Sun Java™ System Portal Server Release Notes for HP-UX
Version 6 2005Q1
Part Number 819-1571-10
These Release Notes contain important information available at the time of release of Sun Java™ System Portal Server 6 2005Q1 for HP-UX. Known issues and limitations, and other information are addressed here. Read this document before you begin using Portal Server 6.
The most up-to-date version of these release notes can be found at the Sun Java System documentation web site: http://docs.sun.com/. Check the web site prior to installing and setting up your software and then periodically thereafter to view the most up-to-date release notes and product documentation.
These release notes contain the following sections:
Third-party URLs may be referenced in this document and provide additional, related information.
|
|
Note
|
Sun is not responsible for the availability of third-party web sites mentioned in this document. Sun does not endorse and is not responsible or liable for any content, advertising, products, or other materials that are available on or through such sites or resources. Sun will not be responsible or liable for any actual or alleged damage or loss caused by or in connection with the use of or reliance on any such content, goods, or services that are available on or through such sites or resources.
|
|
Release Notes Revision History
Table 1 Revision History
|
Date
|
Description
|
|
February, 2005
|
Initial release of Sun Java System Portal Server 6 2005Q1 Release Notes for HP-UX
|
|
July, 2005
|
Release of RR version of Sun Java System Portal Server 6 2005Q1 Release Notes for HP-UX
|
About Portal Server 6 2005Q1
The Sun Java System Portal Server 6 2005Q1 product gives end users a Portal Desktop, which provides access to resources and applications. The Portal Server software also provides a search engine infrastructure that enables intranet content to be organized and accessed from the Portal Desktop. Additionally, in this release, the communication channels are now installed with the Portal Server software. The communication channels consist of mail, calendar, address book, and instant messaging channels.
Portal Server also offers Secure Remote Access support, which enables remote users to securely access their organization’s network and the services offered over the Internet. Additionally, it gives your organization a secure Internet portal, providing access to content, applications, and data to any targeted audience: employees, business partners, or the general public.
This section includes:
- What’s New in This Release
- Hardware and Software Requirements
What’s New in This Release
The following Secure Remote Access features are new and have not been documented in the Sun Java System Portal Server Secure Remote Access 6 2005Q1 Administration Guide.
- HTTPS Support in Proxylet. This implementation has the following results:
- Decryption is done at the client server.
- You can access destination servers running in SSL mode.
- Can directly present client certificate to the destination server.
- Basic authentication single sign on is no longer available at the gateway. (The Gateway can not insert SSO information in http headers.)
- URL-based access control is no longer supported, only host-based access control,
- External accelerators and external reverse proxies in front of the GW are not currently supported.
- This support is not for Proxylet with Portal Server on HTTPS.
- The Proxylet Java applet now has rules that determine the content of the PAC file. All HTTP requests go to Proxylet. The Proxylet rules allow the administrator to specify mappings based on protocol, host, or port to domains.
For example an administrator can make a rule so that all FTP traffic is routed through Netlet and all HTTP traffic is routed through Proxylet.
Using the Access Manager administration console, the Portal Server administrator can choose whether to launch Netlet with Java Web Start or the Netlet applet. If the administrator chooses Java Web Start, when the user clicks Netlet icon on the desktop, the browser is launched and Netlet runs. When using Java Web Start, once it is deployed, Netlet does not need to be downloaded again.
Hardware and Software Requirements
The following hardware and software are required for this release of Portal Server 6 2005Q1.
Table 2 HP-UX Hardware and Software Requirements
|
Component
|
Platform Requirement
|
|
Supported Platforms
|
HP-UX PA-RISC
|
|
Operating System
|
HP-UX 11i v1
|
|
RAM
|
1 Gbytes
|
|
Disk space
|
500 Mbytes
|
For software requirements, see the Sun Java Enterprise System Release Notes at http://docs.sun.com.
Bugs Fixed in This Release
The table below describes the bugs fixed in Portal Server 6 2005Q1 (3.6):
Table 3 Fixed Bugs in Portal Server 6 2005Q1
|
Bug Number
|
Description
|
|
|
Default database and Discussion database is missing in Beta Release.
|
|
|
Certification generation on HP-UX fails for PS-SRA configuration.
|
Important Information
Installation Notes
This section contains installation information for:
- Default Paths and File Names
- Portal Server Configuration
- Web Containers
- Post Installation Configuration
- Gateway Configuration Checklist
- Netlet Proxy Configuration Checklist
- Rewriter Proxy Configuration Checklist
- Configuring Portal Server in Interactive Mode
- Configuring Portal Server in Silent Mode
- Portal Server Post-Installation Tasks
- Installing JSR168 Sample Portlets and WSRP Samples on Third-Party Web Containers
- Verifying the Portal Server Installation
- Verifying the Gateway Installation
Default Paths and File Names
The following table describes the default paths and file names used.
Table 4 Default Paths and File Names
|
Term
|
Description
|
|
PortalServer-base
|
Represents the base installation directory for Portal Server. The Portal Server 2005Q1 default base installation and product directory depends on your specific platform:
/opt/sun
For example, if the install root is /opt (the default) the Portal Server is installed in /opt/sun/portal_svr.
|
|
AccessManager-base
|
Represents the base installation directory for Access Manager. The Access Manager 2005 Q1 default base installation and product directory depends on your specific platform:
/opt/sun/identity
|
|
DirectoryServer-base
|
Represents the base installation directory for Sun Java System Directory Server. Refer to the product documentation for the specific path name.
|
|
ApplicationServer-base
|
Represents the base installation directory for Sun Java System Application Server. Refer to the product documentation for the specific path name.
|
|
WebServer-base
|
Represents the base installation directory for Sun Java System Web Server. Refer to the product documentation for the specific path name.
|
Portal Server Configuration
For Sun Java Enterprise System 2005Q1 Portal Server can be installed and configured to run with either:
- Access Manager installed and configured in the same installation session on the same machine
- Access Manager previously installed and configured on a separate machine
Web Containers
After Portal Server and Access Manager SDK have been installed using Sun Java Enterprise Server installation program, use the following procedures to install JSR168 sample portlets or WSRP samples. If you use Sun Java System Web Server or Sun Java System Application Server, install the WSRP samples.
|
|
Note
|
In the Beta Release, Application Server is not supported as web container.
|
|
For detailed instructions on installing the Sun Java Enterprise System component products, refer to the Sun Java Enterprise System Installation Guide at http://docs.sun.com/db/doc/817-5760
To Install WSRP Samples on Web Server or Application Server
The following manual steps are needed after the Portal Server and Access Manager SDK have been installed on Sun Java System Web Server 6.1 and Sun Java Server Application Server 8:
- Restart the Web Server or Application Server instance.
