Sun ONE logo      Previous      Index      Next     

Sun ONE Portal Server, Secure Remote Access 6.1 Administrator's Guide

Contents


List of Figures

List of Tables

List of Procedures

About This Guide
Who Should Read This Guide
What You Need to Know
How This Book is Organized
Document Conventions Used in This Guide
Monospaced Font
Italicized Font
Square or Straight Brackets
Command-Line Prompts
Where to Find Related Information
Where to Find This Guide Online

Chapter 1   Introduction to Sun ONE Portal Server, Secure Remote Access
Secure Remote Access
Open Mode
Secure Mode
Administering Secure Remote Access
Components of Secure Remote Access
Gateway
Netlet
NetFile
Rewriter
Configuring Secure Remote Access
Configuring URL Access Control
Setting up a URL Deny List
Setting up a URL Allow List
Managing Single Sign-On
Customizing the Access List Interface
Integrating Outlook Web Access

Chapter 2   Administering the Gateway
Overview of the Gateway
Creating a Gateway Profile
Starting and Stopping the Gateway
Creating Multiple Instances of a Gateway
Creating a New Instance on a Portal Server Node
Creating a New Instance on a Separate Node
Configuring a Proxy to Contact the Portal Server
Restarting the Gateway
Configuring the Gateway Attributes
Running in HTTP and HTTPS Modes
Enabling the Rewriter Proxy
Disabling Netlet
Enabling Netlet Proxy
Managing Proxies
Specifying URLS for Webproxies
Specifying URLs for which Proxies Should not be Used
Specifying the Default Domain and Subdomain
Specifying Proxy Authentication Information
Configuring Cookies
Enabling HTTP Basic Authentication
Configuring Persistent HTTP Connections
Forwarding Cookie Configuration
Specifying URLs that Bypass Authentication
Specifying the Maximum Connection Queue Length
Specifying the Gateway Timeout
Specifying the Maximum Number of Threads
Specifying the Cached Socket Timeout
Configuring Personal Digital Certificate (PDC) Authentication
Allowing 40-bit Browser Connections
Disabling SSL Version 2.0
Enabling Cipher Selection
Rewriting all URLs
Specifying the List of Configured Portal Servers
Specifying the Retry Interval for the Portal Server
Enabling Logging
Enabling Netlet Logging
Authentication Chaining
Wild Card Certificates
Disabling Browser Caching
Running the Gateway in the chroot Environment
Restarting the Gateway in the chroot Environment
Customizing the Gateway User Interface
Understanding the platform.conf File

Chapter 3   Configuring Netlet
Overview of Netlet
Netlet Components
Netlet Usage Scenario
Working With Netlet
Defining Netlet Rules
Netlet Rule Syntax
Types of Rules
Default Ports for Applications
Netlet Rule Examples
Creating a Netlet Rule
Modifying an Existing Netlet Rule
Deleting a Netlet Rule
Configuring Netlet Attributes
Netlet Attributes at the Service Configuration Level
Netlet Attributes at the Organization Level
Netlet Attributes at the User Level
Setting the Conflict Resolution Level
Specifying the Default Encryption Algorithm
Specifying the Key Size for Algorithms
Assigning the Default Loopback Port
Enabling Reauthentication for Connections
Disabling Warning Popup for Connections
Enabling the Show Checkbox in Port Warning Dialog
Setting the Keep Alive Interval
Setting the Terminate Netlet at Portal Logout Option
Defining Access to Netlet Rules
Denying Access to Netlet Rules
Allowing Access to Hosts
Denying Access to Hosts
Configuring the Netlet Proxy
Restarting the Netlet Proxy
Configuring Multiple Instances of the Netlet Proxy
Creating a New Instance on a Portal Server Node
Creating a New Instance on an Separate Server Node
Sample Netlet Rules
Enabling Netlet Logging
Customizing the Netlet

Chapter 4   Configuring NetFile
Overview of NetFile
Supported File Access Protocols
Enabling Access to NetFile
Configuring NetFile Attributes
Setting NetFile Attributes at the Service Configuration Tab
Setting NetFile Attributes at the Organization Level
Setting NetFile Attributes at the User Level
Specifying the Temporary Files Directory
Specifying the OS Character Set
Specifying the SMB Client Location
Specifying the MIME-types Configuration File Location
Setting the Conflict Resolution Level
Specifying the NetFile Window Size
Specifying the NetFile Window Location
Specifying the Default Domain
Specifying the Windows Domain/Workgroup
Specifying the Search Directories Limit
Specifying Access to Different Types of Hosts
Configuring a Common Hosts List
Configuring the Allowed Hosts List
Configuring the Denied Hosts List
Setting File Delete Permissions
Setting File Rename Permissions
Allowing User ID Change
Allowing NT Domain Change
Setting the File Upload Size Limit
Enabling Debugging for NetFile
Enabling Logging for NetFile
Configuring Unix Authentication

Chapter 5   Configuring Rewriter
Overview of Rewriter
Expanding Relative URLs to Absolute URLs
Prefixing the Gateway URL to the Existing URL
Target Audience
Supported URLs and Exceptions
Supported URLs
Exceptions
Defining Rewriter Rules and Rulesets
Pre-packaged Rulesets
Restoring the Pre-packaged Rulesets
Creating a Ruleset and Defining Rules
Configuring the Rewriter in the Gateway Service
Rewriting all URLs
Assigning Rulesets to Domains
Ruleset for Outlook Web Access
Specifying the MIME Mappings
Using Pattern-matching in Rules
Rules for HTML Content
Attribute Rules for HTML Content
JavaScript Token Rules for HTML Content
Form Rules for HTML Content
Applet Rules for HTML Content
Rules for JavaScript Content
Variables in JavaScript
Function Parameters in JavaScript
Rules for XML Content
Tag Text in XML
Attributes in XML
Cascading Style Sheets
Client-side Rewriting
Sample Ruleset
Case Study
Writing Rules for the Rewriter
Working Samples
Sample for Forms
Sample for HTML Attributes
Sample for Applets
Sample for HTML JavaScript Tokens
Sample for JavaScript URL Variables
Sample for JavaScript EXPRESSION Variables
Sample for JavaScript DHTML Variables
Sample for JavaScript DJS Variables
Sample for JavaScript SYSTEM Variables
Sample for JavaScript URL Functions
Sample for JavaScript EXPRESSION Functions
Sample for JavaScript DHTML Functions
Sample for JavaScript DJS Functions
Sample for XML Attributes
Ruleset DTD
Enabling Rewriter Debug Information
Mapping of Rules with SP4

Chapter 6   Working With Certificates
Certificate Management
Certificate Files
Trust Attributes
Certificate Authorities (CAs)
The certadmin Script
Generating a Self-signed SSL Certificate
Obtaining and Installing an SSL Certificate From a CA
Listing Root CA Certificates
List All Certificates
Modifying the Trust Attributes of a Certificate

Appendix A   Configuring the SSL Accelerator
Overview of the SSL Accelerator
Enabling SSL Hardware Support for the Sun™ ONE Portal Server, Secure Remote Access

Appendix B   Country Codes
Glossary


Previous      Index      Next     


Copyright 2003 Sun Microsystems, Inc. All rights reserved.