Sun Java logo     Previous      Contents      Index      Next     

Sun logo
Sun Java System Portal Server 6 2005Q4 Deployment Planning Guide 

Chapter 3
Identifying and Evaluating Your Business and Technical Requirements

The first step in planning your deployment is identifying your Sun Java™ System Portal Server business and technical requirements.. You need to gather both business and technical requirements before you can address architecture and design issues.

This chapter contains the following sections:

Business Objectives

Your business requirements address your organization’s problems and opportunities, and include such factors as:

To be useful in formulating design requirements, the business requirements must address detailed goals and objectives.

The business goals of your portal affect deployment decision. Understand your objectives. If you do not understand your business requirements, you can easily make erroneous assumptions that could affect the accuracy of your deployment estimates.

Use these questions to help you identify your business objectives:

(Optional) Use these questions to help identify your business objectives if you are deploying a secure portal:

Technical Goals

Your technical requirement (often called functional requirement) discuss the details of your organization’s system needs and desired results, and include such factors as:

The technical requirements define all functions required of an architecture and provide guidelines for how each component works and integrates to form an entire system. Your organization needs technical requirements to formulate the best design approaches and apply the appropriate technologies to accomplish the desired architectural solution for your portal.

The reasons you are offering your portal have a direct affect on how you implement your portal. You must define target population, performance standards, and other factors related to your goals.

Use these questions to help you identify the goals of your portal:

Mapping Portal Server Features to Your Business Needs

The previous sections posed questions to you about the various areas of the Portal Server system from a high-level perspective of business and technical needs. This section reviews specific technology features with the goal of determining which technologies are most important for your organization. Review these features while keeping in mind your organization’s short-, mid-, and long-term plans.

Use the following sections and tables to assess the benefits of the listed features and determine their relative priority for your organization. This information will assist you in developing a deployment plan in a timely and cost effective manner.


In all likelihood, your Sun Java System sales representative has previously discussed these topics with you. Thus, this section serves as a review of that process.

Identity Management

Portal Server uses identity management to control many users spanning a variety of different roles across the organization and sometimes outside the organization while accessing content, applications and services. The challenges include: Who is using an application? In what capacity do users serve the organization or company? What do users need to do, and what should users be able to access? How can others help with the administrative work?

Table 3-1 shows the identity management features and their benefits.

Table 3-1  Identity Management Features and Benefits  




Directory service

Portal Server uses Access Manager and Directory Server

Portal Server uses an LDAP directory for storing user profiles, roles, and identity information for the purpose of authentication, single sign-on (SSO), delegated administration, and personalization

Portal Server uses an open schema that can reside in a centralized user directory, thereby leveraging an enterprise or service provider’s investment in the Access Manager and Directory Server products.

User, policy, and provisioning management

Access Manager enables you to manage many users spanning a variety of different roles across the organization and sometimes outside the organization while accessing content, applications, and services.

Provides a centralized identity management solution for storing and managing identity information, which is integrated with a policy solution to enforce access rights, greatly simplifying these challenges. Extends a common identity to handle new applications, enables applications to share administrative work, and simplifies tasks normally associated with building these services from scratch.

Consolidates management of users and applications. Personalizes content and service delivery. Simplifies and streamlines information and service access. Reduces costs associated with managing access and delivery.

Provides secure policy-based access to applications. Ensures secure access as portal deployments expand beyond employee LAN access.

Single sign-on (SSO)

Access Manager integrates user authentication and single sign-on through an SSO API. Once the user is authenticated, the SSO API takes over. Each time the authenticated user tries to access a protected page, the SSO API determines if the user has the permissions required based on their authentication credentials. If the user is valid, access to the page is given without additional authentication. If not, the user is prompted to authenticate again.

Enhances user productivity by providing a consistent, centralized mechanism to manage authentication and single sign-on, while enabling employees, partners and customers access to content, applications, and services.

Delegated administration

The Access Manager administration console provides role-based delegated administration capabilities to different kinds of administrators to manage organizations, users, policy, roles, channels, and Portal Desktop providers based on the given permissions.

Enables IT to delegate portal administrative duties to free up valuable IT resources and administration.


Provides single sign-on for aggregated applications to the portal.

Security is an important functionality in portals. Security can address many different needs within the portal, including authentication into the portal, encryption of the communications between the portal and the end user, and authorization of the content and applications to only users that are allowed access.


Table 3-2 shows the Sun Java System Portal Server Secure Remote Access (SRA) features and their benefits

Table 3-2  SRA Features and Benefits




Integrated security

Extranet or Virtual Private Network capabilities “on demand” while providing user, policy, and authentication services. The Gateway component provides the interface and security barrier between remote user sessions originating from the Internet, and your corporate intranet.

Extends an enterprise’s content, applications, files, and services located behind firewalls to authorized suppliers, business partners, and employees.

To prevent denial of service attacks, you can use both internal and external DMZ-based Gateways.