- Make sure that the PATH setting includes /usr/bin. This is needed for awk part of script to run correctly.
- Execute the following commands to configure the WSRP samples.
Post Installation Configuration
This section is organized as follows:
- The psconfig Script
- Portal Server And Secure Remote Access Configuration Checklist
- Gateway Configuration Checklist
- Netlet Proxy Configuration Checklist
- Rewriter Proxy Configuration Checklist
- Configuring Portal Server in Interactive Mode
- Configuring Portal Server in Silent Mode
- Portal Server Post-Installation Tasks
The psconfig Script
If you have installed Portal Server with the Sun Java Enterprise System installer with the “Configure Later” option, use psconfig to configure the Portal Server component product. The following checklists in this section describe the parameters used to configure the Portal Server component product.
To run psconfig:
- As root in a terminal window, go to the directory that contains the psconfig script:
cd /PortalServer-base/portal_svr/lib
- Configuration can be performed in either the interactive mode or using a silent file.
- To configure in the interactive mode, execute the psconfig script by typing ./psconfig and then enter appropriate answers for the configuration questions.
- To configure using the sample silent file, execute the psconfig script by typing
./psconfig -s pssamplesilentfile
See “Configuring Portal Server in Silent Mode.”
|
|
Note
|
Sample pssamplesilent file is available at the location PortalServer-base/portal_svr/lib. Modify this file for your setup details before using it.
|
|
If you have performed a minimal installation, you will need to use the psconfig script to configure your Portal Server installation. The following checklists describe the values that you will need for a post-install configuration. Depending on the type of installation you perform, the values that you use might vary.
The Checklists are organized in the following way:
- Components
- Base Directory
- Configuration Mode
- Deployment Information
- Web Container Information
- Portal Server Information
- Identity Server Information
- Secure Remote Access Information
- Gateway
- Netlet Proxy
- Rewriter Proxy
Portal Server And Secure Remote Access Configuration Checklist
The table below is a three column table that lists all the values that you might need for a post-install configuration. Depending on the type of installation you perform, the values that you use might vary.
|
|
Note
|
The Portal Server 2005Q1 default base installation and product directory depends on your specific platform:
/opt/sun
|
|
|
|
Note
|
If a parameter is not applicable to a container, it is not included in the table.
|
|
Table 5 Portal Server Configuration Checklist
|
Parameter
|
Default Value
|
Description
|
|
COMPONENTS
|
|
Sun Java System Portal Server components to be configured
|
1,2,3,4,5
|
Set “1” to configure PortalServer.
Set “2” to configure Secure Remote Access Core.
Set “3” to configure Gateway.
Set “4” to configure NetletProxy.
Set “5” to configure RewriterProxy.
To Configure multiple components, use a comma (,) to separate entries.
|
|
BASEDIR
|
|
BASEDIR
The directory where Sun Java System Portal Server configurator components are installed
|
|
This is the base directory in which the Portal Server software is installed using Java Enterprise System Installer.
The base directory depends on the platform you are using.
For example, if the install root is /opt (the default) the Portal Server is installed in:
/opt/sun/portal_svr
|
|
PS_CONFIGURATION_MODE
The Configuration mode in which you want the Sun Java System configurator needs to be executed
|
configure
|
Possible values are:
configure–Configure the Portal Server Components.
|
|
Deployment Information
|
|
PS_DEPLOY_TYPE
The web container on which Portal Server is being deployed. The Portal Server can be deployed on
Sun Java System Web Server
Sun Java System Application Server 8.1
|
SUNONE8
|
Possible values are:
IWS = Sun Java System Web Server
SUNONE8 = Sun Java System Application Server 8.1
|
|
Web Container Information
Sun Java System Web Server
|
|
PS_DEPLOY_DIR
|
/opt/sun/webserver
|
Directory in which the Sun Java System Web Server is installed.
|
|
PS_DEPLOY_INSTANCE
|
myportalbox.mydomain.com
|
The web server instance you want the Portal Server to use. Note: The instance name should not contain spaces.
|
|
PS_DEPLOY_DOCROOT
|
/opt/sun/webserver/docs
|
The Web Server Directory where static pages are kept.
|
|
PS_DEPLOY_ADMIN
|
admin
|
The administrator user ID.
|
|
PS_DEPLOY_ADMIN_PROTOCOL
|
http
|
The administration server Protocol.
|
|
PS_DEPLOY_ADMIN_HOST
|
myportalbox.mydomain.com
|
The administration server hostname.
|
|
PS_DEPLOY_ADMIN_PORT
|
8888
|
The port number of the administration server.
|
|
PS_DEPLOY_JDK_DIR
|
/usr/jdk/entsys-j2se
|
The JDK Directory that is being used by the web container.
|
|
Web Container Information
Sun Java System Application Server 8.1
|
|
PS_DEPLOY_DIR
|
/opt/sun/appserver
|
Directory in which the Sun Java System Application Server 8.1 is installed
|
|
PS_DEPLOY_DOMAIN
|
domain1
|
The Sun Java System Application Server domain contains a set of instances. The domain specified will contain the instance used by the Portal Server.
This domain must already be configured.
|
|
PS_DEPLOY_INSTANCE_DIR
|
/var/opt/sun/appserver/domains/domain1
|
The full path of the domain specified that will be configured for the Portal Server.
|
|
PS_DEPLOY_INSTANCE
|
server
|
The name of the Sun Java System Application Server instance to which the Portal Server will be deployed.
