21.2 Upgrading from iChain 1.5

Upgrading from iChain 1.5 to iChain 2.3 requires the same steps as described in Section 21.1, Upgrading from iChain 2.0, 2.1, and 2.2, with a primary difference from what is described in 5. Convert and Modify Existing ACL/ISO Definitions. You should replace this section with the instructions below:

21.2.1 5. Converting and Modifying Existing ACL/ISO Definitions When Upgrading from iChain 1.5

The ConsoleOne snap-ins that ship with iChain 2.3 can detect iChain 2.0-formatted objects. After upgrading the Authorization Server from 1.5 to 2.3 and selecting properties of the original 1.5 ISO with the new 2.3 snap-ins, you see the following message, asking whether the 1.5 ISOs should be upgraded:

Figure 21-1 iChain 1.5 Protected Resources Found

If you select Yes, the ISO attributes are converted to the 2.3 format, which means the ISO access mode defaults to Secure (requiring users to authenticate before authorization to access the protected resource at the origin server is granted). If needed, modify the resources when the conversion is completed. The modify dialog box is shown here:

Figure 21-2 Modify Existing Protected Resource

If you select No at the iChain 1.5 Protected Resources Found dialog box, the object remains as an iChain 1.5 protected resource and the resources on this ISO continues to function as they did in iChain 1.5. For backward compatibility, you should make all changes to the protected resources with the iChain 1.5 snap-ins.

NOTE:If administrators are creating completely new objects, the following should be considered:

1. The ISO has many new attributes. The most important of these involves the protected resource mode (public, secured, or protected). The defined protected resource needs a /* at the end for accessing resources in all subdirectories.

2. If you decide to re-create the ISO, the corresponding Rule Objects referencing the old ISO's protected resources must be re-created. If this is not done, ACLCHECK reports "old version" errors.