Sun Java System Portal Server Release Notes for HP-UX |
Sun Java System Portal Server Release Notes for HP-UX
Version 6 2005Q1
Part Number 819-1571-10
These Release Notes contain important information available at the time of release of Sun Java System Portal Server 6 2005Q1 for HP-UX. Known issues and limitations, and other information are addressed here. Read this document before you begin using Portal Server 6.
The most up-to-date version of these release notes can be found at the Sun Java System documentation web site: http://docs.sun.com/. Check the web site prior to installing and setting up your software and then periodically thereafter to view the most up-to-date release notes and product documentation.
These release notes contain the following sections:
Third-party URLs may be referenced in this document and provide additional, related information.
Release Notes Revision History
About Portal Server 6 2005Q1The Sun Java System Portal Server 6 2005Q1 product gives end users a Portal Desktop, which provides access to resources and applications. The Portal Server software also provides a search engine infrastructure that enables intranet content to be organized and accessed from the Portal Desktop. Additionally, in this release, the communication channels are now installed with the Portal Server software. The communication channels consist of mail, calendar, address book, and instant messaging channels.
Portal Server also offers Secure Remote Access support, which enables remote users to securely access their organization’s network and the services offered over the Internet. Additionally, it gives your organization a secure Internet portal, providing access to content, applications, and data to any targeted audience: employees, business partners, or the general public.
This section includes:
What’s New in This Release
The following Secure Remote Access features are new and have not been documented in the Sun Java System Portal Server Secure Remote Access 6 2005Q1 Administration Guide.
- HTTPS Support in Proxylet. This implementation has the following results:
- Decryption is done at the client server.
- You can access destination servers running in SSL mode.
- Can directly present client certificate to the destination server.
- Basic authentication single sign on is no longer available at the gateway. (The Gateway can not insert SSO information in http headers.)
- URL-based access control is no longer supported, only host-based access control,
- External accelerators and external reverse proxies in front of the GW are not currently supported.
- This support is not for Proxylet with Portal Server on HTTPS.
- The Proxylet Java applet now has rules that determine the content of the PAC file. All HTTP requests go to Proxylet. The Proxylet rules allow the administrator to specify mappings based on protocol, host, or port to domains.
Using the Access Manager administration console, the Portal Server administrator can choose whether to launch Netlet with Java Web Start or the Netlet applet. If the administrator chooses Java Web Start, when the user clicks Netlet icon on the desktop, the browser is launched and Netlet runs. When using Java Web Start, once it is deployed, Netlet does not need to be downloaded again.
Hardware and Software Requirements
The following hardware and software are required for this release of Portal Server 6 2005Q1.
Table 2 HP-UX Hardware and Software Requirements
Component
Platform Requirement
Supported Platforms
HP-UX PA-RISC
Operating System
HP-UX 11i v1
RAM
1 Gbytes
Disk space
500 Mbytes
For software requirements, see the Sun Java Enterprise System Release Notes at http://docs.sun.com.
Bugs Fixed in This ReleaseThe table below describes the bugs fixed in Portal Server 6 2005Q1 (3.6):
Important InformationInstallation Notes
This section contains installation information for:
- Default Paths and File Names
- Portal Server Configuration
- Web Containers
- Post Installation Configuration
- Gateway Configuration Checklist
- Netlet Proxy Configuration Checklist
- Rewriter Proxy Configuration Checklist
- Configuring Portal Server in Interactive Mode
- Configuring Portal Server in Silent Mode
- Portal Server Post-Installation Tasks
- Installing JSR168 Sample Portlets and WSRP Samples on Third-Party Web Containers
- Verifying the Portal Server Installation
- Verifying the Gateway Installation
Default Paths and File Names
The following table describes the default paths and file names used.
Portal Server Configuration
For Sun Java Enterprise System 2005Q1 Portal Server can be installed and configured to run with either:
Web Containers
After Portal Server and Access Manager SDK have been installed using Sun Java Enterprise Server installation program, use the following procedures to install JSR168 sample portlets or WSRP samples. If you use Sun Java System Web Server or Sun Java System Application Server, install the WSRP samples.
