Documentation update (#834)

Author: maximthomas

openam-documentation/openam-doc-source/src/main/asciidoc/admin-guide/chap-admin-tools.adoc

@@ -12,12 +12,13 @@
   information: "Portions copyright [year] [name of copyright owner]".
 
   Copyright 2017 ForgeRock AS.
-  Portions Copyright 2024 3A Systems LLC.
+  Portions Copyright 2024-2025 3A Systems LLC.
 ////
 
 :figure-caption!:
 :example-caption!:
 :table-caption!:
+:openam-version: 15.1.3
 
 
 [#chap-admin-tools]
@@ -82,19 +83,19 @@ Unpack this tool as part of policy agent installation.
 This tool lets you change OpenAM Administrator passwords, and display encrypted password values.
 
 +
-Install this from the `SSOAdminTools-13.5.2.zip`.
+Install this from the `SSOAdminTools-{openam-version}.zip`.
 
 `amverifyarchive`::
 This tool checks log archives for tampering.
 
 +
-Install this from `SSOAdminTools-13.5.2.zip`.
+Install this from `SSOAdminTools-{openam-version}.zip`.
 
-`openam-distribution-configurator-13.5.2.jar`::
+`openam-distribution-configurator-{openam-version}.jar`::
 This executable `.jar` file lets you perform a silent installation of an OpenAM server with a configuration file. For example, the `java -jar configurator.jar -f config.file` command couples the `configurator.jar` archive with the __config.file__. The `sampleconfiguration` file provided with the tool is set up with the format for the `config.file`, and it must be adapted for your environment.
 
 +
-Install this from `SSOConfiguratorTools-13.5.2.zip`.
+Install this from `SSOConfiguratorTools-{openam-version}.zip`.
 
 `ssoadm`::
 This tool provides a rich command-line interface for the configuration of OpenAM core services.
@@ -103,7 +104,7 @@ This tool provides a rich command-line interface for the configuration of OpenAM
 In a test environment, you can activate `ssoadm.jsp` to access the same functionality in your browser. Once active, you can use many features of the `ssoadm` command by navigating to the `ssoadm.jsp` URI, in a URL, such as `\http://openam.example.com:8080/openam/ssoadm.jsp`.
 
 +
-Install this from `SSOAdminTools-13.5.2.zip`.
+Install this from `SSOAdminTools-{openam-version}.zip`.
 
 +
 To translate settings applied in OpenAM console to service attributes for use with `ssoadm`, log in to the OpenAM console as `amadmin` and access the services page, in a URL, such as `\http://openam.example.com:8080/openam/services.jsp`.

openam-documentation/openam-doc-source/src/main/asciidoc/admin-guide/chap-audit-logging.adoc

@@ -18,6 +18,7 @@
 :figure-caption!:
 :example-caption!:
 :table-caption!:
+:openam-version: 15.1.3
 
 
 [#chap-audit-logging]
@@ -27,7 +28,7 @@ OpenAM supports a comprehensive Audit Logging Service that captures key auditing
 
 Audit logs gather operational information about events occurring within an OpenAM deployment to track processes and security data, such as authentication mechanisms, system access, user and administrator activity, error messages, and configuration changes.
 
-This chapter describes the new, common REST-based Audit Logging Service available in OpenAM 13.5.2-15. OpenAM 13.5.2-15 also supports a legacy Logging Service, based on a Java SDK and available in OpenAM versions prior to OpenAM 13.5.2-15. The legacy Logging Service will be deprecated in a future release of OpenAM.
+This chapter describes the new, common REST-based Audit Logging Service available in OpenAM {openam-version}. OpenAM {openam-version} also supports a legacy Logging Service, based on a Java SDK and available in OpenAM versions prior to OpenAM {openam-version}. The legacy Logging Service will be deprecated in a future release of OpenAM.
 
 The Audit Logging Service uses a structured message format that adheres to a consistent and documented log structure common across the Open Identity Platform stack, including OpenAM, OpenIDM, OpenDJ, and OpenIG.
 
