test

Sun Java Enterprise System 2005Q1 Deployment Example Series: Evaluation Scenario

Configuring for Portal Server Proxy Authentication

This section describes how to configure the sample mail and calendar channels that appear in the sample portal desktop for proxy authentication.

ProcedureTo Configure the Portal Calendar Channel for the SSO Adapter Service

To enable proxy authentication for the sample portal Calendar channel, you configure the SSO Adapter Service. You perform this configuration in the Identity Server console.

Steps

  1. In your web browser, open the following URL:


    http://evaluation_host/amconsole/index.html

    The Access Manager login page is displayed.

  2. Type your user name (amadmin) and password (password).

    Click Log In. The Access Manager console window is displayed.

  3. Click the Service Configuration tab.

    The Access Manager Services are displayed.

  4. Scroll down in the left pane. Under Portal Server Configuration, locate SSO Adapter, and then click the arrow symbol that follows the name SSO Adapter.

    The right pane displays the SSO Adapter Service properties. You see a display similar to Figure 8–2.

    Figure 8–2 SSO Adapter Properties

    Screen capture; In left pane, SSO Adapter is selected. In right pane, list of SSO Adapters is displayed, as described in text.

  5. Edit the SUN-ONE-CALENDAR configuration properties. Do the following:

    1. Locate the list of SSO Adapter Templates.

    2. Locate the line for the SUN-ONE-CALENDAR adapter template. Click Edit Properties.

      The right pane displays template property details.

  6. Locate the host property. Select it, and then click Change Type.

    The right pane displays the Edit Property Types display.

  7. Change the value of several properties from Merge to Default. Do the following:

    1. Select the host property. Click Move to Default.

    2. Select the port property. Click Move to Default.

    3. Select the clientPort property. Click Move to Default.

      Click Save. The list of SUN-ONE-CALENDAR adapter properties is displayed.

  8. Use the text fields to edit the values of the following properties:

    1. Locate the enableProxyAuth property. Change the value to true.

    2. Locate the proxyAdminUid property. Change the value to calmaster.

    3. Locate the proxyAdminPassword property. Change the value to password.

    4. Locate the host property. Change the value to evaluation_host.

    5. Locate the port property. Change the value to 89.

    6. Locate the clientPort property. Change the value to 89.

      Click Save to apply your changes.

  9. In the left pane, click the arrow symbol that follows the name SSO Adapter.

    The right pane displays the SSO Adapter Service properties. You see a display similar to Figure 8–2 .

  10. Edit the SUN-UWC-CALENDAR configuration properties. Do the following:

    1. Locate the list of SSO Adapter Templates.

    2. Locate the line for the SUN-UWC-CALENDAR template. Click Edit Properties.

      The right page displays the SUN-UWC-CALENDAR property details.

  11. Locate the host property. Select it, and then click Change Type.

    The right pane displays the Edit Property Types display.

  12. Change the value of several properties from merge to default:

    1. Select the host property. Click Move to Default.

    2. Select the port property. Click Move to Default.

    3. Select the clientHost property. Click Move to Default.

    4. Select the clientPort property. Click Move to Default.

      Click Save. The right pane redisplays the list of SSO Adapter properties.

  13. Use the text fields to edit the values of the following properties:

    1. Locate the enableProxyAuth property. Change the value to true.

    2. Locate the proxyAdminUid property. Change the value to calmaster.

    3. Locate the proxyAdminPassword property. Change the value to password.

    4. Locate the serverSSOEnabled property. Change the value to true.

    5. Locate the host property. Change the value to evaluation_host.

    6. Locate the port property. Change the value to 89.

    7. Locate the clientHost property. Change the value to evaluation_host.

    8. Locate the clientPort property. Change the value to 80.

  14. Click Save to apply your changes.

    You have configured the portal calendar channel for proxy authentication. You continue working in the Access Manager console.