For detailed instructions on installing the Sun Java Enterprise System component products, refer to the Sun Java Enterprise System Installation Guide at http://docs.sun.com/db/doc/817-5760
To Install WSRP Samples on Web Server or Application Server
The following manual steps are needed after the Portal Server and Access Manager SDK have been installed on Sun Java System Web Server 6.1 and Sun Java Server Application Server 8:
Post Installation Configuration
This section is organized as follows:
- The psconfig Script
- Portal Server And Secure Remote Access Configuration Checklist
- Gateway Configuration Checklist
- Netlet Proxy Configuration Checklist
- Rewriter Proxy Configuration Checklist
- Configuring Portal Server in Interactive Mode
- Configuring Portal Server in Silent Mode
- Portal Server Post-Installation Tasks
The psconfig Script
If you have installed Portal Server with the Sun Java Enterprise System installer with the “Configure Later” option, use psconfig to configure the Portal Server component product. The following checklists in this section describe the parameters used to configure the Portal Server component product.
To run psconfig:
If you have performed a minimal installation, you will need to use the psconfig script to configure your Portal Server installation. The following checklists describe the values that you will need for a post-install configuration. Depending on the type of installation you perform, the values that you use might vary.
The Checklists are organized in the following way:
Portal Server And Secure Remote Access Configuration Checklist
The table below is a three column table that lists all the values that you might need for a post-install configuration. Depending on the type of installation you perform, the values that you use might vary.
Note
The Portal Server 2005Q1 default base installation and product directory depends on your specific platform:
/opt/sun
The sample silent file looks like the following:
################################################################################
# Install/Config components (Use comma (,) to separate entries ):
#
# 1. PortalServer
# 2. Secure Remote Access Core
# 3. Gateway
# 4. NetletProxy
# 5. RewriterProxy
################################################################################
COMPONENTS=1,2,3,4,5
BASEDIR=/opt/sun
################################################################################
# Portal Server keys
###############################################################################
############ PS_CONFIGURATION_MODE possible values#####################
# configure - Configure the Portal Server Components.
################################################################################
PS_CONFIGURATION_MODE=configure
##################### PS_DEPLOY_TYPE possible values###########################
# IWS = WebServer
# SUNONE8 = AppServer8.1
################################################################################
PS_DEPLOY_TYPE=SUNONE8
##################### PS_DEPLOY_DIR possible values#############################
# /opt/sun/webserver=WebServer
# /opt/sun/appserver = AppServer 8.1
################################################################################
PS_DEPLOY_DIR=/opt/sun/appserver
##################### PS_DEPLOY_DOMAIN possible values#########################
# null = WebServer
################################################################################
PS_DEPLOY_DOMAIN=domain1
#################### PS_DEPLOY_INSTANCE_DIR possible values########################
# /var/opt/sun/appserver/domains/domain1 = AppServer8.1
# null - for other containers.
################################################################################
PS_DEPLOY_INSTANCE_DIR=/var/opt/sun/appserver/domains/domain1
##################### PS_DEPLOY_INSTANCE possible values#######################
# myportalbox.mydomain.com = WebServer
# server1 = AppServer 7.0
# server = AppServer 8.1
################################################################################
PS_DEPLOY_INSTANCE=server
##################### PS_DEPLOY_DOCROOT possible values#########################
# /opt/SUNWwbsvr/docs = WebServer
# /var/opt/sun/appserver/domains/domain1/docroot = AppServer 8.1
################################################################################
PS_DEPLOY_DOCROOT=/var/opt/sun/appserver/domains/domain1/docroot
PS_DEPLOY_ADMIN=admin
PS_DEPLOY_ADMIN_PROTOCOL=https
PS_DEPLOY_ADMIN_HOST=myportalbox.mydomain.com
PS_DEPLOY_ADMIN_PORT=4849
################################################################################
# SRACore keys
################################################################################
SRA_GW_PROTOCOL=http
SRA_GW_PORT=443
SRA_GATEWAY_PROFILE=default
SRA_SERVER_DOMAIN=mydomain.com
SRA_GW_DOMAIN=mydomain.com
SRA_IDSAME_ADMIN_PASSWORD=admin123
SRA_IDSAME_LDAPUSER_PASSWORD=test1234
SRA_DS_DIRMGR_DN=cn=Directory Manager
SRA_DS_DIRMGR_PASSWORD=admin123
SRA_DEPLOY_ADMIN_PASSWORD=admin123
SRA_LOG_USER_PASSWORD=admin123
################################################################################
# Gateway keys
################################################################################
GW_PROTOCOL=https
GW_HOST=mygwbox.mydomain.com
GW_PORT=443
GW_IP=129.158.227.209
GW_GATEWAY_PROFILE=default
GW_LOAD_BALANCER_URL=http://mygwbox.mydomain.com:80/portal
GW_CERT_INFO="CN=$GW_HOST,L=Santa
Clara,ST=California,C=us,O=Portal,OU=Sun"
GW_SRA_LOG_USER_PASSWORD=admin123
GW_CERT_DB_PASSWORD=admin123
################################################################################
Gateway Configuration Checklist
The table below is a three column table for the Gateway Installation Checklist.
