This test specification provides the usecases of work with IDM tools functionality. Verify Identity runtime (AM) and Identity tooling successfull installation and configuration. If you have already installed and configured the Java EE 5 SDK with Access Manager in the past, please check your userdir and if it exists, delete the file [Your_Userdir]/AccessManager/AMConfig_opt_SUNWappserver_domains)domain1_applications_j2ee-modules_amserver_ before you begin a fresh installation. Ensure that you have installed the full NetBeans IDE. You can use either standalone Netbeans installation or Tools bundle of Java EE 5 SDK, mentioned one line lower. Obtain latest version of Java Application Platform SDK 5 from http://java.sun.com/javaee/downloads/index.jsp. Easiest way is to download JavaEE + Tools version,which already contains NetBeans 6.1 Beta2 with SDK Glassfish added. Otherwise download JavaEE version and run the Java SDK installer, specify an installation directory, and accept the rest default. Check that Add-Ons include the Sun Java System Access Manager 7.1. Continue to run the Installer, when it finishes, click on "Start Server" button and select Finish. Start the IDE. Go to the Services tab, select the Servers node. right-click the Servers node and choose Add Server from the pop-up menu.. The Add Server Instance dialog opens. Click Next. The Platform Location Folder page opens. In the Platform Location field, use the Browse button to navigate to and select the directory containing the Java Application Platform SDK you have just installed. Click Finish. The Sun Java System Access Manager appears as a node in the Services Tab under the Application Server you have just installed. It should be started, it's neccessary to start SDK Glassfish first, to use Sun Java System Access Manager . Notice: When you log into AM admin console next time,there'll be no Configurator page,since configuration files are already there. Switch to 'Services' TAB / Servers / Glassfish v2 (server must be running). There should be 'Sun Java System Access Managers' node. There should be 'Sun Java System Access Managers > Default Instance > Profiles > Anonymous' node. There should be 'Sun Java System Access Managers > Default Instance > Profiles > SAML-SenderVauches' node. There should be 'Sun Java System Access Managers > Default Instance > Profiles > SAML-HolderOfKey' node. There should be 'Sun Java System Access Managers > Default Instance > Profiles > X509Token' node. There should be 'Sun Java System Access Managers > Default Instance > Profiles > UserNameToken' node. There should be 'Sun Java System Access Managers > Default Instance > Profiles > UserNameToken-plain' node. There should be 'Sun Java System Access Managers > Default Instance > Profiles > LibertyX509Token' node. There should be 'Sun Java System Access Managers > Default Instance > Profiles > LibertyBearerToken' node. There should be 'Sun Java System Access Managers > Default Instance > Profiles > LibertySAMLToken' node. Select one of the security profiles under 'Sun Java System Access Managers > Default Instance > Profiles' node. Right click on the profile and choose Edit. Editor window opened without any error. Select 'Anonymous' profile under 'Sun Java System Access Managers > Default Instance > Profiles' node in 'Services' TAB. Right click on the profile and choose 'Edit'. Editor window opened without any error. 'Sign response' checkbox is unchecked. 'Use Default Key Store' checkbox is checked and enabled. Editboxes 'Keystore Location', 'Keystore Password', 'Key Alias', 'Key Alias Password' are empty and disabled. 'Browse' button is disabled. Select 'SAML-SenderVouches' profile under 'Sun Java System Access Managers > Default Instance > Profiles' node in 'Services' TAB. Right click on the profile and choose 'Edit'. Editor window opened without any error. 'Sign response' checkbox is checked and enabled. 'Use Default Key Store' checkbox is checked and enabled. Editboxes 'Keystore Location', 'Keystore Password', 'Key Alias', 'Key Alias Password' are empty and disabled. 'Browse' button is disabled. Select 'SAML-HolderOfKey' profile under 'Sun Java System Access Managers > Default Instance > Profiles' node in 'Services' TAB. Right click on the profile and choose 'Edit'. Editor window opened without any error. 'Sign response' checkbox is checked and enabled. 'Use Default Key Store' checkbox is checked and enabled. Editboxes 'Keystore Location', 'Keystore Password', 'Key Alias', 'Key Alias Password' are empty and disabled. 'Browse' button is disabled. Select 'X509Token' profile under 'Sun Java System Access Managers > Default Instance > Profiles' node in 'Services' TAB. Right click on the profile and choose 'Edit'. Editor window opened without any error. 'Sign response' checkbox is checked and enabled. 'Use Default Key Store' checkbox is checked and enabled. Editboxes 'Keystore Location', 'Keystore Password', 'Key Alias', 'Key Alias Password' are empty and disabled. 'Browse' button is disabled. Select 'UserNameToken' profile under 'Sun Java System Access Managers > Default Instance > Profiles' node in 'Services' TAB. Right click on the profile and choose 'Edit'. Editor window opened without any error. 