ProcedureTo Configure the Portal Mail Channel for the SSO Adapter Service

To enable proxy authentication for the sample portal Mail channel, you configure the SSO Adapter Service. You perform this configuration in the Access Manager console.

Steps

  1. In the left pane, click the arrow symbol that follows the name SSO Adapter.

    The right pane displays the SSO Adapter Service properties. You see a display similar to Figure 8–2 .

  2. Edit the SUN-ONE-MAIL configuration properties. Do the following:

    1. Locate the list of SSO Adapter Templates.

    2. Locate the line for SUN-ONE-MAIL. Click Edit Properties.

      The right page displays the SUN-ONE-MAIL template property details.

  3. Locate the host property. Select it, and then click Change Type.

    The right pane displays the Edit Property Types display.

  4. Change the value of several properties from merge to default:

    1. Select the host property. Click Move to Default.

    2. Select the port property. Click Move to Default.

    3. Select the smtpServer property. Click Move to Default.

    4. Select the clientPort property. Click Move to Default.

    5. Select the smtpPort property. Click Move to Default.

    6. Select the domain property. Click Move to Default.

      Click Save. The right pane displays the list of SSO Adapter properties.

  5. Use the text fields to edit the values of the following properties:

    1. Locate the enableProxyAuth property. Change the value to true.

    2. Locate the proxyAdminUid property. Change the value to admin.

    3. Locate the proxyAdminPassword property. Change the value to password.

    4. Locate the host property. Change the value to evaluation_host.

    5. Locate the port property. Change the value to 143.

    6. Locate the smtpServer property. Change the value to evaluation_host.

    7. Locate the clientPort property. Change the value to 88.

    8. Locate the smtpPort property. Change the value to 25.

    9. Locate the domain property. Confirm that it is blank.

    10. Locate the serverSSOENabled property. Change the value to true.

  6. Click Save to apply your changes.

  7. In the left pane, click the arrow symbol that follows the name SSO Adapter.

    The right pane displays the SSO Adapter Service properties. You see a display similar to Figure 8–2 .

  8. Edit the SUN-UWC-MAIL configuration properties. Do the following:

    1. Locate the list of SSO Adapter Templates.

    2. Locate the line for the SUN-UWC-MAIL template. Click Edit Properties.

      The right page displays the SUN-UWC-MAIL template property details.

  9. Locate the host property. Select it, and then click Change Type.

    The right pane displays the Edit Property Types display.

  10. Change the value of several properties from merge to default:

    1. Select the host property. Click Move to Default.

    2. Select the port property. Click Move to Default.

    3. Select the smtpServer property. Click Move to Default.

    4. Select the clientPort property. Click Move to Default.

    5. Select the smtpPort property. Click Move to Default.

    6. Select the domain property. Click Move to Default.

      Click Save. The right pane redisplays the list of SUNW-UWC-MAIL adapter template properties.

  11. Use the text fields to edit the values of the following properties:

    1. Locate the enableProxyAuth property. Change the value to true.

    2. Locate the proxyAdminUid property. Change the value to admin.

    3. Locate the proxyAdminPassword property. Change the value to password.

    4. Locate the host property. Change the value to evaluation_host.

    5. Locate the port property. Change the value to 143.

    6. Locate the smtpServer property. Change the value to evaluation_host.

    7. Locate the clientPort property. Change the value to 88.

    8. Locate the smtpPort property. Change the value to 25.

    9. Locate the domain property. Confirm that it is blank

    10. Locate the serverSSOENabled property. Change the value to true.

  12. Click Save to apply your changes.

  13. At a command line, change directory to the Web Server directory:


    cd /opt/SUNWwbsvr/https-evaluation_host

  14. Run the command to restart Web Server:


    ./stop; ./start

    The startup process displays a series of startup messages. The startup process might take a few moments. When startup is complete, the following message is displayed:


    startup: server started successfully

    Restarting Web Server restarts Portal Server and applies all of your configuration changes.