This instance must already be configured. The instance name should not contain spaces.
|
|
PS_DEPLOY_DOCROOT
|
/var/opt/sun/appserver/domains/domain1/docroot
|
The Application Server Directory where static pages are kept.
|
|
PS_DEPLOY_ADMIN
|
admin
|
The administrator user ID.
|
|
PS_DEPLOY_ADMIN_PROTOCOL
|
https
|
The administration server Protocol.
|
|
PS_DEPLOY_ADMIN_HOST
|
myportalbox.mydomain.com
|
The administration server hostname.
|
|
PS_DEPLOY_ADMIN_PORT
|
4849
|
The port number of the administration server.
|
|
PS_DEPLOY_JDK_DIR
|
/usr/jdk/entsys-j2se
|
The JDK Directory that is being used by the web container.
|
|
Secure Remote Access Information (for configuring Secure Remote Access Support)
|
|
SRA_GW_PROTOCOL
Gateway Protocol
|
https
|
The Protocol used by the gateway. The gateway will communicate using Secure Sockets Layer (SSL).
|
|
SRA_GW_PORT
Gateway Port
|
443
|
The port on which the gateway listens.
|
|
SRA_GATEWAY_PROFILE
Gateway Profile Name
|
default
|
A gateway profile contains all the information related to gateway configuration, such as the port on which gateway listens, SSL options, and proxy options. You can create multiple profiles in the gateway administration console and associate different instances of gateway with different profiles.
See “Creating a Gateway Profile” in the Sun Java System Portal Server, Secure Remote Access 6 2005Q1 Administrator’s Guide.
|
|
SRA_SERVER_DOMAIN
|
portal-server-domain-name
|
The domain name for the machine on which the Portal Server is installed.
|
|
SRA_GW_DOMAIN
Gateway Domain
|
gateway-domain-name
|
The domain name of the gateway machine.
|
|
SRA_IDSAME_ADMIN_PASSWORD
Administrator (amadmin) Password
|
|
The top level administrator (amadmin) password chosen during the Sun Java System Identity Server software installation.
|
|
SRA_IDSAME_LDAPUSER_PASSWORD
Internal LDAP Authentication User Password
|
|
The Internal LDAP Authentication User Password chosen during the Sun Java System Identity Server installation.
|
|
SRA_DS_DIRMGR_DN
Directory Manager DN
|
cn=Directory Manager
|
The directory manager DN chosen during the installation of the Sun Java System Directory Server.
|
|
SRA_DS_DIRMGR_PASSWORD
Directory Manager Password
|
|
The directory manager Password chosen during the installation of the Sun Java System Directory Server.
|
|
SRA_DEPLOY_ADMIN_PASSWORD
Deploy Administrator Password
|
|
This is the web-container’s Administrator Password.
|
|
SRA_LOG_USER_PASSWORD
Gateway Logging User Password
|
|
This allows administrators with non-root access to look at gateway log files.
|
The sample silent file looks like the following:
################################################################################
# Install/Config components (Use comma (,) to separate entries ):
#
# 1. PortalServer
# 2. Secure Remote Access Core
# 3. Gateway
# 4. NetletProxy
# 5. RewriterProxy
################################################################################
COMPONENTS=1,2,3,4,5
BASEDIR=/opt/sun
################################################################################
# Portal Server keys
###############################################################################
############ PS_CONFIGURATION_MODE possible values#####################
# configure - Configure the Portal Server Components.
################################################################################
PS_CONFIGURATION_MODE=configure
##################### PS_DEPLOY_TYPE possible values###########################
# IWS = WebServer
# SUNONE8 = AppServer8.1
################################################################################
PS_DEPLOY_TYPE=SUNONE8
##################### PS_DEPLOY_DIR possible values#############################
# /opt/sun/webserver=WebServer
# /opt/sun/appserver = AppServer 8.1
################################################################################
PS_DEPLOY_DIR=/opt/sun/appserver
##################### PS_DEPLOY_DOMAIN possible values#########################
# null = WebServer
################################################################################
PS_DEPLOY_DOMAIN=domain1
#################### PS_DEPLOY_INSTANCE_DIR possible values########################
# /var/opt/sun/appserver/domains/domain1 = AppServer8.1
# null - for other containers.
################################################################################
PS_DEPLOY_INSTANCE_DIR=/var/opt/sun/appserver/domains/domain1
##################### PS_DEPLOY_INSTANCE possible values#######################
# myportalbox.mydomain.com = WebServer
# server1 = AppServer 7.0
# server = AppServer 8.1
################################################################################
PS_DEPLOY_INSTANCE=server
##################### PS_DEPLOY_DOCROOT possible values#########################
# /opt/SUNWwbsvr/docs = WebServer
# /var/opt/sun/appserver/domains/domain1/docroot = AppServer 8.1
################################################################################
PS_DEPLOY_DOCROOT=/var/opt/sun/appserver/domains/domain1/docroot
PS_DEPLOY_ADMIN=admin
PS_DEPLOY_ADMIN_PROTOCOL=https
PS_DEPLOY_ADMIN_HOST=myportalbox.mydomain.com
PS_DEPLOY_ADMIN_PORT=4849
################################################################################
# SRACore keys
################################################################################
SRA_GW_PROTOCOL=http
SRA_GW_PORT=443
SRA_GATEWAY_PROFILE=default
SRA_SERVER_DOMAIN=mydomain.com
SRA_GW_DOMAIN=mydomain.com
SRA_IDSAME_ADMIN_PASSWORD=admin123
SRA_IDSAME_LDAPUSER_PASSWORD=test1234
SRA_DS_DIRMGR_DN=cn=Directory Manager
SRA_DS_DIRMGR_PASSWORD=admin123
SRA_DEPLOY_ADMIN_PASSWORD=admin123
SRA_LOG_USER_PASSWORD=admin123
################################################################################
# Gateway keys
################################################################################
GW_PROTOCOL=https
GW_HOST=mygwbox.mydomain.com
GW_PORT=443
GW_IP=129.158.227.209
GW_GATEWAY_PROFILE=default
GW_LOAD_BALANCER_URL=http://mygwbox.mydomain.com:80/portal
GW_CERT_INFO="CN=$GW_HOST,L=Santa
Clara,ST=California,C=us,O=Portal,OU=Sun"
GW_SRA_LOG_USER_PASSWORD=admin123
GW_CERT_DB_PASSWORD=admin123
################################################################################
Gateway Configuration Checklist
The table below is a three column table for the Gateway Installation Checklist.
