert-name can be any name for this certificate.

❍ cert-dir isthe directory where the certificate and key stores are located. The

location is:

Agent_Install_Dir

/Agents/domino/cert

❍ cert-file is the base-64 encoded certificate file.

For more information on

certutil

, type

certutil -H

4. Restart Domino Web Server.

Setting the REMOTE_USER Server Variable

The REMOTE_USER server environment variable can be set to a Identity Server

authenticated user or anonymous user. By setting this variable to a specific user,

the user becomes available to web applications (such as a CGI, servlet, or ASP

program). This feature makes it possible to personalize the content of displayed

HTML pages to specific users.

To enable the REMOTE_USER setting for globally not-enforced URLs as specified in

the AMAgent.properties file (these are URLs that can be accessed by

unauthenticated users), you must set the following property in the

AMAgent.properties file to TRUE (by default, this value is set to FALSE):

com.sun.am.policy.agents.anonRemoteUserEnabled

=TRUE

When you set this property value to TRUE, the value of REMOTE_USER will be set to

the value contained in the following property in the AMAgent.properties file (by

default, this value is set to anonymous):

com.sun.am.policy.agents.unauthenticatedUser=anonymous

Validating Client IP Addresses

This feature can be used to enhance security by preventing the stealing or hijacking

of SSOTokens.

NOTE

This feature is not available for the Sun ONE Web Proxy Server agent.