test

Sun Java System Portal Server 7.1 Update 2 Release Notes

Secure Remote Access (SRA)


SRA gateway fails if there is a domain name case mismatch. (#6588454)

Description:

Java ES installer displays the domain name of the machine on which you install Portal Server. If the machine is configured to use NIS, there will be a mismatch between the actual domain and the domain specified in NIS. For example, in NIS, domain name is specified as "Country.Sun.COM," whereas the actual domain is “country.sun.com.” This results in the failure of Gateway session creation.

Solution:

In the installer, use the actual domain name with correct case.


SRA gateway does not require Directory Server in Portal Server 7.x. (#6565053)

Description:

SRA gateway in Portal Server 7.0 requires Directory Server. After upgrading gateway from Portal Server 7.0 to Portal Server 7.x, uninstall Directory Server.

Do the following:

  1. As a root user, change directories to:

    • /var/sadm/prod/SUNWentsys5/ on Solaris.

    • /var/sadm/prod/sun-entsys5/ on Linux.

  2. Type ./uninstall to uninstall Portal Server.

    In the Sun Java Enterprise System Uninstall Wizard, select Directory Server and proceed.


If a load balancer is installed between Portal Server instances and gateway, some of the SRA features do not work. (#6577269)

Description:

If a load balancer is installed between Portal Server instances and gateway and load balancer is using HTTPS and Portal Server instances are using HTTP, the following SRA features do not work: Static Netlet rules and Proxylet. Portal Server and Load Balancer should have the same protocol for Netlet and Proxylet to work.


When you install Access Manager, Portal Server, and SRA in different sessions, you need to restart the web container after you configure Portal Server. (#6564379)

Solution:

Do the following:

  1. Install Access Manager, Directory Server, and web container in one session.

  2. Install Portal Server in the second session.

  3. Restart the web container.

  4. Install the SRA components in the next session.


On the Linux platform, you are not able to add NFS shares to a remote host through the Netfile option. (# 6504597)

Solution:

If the machine is not configured to do username lookups through NIS or NFS, it fails to add any share on the host. If NIS is not enabled, you can look up only local users. For example, for a machine where NIS is not enabled, you can add a share to Netfile for any machine as a root user. Ensure that the root user password of the machine is same as the root user password on the machine where Netfile is installed.

Do the following:

  1. Append /usr/lib/libpam.so to the LD_PRELOAD environment variable.

    For example, export LD_PRELOAD=/usr/lib/libpam.so:$LD_PRELOAD

  2. Verify whether /usr/lib is present in LD_LIBRARY_PATH. If not, add /usr/lib to LD_LIBRARY_PATH.

  3. Restart the web container from the same shell.


SRA services are not setup when you manually install the sample portals using the command line interface. (#6516280)

Solution:

Manually invoke the following ant targets to setup SRA services for each sample:

  • community_sra

  • developer_sra

  • enterprise_sra

Execute the following command after you install the sample portal.

/usr/sfw/bin/ant -f /opt/SUNWportal/samples/portals/build.xml community_sra developer_sra enterprise_sra -Dconfig.location= input-properties-file-location


In Secure Remote Access, you can add only one row at a time. (#6497988)

Solution:

In SRA screens, when you try to add multiple rows, save the details after you add each row.


Unable to access Unified Web Client (UWC) application through proxylet if UWC and Portal Server are installed on different machines. (#6348935)

Solution:

If UWC application and Portal Server are installed on different machines, do the following to access UWC machine through proxylet:

  1. In the Portal Server administration console, enable cookie management in the Gateway profile.

  2. In the URLs to which user session cookie is forwarded field, add UWC, Calendar, and Messaging Server urls. For example, add the following: http://port/uwc, http://calhost:calport, http://messaginghost:messagingport.

  3. In the AMConfig.properties file of UWC machine, change com.iplanet.am.cookie.name=iPlanetDirectoryPro to com.iplanet.am.cookie.name=iPlanetDirectoryPro1.

    Note –

    This is to have different cookie names in Gateway and Portal Server machines.

  4. In the UWC machine, using configutil, change the session cookie for Messaging Server to iPlanetDirectoryPro1.

  5. Add the UWC, Calendar, and Messaging Server URLs in Non-Authenticated URL list of UWC.

  6. Restart Gateway, UWC, and Portal Server.


certadmin ignores nickname while installing a renewed certificate. (#6360869)

Description:

certadmin ignores the nickname while installing a renewed certificate. This results in the gateway picking up the expired certificate, not the new one. It is not possible to distinguish between two certificates with the same nickname.

Solution:

Do any one of the following:

  1. Delete the old certificate before importing the new one. Do the following in Portal Server 7.1:


    cd PortalServer_base/SUNWportal/bin/certadmin -n config_name

    Choose 5 to delete the certificate.

  2. Do not renew the certificate. When a certificate expires, get a brand new one with the new keys.