Table 6 Gateway Configuration Checklist
|
Parameter
|
Default Value
|
Description
|
|
GW_PROTOCOL
|
https
|
The protocol used by the gateway. The gateway will usually communicate using Secure Sockets Layer (SSL).
|
|
GW_HOST
|
mygwbox.mydomain.com
|
The host name of the machine on which the gateway is installed.
|
|
GW_PORT
|
443
|
The port on which the gateway machine listens.
|
|
GW_IP
|
gw-host-ip-address
|
The IP Address should be that of the machine where Gateway is installed and not that of the Sun Java System Identity Server.
|
|
GW_GATEWAY_PROFILE
Gateway Profile Name
|
default
|
A gateway profile contains all the information related to gateway configuration, such as the port on which gateway listens, SSL options, and proxy options. You can create multiple profiles in the gateway administration console and associate different instances of gateway with different profiles. See “Creating a Gateway Profile” in the Sun Java System Portal Server, Secure Remote Access 6 2005Q1 Administrator’s Guide.
|
|
GW_LOAD_BALANCER_URL
Load balancer controlling Portal Server Instances.
|
|
If you are not using any Load Balancer URL then use the Portal Server URL. http://fully-qualified-domain:port/portal-deploy_uri for example: http://myportalbox.mydomain.com:80/portal
|
|
GW_CERT_INFO
|
|
The Certificate Information should be provided in the following format:
“CN=$GW_HOST,
L=The name of your city or locality,
ST=The name of your state,
C=The two letter country code for your country,
O=The name of your organization,
OU=The name of your division”
For example, “CN=$GW_HOST,L=SantaClara,ST=California,C=us,O=Portal,OU=Sun”
|
|
GW_SRA_LOG_USER_PASSWORD
Gateway Logging User Password
|
|
This allows administrators with non-root access to look at gateway log files.
|
|
GW_CERT_DB_PASSWORD
Certificate Database Password
|
|
This can be any password you choose.
|
|
Certificate Information
|
|
Organization (O)
|
MyOrganization
|
The name of your organization.
|
|
Division (OU)
|
MyDivision
|
The name of your division.
|
|
City or Locality (L)
|
MyCity
|
The name of your city or locality
|
|
State or Province (ST)
|
MyState
|
The name of your state
|
|
Two-Letter Country Code (C)
|
us
|
The two letter country code for your country.
|
|
Certificate Database Password
|
|
This can be any password you choose.
|
|
Retype Password
|
|
Retype the password to verify.
|
Netlet Proxy Configuration Checklist
The table below is a three column table for the Netlet Proxy Installation Checklist. The first column lists the parameters. The second column lists the default value. The third column lists a description for the parameter.
Table 7 Netlet Proxy Configuration Checklist
|
Parameter
|
Default Value
|
Description
|
|
NLP_PROTOCOL
|
https
|
The protocol used by the Netlet Proxy. The Netlet Proxy will usually communicate using Secure Sockets Layer (SSL).
|
|
NLP_HOST
|
myportalbox.mydomain.com
|
The host name of the machine on which Netlet Proxy is installed.
|
|
NLP_PORT
|
10555
|
The port on which the Netlet Proxy listens.
|
|
NLP_IP
|
host-ip-address
|
The IP address should be that of the machine where Netlet Proxy is installed and not that of Sun Java System Identity Server.
|
|
NLP_GATEWAY_PROFILE
Gateway Profile Name
|
default
|
Specify the same profile name specified when you installed Portal Server or Secure Remote Access support.
See “Creating a Gateway Profile” in the Sun java System Portal Server, Secure Remote Access 6 2005Q1 Administrator’s Guide for more information.
|
|
NLP_LOAD_BALANCER_URL
Load balancer controlling Portal Server Instances.
|
|
If you are not using any Load Balancer URL then use the Portal Server URL. http://fully-qualified-domain:port/portal-deploy-uri
For example http://myportalbox.mydomain.com:80/portal
|
|
NLP_CERT_INFO
|
|
The Certificate Information should be mentioned in the following format “CN=$GW_HOST, L=<The name of your city or locality>,ST=<The name of your state>,C=<The two letter country code for your country>,O=<The name of your organization>,OU=<The name of your division>”
For example, “CN=$GW_HOST,L=SantaClara,ST=California,C=us,O=Portal,OU=Sun”
|
|
NLP_SRA_LOG_USER_PASSWORD
Gateway Logging User Password
|
|
This allows administrators with non-root access to look at gateway log files.
|
Rewriter Proxy Configuration Checklist
The table below is a three column table for the Rewriter Proxy Installation Checklist. The first column lists the parameters. The second column lists the default value. The third column lists a description for the parameter.
Table 8 Rewriter Proxy Checklist
|
Parameter
|
Default Value
|
Description
|
|
RWP_PROTOCOL
|
https
|
The protocol used by the Rewriter Proxy. The Rewriter Proxy will usually communicate using Secure Sockets Layer (SSL).
|
|
RWP_HOST
|
myportalbox.mydomain.com
|
The host name of the machine on which Rewriter Proxy is installed.
|
|
RWP_PORT
|
10443
|
The port on which the Rewriter Proxy listens.
|
|
RWP_IP
|
host-ip-address
|
The IP address should be that of the machine where Rewriter Proxy is installed and not that of Sun Java System Identity Server.
|
|
RWP_GATEWAY_PROFILE
Gateway Profile Name
|
default
|
Specify the same profile name specified when you installed Portal Server or Secure Remote Access support. See “Creating a Gateway Profile” in the Sun java System Portal Server, Secure Remote Access 6 2005Q1 Administrator’s Guide for more information.
|
|
RWP_LOAD_BALANCER_URL
Load balancer controlling Portal Server Instances.