SRA core

Users achieve remote access through four components:

  • Gateway
  • NetFile
  • Netlet
  • Proxylet

This component has four parts:

  • Gateway—Controls communication between the Portal Server and the various Gateway instances.
  • NetFile—Enables remote access and operation of file systems and directories.
  • Netlet—Ensures secure communication between the Netlet applet on the client browser, the Gateway, and the application servers.
  • Proxylet—Redirects a URL to the Gateway.

Universal access

Enables web browser based universal access with no client software installation or maintenance necessary.

Simplifies the IT administration and maintenance overhead while dramatically reducing the time and cost of deployment

Netlet Proxy

Provides an optional component that extends the secure tunnel from the client, through the Gateway to the Netlet Proxy that resides in the intranet.

Restricts the number of open ports in a firewall between the demilitarized zone (DMZ) and the intranet.

Rewriter Proxy

Redirects HTTP requests to the Rewriter Proxy instead of directly to the destination host. The Rewriter Proxy in turn sends the request to the destination server.

Using the Rewriter Proxy enables secure HTTP traffic between the Gateway and intranet computers and offers two advantages:

  • If a firewall exists between the Gateway and server, the firewall needs to open only two ports—one between the Gateway and the Rewriter Proxy, and another between the Gateway and the Portal Server.
  • HTTP traffic is now secure between the Gateway and the intranet even if the destination server only supports HTTP protocol (no HTTPS).

Search Engine

The Search Engine service is used in the following channels:

Table 3-3 shows the Search features and their benefits.

Table 3-3  Search Features and Benefits  




Search Engine

Enables the retrieval of documents based on criteria specified by the end user.

Saves users time by providing access to content.


Organizes documents into a hierarchy. This categorization is often referred to as taxonomy.

Provides a different view of documents that enables browsing and retrieval.


The Search Engine robot is an agent that crawls and indexes information across your intranet or the Internet.

Automatically searches and extracts links to resources, describes those resources, and puts the descriptions in the Search database (also called generation or indexing).


A forum for multiple threaded discussions.

Contents are individually searchable and importance rating are given for of all comments


Enables the user to track new or changed material in different areas of interest.

Discussions, search categories, and free-form searches (saved searches) can be tracked.


Personalization is the ability to deliver content based on selective criteria and offer services to a user.

Table 3-4 shows the personalization features and their benefits.

Table 3-4  Personalization Features and Benefits  




Deliver content based on user’s role

Portal Server includes the ability to automatically choose which applications users are able to access or to use, based on their role within the organization.

Increases employee productivity, improves customer relationships, and streamlines business relationships by providing quick and personalized access to content and services.

Enable users to customize content

Portal Server enables end users to choose what content they are interested in seeing. For example, users of a personal finance portal choose the stock quotes they would like to see when viewing their financial portfolio.

The information available in a portal is personalized for each individual. In addition, users can then customize this information further to their individual tastes. A portal puts control of the web experience in the hands of the people using the web, not the web site builders.

Aggregate and personalize content for multiple users

Portal Server enables an enterprise or service provider to aggregate and deliver personalized content to multiple communities of users simultaneously.

This enables a company to deploy multiple portals to multiple audiences from one product and manage them from a central management console. Also, new content and services can be added and delivered on demand without the need to restart Portal Server. All of this saves time and money, and ensures consistency in an IT organization.

Aggregation and Integration

One of the most important aspects of a portal is its ability to aggregate and integrate information, such as applications, services, and content. This functionality includes the ability to embed non-persistent information, such as stock quotes, through the portal, and to run applications within, or deliver them through, a portal.

Table 3-5 shows the aggregation and integration features and their benefits.

Table 3-5  Aggregation Features and Benefits  




Aggregated information

The Portal Desktop provides the primary end-user interface for Portal Server and a mechanism for extensible content aggregation through the Provider Application Programming Interface (PAPI). The Portal Desktop includes a variety of providers that enable container hierarchy and the basic building blocks for building some types of channels.

Users no longer have to search for the information. Instead, the information finds them.

Consistent set of tools

Users get a set of tools like web-based email and calendaring software that follows them through their entire time at the company.

Users do not have to use one tool for one project, another tool for another location. Also, because these tools all work within the portal framework, the tools have a consistent look and feel and work similarly, reducing training time.


Portal Server provides control and access to data as a company-wide resource.

In many companies, data is seen as being owned by individual departments, instead of as a company-wide resource. The portal can act as a catalyst for breaking down these silos and making the data available in a controlled way to the people who need to use it. This broader, more immediate access can improve collaboration.


Portal Server enables you to use the Portal Desktop as the sole place for users to gain access to or launch applications and access data.

Iintegration with existing email, calendar, legacy, or web applications enables the portal to serve as a unified access point, enabling users—be that employees, partners, or customers—to access the information users need quickly and easily.

Understanding User Behaviors and Patterns

Study the people who will use your portal. Factors such as when users will use the portal and how users have used predecessor systems are keys to identifying your requirements. If your organization’s experience cannot provide these patterns, you can study the experience of other organizations and estimate them.

Use these questions to help you understand users:

Previous      Contents      Index      Next     

Part No: 819-4155.   Copyright 2005 Sun Microsystems, Inc. All rights reserved.