Netlet Proxy Configuration Checklist
The table below is a three column table for the Netlet Proxy Installation Checklist. The first column lists the parameters. The second column lists the default value. The third column lists a description for the parameter.
Rewriter Proxy Configuration Checklist
The table below is a three column table for the Rewriter Proxy Installation Checklist. The first column lists the parameters. The second column lists the default value. The third column lists a description for the parameter.
Configuring Portal Server in Interactive Mode
Portal Server
The table below is a three column table that lists all the values that you might need for a post-minimal install configuration. Depending on the type of installation you perform, the values that you use might vary.
Gateway
The table below is a three column table that contains the checklist for gateway configuration. Column one lists the parameter. Column two contains the default value for the parameter. Column three lists the description.
Netlet Proxy
The table below is a three column table for the Netlet Proxy configuration checklist. Column one lists the parameter. Column two lists the default value. Column three contains the description.
Rewriter Proxy
The table below is a three column table that contains the Rewriter Proxy configuration checklist. Column one lists the parameter. Column two lists the default value. Column three contains the description.
For information on post-installation tasks see Portal Server Post-Installation Tasks.
Configuring Portal Server in Silent Mode
To configure the Portal Server using the samplesilent file, modify the pssamplesilent file located at PortalServer-base/lib and execute the psconfig script.
For information on post-installation tasks see Portal Server Post-Installation Tasks.
Portal Server Post-Installation Tasks
Post-installation tasks need to be performed for each of the following components:
Portal Server
To access the Portal Server or the Identity Server administration console the directory server and the web container must first be started.
Use the following command to start a local installation of the directory server:
/var/opt/mps/serverroot/slapd-hostname/start-slapd
The following post-installation tasks depend on the type of web container on which you deployed the Portal Server.
Sun Java System Web Server
To start the Sun Java System Web Server:
or
Sun Java System Application Server 8.1
To configure the Application Server Instance, do the following:
- Stop the domain instance. In a terminal window, type:
/opt/sun/appserver/bin/asadmin stop-domain domainname
For example
/opt/sun/appserver/bin/asadmin stop-domain domain1
- Start the domain instance. In a terminal window, type:
/opt/sun/appserver/bin/asadmin start-domain --user administrator-user-name --passwordfile /opt/sun/appserver/bin/admin.password domainname
Content of /opt/sun/appserver/bin/admin.password should be AS_ADMIN_PASSWORD=<admin password>
For example,
/opt/sun/appserver/bin/asadmin start-domain --user admin --passwordfile /opt/sun/appserver/bin/admin.password domainname
Installing JSR168 Sample Portlets and WSRP Samples on Third-Party Web Containers
After Portal Server and Access Manager SDK have been installed using Java Enterprise Server installer, use one of the following procedures to install JSR168 sample portlets or WSRP samples. If you use Sun Java System Web Server or Sun Java System Application Server, install the WSRP samples.
To Install WSRP Samples On Web Server or Application Server
The following manual steps are needed after the Portal Server and Access Manager SDK have been installed on Sun Java System Web Server 6.1 and Sun Java Server Application Server 7:
Secure Remote Access
When using the Portal Server with the gateway, the gateway Certificate Authority (CA) certificate must be added to the Portal Server trusted CA list, regardless of whether the Portal Server is running in HTTP or HTTPs mode.
When a user session time out or user session logout action happens, the Sun Java System Identity Server sends a session notification to the gateway. Even when the Sun Java System Identity Server is running in HTTP mode, it will act as an SSL client using HttpsURLConnection to send the notification. Since it is connecting to an SSL server (the gateway), it should have the gateway CA certificate as part of the Trusted CA list or it should have an option to allow self signed certificate.