@@ -45,7 +46,7 @@ OpenAM's Audit Logging Service provides a versatile and rich feature set as foll
 
 * *Global and Realm-Based Log Configuration*. You can configure audit logging globally, which ensures that all realms inherit your global log settings. You can also configure audit logging by realm, which allows you to set different log settings for each realm.
 
-* *Audit Event Handlers*. The Audit Logging Service supports a variety of audit event handlers that allow you to write logs to different types of data stores. See xref:#configuring-audit-event-handlers["Configuring Audit Event Handlers"] for a list of event handlers available in OpenAM 13.5.2-15.
+* *Audit Event Handlers*. The Audit Logging Service supports a variety of audit event handlers that allow you to write logs to different types of data stores. See xref:#configuring-audit-event-handlers["Configuring Audit Event Handlers"] for a list of event handlers available in OpenAM {openam-version}.
 
 * *Audit Event Buffering*. By default, OpenAM writes each log message separately as they are generated. OpenAM supports message buffering, a type of batch processing, that stores log messages in memory and flushes the buffer after a preconfigured time interval or after a certain number of log messages reaches the configured threshold value.
 

openam-documentation/openam-doc-source/src/main/asciidoc/admin-guide/chap-cdsso.adoc

@@ -12,12 +12,13 @@
   information: "Portions copyright [year] [name of copyright owner]".
 
   Copyright 2017 ForgeRock AS.
-  Portions Copyright 2024 3A Systems LLC.
+  Portions Copyright 2024-2025 3A Systems LLC.
 ////
 
 :figure-caption!:
 :example-caption!:
 :table-caption!:
+:openam-version: 15.1.3
 
 
 [#chap-cdsso]
@@ -126,7 +127,7 @@ You can find this file where you deployed OpenAM, such as `/path/to/tomcat/webap
 +
 When you add an image or other presentation element, make sure that you retain the form and JavaScript as is.
 
-. Unpack OpenAM-13.5.2.war, and replace the file with your modified version.
+. Unpack OpenAM-{openam-version}.war, and replace the file with your modified version.
 +
 Also include any images you reference in the page.
 

openam-documentation/openam-doc-source/src/main/asciidoc/admin-guide/chap-federation.adoc

@@ -18,6 +18,7 @@
 :figure-caption!:
 :example-caption!:
 :table-caption!:
+:openam-version: 15.1.3
 
 
 [#chap-federation]
@@ -407,12 +408,12 @@ Deploying the identity provider discovery service involves the following stages:
 ====
 How you deploy the discovery service `.war` file depends on your web application container. The procedure in this section shows how to deploy on Apache Tomcat.
 
-. Copy the `IDPDiscovery-13.5.2.war` file to the `webapps/` directory.
+. Copy the `IDPDiscovery-{openam-version}.war` file to the `webapps/` directory.
 +
 
-[source, console]
+[source, console, subs="attributes"]
 ----
-$ cp ~/Downloads/openam/IDPDiscovery-13.5.2.war \
+$ cp ~/Downloads/openam/IDPDiscovery-{openam-version}.war \
  /path/to/tomcat/webapps/disco.war
 ----
 
@@ -1560,7 +1561,7 @@ The following table provides information to help you decide whether to implement
 |===
 |Deployment Task or Requirement |Implementation Mode 
 
-a|You are migrating an existing OpenAM SAML v2.0 deployment from OpenAM 12 (or earlier) to OpenAM 13.5.2-15. Note that all OpenAM SAML v2.0 deployments prior to OpenAM 13 are standalone mode deployments.
+a|You are migrating an existing OpenAM SAML v2.0 deployment from OpenAM 12 (or earlier) to OpenAM {openam-version}. Note that all OpenAM SAML v2.0 deployments prior to OpenAM 13 are standalone mode deployments.
 a|Do not modify your deployment to integrated mode unless you want to change your authentication scenario to have SAML v2.0 authentication integrated into an OpenAM authentication chain.
 
 a|You want to deploy SAML v2.0 SSO and SLO using the easiest technique.
@@ -2110,7 +2111,7 @@ Edit the source of the OpenAM Java Server Page, `saml2/jsp/autosubmitaccessright
 +
 When you add an image or other presentation element, make sure that you retain the form and Java code as is.
 
