OpenSSO error: Access denied as agent profile not found

OpenSSO FAQ: Why do I get the following error message after installing the OpenSSO web agent in Apache and then trying to hit a URL on my Apache web server?

Access denied as Agent profile not found in Access Manager.

Answer: I get this message from Apache when I've installed the web agent to the Apache server, but I haven't gone into the OpenSSO web console and configured OpenSSO to know about the web agent. (By this what I mean is that the Apache configuration files -- httpd.conf, to be specific -- have been modified to include the OpenSSO Web Agent into the configuration.)

The main thing to understand here is that installing a web agent is a two-step process: You must install the web agent into your Apache configuration, then you must configure OpenSSO to know about this new web agent.

Fixing the problem

To fix this problem, all you have to do is:

  1. Log into your OpenSSO web application.
  2. Select your realm,
  3. Select the Agents tab
  4. Select Web Agents
  5. Click New
  6. Enter the Apache web agent parameters, then save this agent configuration

Once you save this configuration in OpenSSO -- and assuming you are using a centralized configuration -- this error message should go away.

Of course it may be replaced by another error message related to privileges, but at least you've made it through this initial problem, and you're now on your way to configuring privileges and policies. :)