Java Policy Agents 5.10

Autonomous mode

In autonomous mode, the agent operates independently of AM, without needing to contact an AM instance. Agents allow access to resources as defined in not-enforced lists; otherwise, they deny access.

Agents evaluate not-enforced rules using the following features:

  • URLs, IP addresses, IP address ranges, and compound rules.

  • Rules applied to specific HTTP methods.

  • Inverted not-enforced rules, by using properties.

  • Inverted not-enforced rules, by using inline logical operators.

  • Rules that use regular expressions.

  • Rules applied in the presence of named cookies with specified values.

Because the agent does not attempt to contact AM, the following functionality is not available in autonomous mode:

  • Notifications

  • Remote auditing

  • Profile attributes

  • Session attributes

  • Response attributes

  • Continuous security

To enable autonomous mode, in the bootstrap properties file, AgentBootstrap.properties, set Autonomous mode to true, and restart the Java container where the agent is installed.

Because the agent does not contact AM when it starts in autonomous mode, the value of Location of Agent Configuration Repository must be LOCAL.

Copyright © 2010-2022 ForgeRock, all rights reserved.