-. Unpack OpenAM-13.5.2.war, and add your modified template files under `WEB-INF/classes/` where you unpacked the .war.
+. Unpack OpenAM-{openam-version}.war, and add your modified template files under `WEB-INF/classes/` where you unpacked the .war.
 +
 Also include any images you reference in the page.
 

openam-documentation/openam-doc-source/src/main/asciidoc/admin-guide/chap-monitoring.adoc

@@ -12,12 +12,13 @@
   information: "Portions copyright [year] [name of copyright owner]".
 
   Copyright 2017 ForgeRock AS.
-  Portions Copyright 2024 3A Systems LLC.
+  Portions Copyright 2024-2025 3A Systems LLC.
 ////
 
 :figure-caption!:
 :example-caption!:
 :table-caption!:
+:openam-version: 15.1.3
 
 
 [#chap-monitoring]
@@ -149,7 +150,7 @@ To enable SNMP, see xref:#monitoring-snmp["SNMP Monitoring"]
 
 Once activated, SNMP monitoring works over UDP by default. You may want to install one of many available network monitoring tools. For the purpose of this section, basic SNMP service and monitoring tools have been installed on a GNU/Linux system. The same commands should work on a Mac OS X system.
 
-SNMP depends on labels known as Object Identifiers (OIDs). These are uniquely defined labels, organized in tree format. For OpenAM, they are configured in a `.mib` file named `FORGEROCK-OPENAM-CTS.mib`, found inside the `/path/to/tomcat/webapps/openam/WEB-INF/lib/openam-mib-schema-13.5.2-15.jar` file of the OpenAM deployment.
+SNMP depends on labels known as Object Identifiers (OIDs). These are uniquely defined labels, organized in tree format. For OpenAM, they are configured in a `.mib` file named `FORGEROCK-OPENAM-CTS.mib`, found inside the `/path/to/tomcat/webapps/openam/WEB-INF/lib/openam-mib-schema-{openam-version}.jar` file of the OpenAM deployment.
 
 For detailed information on configured OIDs, see xref:../reference/chap-cts-oids.adoc#chap-cts-oids["Core Token Service (CTS) Object Identifiers"] in the __Reference__.
 
@@ -185,7 +186,7 @@ You can monitor policy evaluation performance over SNMP. OpenAM records statisti
 
 Interface Stability: link:#interface-stability[Evolving]
 
-As described in xref:#cts-monitor-commands["CTS SNMP Monitoring"], SNMP uses OIDs defined in the `.mib` file, `FORGEROCK-OPENAM-POLICY.mib`, found inside the `/path/to/tomcat/webapps/openam/WEB-INF/lib/openam-mib-schema-13.5.2-15.jar` file of the OpenAM deployment. This file specifies the statistics OpenAM keeps for policy evaluation operations. Adapt the examples in xref:#cts-monitor-commands["CTS SNMP Monitoring"] to read monitoring statistics about policy evaluation on the command line.
+As described in xref:#cts-monitor-commands["CTS SNMP Monitoring"], SNMP uses OIDs defined in the `.mib` file, `FORGEROCK-OPENAM-POLICY.mib`, found inside the `/path/to/tomcat/webapps/openam/WEB-INF/lib/openam-mib-schema-{openam-version}.jar` file of the OpenAM deployment. This file specifies the statistics OpenAM keeps for policy evaluation operations. Adapt the examples in xref:#cts-monitor-commands["CTS SNMP Monitoring"] to read monitoring statistics about policy evaluation on the command line.
 
 When monitoring is active, OpenAM records statistics about both the numbers and rates of policy evaluations performed, and also the times taken to process policy evaluations.
 
@@ -260,7 +261,7 @@ SNMP monitoring is not available for stateless sessions.
 