To create HttpsURLConnection, the Java Virtual Machine (JVM) property -Djava.protocol.handler.pkgs needs to be set.
If Portal Server is running on the Sun Java System Web Server, Sun Java System Application Server, or BEA WebLogic Server, this property is correctly set to com.iplanet.services.com by default. The Sun Java System Identity Server package has the implementation of HttpsURLConnection and it provides an option to accept self-signed certificates from any SSL server by adding the flag com.iplanet.am.jssproxy.trustAllServerCerts=true in the AMConfig.properties file.
The -Djava.protocol.handler.pkgs is not set by default for the IBM WebSphere Application Server. The HttpsURLConnection implementation for supported application servers must use their own default handler (this could be JSSE or custom SSL implementation).
Configuring Multiple Gateways on Multiple Portals
When installing a second gateway on a second portal, you must manually update the Forward Cookie URLs value to point to the second Portal.
Starting and Stopping the Gateway
- Start the gateway using the following command:
/opt/sun/portal_svr/bin/gateway -n new-profile-name start
default is the default name of the gateway profile that is created during installation. You can create your own profiles later, and restart the gateway with the new profile. See “Creating a Gateway Profile” in Chapter 2 of the Sun Java System Portal Server, Secure Remote Access 6 2005Q1 Administration Guide.
If you have multiple gateway instances, use:
gateway-base/portal_svr/bin/gateway start
Note
This step is not required if you selected the Start Gateway after installation option during the gateway installation.
Note
Ensure that only the configuration files for the instances that you want to start are in the /etc/opt/sun/portal_svr.
If you want to stop all the gateway instances that are running on that particular node, use the following command:
gateway-base/portal_svr/bin/gateway stop
Netlet and Rewriter Proxy
Before starting the Netlet Proxy and the Rewriter Proxy, ensure that the gateway profile is updated with the Netlet Proxy and the Rewriter Proxy options.
Verifying the Portal Server Installation
Access the Portal Server Administration Console and Desktop
To Access the Sun Java System Identity Server Administration Console
- Open a browser.
- Type protocol://hostname.domain:port/amconsole
For example,
http://example.com:80/amconsole
- Enter the administrator’s name and password to view the administration console.
This is the name and password you specified at the time of installing the Sun Java System Identity Server software.
To Access the Portal Server Desktop
Verify the Portal Server installation by accessing the Desktop. Use the following URL to access the Desktop: protocol://fully-qualified-hostname:port/portal-URI
For example,
http://example.com:80/portal
When you access the Desktop, the Authless Desktop is displayed. This allows users accessing the Desktop URL to be authenticated automatically and granted access to the Desktop.
If the sample Portal Desktop displays without any exception, then your Portal Server installation is good.
Verifying the Gateway Installation
- Run the following command to check if the gateway is running on the specified port (the default port is 443):
netstat -an | grep port-number
If the gateway is not running, start the gateway in the debug mode, and view messages that are printed on the console. Use the following command to start the gateway in debug mode:
PortalServer-base/portal_svr/bin/gateway -n profilename start debug
Also view the log files after setting the gateway.debug attribute in the platform.conf.profilename file to message. See the section Understanding the platform.conf File in Chapter 2, “Administering Gateway” in the Sun Java System Portal Server, Secure Remote Access 6 2005Q1 Administration Guide, for details.
- Run the Portal Server in secure mode by typing the gateway URL in your browser:
https://gateway-machine-name:portnumber
If you have chosen the default port (443) during installation, you need not specify the port number.
- Login to the Identity Server administration console as administrator using the user name amadmin, and using the password specified during installation.
You can now create new organizations, roles, and users and assign required services and attributes in the administration console.
Known Issues and LimitationsThis section describes the known issues and limitations of Sun Java System Portal Server 6 2005Q1 for HP-UX. For a list of the known issues and limitations in this component, refer to the following Release Notes:
http://docs.sun.com/app/docs/doc/817-7699
The following topics are the known issues:
PSSRA
Reverse proxy has been not tested (6298197).
Reverse proxy has been not tested in Java Enterprise System 3 installer release for RR.
Workaround
None.
