Using a Rewriter Proxy
The Rewriter proxy is installed in the intranet. Instead of trying to retrieve the contents directly, the Gateway forwards all requests to the Rewriter proxy which fetches and returns the contents to the Gateway.
The advantages of using a Rewriter proxy are:
-
If a firewall exists between the Gateway and server, the firewall needs to open only two ports - one between the Gateway and Rewriter proxy, and another between the Gateway and the Portal Server.
-
HTTP traffic is secure between the Gateway and the intranet even if the destination server only supports the HTTP protocol and not HTTPS.
If you do not specify a Rewriter proxy, the Gateway component makes a direct connection to intranet computers when a user tries to access one.
If you are using the Rewriter proxy as a load balancer, be sure that the platform.conf.instance_name for Rewriter points to the load balancer URL. Also specify the load balancer host in the Portal Servers list.
If you have multiple instances of Rewriter proxies for each Gateway instance, which are not necessarily on the portal node, provide the details for each Rewriter proxy in the form of host-name:port in the platform.conf file, rather than a single port entry for the Rewrite proxy.
Creating Instances of a Rewriter Proxy
Use the rwpmultiinstance script to create a new instance of a Rewriter proxy on the Portal Server node. Run this script after the gateway profile has been created.
See To Create a Rewriter Proxy Instance.
Enabling a Rewriter Proxy
Enable a Rewriter proxy through the Gateway service under SRA Configuration in the Access Manager administration console.
Restarting a Rewriter Proxy
You can configure to restart Rewriter proxy whenever the proxy is killed accidentally. You can schedule a watchdog process to monitor and restart it if this happens.
You can also restart a Rewriter proxy manually.
See To Restart a Rewriter Proxy.
Configuring a Rewriter Proxy Watchdog
You can configure the time interval at which the watchdog monitors the status of the Rewriter proxy. This time interval is set to 60 seconds by default. To to change the time interval, add the following line in the crontab file:
0-59 * * * * rewriter-proxy-install-root/bin/checkgw /var/opt/SUNWportal/.gw 5 > /dev/null 2>&1
Note –
To start or to stop the watchdog, run the command;./psadmin sra-watchdog -u amadmin -f <password-file> -t <type> on|off.
- © 2010, Oracle Corporation and/or its affiliates