test

Sun Java System Portal Server 7.1 Configuration Guide

HTTPS Enabled

This applies to the Mail Channel only. If the Mail channel is connected to a more secure HTTP- enabled messaging server instead of the basic HTTP-enabled messaging server, you need to make some security-related adjustments for the Mail channel to work as intended. For more information, see Configuring the Mail Provider to Work with an HTTPS Enabled Sun Java System Messaging Server.

Configuring the Instant Messaging Channel

Sun Java System Instant Messengeris installed during the installation of Sun Java System Portal Server if the Enable IM in Sun Java System Portal Server option is selected.

While the Instant Messaging Portal channel is designed to work right out of the box, other configuration might be necessary depending upon your site’s needs. Therefore, after following the steps in Instant Messaging Channel see Additional Configuration for the Instant Messaging Channel to determine if any of that section’s subsections apply to your installation.

The Instant Messaging channel is based on a Sun Java System Portal Server content provider called IMProvider. The IMProvider is an extension of the JSPProvider in the Portal Server. As an extension of the JSPProvider, IMProvider uses the JSP files to generate the content page and the edit page for the Instant Messaging channel. The JSP files are also used to generate the pages used to launch the Instant Messenger. The IMProvider also defines an instant messaging-specific tag library and this tag library is used by the JSP files. The JSP files and the tag library use the channel properties that are defined by the IMProvider.

For more information on Sun Java SystemInstant Messenger, see Instant Messaging Administrator’s Guide.

Administrators and end users can access information about Sun Java System Instant Messengerby visiting the URL used in the codebase property for the Instant Messaging Channel configuration.

Instant Messaging Channel

ProcedureTo Configure the Instant Messaging Channel

  1. From an Internet browser, log into the Sun Java System Portal Server administration console at http://hostname:port /psconsole, for example http://psserver.company22.example.com:80/psconsole

  2. Click the Identity Management tab to display the View drop down list in the navigation pane (the lower left frame).

  3. Select Services in the View drop down list to display the list of configurable services.

  4. Under the Sun Java System Portal Server Configuration heading, click the arrow next to Portal Desktop to bring up the Portal Desktop page in the data pane (the lower right frame).

  5. Click the Manage Channels and Containers.

  6. Scroll down to the Channels heading and click Edit Properties next to IMChannel to display the Instant Messenger service panel, which includes Basic Properties.

    The following is a partial list of the properties displayed in the Edit IMChannel page with example values provided for each property.

    Property 

    Example Value 

    authMethod

    idsvr

    authUsernameAttr

    uid

    clientRunMode

    plugin

    codebase

    imapplet.example.com

    contactGroup

    My Contacts

    mux

    imserver.example.com

    muxport

    49909

    netletRule

    IM

    password

    (not applicable when idsvr is used for authmethod )

    port

    49999

    server

    imserver.example.com

    username

    (not applicable when idsvr is used for authmethod )

  7. In the text field next to each property you want to input, enter the desired value. The following describes the properties and the type of information to enter as a value.

    Property 

    Value 

    authMenthod 

    Two values are possible, idsvr or ldap. The idsvr value enables Single Sign-On to work. It also removes the username and password fields from the Instant Messenger channel edit page

    The value idsvr is usually preferable, to indicate that the authentication method to be used is the Sun Java System Portal Server authentication method.

    authUsernameAttr

    Enter the name of the attribute to use for the user name when authenticating using the idsvr authentication method.

    clientRunMode

    Enter the method for running the Instant Messaging client: plugin or jnlp (used for Java Web Start).

    codebase

    Enter the URL prefix from which the Instant messaging client is downloaded.

    contactGroup

    Enter the name of the contact group that is displayed in the Instant Messaging channel. 

    mux 

    Enter the hostname of the Sun Java System Instant Messaging Multiplexor to be used when the channel launches the Instant Messaging client.

    muxport 

    Enter the port number associated with the Sun Java System Instant Messaging Multiplexor. The default port number is 49909. 

    netletRule

    Enter the name of the netlet rule that is used with the Instant Messaging client when using the Secure Remote Access (SRA) gateway.

    password 

    Enter the password to use when authenticating using the LDAP method. When stored in the display profile, this property is obfuscated using the AMPasswordUtil class.

    port 

    Enter the port number associated with the Sun Java System Instant Messaging Server to be used by the channel. The default port number is 49999. 

    server 

    Enter the hostname of the Sun Java System Instant Messaging Server to be used by the channel. 

    username 

    Enter the username to use when authenticating using the LDAP method. 

  8. Scroll as needed and click Save.

Additional Configuration for the Instant Messaging Channel

The following sections provide information for additional configuration of the Instant Messaging Channel.