|
|
If you are not using any Load Balancer URL then use the Portal Server URL. http://fully-qualified-domain:port/portal-deploy-uri for example http://myportalbox.mydomain.com:80/portal
|
|
RWP_CERT_INFO
|
|
The Certificate Information should be provided in the following format “CN=$GW_HOST,L=<The name of your city or locality>,ST=<The name of your state>,C=<The two letter country code for your country>,O=<The name of your organization>,OU=<The name of your division>”
For example “CN=$GW_HOST,L=SantaClara,ST=California,C=us,O=Portal,OU=Sun”
|
|
RWP_SRA_LOG_USER_PASSWORD
Gateway Logging User Password
|
|
This allows administrators with non-root access to look at gateway log files.
|
Configuring Portal Server in Interactive Mode
- As root in a terminal window, go to the directory that contains the psconfig script:
cd PortalServer-base/portal_svr/lib
- To configure Portal Server in interactive mode, execute the psconfig script by typing ./psconfig and then enter appropriate answers for the configuration questions.
Portal Server
The table below is a three column table that lists all the values that you might need for a post-minimal install configuration. Depending on the type of installation you perform, the values that you use might vary.
Table 9 Portal Server Configuration Checklist
|
Question
|
Default Value
|
Description
|
|
COMPONENTS
|
|
Select the component(s) for Installation or Uninstallation:
1. Portal Server
2. Secure Remote Access Core
3. Gateway
4. Netlet Proxy
5. Rewriter Proxy
|
1
|
- Set “1” to configure PortalServer.
- Set “2” to configureSecure Remote Access Core.
- Set “3” to configure Gateway.
- Set “4” to configure NetletProxy.
- Set “5” to configure RewriterProxy.
To Configure multiple components, Use comma (,) to separate entries.
|
|
CONFIGURATION_MODE
|
|
Choose one of the following configuration options:
1. configure
2. scrubds
3. unconfigurewithoutscrubds
4. unconfigurewithscrubds
|
configure
|
configure – Configure the Portal Server Components.
scrubds – Remove the Portal Server Components entries from the Directory Server.
unconfigurewithoutscrubds – Unconfigure the Portal Server Components without removing the entries from the Directory Server.
unconfigurewithscrubds – Unconfigure the Portal Server and also remove the entries from the Directory Server.
|
|
Portal Server Configuration Information
|
|
What is the Portal Server Web Containers host
|
myportalbox.mydomain.com
|
Fully Qualified Name of the Portal Server
|
|
Is the Portal Server Web Containers port secure
|
No
|
The Protocol to be used while accessing the Portal Server. Possible values are No: If the Protocol is http. Or Yes: If the Protocol is https
|
|
What is the Portal Server Web Containers port
|
80
|
Port number to be used for accessing the Portal Server.
|
|
What is the Portal Server deployment URI
|
/portal
|
The URI is the space on the web server or application server that the Portal Server uses. The value for the deployment URI must have a leading slash and must contain only one slash. However, the deployment URI can not be a “/" by itself.
|
|
Choose the container to which the portalserver needs to be configured:
1. Sun Java System Web Server
2. Sun Java System Application Server 8.1
|
1
|
The web container on which Portal Server is being deployed. Possible values are
1 = Sun Java System Web Server
2 = Sun Java System Application Server 8.1
|
|
Web Container Information
Sun Java System Web Server
|
|
Where is the Web Container installed
|
/opt/sun/webserver
|
Directory in which the Sun Java System Web Server is installed.
|
|
What is the Web Container instance
|
myportalbox.mydomain.com
|
The web server instance you want the Portal Server to use. Note: The instance name should not contain spaces.
|
|
Web Container Information
Sun Java System Application Server 8.1
|
|
Where is the Web Container installed
|
/opt/sun/appserver
|
Directory in which the Sun Java System Application Server 8.1 is installed
|
|
What is the Web Container domain
|
domain1
|
The Sun Java System Application Server domain contains a set of instances. The domain specified will contain the instance used by the Portal Server. This domain must already be configured.
|
|
What is the Web Container Deploy Instance Directory
|
/var/opt/sun/appserver/domains/domain1
|
The full path of the domain specified that will be configured for the Portal Server.
|
|
What is the Web Container Deploy Instance
|
server
|
The name of the Sun Java System Application Server instance to which the Portal Server will be deployed. This instance must already be configured. The instance name should not contain spaces.
|
|
What is the Web Container Document Directory
|
/var/opt/sun/appserver/domains/domain1/docroot
|
The Application Server Directory where static pages are kept.
|
|
Who is the Web Container administrator
|
admin
|
The administrator user ID.
|
|
What is the HostName of the Machine where Web Container is Installed
|
myportalbox.mydomain.com
|
The administration server hostname.
|
|
Is the Web Container administration port secure
|
Yes
|
The Protocol to be used while accessing the Portal Server. Possible values are No If the Protocol is http Or Yes If the Protocol is https.
|
|
What is the Web Container administration port
|
4849
|
The port number of the administration server. Note: The default Administrator Port for Sun Java System Application Sever 8.1 is “4849.”
|
|
What is the Web Container administrator password
|
|
This is the web-container’s Administrator Password.
|
|
Secure Remote Access Core Configuration Information (for configuring Secure Remote Access Support)
|
|
What is the Gateway protocol
Gateway Protocol
|
https
|
The Protocol used by the gateway. The gateway will communicate using Secure Sockets Layer (SSL).
|
|
What is the Portal Server domain
Portal Server Domain
|
portal-server-domain-name
|
The domain name for the machine on which the Portal Server is installed.
|
|
What is the Gateway domain
Gateway Domain
|
gateway-domain-name
|
The domain name of the gateway machine.
|
|
What is the Gateway port
Gateway Port
|
443
|
The port on which the gateway listens.
|
|
What is the Gateway profile
Gateway Profile Name
|
default
|
A gateway profile contains all the information related to gateway configuration, such as the port on which gateway listens, SSL options, and proxy options.
You can create multiple profiles in the gateway administration console and associate different instances of gateway with different profiles.