'Sign response' checkbox is checked and enabled. 'Use Default Key Store' checkbox is checked and enabled. Editboxes 'Keystore Location', 'Keystore Password', 'Key Alias', 'Key Alias Password' are empty and disabled. 'Browse' button is disabled. Username/password table should contain 1 row for user 'testuser'. Buttons 'Add...', 'Edit...' and 'Remove' should work properly and provide corresponding functionality. Select 'LibertyX509Token' profile under 'Sun Java System Access Managers > Default Instance > Profiles' node in 'Services' TAB. Right click on the profile and choose 'Edit'. Editor window opened without any error. 'Sign response' checkbox is checked and disabled. 'Use Default Key Store' checkbox is checked and enabled. Editboxes 'Keystore Location', 'Keystore Password', 'Key Alias', 'Key Alias Password' are empty and disabled. 'Browse' button is disabled. Select 'LibertyBearerToken' profile under 'Sun Java System Access Managers > Default Instance > Profiles' node in 'Services' TAB. Right click on the profile and choose 'Edit'. Editor window opened without any error. 'Sign response' checkbox is checked and disabled. 'Use Default Key Store' checkbox is checked and enabled. Editboxes 'Keystore Location', 'Keystore Password', 'Key Alias', 'Key Alias Password' are empty and disabled. 'Browse' button is disabled. Select 'LibertySAMLToken' profile under 'Sun Java System Access Managers > Default Instance > Profiles' node in 'Services' TAB. Right click on the profile and choose 'Edit'. Editor window opened without any error. 'Sign response' checkbox is checked and disabled. 'Use Default Key Store' checkbox is checked and enabled. Editboxes 'Keystore Location', 'Keystore Password', 'Key Alias', 'Key Alias Password' are empty and disabled. 'Browse' button is disabled. Verify WS security based on WebApplication project type. Note that verification should be done for projects with Java EE version 'Java EE 5' only, 'J2EE 1.4' (JAX-RPC web services) Identity support has been cancelled. Start IDE, start AS, create WebApplication1 and WS in it, create WebApplication2 and WSC in it. Select web service node in the projects tree under 'WebApplication1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'SAML-SenderVouches'. Push OK button to close the dialog with applying the changes. Deploy WebApplication1. Create Servlet in WebApplication2 and write the code in it for WS invocation. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'SAML-SenderVouches'. Push OK button to close the dialog with applying the changes. Deploy WebApplication2. Run servlet from WebApplication2. Servlet (WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'WebApplication1 > Configuration Files > amserver' and contain WSP configuration with 'SAML-SenderVouches' profile. File 'amconfig.xml' should be created under 'WebApplication2 > Configuration Files > amserver' and contain WSC configuration with 'SAML-SenderVouches' profile. Select web service node in the projects tree under 'WebApplication1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'SAML-HolderOfKey'. Push OK button to close the dialog with applying the changes. Deploy WebApplication1. Create Servlet in WebApplication2 and write the code in it for WS invocation. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'SAML-HolderOfKey'. Push OK button to close the dialog with applying the changes. Deploy WebApplication2. Run servlet from WebApplication2. Servlet (WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'WebApplication1 > Configuration Files > amserver' and contain WSP configuration with 'SAML-HolderOfKey' profile. File 'amconfig.xml' should be created under 'WebApplication2 > Configuration Files > amserver' and contain WSC configuration with 'SAML-HolderOfKey' profile. Select web service node in the projects tree under 'WebApplication1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'X509Token'. Push OK button to close the dialog with applying the changes. Deploy WebApplication1. Create Servlet in WebApplication2 and write the code in it for WS invocation. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'X509Token'. Push OK button to close the dialog with applying the changes. Deploy WebApplication2. Run servlet from WebApplication2. Servlet (WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'WebApplication1 > Configuration Files > amserver' and contain WSP configuration with 'X509Token' profile. File 'amconfig.xml' should be created under 'WebApplication2 > Configuration Files > amserver' and contain WSC configuration with 'X509Token' profile. Select web service node in the projects tree under 'WebApplication1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'UserNameToken'. Push OK button to close the dialog with applying the changes. Deploy WebApplication1. Create Servlet in WebApplication2 and write the code in it for WS invocation. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'UserNameToken'. Fill the appeared username and password editboxes with valid values (the same values should be in the UserNameToken profile runtime configuration). Push OK button to close the dialog with applying the changes. Deploy WebApplication2. Run servlet from WebApplication2. Servlet (WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'WebApplication1 > Configuration Files > amserver' and contain WSP configuration with 'UserNameToken' profile. File 'amconfig.xml' should be created under 'WebApplication2 > Configuration Files > amserver' and contain WSC configuration with 'UserNameToken' profile and entered user/password data. Select web service node in the projects tree under 'WebApplication1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertyX509Token'. Push OK button to close the dialog with applying the changes. Deploy WebApplication1. Create Servlet in WebApplication2 and write the code in it for WS invocation. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertyDiscoverySecurity'. Push OK button to close the dialog with applying the changes. Deploy WebApplication2. Run servlet from WebApplication2. Servlet page will be redirrected to access manager for authentication. Enter username/password (by default 'jsmith/jsmith') pair and Log In. Servlet (WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'WebApplication1 > Configuration Files > amserver' and contain WSP configuration with 'LibertyX509Token' profile. File 'amconfig.xml' should be created under 'WebApplication2 > Configuration Files > amserver' and contain WSC configuration with 'LibertyDicoverySecurity' profile. Select web service node in the projects tree under 'WebApplication1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertyBearerToken'. Push OK button to close the dialog with applying the changes. Deploy WebApplication1. Create Servlet in WebApplication2 and write the code in it for WS invocation. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertyDiscoverySecurity'. Push OK button to close the dialog with applying the changes. Deploy WebApplication2. Run servlet from WebApplication2. Servlet page will be redirrected to access manager for authentication. Enter username/password (by default 'jsmith/jsmith') pair and Log In. Servlet (WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'WebApplication1 > Configuration Files > amserver' and contain WSP configuration with 'LibertyBearerToken' profile. File 'amconfig.xml' should be created under 'WebApplication2 > Configuration Files > amserver' and contain WSC configuration with 'LibertyDicoverySecurity' profile. Select web service node in the projects tree under 'WebApplication1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertySAMLToken'. Push OK button to close the dialog with applying the changes. Deploy WebApplication1. Create Servlet in WebApplication2 and write the code in it for WS invocation. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertyDiscoverySecurity'. Push OK button to close the dialog with applying the changes. Deploy WebApplication2. Run servlet from WebApplication2. Servlet page will be redirrected to access manager for authentication. Enter username/password (by default 'jsmith/jsmith') pair and Log In. Servlet (WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'WebApplication1 > Configuration Files > amserver' and contain WSP configuration with 'LibertySAMLToken' profile. File 'amconfig.xml' should be created under 'WebApplication2 > Configuration Files > amserver' and contain WSC configuration with 'LibertyDicoverySecurity' profile. Verify WS security based on EJB Module project type. Note that verification should be done for projects with Java EE version 'Java EE 5' only, 'J2EE 1.4' (JAX-RPC web services) Identity support has been cancelled. Start IDE, start AS, create EJBModule1 and WS in it. Select web service node in the projects tree under 'EJBModule1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'SAML-SenderVouches'. Push OK button to close the dialog with applying the changes. Deploy EJBModule1. Create EJBModule2 and WSC in it. Create SessionBean in the EJBModule2 and add a business method to it with WS invocation code. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'SAML-SenderVouches'. Push OK button to close the dialog with applying the changes. Deploy EJBModule2. Create WebApplication3 and Servlet in it. Write the code in servlet to invoke the business method of SessionBean. Run servlet from WebApplication3. Servlet (SessionBean invocation code > WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'EJBModule1 > Configuration Files > amserver' and contain WSP configuration with 'SAML-SenderVouches' profile. File 'amconfig.xml' should be created under 'EJBModule2 > Configuration Files > amserver' and contain WSC configuration with 'SAML-SenderVouches' profile. Select web service node in the projects tree under 'EJBModule1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'SAML-HolderOfKey'. Push OK button to close the dialog with applying the changes. Deploy EJBModule1. Create EJBModule2 and WS in it. Create SessionBean in the EJBModule2 and add a business method to it with WS invocation code. