| Sun ONE Portal Server 6.2 Administrator's Guide |
Chapter 1
Introduction to Administering the Sun™ ONE Portal ServerSun™ ONE Portal Server 6.2 product is a suite of integrated software products that allow enterprises to pull content from a variety of sources, personalize the content for a specific user or group of users, and aggregate content from these multiple sources into a single output format suitable for the specific user’s device, such as a web browser.
This chapter provides basic information about the architecture of the product suite, the end user interface to the portal, the services implemented by the Sun ONE Portal Server software and how the are configured, and the tools used to administer the product. This chapter contains the following sections:
Architecture OverviewSun ONE Portal Server is part of the Sun™ ONE architecture. Within the Sun ONE architecture, the Portal Server provides technologies that locate, connect, aggregate, present, communicate, personalize, notify, and deliver content. The content within Sun ONE is provided by web services. Portal Server does not provide web services itself. Rather, it is the mechanism by which a user interface is associated with web services and by which web services are made useful to people.
The Sun ONE Portal Server product architecture consists of a variety of integratablesoftware products.This allows the Sun ONE Portal Server to leverage functions and services from its internal components as well as external supporting products. The Sun ONE Portal Server itself includes the following internal components: Desktop, NetMail, Rewriter, and Search. External supporting products include the Sun™ONE Web Server, the Sun™ONE Directory Server, and Sun™ONE Identity Server (previously known as iPlanet™ Directory Server Access Management Edition). The Sun ONE Portal Server implements the web application container, user, service, and policy management, authentication and single sign-on, administration console, directory schema and data storage, and protocol support from these external products rather than implementing them in the Sun ONE Portal Server product itself. For example, the Sun ONE Portal Server product uses the Sun ONE Web Server as its default web container.
In addition, other Portal Server add-on software can be installed as well (for example, Sun™ ONE Portal Server: Secure Remote Access ). Refer to the Sun ONE Portal Server 6.1 Deployment Guide for more information on the Sun ONE Portal Server architecture.
Portal Access OverviewUsers typically access portal content through a web browser by requesting the URL for the portal’s home page and authenticating through the Sun ONE Identity Server authentication service. Once authenticated, users are directed to the Sun ONE Portal Server Desktop.
Figure 1-1 shows a sample Desktop from the Sun ONE Portal Server 6.2.
Figure 1-1 Sun ONE Portal Server Sample Desktop
The Desktop is the primary interface for the user to portal content. The Desktop service is implemented through a servlet, provider APIs, various channels, and various other support APIs and utilities. The Desktop uses programmatic entities called providers to generate content. A single unit of content is called a channel. Multiple channels of content can be aggregated together into container channels and arranged in a variety of formats such as tables or tabs on the Desktop. When a user accesses the portal, the Desktop references a display profile which stores content provider and channel data used to generate the user’s content. As confusing as it may sound, the display profile does not actually define the overall layout, display, or organization of what users see on their Desktops. Fundamentally, the display profile exists only to provide property values for channels. Actually, the Desktop uses multiple display profiles stored as LDAP attributes at various levels or nodes in the Sun ONE Directory Server (top-most, organization, role, and user levels) to determine the content for a user. XML documents are used to define the display profile properties for each level and upload the property values into the LDAP node. At runtime, a user’s display profile is created by merging the display profile properties defined at each level. Although a display profile document can be defined at each level, you do not need to have a display profile document at each level.
To extend support to store and retrieve specific property values based on a given client type (such as HTML or MAPI), the Sun ONE Portal Server software includes:
- Conditional properties for defining the filtering criteria (see "Conditional Properties") .
- The authlessState property for determining how the client is managed under authless authentication (see "Configuring Anonymous Authentication").
Service Configuration OverviewThe Sun ONE Portal Server is an Sun™ ONE application and, as such, its services are defined and managed using the Sun ONE Identity Server Service Management System (SMS). Service-related data that is not server-specific is defined using an Extensible Markup Language (XML) file that adheres to an SMS Document Type Definition (DTD). Server-specific data can be stored in properties files that are local to the specific server. Each Sun ONE Portal Server service (Desktop, Netmail, Rewriter, and Search) has its own XML and properties files for presenting and modifying service specific data.