 Interface Stability: link:#interface-stability[Evolving]
 
-As described in xref:#cts-monitor-commands["CTS SNMP Monitoring"], SNMP uses OIDs defined in a `.mib` file that specifies the statistics OpenAM keeps for policy evaluation operations, the `FORGEROCK-OPENAM-SESSION.mib` file. This file is found inside the `/path/to/tomcat/webapps/openam/WEB-INF/lib/openam-mib-schema-13.5.2-15.jar` file of the OpenAM deployment. Adapt the examples in xref:#cts-monitor-commands["CTS SNMP Monitoring"] to read monitoring statistics about sessions on the command line.
+As described in xref:#cts-monitor-commands["CTS SNMP Monitoring"], SNMP uses OIDs defined in a `.mib` file that specifies the statistics OpenAM keeps for policy evaluation operations, the `FORGEROCK-OPENAM-SESSION.mib` file. This file is found inside the `/path/to/tomcat/webapps/openam/WEB-INF/lib/openam-mib-schema-{openam-version}.jar` file of the OpenAM deployment. Adapt the examples in xref:#cts-monitor-commands["CTS SNMP Monitoring"] to read monitoring statistics about sessions on the command line.
 
 When monitoring is active, OpenAM records statistics about both the numbers of internal, remote, and CTS sessions, and also the times taken to process sessions.
 

openam-documentation/openam-doc-source/src/main/asciidoc/admin-guide/chap-radius.adoc

@@ -18,6 +18,7 @@
 :figure-caption!:
 :example-caption!:
 :table-caption!:
+:openam-version: 15.1.3
 
 
 [#chap-radius]
@@ -155,7 +156,7 @@ You can also configure the RADIUS Server service to log the packets sent between
 [#radius-troubleshooting-client]
 ==== Running the Sample RADIUS Client
 
-The `openam-radius-server-13.5.2-15.jar` includes a sample client that you can use to test simple connectivity to the RADIUS Server service.
+The `openam-radius-server-{openam-version}.jar` includes a sample client that you can use to test simple connectivity to the RADIUS Server service.
 
 The following procedure describes how to set up and run the sample client:
 
@@ -193,9 +194,9 @@ show-traffic=true
 . Make sure that your current working directory is the directory in which you created the `radius.properties` file, then execute the sample client. Messages from the sample client indicate success or failure authenticating. If you specify `show-traffic=true` in the `radius.properties` file, the packets to and from the OpenAM RADIUS server appear in standard output:
 +
 
-[source, console]
+[source, console, subs="attributes"]
 ----
-$ java -jar //path/to/tomcat/webapps/openam/WEB-INF/lib/openam-radius-server-13.5.2-15.jar
+$ java -jar //path/to/tomcat/webapps/openam/WEB-INF/lib/openam-radius-server-{openam-version}.jar
 ? Username: demo
 ? Password: changeit
 Packet To openam.example.com:1812

openam-documentation/openam-doc-source/src/main/asciidoc/admin-guide/chap-realms.adoc

@@ -12,12 +12,13 @@
   information: "Portions copyright [year] [name of copyright owner]".
 
   Copyright 2017 ForgeRock AS.
-  Portions Copyright 2024 3A Systems LLC.
+  Portions Copyright 2024-2025 3A Systems LLC.
 ////
 
 :figure-caption!:
 :example-caption!:
 :table-caption!:
+:openam-version: 15.1.3
 
 
 [#chap-realms]
@@ -93,7 +94,7 @@ Delegating administration privileges in the top-level realm allows members of th
 
 * (Optional)  To grant users in the group access to the administration console for the realm, select Read and write access to all realm and policy properties.
 +
-In OpenAM 13.5.2-15, administrators can use the OpenAM administration console as follows:
+In OpenAM {openam-version}, administrators can use the OpenAM administration console as follows:
 +
 
 ** Delegated administrators with the `RealmAdmin` privilege can access full administration console functionality within the realms they can administer.

openam-documentation/openam-doc-source/src/main/asciidoc/admin-guide/chap-saml-1.adoc

@@ -12,12 +12,13 @@
   information: "Portions copyright [year] [name of copyright owner]".
 