Proxylet does not get downloaded, throws exception (6297851).
Proxylet does not get downloaded, throws exception.
Workaround
None.
Gateway not tested with two different subnets (6299952).
Gateway not tested with two different subnets in Java Enterprise System 3 installer release for RR.
Workaround
None.
Redistributable FilesSun Java System Portal Server 6 2005Q1 does not contain any files which you can redistribute.
How to Report Problems and Provide FeedbackIf you have problems with Sun Java System Portal Server, contact Sun customer support using one of the following mechanisms:
- Sun Software Support services online at
http://www.sun.com/service/sunone/softwareSo that we can best assist you in resolving problems, please have the following information available when you contact support:
- Description of the problem, including the situation where the problem occurs and its impact on your operation
- Machine type, operating system version, and product version, including any patches and other software that might be affecting the problem
- Detailed steps on the methods you have used to reproduce the problem
- Any error logs or core dumps
If your problems seem to be associated with a client, please have the following information available:
- What client types are new
- What default client type settings have changed and how
- What errors or exceptions are reported in the /var/opt/sun/identity/debug/render.debug file or the /var/opt/sun/identity/debug/MAPFilterConfig file for Solaris platform. For HP-UX platform /var/opt/sun/identity/debug/MAPFilterConfig. For Windows platform [INSTALLDIR]/AccessManager/debug.
- What exceptions are reported in the taglibs log file /var/opt/sun/identity/debug/mapJsp
Sun Welcomes Your Comments
Sun is interested in improving its documentation and welcomes your comments and suggestions.
To share your comments, go to http://docs.sun.com and click Send Comments. In the online form, provide the document title and part number. The part number is a seven-digit or nine-digit number that can be found on the title page of the guide or at the top of the document.
Additional Sun ResourcesUseful Sun Java System information can be found at the following Internet locations:
- Sun Java System Documentation
http://docs.sun.com/app/docs/prod/entsys.05q1#hic- Sun Java System Professional Services
http://www.sun.com/service/sunps/sunone- Sun Java System Software Products and Service
http://www.sun.com/software- Sun Java System Software Support Services
http://www.sun.com/service/sunone/software- Sun Java System Support and Knowledge Base
http://www.sun.com/service/support/software- Sun Java System Software Support Services
http://www.sun.com/support/- Sun Java System Consulting and Professional Services
http://www.sun.com/service/sunps/sunone- Sun Java System Developer Information
http://sunonedev.sun.com- Sun Developer Support Services
http://www.sun.com/developers/support- Sun Java System Software Training
http://www.sun.com/software/training- Sun Software Data Sheets
http://wwws.sun.com/software
Copyright � 2005 Sun Microsystems, Inc. All rights reserved.
Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries.
SUN PROPRIETARY/CONFIDENTIAL.
U.S. Government Rights - Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements.
Use is subject to license terms.
This distribution may include materials developed by third parties.
Portions may be derived from Berkeley BSD systems, licensed from U. of CA.
Sun, Sun Microsystems, the Sun logo, Java and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries.
Copyright � 2005 Sun Microsystems, Inc. Tous droits r�serv�s.
Sun Microsystems, Inc. d�tient les droits de propri�t� intellectuels relatifs � la technologie incorpor�e dans le produit qui est d�crit dans ce document. En particulier, et ce sans limitation, ces droits de propri�t� intellectuelle peuvent inclure un ou plus des brevets am�ricains list�s � l'adresse http://www.sun.com/patents et un ou les brevets suppl�mentaires ou les applications de brevet en attente aux Etats - Unis et dans les autres pays.
Propri�t� de SUN/CONFIDENTIEL.
L'utilisation est soumise aux termes du contrat de licence.
Cette distribution peut comprendre des composants d�velopp�s par des tierces parties.
Des parties de ce produit pourront �tre d�riv�es des syst�mes Berkeley BSD licenci�s par l'Universit� de Californie.
Sun, Sun Microsystems, le logo Sun, Java et Solaris sont des marques de fabrique ou des marques d�pos�es de Sun Microsystems, Inc. aux Etats-Unis et dans d'autres pays.
Toutes les marques SPARC sont utilis�es sous licence et sont des marques de fabrique ou des marques d�pos�es de SPARC International, Inc. aux Etats-Unis et dans d'autres pays.