Sun Java logo     Copyright      Index      Next     

Sun logo
Sun Java System Portal Server Secure Remote Access 6 2005Q1 Administration Guide 


List of Figures

List of Tables

List of Procedures

Who Should Read This Book
How This Book is Organized
Conventions Used in This Book
Typographic Conventions
Default Paths and File Names
Using Linux
Limitations Using Linux
Comparison of Solaris and Linux Path Names
Related Information
Books in This Documentation Set
Other Portal Server Documentation
Other Server Documentation
Accessing Sun Resources Online
Contacting Sun Technical Support
Related Third-Party Web Site References
Sun Welcomes Your Comments

Chapter 1   Introduction to Portal Server Secure Remote Access
Overview of SRA Software
Open Mode
Secure Mode
SRA Services
Administering the SRA Product
Configuring SRA Attributes
Setting Conflict Resolution
Supported Applications

Chapter 2   The Gateway
Overview of the Gateway
Creating a Gateway Profile
Understanding the platform.conf File
Creating Instances of a Gateway
Creating Multi-homed Gateway Instances
Creating Gateway Instances Using the Same LDAP
Running the Gateway in the chroot Environment
Restarting Gateway in the chroot Environment
Starting and Stopping the Gateway
Restarting the Gateway
Specifying a Virtual Host
Specifying a Proxy to Contact Access Manager
Using Web Proxies
Using Automatic Proxy Configuration
Using a Netlet Proxy
Creating Instances of a Netlet Proxy
Enabling a Netlet Proxy
Restarting a Netlet Proxy
Using a Rewriter Proxy
Creating Instances of a Rewriter Proxy
Enabling a Rewriter Proxy
Restarting a Rewriter Proxy
Using a Reverse Proxy with the Gateway
Obtaining Client Information
Using Authentication Chaining
Using Wild Card Certificates
Disabling Browser Caching
Customizing the Gateway Service User Interface
Using Federation Management
Federation Management Scenario
Configuring Federation Management Resources

Chapter 3   Proxylet and Rewriter
Overview of Proxylet
Advantages of Using Proxylet
Configuring Proxylet
Overview of Rewriter
Character Set Encoding
Rewriter Usage Scenarios
The Gateway
Writing Rulesets
Public Interface (RuleSet DTD)
Sample XML DTD
Procedure to Write Rules
Ruleset Guidelines
Defining the RuleSet Root Element
Using the Recursive Feature
Defining Language Based Rules (Defining Rules)
Rules for HTML Content
Rules for JavaScript Content
Rules for XML Content
Rules for Cascading Style Sheets
Rules for WML
Using the Recursive Feature
Configuring Rewriter in the Gateway Service
Basic Tasks
Advanced Tasks
Troubleshooting Using Debug Logs
Setting the Rewriter Debug Level
Debug File Names
Working Samples
Samples for HTML Content
Samples for JavaScript Content
Sample for XML Attributes
Case Study
Mapping of 6.x RuleSet with 3.0

Chapter 4   NetFile
Overview of NetFile
Supported File Access Protocols
Enable Debugging for NetFile
Enabling Logging for NetFile

Chapter 5   Netlet
Overview of Netlet
Netlet Components
Netlet Usage Scenario
Working With Netlet
Downloading an Applet From a Remote Host
Defining Netlet Rules
Types of Rules
Netlet Rule Examples
Sample Netlet Rules
Enabling Netlet Logging
Enable Debug Logging
Running Netlet in a Sun Ray Environment
New HTML File
Deprecated HTML File:

Chapter 6   Netlet With PDC
Configuring Netlet for PDC

Chapter 7   Certificates
Overview of SSL Certificates
Certificate Files
Certificate Trust Attributes
CA Trust Attributes
The certadmin Script
Generating Self-Signed Certificates
Generating a Certificate Signing Request (CSR)
Adding a Root CA Certificate
Installing SSL Certificates From the Certificate Authority
Ordering a Certificate from a CA
Installing a Certificate from a CA
Deleting a Certificate
Modifying the Trust Attributes of a Certificate
Listing Root CA Certificates
Listing All Certificates
Printing a Certificate

Chapter 8   Configuring URL Access Control
Set up a Denied URLs List
Set up a Allowed URLs List
Manage Single Sign-On