ProcedureTo Configure the Portal Desktop for Proxy Authentication

Steps

  1. Return to the Access Manager console. Click the Identity Management tab.

  2. In the View drop-down, select Services

    The left pane displays a list of services

  3. In the left pane, locate the Portal Desktop service. Click the arrow.

    The right pane display Portal Desktop settings.

  4. In the right pane, click Manage Channels and Containers.

    The right pane displays a list of portal desktop channels.

  5. In the right pane, locate MyFrontPageTabPanelContainer. Click it. (Do not click Edit Properties.)

    The right pane displays the MyFrontPageTabPanelContainer channel properties.

  6. In the right pane, locate the Ready for Use list.

  7. Move the UWCMail and UWCCalendar channels from the Ready to Use list to the Available to End Users on the Content Page Visible on Portal Desktop list.

    1. Select UWCMail.

    2. Click Add.

      UWCMail moves to the Available to End Users on the Content Page list.

    3. Select UWCCalendar.

    4. Click Add.

      UWCCalendar moves to the Available to End Users on the Content Page list.

  8. Move the UWCMail and UWCCalendar channels from the Available to End Users on the Content Page list to the Visible on Portal Desktop list.

    1. Select UWCMail.

    2. Click Add.

      UWCMail moves to the Visible on Portal Desktop list.

    3. Select UWCCalendar.

    4. Click Add.

      UWCCalendar moves to the Visible on Portal Desktop list.

  9. Move the Mail and Calendar channels from the Visible on Portal Desktop list to the Available to End Users on the Content Page list.

    1. Select Mail.

    2. Click Remove.

      UWCMail moves to the Available to End Users on the Content Page list.

    3. Select Calendar.

    4. Click Remove.

      Calendar moves to the Available to End Users on the Content Page list.

  10. Move the Mail and Calendar channels from the Available to End Users on the Content Page list to the Ready For Use list.

    1. Select Mail.

    2. Click Remove.

      Mail moves to the Ready For Use list.

    3. Select Calendar.

    4. Click Remove.

      Calendar moves to the Ready For Use list.

  11. Click Save.

  12. In the right pane, click Top.

    The list of container channels is redisplayed.

  13. In the right pane, locate JSPNativeContainer channel. Click it. (Do not click Edit Properties.)

    The right pane displays the JSPNativeContainer channel properties.

  14. In the right pane, locate the Ready for Use list.

  15. Move the UWCMail and UWCCalendar channels from the Ready for Use list to the Available to End Users on the Content Page list.

    1. Select UWCMail.

    2. Click Add.

      UWCMail moves to the Available to End Users on the Content Page list.

    3. Select UWCCalendar.

    4. Click Add.

      UWCCalendar moves to the Available to End Users on the Content Page list.

  16. Move the UWCMail and UWCCalendar channels from the Available to End Users on the Content Page list to the Visible on Portal Desktop list.

    1. Select UWCMail.

    2. Click Add.

      UWCMail moves to the Visible on Portal Desktop list.

    3. Select UWCCalendar.

    4. Click Add.

      UWCCalendar moves to the Visible on Portal Desktop list.

  17. Move the Mail and Calendar channels from the Visible on Portal Desktop list to the Available to End Users on the Content Page list.

    1. Select Mail.

    2. Click Remove.

      UWCMail moves to the Available to End Users on the Content Page list.

    3. Select Calendar.

    4. Click Remove.

      Calendar moves to the Available to End Users on the Content Page list.

  18. Move the Mail and Calendar channels from the Available to End Users on the Content Page list to the Ready For Use list.

    1. Select Mail.

    2. Click Remove.

      Mail moves to the Ready For Use list.

    3. Select Calendar.

    4. Click Remove.

      Calendar moves to the Ready For Use list.

  19. Click Save.

  20. In the right pane, click Top.

    The list of container channels is redisplayed.

  21. In the right pane, locate JSPRenderingContainer channel. Click it. (Do not click Edit Properties.)

    The right pane displays the JSPRenderingContainer channel properties.