Sun ONE Identity Server Services
As explained in Architecture Overview, the Sun ONE Portal Server implements many functions and services using supporting products from the Sun ONE architecture that are external to the Sun ONE Portal Server itself. In particular, while previous versions of the Portal Server implemented many administrative capabilities internally, integration with the Sun ONE Identity Server allows the Sun ONE Portal Server to leverage the following administrative tools and services from the Sun ONE Identity Server product:
See Chapter 2, "Administering Authentication, Users, and Services" for information on administering Sun ONE Identity Server services.
Sun ONE Portal Server Services
In addition to the standard Sun ONE Identity Server services, the Sun ONE Portal Server uses the Sun ONE Identity Server administration console to administer its internal services (Desktop, NetMail, Rewriter, and Search).
Desktop
As stated in the previous section, the Desktop provides the primary end-user interface for Sun ONE Portal Server. The Desktop is the mechanism for extensible content aggregation through the Provider Application Programming Interface (PAPI). The Desktop includes a variety of providers that enable container hierarchy and the basic building blocks for building some types of channels. For storing content provider and channel data, the Desktop implements a display profile data storage mechanism on top of an Sun ONE Identity Server service. You can edit the display profile and other Desktop service data through the administration console. Refer to Chapter 4, "Administering the Portal Desktop Service" and Chapter 5, "Administering the Display Profile" for information on administering the Desktop and the display profile.
Rewriter
The Rewriter provides a Java class library for rewriting URL references in various web languages such as HTML, JavaScript™, and WML, and in HTTP Location headers (redirections). The Rewriter defines an Sun ONE Identity Server service for storing rules that define how rewriting is to be done and the data to be rewritten. You can edit Rewriter rules through the administration console. Refer to Chapter 7, "Administering the Rewriter Service" for information on administering Rewriter.
Search Engine
The Search Engine service provides basic and advanced search and browse channels for the Desktop. It uses a robot to create resource descriptions for documents that are available in the intranet, and stores these resource descriptions in an indexed database. Resource descriptions (RDs) can also be imported from another server or from a backup SOIF (Summary Object Interchange Format) file. The Search Engine includes Java and C APIs for submitting resource descriptions and for searching the database. The Search Engine database can also be used for storing other, arbitrary content, for example, a shared content cache for other content providers. You can edit Search Engine service data through the administration console. Refer to Chapter 8, "Administering the Search Engine Service" for information on administering Search.
NetMail
The NetMail service implements the NetMail (Java) and NetMail Lite email clients. These clients work with standard IMAP and SMTP servers. You can edit NetMail service data through the administration console. Refer to Chapter 6, "Administering the NetMail Service" for information on administering NetMail.
Configuration Mechanisms for Sun ONE Portal Server Services
The Sun ONE Portal Server uses a variety of configuration mechanisms to define, store and manage its services. This section contains five tables listing the configuration mechanisms used by each of the Sun ONE Portal Server internal services.
Table 1-1 lists the configuration mechanisms for the Desktop service. The table is divided into two columns: Configuration Mechanism and Description. Configuration Mechanism lists the mechanisms and Description describes the purpose of the mechanism.
Table 1-1 Sun ONE Portal Server Desktop Configuration Mechanisms
Configuration Mechanisms
Description
Desktop Service Definition
Defines the Sun ONE Identity Server configuration attributes for the Desktop service. See Appendix B, "XML Reference" for more information.
Desktop Display Profile XML DTD
Defines the display configuration for the Desktop by defining provider and channel objects, and their properties. See Appendix B, "XML Reference" for more information.
Desktop Administration Console Module
Supplies the means by which you manage Sun ONE Portal Server services in the Sun ONE Identity Server framework. See Chapter 4, "Administering the Portal Desktop Service" for more information on administering the Desktop service configuration attributes. See Chapter 5, "Administering the Display Profile" for more information on administering the display profile.
Desktop CLI
Supplies the dpadmin and par command utilities for product administration. See Chapter 14, "Command-Line Utilities" for more information.
Desktop Configuration Properties File
Defines the server-specific parameters for the Desktop service. See Appendix A, "Configuration Files" for more information.
Table 1-2 lists the configuration mechanisms for the Search service.The table is divided into two columns: Configuration Mechanism and Description. Configuration Mechanism lists the mechanisms and Description describes the purpose of the mechanism.
Table 1-2 Sun ONE Portal Server Search Configuration Mechanisms
Configuration Mechanisms
Description
Search Service Definition
Defines the Sun ONE Identity Server configuration attributes for the Search service. See Appendix I, "Schema Reference" for more information.