See “Creating a Gateway Profile” in the Sun Java System Portal Server, Secure Remote Access 6 2005Q1 Administrator’s Guide.
|
|
What is the Gateway logging user password
Gateway Logging User Password
|
|
This allows administrators with non-root access to look at gateway log files.
|
|
Again
|
|
Re-enter the Gateway Logging User Password.
|
Gateway
The table below is a three column table that contains the checklist for gateway configuration. Column one lists the parameter. Column two contains the default value for the parameter. Column three lists the description.
Table 10 Gateway Configuration Checklist
|
Parameter
|
Default Value
|
Description
|
|
What is the Gateway protocol
|
https
|
The protocol used by the gateway. The gateway will usually communicate using Secure Sockets Layer (SSL).
|
|
What is the Gateway host
|
mygwbox.mydomain.com
|
The host name of the machine on which the gateway is installed.
|
|
What is the Gateway port
|
443
|
The port on which the gateway machine listens.
|
|
What is the Gateway IP Address
|
gw-host-ip-address
|
The IP Address should be that of the machine where Gateway is installed and not that of the Sun Java System Identity Server.
|
|
What is the Gateway profile Gateway Profile Name
|
default
|
A gateway profile contains all the information related to gateway configuration, such as the port on which gateway listens, SSL options, and proxy options.
You can create multiple profiles in the gateway administration console and associate different instances of gateway with different profiles.
See “Creating a Gateway Profile” in the Sun Java System Portal Server, Secure Remote Access 6 2005Q1 Administrator’s Guide.
|
|
What is the Gateway logging user password
Gateway Logging User Password
|
|
This allows administrators with non-root access to look at gateway log files.
|
|
Again
|
|
Re-enter the Gateway Logging User Password.
|
|
What is the Portal Server Load Balancer URL
Load balancer controlling Portal Server Instances.
|
|
If you are not using any Load Balancer URL then use the Portal Server URL. http://fully-qualified-domain:port/portal-deploy-uri
For example, http://myportalbox.mydomain.com:80/portal
|
|
Certificate Information
|
|
What is the name of your organization
|
MyOrganization
|
The name of your organization.
|
|
What is the name of your division
|
MyDivision
|
The name of your division.
|
|
What is the name of your city or locality
|
MyCity
|
The name of your city or locality
|
|
What is the name of your state or province
|
MyState
|
The name of your state
|
|
What is the two-letter country code
|
us
|
The two letter country code for your country.
|
|
What is the password for the Certificate Database
|
|
This can be any password you choose.
|
|
Again
|
|
Retype the Certificate Database password to verify.
|
Netlet Proxy
The table below is a three column table for the Netlet Proxy configuration checklist. Column one lists the parameter. Column two lists the default value. Column three contains the description.
Table 11 Netlet Proxy Configuration Checklist
|
Parameter
|
Default Value
|
Description
|
|
What is the Netlet Proxy protocol
|
https
|
The protocol used by the Netlet Proxy. The Netlet Proxy will usually communicate using Secure Sockets Layer (SSL).
|
|
What is the Netlet Proxy host
|
myportalbox.mydomain.com
|
The host name of the machine on which Netlet Proxy is installed.
|
|
What is the Netlet Proxy port
|
10555
|
The port on which the Netlet Proxy listens.
|
|
What is the Netlet Proxy IP Address
|
host-ip-address
|
The IP address should be that of the machine where Netlet Proxy is installed and not that of Sun Java System Identity Server.
|
|
What is the Gateway profile
Gateway Profile Name
|
default
|
Specify the same profile name specified when you installed Portal Server or Secure Remote Access support.
See “Creating a Gateway Profile” in the Sun Java System Portal Server, Secure Remote Access 6 2005Q1 Administrator’s Guide for more information.
|
|
What is the Gateway logging user password
Gateway Logging User Password
|
|
This allows administrators with non-root access to look at gateway log files.
|
|
Again
|
|
Re-enter the Gateway Logging User Password.
|
|
What is the Portal Server Load Balancer URL
Load balancer controlling Portal Server Instances.
|
|
If you are not using any Load Balancer URL then use the Portal Server URL. http://fully_qualified_domain:port/portal_deploy_uri
For example http://myportalbox.mydomain.com:80/portal
|
|
Certificate Information
|
|
What is the name of your organization
|
MyOrganization
|
The name of your organization.
|
|
What is the name of your division
|
MyDivision
|
The name of your division.
|
|
What is the name of your city or locality
|
MyCity
|
The name of your city or locality
|
|
What is the name of your state or province
|
MyState
|
The name of your state
|
|
What is the two-letter country code
|
us
|
The two letter country code for your country.
|
|
What is the password for the Certificate Database
|
|
This can be any password you choose.
|
|
Again
|
|
Retype the Certificate Database password to verify.
|
Rewriter Proxy
The table below is a three column table that contains the Rewriter Proxy configuration checklist. Column one lists the parameter. Column two lists the default value. Column three contains the description.
Table 12 Rewriter Proxy Configuration Checklist
|
Parameter
|
Default Value
|
Description
|
|
What is the Rewriter Proxy protocol
|
https
|
The protocol used by the Rewriter Proxy. The Rewriter Proxy will usually communicate using Secure Sockets Layer (SSL).
|
|
What is the Rewriter Proxy host
|
myportalbox.mydomain.com
|
The host name of the machine on which Rewriter Proxy is installed.
|
|
What is the Rewriter Proxy port
|
10443
|
The port on which the Rewriter Proxy listens.
|
|
What is the Rewriter Proxy IP Address
|
host-ip-address
|
The IP address should be that of the machine where Rewriter Proxy is installed and not that of Sun Java System Identity Server.
|
|
What is the Gateway profile
Gateway Profile Name
|
default
|
Specify the same profile name specified when you installed Portal Server or Secure Remote Access support.