Chapter 9   Configuring the Gateway
The Core Tab
Enable HTTP and HTTPS Connections
Enable and Create a List of Rewriter Proxies
Enable Netlet
Enable and Create a List of Netlet Proxies
Enable Proxylet
Enable Cookie Management
Enable HTTP Basic Authentication
Enable Persistent HTTP Connections
Specify the Maximum Number of Requests per Persistent Connection
Specify Timeout for Persistent Socket Connections
Specify Grace Timeout to Account for Turnaround Time
Create List of URLs for Cookie Forwarding
Specify the Maximum Connection Queue Length
Specify the Gateway Timeout
Specify the Maximum Thread Pool Size
Specify the Cached Socket Timeout
Create List of Portal Servers
Specify Server Retry Interval
Enable Storage of External Server Cookies
Obtain a Session from a URL
Enable Marking Cookies as Secure
The Proxies Tab
Enable Usage of Web Proxies
Create List of URLs for Webproxies
Create List of URLs for Proxies Not to be Used
Create List of Proxies for Domains and Subdomains
Create List of Proxy Passwords
Enable Automatic Proxy Configuration Support
Specify Automatic Proxy Configuration File Location
Enable Netlet Tunneling Through Web Proxy
The Security Tab
Create List of Non-authenticated URLs
Create List of Certificate-Enabled Gateway Hosts
Allow 40-bit Encryption Connections
Enable SSL Version 2.0
Enable SSL Cipher Selection
Enable SSL Version 3.0
Enable Null Ciphers
Create List of Trusted SSL Domains
Configure Personal Digital Certificate (PDC) Authentication
The Rewriter Tab
Enable Rewriting of All URLs
Create List of URIs to RuleSet Mappings
Create List of MIME Types to Parse
Create List of URIs Not to Rewrite
Specify the Default Domains
Enable MIME Guessing
Create List of URI Mappings to Parse
Enable Masking
Specify the Masking Seed String
Create List of URIs Not to Mask
Make a Gateway Protocol the Same as the Original URI Protocol
The Logging Tab
Enable Logging
Enable Netlet Logging

Chapter 10   Configuring NetFile
The Hosts Tab
Specify the OS Character Set
Specify Host Detection Order
Configure a Common Hosts List
Specify the Default Domain
Specify the Windows Domain/Workgroup
Specify the Default WINS/DNS Server
Specify Access to Different Types of Hosts
Configure the Allowed Hosts List
Configure the Denied Hosts List
The Permissions Tab
The View Tab
Specify the NetFile Window Size
Specify the NetFile Window Location
The Operations Tab
Specify the Temporary Files Directory
Set the File Upload Size Limit
Specify the Search Directories Limit
Specify Compression
The General Tab
Specify the MIME-types Configuration File Location

Chapter 11   Configuring Netlet
Assign Netlet Service to a User
Add a Netlet Rule
Modify an Existing Netlet Rule
Delete a Netlet Rule
Specify the Default Encryption Cipher
Assign the Default Loopback Port
Enable Reauthentication for Connections
Display Warning Popup for Connections
Enable the Display Checkbox in Port Warning Dialog
Set the Keep Alive Interval
Set the Terminate Netlet at Portal Logout Option
Define Access to Netlet Rules
Deny Access to Netlet Rules
Allow Access to Hosts
Deny Access to Hosts
Proxy Configuration

Chapter 12   Configuring Proxylet
Configure Proxylet

Chapter 13   Configuring SSL Accelerators
Sun Crypto Accelerator 1000
Enable Crypto Accelerator 1000
Configure Crypto Accelerator 1000
Sun Crypto Accelerator 4000
Enable Crypto Accelerator 4000
Configure Crypto Accelerator 4000
External SSL Device and Proxy Accelerators
Enable an External SSL Device Accelerator
Configure an External SSL Device Accelerator

Appendix A   Log Files
Appendix B   Configuration Attributes
Access List Service
Gateway Service
NetFile Service
Netlet Service
Proxylet Service

Appendix C   Country Codes

Copyright      Index      Next     

Part No: 817-7693.   Copyright 2005 Sun Microsystems, Inc. All rights reserved.