Search Administration Console Module
Supplies the means by which you manage Sun ONE Portal Server Search service data in the Sun ONE Identity Server framework. See Chapter 8, "Administering the Search Engine Service" for more information.
Search CLI
Supplies the rdmgr, sendrdm, and StartRobot command utilities for product administration. See Chapter 14, "Command-Line Utilities" for more information.
Search Configuration Properties File
Defines the server-specific parameters for the Search service. See Appendix A, "Configuration Files" for more information.
Robot Configuration Files
Define the behavior of the Search Engine robots. There are four robot configuration files. See Chapter 9, "Administering the Search Engine Robot" and Chapter 10, "The Pre-defined Robot Application Functions" for more information.
Table 1-3 lists the configuration mechanisms for the Rewriter service.The table is divided into two columns: Configuration Mechanism and Description. Configuration Mechanism lists the mechanisms and Description describes the purpose of the mechanism.
Table 1-3 Sun ONE Portal Server Rewriter Configuration Mechanisms
Configuration Mechanisms
Description
Rewriter Service Definition
Defines the Sun ONE Identity Server configuration attributes for the Rewriter service. See Appendix I, "Schema Reference" for more information.
Rewriter Rules XML DTD
See Appendix B, "XML Reference" for more information.
Rewriter Administration Console Module
Supplies the means by which you manage Sun ONE Portal Server Rewriter service data in the Sun ONE Identity Server framework. See Chapter 7, "Administering the Rewriter Service" for more information.
Rewriter CLI
Supplies the rwadmin command utility for product administration. See Chapter 14, "Command-Line Utilities" for more information.
Table 1-4 lists the configuration mechanisms for the NetMail service.The table is divided into two columns: Configuration Mechanism and Description. Configuration Mechanism lists the mechanisms and Description describes the purpose of the mechanism.
Table 1-4 Sun ONE Portal Server NetMail Configuration Mechanisms
Configuration Mechanisms
Description
NetMail Service Definition
Defines the Sun ONE Identity Server configuration attributes for the NetMail service. See Appendix I, "Schema Reference" for more information.
NetMail Administration Console Module
Supplies the means by which you manage Sun ONE Portal Server NetMail service data in the Sun ONE Identity Server framework. See the Chapter 6, "Administering the NetMail Service" for more information.
Administration OverviewThis section provides an overview of administering Sun ONE Portal Server, both from the Sun ONE Identity Server console and the command line.
Using the Sun ONE Identity Server Console
You administer Sun ONE Portal Server and Sun ONE Identity Server services through the HTML-based administration console provided by the Sun ONE Identity Server. Sun ONE Portal Server adds administration modules for Sun ONE Portal Server-specific services to extend the Sun ONE Identity Server console. See the individual chapters in this guide for information on the actual tasks you perform using the console.
The Sun ONE Identity Server console is divided into three sections: the location pane, the navigation pane and the data pane. Using all three panes, the administrator can navigate the directory, perform user and service configurations, and create policies. Figure 1-2 shows the administration console.
Figure 1-2 Sun ONE Identity Server Administration Console
Location Pane
The location pane runs along the top of the console. The uppermost View menu allows the administrator to switch between the four different management views:
The Welcome field displays the name of the user that is currently running the console with a link to their user profile.
The Help link opens a browser window containing an HTML version of Appendixes C, D, E, and F of this documentation, the Attribute Reference Guide.
The Logout link enables the user to log out of the Sun ONE Identity Server console.
Navigation Pane
The navigation pane is the left portion of the console. The Directory Object portion is at the top of the pane and displays the name of the directory object that is currently open and its Properties link. The Show menu lists the directories under the selected directory object. Depending on the number of sub-directories, a paging mechanism is provided.
Data Pane
The data pane is the right portion of the console. Object attributes and their values are displayed and configured here. Entries are selected for their respective group, role or organization in this pane.
Using Command-Line Utilities
The Sun ONE Portal Server command-line interface consists of utilities provided by the Sun ONE Identity Server and Sun ONE Portal Server.
See Chapter 14, "Command-Line Utilities" for a complete list and syntax of Sun ONE Portal Server command-line utilities. Refer to the Sun ONE Identity Server product documentation for information on its command-line utilities