See “Creating a Gateway Profile” in the Sun java System Portal Server, Secure Remote Access 6 2005Q1 Administrator’s Guide for more information.
|
|
What is the Gateway logging user password
Gateway Logging User Password
|
|
This allows administrators with non-root access to look at gateway log files.
|
|
Again
|
|
Re-enter the Gateway Logging User Password.
|
|
What is the Portal Server Load Balancer URL
Load balancer controlling Portal Server Instances.
|
|
If you are not using any Load Balancer URL then use the Portal Server URL. http://fully-qualified-domain:port/portal-deploy-uri
For Example, http://myportalbox.mydomain.com:80/portal
|
|
Certificate Information
|
|
What is the name of your organization
|
MyOrganization
|
The name of your organization.
|
|
What is the name of your division
|
MyDivision
|
The name of your division.
|
|
What is the name of your city or locality
|
MyCity
|
The name of your city or locality
|
|
What is the name of your state or province
|
MyState
|
The name of your state
|
|
What is the two-letter country code
|
us
|
The two letter country code for your country.
|
|
What is the password for the Certificate Database
|
|
This can be any password you choose.
|
|
Again
|
|
Retype the Certificate Database password to verify.
|
For information on post-installation tasks see Portal Server Post-Installation Tasks.
Configuring Portal Server in Silent Mode
To configure the Portal Server using the samplesilent file, modify the pssamplesilent file located at PortalServer-base/lib and execute the psconfig script.
- As root in a terminal window, go to the directory that contains the psconfig script:
cd PortalServer-base/portal_svr/lib
- Type:
./psconfig -s pssamplesilentfile
For information on post-installation tasks see Portal Server Post-Installation Tasks.
Portal Server Post-Installation Tasks
Post-installation tasks need to be performed for each of the following components:
Portal Server
To access the Portal Server or the Identity Server administration console the directory server and the web container must first be started.
Use the following command to start a local installation of the directory server:
/var/opt/mps/serverroot/slapd-hostname/start-slapd
The following post-installation tasks depend on the type of web container on which you deployed the Portal Server.
- Sun Java System Web Server
- Sun Java System Application Server
Sun Java System Web Server
To start the Sun Java System Web Server:
- Start the admin instance. In a terminal window type:
or
- Access the Sun Java System Web Server administration console.
- Click Apply Changes to restart the web container.
Sun Java System Application Server 8.1
To configure the Application Server Instance, do the following:
- Stop the domain instance. In a terminal window, type:
/opt/sun/appserver/bin/asadmin stop-domain domainname
For example
/opt/sun/appserver/bin/asadmin stop-domain domain1
- Start the domain instance. In a terminal window, type:
/opt/sun/appserver/bin/asadmin start-domain --user administrator-user-name --passwordfile /opt/sun/appserver/bin/admin.password domainname
Content of /opt/sun/appserver/bin/admin.password should be AS_ADMIN_PASSWORD=<admin password>
For example,
/opt/sun/appserver/bin/asadmin start-domain --user admin --passwordfile /opt/sun/appserver/bin/admin.password domainname
Installing JSR168 Sample Portlets and WSRP Samples on Third-Party Web Containers
After Portal Server and Access Manager SDK have been installed using Java Enterprise Server installer, use one of the following procedures to install JSR168 sample portlets or WSRP samples. If you use Sun Java System Web Server or Sun Java System Application Server, install the WSRP samples.
To Install WSRP Samples On Web Server or Application Server
The following manual steps are needed after the Portal Server and Access Manager SDK have been installed on Sun Java System Web Server 6.1 and Sun Java Server Application Server 7:
- Restart the Web Server or Application Server instance
- Make sure that the PATH setting includes /usr/bin. This is needed for awk part of script to run correctly.
- Execute the following commands to configure the WSRP samples.
Secure Remote Access
When using the Portal Server with the gateway, the gateway Certificate Authority (CA) certificate must be added to the Portal Server trusted CA list, regardless of whether the Portal Server is running in HTTP or HTTPs mode.
When a user session time out or user session logout action happens, the Sun Java System Identity Server sends a session notification to the gateway. Even when the Sun Java System Identity Server is running in HTTP mode, it will act as an SSL client using HttpsURLConnection to send the notification. Since it is connecting to an SSL server (the gateway), it should have the gateway CA certificate as part of the Trusted CA list or it should have an option to allow self signed certificate.
|
|
Note
|
The method for adding the CA to the trusted CA list depends on the protocol handler defined.
|
|
To create HttpsURLConnection, the Java Virtual Machine (JVM™) property -Djava.protocol.handler.pkgs needs to be set.
If Portal Server is running on the Sun Java System Web Server, Sun Java System Application Server, or BEA WebLogic Server, this property is correctly set to com.iplanet.services.com by default. The Sun Java System Identity Server package has the implementation of HttpsURLConnection and it provides an option to accept self-signed certificates from any SSL server by adding the flag com.iplanet.am.jssproxy.trustAllServerCerts=true in the AMConfig.properties file.
The -Djava.protocol.handler.pkgs is not set by default for the IBM WebSphere Application Server. The HttpsURLConnection implementation for supported application servers must use their own default handler (this could be JSSE or custom SSL implementation).
Configuring Multiple Gateways on Multiple Portals
When installing a second gateway on a second portal, you must manually update the Forward Cookie URLs value to point to the second Portal.
- Log in to the Access Manager Administration Console.
- Select the Service Configuration tab.
- Click Gateway.
- Add the second Portal to the Forward Cookie URLs list.
Starting and Stopping the Gateway
- Start the gateway using the following command:
/opt/sun/portal_svr/bin/gateway -n new-profile-name start
default is the default name of the gateway profile that is created during installation. You can create your own profiles later, and restart the gateway with the new profile. See “Creating a Gateway Profile” in Chapter 2 of the Sun Java System Portal Server, Secure Remote Access 6 2005Q1 Administration Guide.
If you have multiple gateway instances, use:
gateway-base/portal_svr/bin/gateway start
|
|
Note
|
This step is not required if you selected the Start Gateway after installation option during the gateway installation.
|
|
|
|
Note
|
Ensure that only the configuration files for the instances that you want to start are in the /etc/opt/sun/portal_svr.
|
|
If you want to stop all the gateway instances that are running on that particular node, use the following command:
gateway-base/portal_svr/bin/gateway stop
Netlet and Rewriter Proxy
Before starting the Netlet Proxy and the Rewriter Proxy, ensure that the gateway profile is updated with the Netlet Proxy and the Rewriter Proxy options.