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'SAML-HolderOfKey'. Push OK button to close the dialog with applying the changes. Deploy EJBModule2. Create WebApplication3 and Servlet in it. Write the code in servlet to invoke the business method of SessionBean. Run servlet from WebApplication3. Servlet (SessionBean invocation code > WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'EJBModule1 > Configuration Files > amserver' and contain WSP configuration with 'SAML-HolderOfKey' profile. File 'amconfig.xml' should be created under 'EJBModule2 > Configuration Files > amserver' and contain WSC configuration with 'SAML-HolderOfKey' profile. Select web service node in the projects tree under 'EJBModule1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'X509Token'. Push OK button to close the dialog with applying the changes. Deploy EJBModule1. Create EJBModule2 and WS in it. Create SessionBean in the EJBModule2 and add a business method to it with WS invocation code. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'X509Token'. Push OK button to close the dialog with applying the changes. Deploy EJBModule2. Create WebApplication3 and Servlet in it. Write the code in servlet to invoke the business method of SessionBean. Run servlet from WebApplication3. Servlet (SessionBean invocation code > WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'EJBModule1 > Configuration Files > amserver' and contain WSP configuration with 'X509Token' profile. File 'amconfig.xml' should be created under 'EJBModule2 > Configuration Files > amserver' and contain WSC configuration with 'X509Token' profile. Select web service node in the projects tree under 'EJBModule1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'UserNameToken'. Push OK button to close the dialog with applying the changes. Deploy EJBModule1. Create EJBModule2 and WS in it. Create SessionBean in the EJBModule2 and add a business method to it with WS invocation code. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'UserNameToken'. Fill the appeared username and password editboxes with valid values (the same values should be in the UserNameToken profile runtime configuration). Push OK button to close the dialog with applying the changes. Deploy EJBModule2. Create WebApplication3 and Servlet in it. Write the code in servlet to invoke the business method of SessionBean. Run servlet from WebApplication3. Servlet (SessionBean invocation code > WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'EJBModule1 > Configuration Files > amserver' and contain WSP configuration with 'UserNameToken' profile. File 'amconfig.xml' should be created under 'EJBModule2 > Configuration Files > amserver' and contain WSC configuration with 'UserNameToken' profile and entered user/password data. Select web service node in the projects tree under 'EJBModule1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertyX509Token'. Push OK button to close the dialog with applying the changes. Deploy EJBModule1. Create WebApplication2 and WS in it. Create Servlet in WebApplication2 and write the code in it for WS invocation. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertyDiscoverySecurity'. Push OK button to close the dialog with applying the changes. Deploy WebApplication2. Run servlet from WebApplication2. Servlet page will be redirrected to access manager for authentication. Enter username/password (by default 'jsmith/jsmith') pair and Log In. Servlet (WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'EJBModule1 > Configuration Files > amserver' and contain WSP configuration with 'LibertyX509Token' profile. File 'amconfig.xml' should be created under 'WebApplication2 > Configuration Files > amserver' and contain WSC configuration with 'LibertyDicoverySecurity' profile. Select web service node in the projects tree under 'EJBModule1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertyBearerToken'. Push OK button to close the dialog with applying the changes. Deploy EJBModule1. Create WebApplication2 and WS in it. Create Servlet in WebApplication2 and write the code in it for WS invocation. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertyDiscoverySecurity'. Push OK button to close the dialog with applying the changes. Deploy WebApplication2. Run servlet from WebApplication2. Servlet page will be redirrected to access manager for authentication. Enter username/password (by default 'jsmith/jsmith') pair and Log In. Servlet (WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'EJBModule1 > Configuration Files > amserver' and contain WSP configuration with 'LibertyBearerToken' profile. File 'amconfig.xml' should be created under 'WebApplication2 > Configuration Files > amserver' and contain WSC configuration with 'LibertyDicoverySecurity' profile. Select web service node in the projects tree under 'EJBModule1 > Web Services'. Right click on the web service and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertySAMLToken'. Push OK button to close the dialog with applying the changes. Deploy EJBModule1. Create WebApplication2 and WS in it. Create Servlet in WebApplication2 and write the code in it for WS invocation. Right click on the web service client and choose 