Setting Up a Gateway Profile

This task consist of the following procedures:

• Verify a Default Gateway Profile

• Enable the portal service for SRA

• Provision the Gateway Profile

• Verify the Updated Gateway Profile

To Verify the Default Gateway Profile

A default Gateway profile is created at installation time. To verify that this profile exists, use the following procedure on ps1.

1. List all instances of Gateway.

   # /opt/SUNWportal/bin/psadmin list-sra-instances -u amadmin -t gateway

   When prompted, type the access-manager-admin-password.

   The output shows the profile name, but no instances are yet listed:

   default:

To Enable the portal service for SRA

The following procedure is performed on ps1, though it affects the portal service provided by both Portal Server instances..

1. Check whether the portal service is enabled for secure remote access.

   # /opt/SUNWportal/bin/psadmin get-sra-status -u amadmin

   When prompted, type the access-manager-admin-password.

   The following output shows that secure remote access is not enabled:

   off

2. Enable the portal service for secure remote access.

   # /opt/SUNWportal/bin/psadmin switch-sra-status -u amadmin on

   When prompted, type the access-manager-admin-password.

   This command toggles the SRA status of the portal service between disabled and enabled mode.

To Provision the Gateway Profile

This procedure updates the Gateway profile with information such as the non-authenticated URL list.

1. Run the following command:

   /opt/SUNWportal/bin/psadmin provision-sra -u amadmin -p pstestPortal --console --console-url http://ps.pstest.com/psconsole --gateway-profile default --enable

   When prompted, type the access-manager-admin-password.

To Verify the Updated Gateway Profile

This procedure is performed using the Portal Server Console (psconsole).

1. Go to the following URL in a browser window:

   http://ps.pstest.com/psconsole

2. Log in to the Portal Server Console by typing the following values and clicking Login.

   Input Field	Value
   User ID	amadmin
   Password	access-manager-admin-password

   The Portal Server Console opens.

3. Verify the URL path to portal in the Gateway profile.

   1. Click the Secure Remote Access Tab.

   2. Under the Profile section, click default.

   3. Under Basic Options, check that the Portal Server's URL path is set to the following:

      http://ps.pstest.com:80/portal

4. Edit the list of URLs to Which User Session Cookie Is Forwarded.

   The list should contain the following values:

   http://ps.pstest.com http://ps1.pstest.com http://ps2.pstest.com http://am.pstest.com http://am1.pstest.com http://am2.pstest.com

5. Check that Enable Cookie Management is on.

6. If you made changes, click Save at the bottom of the screen.

7. Click the Security tab.

8. Edit the list of URL's in the Non-authenticated URL box:

   The list should contain the following values:

   http://am.pstest.com:80/amserver/UI/Login http://am.pstest.com:80/amserver/UI/Logout http://am.pstest.com:80/amconsole/console/css http://am.pstest.com:80/amconsole/console/images http://am.pstest.com:80/amconsole/console/js http://am.pstest.com:80/amserver/css http://am.pstest.com:80/amserver/images http://am.pstest.com:80/amserver/js http://am.pstest.com:80/amserver/login_images http://ps.pstest.com:80/portal/images http://ps.pstest.com:80/portal/desktop/images http://ps.pstest.com:80/portal/desktop/tabs/images http://ps.pstest.com:80/portal/desktop/css http://ps.pstest.com:80/portal/console/images http://ps.pstest.com:80/portal/netlet/jnlpclient.jar http://ps.pstest.com:80/portal/netlet/netletjsse.jar http://ps.pstest.com:80/portal/proxylet/jnlpclient.jar http://ps.pstest.com:80/portal/proxylet/regx-win32-native.jar