   Copyright 2017 ForgeRock AS.
-  Portions Copyright 2024 3A Systems LLC.
+  Portions Copyright 2024-2025 3A Systems LLC.
 ////
 
 :figure-caption!:
 :example-caption!:
 :table-caption!:
+:openam-version: 15.1.3
 
 
 [#chap-saml-1]
@@ -163,12 +164,12 @@ If you have multiple servers in an OpenAM site set up behind a load balancer, yo
 This example is for an asserting party where the site load balancer host is `ap.example.net`. The command is bundled with OpenAM server, shown with lines folded to fit on the printed page:
 +
 
-[source, console]
+[source, console, subs="attributes"]
 ----
 $ cd /path/to/tomcat/webapps/openam/WEB-INF/lib/
 $ java \
- -cp forgerock-util-20.0.0.jar:openam-shared-13.5.2.jar:\
-    openam-federation-library-13.5.2.jar com.sun.identity.saml.common.SAMLSiteID \
+ -cp forgerock-util-20.0.0.jar:openam-shared-{openam-version}.jar:\
+    openam-federation-library-{openam-version}.jar com.sun.identity.saml.common.SAMLSiteID \
     https://ap.example.net/openam
 9BAg4UmVS6IbjccsSj9gAFYGO9Y=
 ----

openam-documentation/openam-doc-source/src/main/asciidoc/admin-guide/chap-sts.adoc

@@ -18,7 +18,7 @@
 :figure-caption!:
 :example-caption!:
 :table-caption!:
-
+:openam-version: 15.1.3
 
 [#chap-sts]
 == Configuring the Security Token Service
@@ -1403,10 +1403,10 @@ $ mvn install
 .. Copy the SOAP STS server `.war` file to the deployment directory:
 +
 
-[source, console]
+[source, console, subs="attributes"]
 ----
 $ cd target
-$ cp openam-soap-sts-server-13.5.2.war /path/to/openam/soapstsdeployment
+$ cp openam-soap-sts-server-{openam-version}.war /path/to/openam/soapstsdeployment
 ----
 
 

openam-documentation/openam-doc-source/src/main/asciidoc/admin-guide/chap-troubleshooting.adoc

@@ -12,12 +12,13 @@
   information: "Portions copyright [year] [name of copyright owner]".
 
   Copyright 2017 ForgeRock AS.
-  Portions Copyright 2024 3A Systems LLC.
+  Portions Copyright 2024-2025 3A Systems LLC.
 ////
 
 :figure-caption!:
 :example-caption!:
 :table-caption!:
+:openam-version: 15.1.3
 
 
 [#chap-troubleshooting]
@@ -43,13 +44,13 @@ mark      1739     1  0 14:47...
 ----
 For a container installed from native packages with a dedicated user, $HOME may not be where you think it is. Look at the user's entry in `/etc/passwd` to locate the home directory. The user running the web container where you install OpenAM must be able to read from and write in this directory.
 
-If you cannot change the permissions to the user's home directory, you can, as a workaround, unpack `OpenAM-13.5.2.war`, set the `configuration.dir` property in the `WEB-INF/classes/bootstrap.properties` to a directory with appropriate permissions, and repack `openam.war` with the adjusted file before deploying that:
+If you cannot change the permissions to the user's home directory, you can, as a workaround, unpack `OpenAM-{openam-version}.war`, set the `configuration.dir` property in the `WEB-INF/classes/bootstrap.properties` to a directory with appropriate permissions, and repack `openam.war` with the adjusted file before deploying that:
 
-[source, console]
+[source, console, subs="attributes"]
 ----
-$ cd ~/Downloads/openam/OpenAM-13.5.2.war
+$ cd ~/Downloads/openam/OpenAM-{openam-version}.war
 $ mkdir unpacked ; cd unpacked
-$ jar xf ../OpenAM-13.5.2.war
+$ jar xf ../OpenAM-{openam-version}.war
 $ vi WEB-INF/classes/bootstrap.properties
 $ grep ^config WEB-INF/classes/bootstrap.properties
 configuration.dir=/my/readwrite/config/dir