'Edit Web Service Attributes'. In opened window select 'AM Security' TAB. Check in the checkbox 'Enable Message Level Security' and select security mechanism 'LibertyDiscoverySecurity'. Push OK button to close the dialog with applying the changes. Deploy WebApplication2. Run servlet from WebApplication2. Servlet page will be redirrected to access manager for authentication. Enter username/password (by default 'jsmith/jsmith') pair and Log In. Servlet (WS invocation code) should work without any errors. File 'amconfig.xml' should be created under 'EJBModule1 > Configuration Files > amserver' and contain WSP configuration with 'LibertySAMLToken' profile. File 'amconfig.xml' should be created under 'WebApplication2 > Configuration Files > amserver' and contain WSC configuration with 'LibertyDicoverySecurity' profile. Verify WS security profile options. It should be verified for all security profiles. Open 'Edit Web Service Attributes' for WSC. Check in 'Verify Response' checkbox. In case of 'Sign Response' option in runtime for this security profile is enabled the WS invocation test should pass otherwise should fail. Open 'Edit Web Service Attributes' for WSC. Clear 'Verify Response' checkbox. Independent of 'Sign Response' option in runtime for this security profile is enabled or not the WS invocation test should pass. Create custom keystore and import certificate from the 'amclientkeystore.jks'. Configure AM runtime security profile to use this custom keystore. Configure WSC to use this custom keystore. Run test to verify WS invocation code. Test should pass. Verify WS security based on Web Application project type inside EAR. Note that verification should be done for projects with Java EE version 'Java EE 5' only, 'J2EE 1.4' (JAX-RPC web services) Identity support has been cancelled. Start IDE, start AS. Create EnterpriseApplication1 with WebModule1 in it, create WS in WebModule1. Create EnterpriseApplication2 with WebModule2 in it, create WSC in WebModule2. Verify all test cases from section 'Verify WS security based on Web Application project type'. The only differences is web project will be a module of entrprise application and need to deploy whole enterprise application instead of web project separately. All testcases should pass. Verify WS security based on EJB Module project type inside EAR. Start IDE, start AS. Create EnterpriseApplication1 with EJBModule1 in it, create WS in EJBModule1. Create EnterpriseApplication2 with EJBModule2 in it, create WSC in EJBModule2. Verify all test cases from section 'Verify WS security based on EJB Module project type'. The only differences is ejb module will be a module of entrprise application and need to deploy whole enterprise application instead of ejb module separately. All testcases should pass. Verify WS security with remote AM instance. Cofigure AM for remote use on the remote host. Start IDE. Right click on the 'Sun Java System Access Managers' node in the 'Services' TAB and choose 'Add Server...'. In appeared dialog fill the remote server details and push 'Finish' button. Add remote AS instance and start it. Verify all testcases from this test specification. The only differences is all applications will be deployed on the remote AS and in the 'Edit WS Attributes' dialogs need to set server value with remote AM instance. Remote AM instance node should appear in the 'Services' TAB under 'Sun Java System Access Managers' node. All testcases should pass. There should be no conflicts between AM security and WSIT security. Note that verification should be done for WS and WSC based on all supported projects types and different Java EE versions (Java EE 5 and J2EE 1.4). Open 'Edit Web Service Attributes' dialog for WS. Switch to the 'WSIT Configuration' TAB and check in 'Secure Service' checkbox. Switch to the 'AM Security' TAB. Checkbox 'Enable Message Level Security' should be disabled. Open 'Edit Web Service Attributes' dialog for WS. Switch to the 'AM Security' TAB and check in 'Enable Message Level Security' checkbox. Switch to the 'WSIT Configuration' TAB. Checkbox 'Secure Service' should be disabled. Open 'Edit Web Service Attributes' dialog for WSC. Switch to the 'WSIT Configuration' TAB and enable WSIT security. Switch to the 'AM Security' TAB. Checkbox 'Enable Message Level Security' should be disabled. Open 'Edit Web Service Attributes' dialog for WSC. Switch to the 'AM Security' TAB and check in 'Enable Message Level Security' checkbox. Switch to the 'WSIT Configuration' TAB. All checkboxes should be disabled. The identity samples should work without any errors. Start IDE, start AS. Create 'Stock Service' project from category 'Samples > Identity Blueprints'. Resolve reference problems for created project. Create 'Stock Client' project from category 'Samples > Identity Blueprints' Verify all testcases from section 'Verify WS security based on Web Application project type'. The only differences is client web project will be a module of enterprise application and need to deploy whole enterprise application instead of client web project separately. All testcases should pass with Stock sample projects.