Allowing Multiple Organizations

When a Sun Java System Portal Server instance serves multiple organizations but uses a single server additional steps must be taken.

Portal Server and Sun Java System Portal Server allow administrators to set up users with the same User ID (uid) across an organization. For example, an organization could have two suborganizations that each have an end user named enduser22. This creates a conflict when these two end users attempt to access their respective accounts through the channel.

To avoid this potential conflict, one set of JSP launch pages per organization must be created to contain a pass-in-the-parameter domain set to the value of the organization’s attribute sunPreferredDomain. The default launch pages are:

/etc/opt/SUNWportal/desktop/default/IMProvider/jnlpLaunch.jsp

/etc/opt/SUNWportal/desktop/default/IMProvider/pluginLaunch.jsp

Inserting Instant Messenger Links in an Organization

By default Instant Messenger links are added to the Application channel, which provides the links to launch various applications, in the default organization. The Instant Messenger links allows end users to launch the Instant Messenger from the Application channel. You need to add Instant Messenger links manually if:

The contents for the Instant Messenger links are in the file PortalServer-base /SUNWportal/samples/InstantMessaging/dp-IMChannel.xml. The dp-IMChannel.xml file also contains the sample IMChannel .

Edit a copy of the file dp-IMChannel.xml to add the Instant Messenger links information to the display profile for another organization and install the file using the psadmin command as follows:

ProcedureInserting Instant Messenger Links

  1. Change to the following directory:

    PortalServer-base /SUNWportal/bin/

  2. Create a copy of the dp-IMChannel.xml file as follows:.

    cp dp-IMChannel.xml newfile.xml

  3. To modify the Application channel, type the following psadmin command:


    psadmin modify -u
                      ADMIN_DN -w
                      PASSPHRASE -d
                      ORG_DN -m newfile.xml

    where:

    ADMIN_DN - Replace with LDAP administrator DN. For example: psadmin

    PASSPHRASE - Replace with the administrator’s password.

    ORG_DN - Replace with the DN of the Organization where the links are to be added. For example: o=example.com, o=isp

    The URL for launching the Instant Messenger using Java Plug-in is a reference to the Instant Messaging channel with a launch argument. For example:

    /portal/dt?action=content&provider=IMChannel&launch=plugin&username=sam

    The URL for launching the Instant Messenger applet with Java Web Start is:

    /portal/imlaunch?channel=IMChannel&launch=jnlp&username=sam

Enabling Secure Mode in Sun Java Server Portal Server

Netlet facilitates secure communication between the Instant Messenger and the server.

Note –

The Instant Messaging channel automatically uses the secured mode when accessed through the Secure Remote Access gateway. The Instant Messaging channel does not use the secured mode when it is not accessed through the gateway.

To enable the secure mode, you need to add the Netlet Rule.

To add the Netlet Rule:

ProcedureAdding the Netlet Rule

  1. From an Internet browser, log into the Portal Server administration console at http://hostname:port /psconsole, for example http://psserver.company22.example.com:80/psconsole

  2. Click the Identity Management tab to display the View drop down list in the navigation pane.

  3. Select Services in the View drop down list to display the list of configurable services.

  4. Scroll down to SRA Configuration and select Netlet.

  5. Click the arrow icon beside Netlet. The Netlet Rules are displayed in the right panel.

  6. Click Add under Netlet Rules.

  7. Type IM in the Rule Name field.

    Note –

    The Netlet rule name can be different. You can configure the Instant Messaging channel to use a different Netlet rule.

  8. Remove the default value in the URL field and leave the field blank.

  9. Select the Download Applet check box and enter the following string:

    $IM_DOWNLOAD_PORT:$IM_HOST:$IM_PORT

    For example:

    49916:company22.example.com:80

    where:

    IM_DOWNLOAD_PORT. The port on which Instant Messaging resources are downloaded using Netlet.

    IM_HOST. The host name of the web container serving Instant Messenger. For example: company22.example.com

    IM_PORT. The port number of the web container serving the Instant Messenger. For example, 80.

  10. Select the default value in the Port-Host-Port List and click Remove.

  11. In the Client Port field, Enter the local host port on which Netlet runs. For example: 49916.

  12. Enter the Instant Messaging Multiplexor host name in the Target Host(s) field.

  13. Enter the Instant Messaging Multiplexor port in the Target Port(s) field.

    Note –

    The values for Netlet Port, Instant Messaging Host, and Instant Messaging Port should be the same as the Instant Messaging service attributes mentioned in the Instant Messenger service panel as discussed in the final steps of Instant Messaging Channel.

  14. Click Add to List.

  15. Click Save to save the Netlet Rule.