- If you did not choose the option to start the Netlet Proxy during installation, you can start the Netlet Proxy manually. In the directory, portal-proxy-base/portal_svr/bin, type:
- If you did not choose the option to start the Rewriter Proxy manually during installation, you can start it manually. In the directory portal-proxy-base/portal_svr/bin, type:
Verifying the Portal Server Installation
Access the Portal Server Administration Console and Desktop
To Access the Sun Java System Identity Server Administration Console
- Open a browser.
- Type protocol://hostname.domain:port/amconsole
For example,
http://example.com:80/amconsole
- Enter the administrator’s name and password to view the administration console.
This is the name and password you specified at the time of installing the Sun Java System Identity Server software.
To Access the Portal Server Desktop
Verify the Portal Server installation by accessing the Desktop. Use the following URL to access the Desktop: protocol://fully-qualified-hostname:port/portal-URI
For example,
http://example.com:80/portal
When you access the Desktop, the Authless Desktop is displayed. This allows users accessing the Desktop URL to be authenticated automatically and granted access to the Desktop.
If the sample Portal Desktop displays without any exception, then your Portal Server installation is good.
Verifying the Gateway Installation
- Run the following command to check if the gateway is running on the specified port (the default port is 443):
netstat -an | grep port-number
If the gateway is not running, start the gateway in the debug mode, and view messages that are printed on the console. Use the following command to start the gateway in debug mode:
PortalServer-base/portal_svr/bin/gateway -n profilename start debug
Also view the log files after setting the gateway.debug attribute in the platform.conf.profilename file to message. See the section Understanding the platform.conf File in Chapter 2, “Administering Gateway” in the Sun Java System Portal Server, Secure Remote Access 6 2005Q1 Administration Guide, for details.
- Run the Portal Server in secure mode by typing the gateway URL in your browser:
https://gateway-machine-name:portnumber
If you have chosen the default port (443) during installation, you need not specify the port number.
- Login to the Identity Server administration console as administrator using the user name amadmin, and using the password specified during installation.
You can now create new organizations, roles, and users and assign required services and attributes in the administration console.
Known Issues and Limitations
This section describes the known issues and limitations of Sun Java System Portal Server 6 2005Q1 for HP-UX. For a list of the known issues and limitations in this component, refer to the following Release Notes:
http://docs.sun.com/app/docs/doc/817-7699
The following topics are the known issues:
PSSRA
Reverse proxy has been not tested in Java Enterprise System 3 installer release for RR.
Workaround
None.
Proxylet does not get downloaded, throws exception.
Workaround
None.
Gateway not tested with two different subnets in Java Enterprise System 3 installer release for RR.
Workaround
None.
Redistributable Files
Sun Java System Portal Server 6 2005Q1 does not contain any files which you can redistribute.
How to Report Problems and Provide Feedback
If you have problems with Sun Java System Portal Server, contact Sun customer support using one of the following mechanisms:
This site has links to the Knowledge Base, Online Support Center, and Product Tracker, as well as to maintenance programs and support contact numbers.
So that we can best assist you in resolving problems, please have the following information available when you contact support:
- Description of the problem, including the situation where the problem occurs and its impact on your operation
- Machine type, operating system version, and product version, including any patches and other software that might be affecting the problem
- Detailed steps on the methods you have used to reproduce the problem
- Any error logs or core dumps
If your problems seem to be associated with a client, please have the following information available:
- What client types are new
- What default client type settings have changed and how
- What errors or exceptions are reported in the /var/opt/sun/identity/debug/render.debug file or the /var/opt/sun/identity/debug/MAPFilterConfig file for Solaris platform. For HP-UX platform /var/opt/sun/identity/debug/MAPFilterConfig. For Windows platform [INSTALLDIR]/AccessManager/debug.
- What exceptions are reported in the taglibs log file /var/opt/sun/identity/debug/mapJsp
Sun Welcomes Your Comments
Sun is interested in improving its documentation and welcomes your comments and suggestions.
To share your comments, go to http://docs.sun.com and click Send Comments. In the online form, provide the document title and part number. The part number is a seven-digit or nine-digit number that can be found on the title page of the guide or at the top of the document.
Additional Sun Resources
Useful Sun Java System information can be found at the following Internet locations:
Copyright � 2005 Sun Microsystems, Inc. All rights reserved.
Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries.
SUN PROPRIETARY/CONFIDENTIAL.
U.S. Government Rights - Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements.
Use is subject to license terms.
This distribution may include materials developed by third parties.
Portions may be derived from Berkeley BSD systems, licensed from U. of CA.
Sun, Sun Microsystems, the Sun logo, Java and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries.
Copyright � 2005 Sun Microsystems, Inc. Tous droits r�serv�s.
Sun Microsystems, Inc. d�tient les droits de propri�t� intellectuels relatifs � la technologie incorpor�e dans le produit qui est d�crit dans ce document. En particulier, et ce sans limitation, ces droits de propri�t� intellectuelle peuvent inclure un ou plus des brevets am�ricains list�s � l'adresse http://www.sun.com/patents et un ou les brevets suppl�mentaires ou les applications de brevet en attente aux Etats - Unis et dans les autres pays.
Propri�t� de SUN/CONFIDENTIEL.
L'utilisation est soumise aux termes du contrat de licence.
Cette distribution peut comprendre des composants d�velopp�s par des tierces parties.
Des parties de ce produit pourront �tre d�riv�es des syst�mes Berkeley BSD licenci�s par l'Universit� de Californie.
Sun, Sun Microsystems, le logo Sun, Java et Solaris sont des marques de fabrique ou des marques d�pos�es de Sun Microsystems, Inc. aux Etats-Unis et dans d'autres pays.
Toutes les marques SPARC sont utilis�es sous licence et sont des marques de fabrique ou des marques d�pos�es de SPARC International, Inc. aux Etats-Unis et dans d'autres pays.