  22. In the right pane, locate the Ready for Use list.

  23. Move the UWCMail and UWCCalendar channels from the Ready for Use list to the Available to End Users on the Content Page Visible on Portal Desktop list.

    1. Select UWCMail.

    2. Click Add.

      UWCMail moves to the Available to End Users on the Content Page list.

    3. Select UWCCalendar.

    4. Click Add.

      UWCCalendar moves to the Available to End Users on the Content Page list.

  24. Move the UWCMail and UWCCalendar channels from the Available to End Users on the Content Page list to the Visible on Portal Desktop list.

    1. Select UWCMail.

    2. Click Add.

      UWCMail moves to the Visible on Portal Desktop list.

    3. Select UWCCalendar.

    4. Click Add.

      UWCCalendar moves to the Visible on Portal Desktop list.

  25. Move the Mail and Calendar channels from the Visible on Portal Desktop list to the Available to End Users on the Content Page list.

    1. Select Mail.

    2. Click Remove.

      UWCMail moves to the Available to End Users on the Content Page list.

    3. Select Calendar.

    4. Click Remove.

      Calendar moves to the Available to End Users on the Content Page list.

  26. Move the Mail and Calendar channels from the Available to End Users on the Content Page list to the Ready For Use list.

    1. Select Mail.

    2. Click Remove.

      Mail moves to the Ready For Use list.

    3. Select Calendar.

    4. Click Remove.

      Calendar moves to the Ready For Use list.

  27. Click Save.

  28. Click Logout in the upper right corner of the window.

ProcedureTo Configure Messaging Server for Proxy Authentication

To configure Messaging Server for proxy authentication, you run configuration commands in the command line.

Steps

  1. Change directory to the Messaging Server directory:


    cd /opt/SUNWmsgsr/sbin

  2. Run the command to configure Messaging Server:


    ./configutil -o store.admins admin

    This command permits the admin user ID to manage the Messaging Server message store and access the user mailboxes.

  3. Run the command to switch to the mail server root:


    su mailsrv

  4. Run the command to configure Messaging Server:


    ./configutil -o service.http.allowadminproxy -v yes

    This command permits Messaging Server to authenticate proxy accounts.

  5. Run the command to exit from the mail server root:


    exit

  6. Run the command to stop Messaging Server.


    ./stop-msg

  7. Run the command to restart Messaging Server.


    ./start-msg

    The startup process displays a series of startup messages. The startup process might take a few moments. When startup is complete, the following message is displayed:


    starting job-controller server

    You have configured Messaging Server to accept proxy authentication.

ProcedureTo Configure Calendar Server for Proxy Authentication

To configure Calendar Server to accept proxy authentication, you edit the Calendar Server configuration file with a text editor. You also run configuration commands in the command line.

Steps

  1. Change directory to the Calendar Server directory:


    cd /etc/opt/SUNWics5/config

  2. Open the ics.conf file in a text editor.

    Find each of the following properties and make the changes described. In some cases this means changing the value and uncommenting the line. In other cases, it simply means uncommenting the line.

    1. Locate the service.http.allowadminproxy property. Make sure it is uncommented. Make sure its value is set to yes:

      service.http.allowadminproxy=yes”

    2. Locate the service.admin.calmaster.cred property. Make sure it is uncommented. Make sure its value is set to password.

      service.admin.calmaster.cred=”password”

    3. Locate the service.admin.calmaster.userid property. Make sure it is uncommented. Make sure its value is set to calmaster:

      service.admin.calmaster.userid=”calmaster”

    4. Save and close the ics.conf file.

  3. Change directory to the Calendar Server directory.


    cd /opt/SUNWics5/cal/sbin

  4. Run the command to stop Calendar Server.


    ./stop-cal

  5. Run the command to restart Calendar Server.


    ./start-cal

    The startup process displays a series of startup messages. The startup process might take a few moments. When startup is complete, the following message is displayed:


    Calendar services were started.

    You have configured Calendar Server for proxy authentication.