Installing Gateway in DMZ is similar to configuring Gateway on a remote node. However, all ports need not be opened while you install Gateway in DMZ. You can install using only the Access Manager Server port and the Portal Server port. You can install Gateway in DMZ, using both psconfig and psadmin. You cannot configure Gateway in DMZ using Portal Server console.
Follow these steps to install Gateway using psconfig and psadmin.
Before you install Gateway in DMZ, configure Access Manager SDK. To do this:
Change to the directory /opt/SUNWam/bin/ that contains the amconfig input file template, amsamplesilent.
Copy the input template to a new file. For example, cp amsamplesilent new_inputfile.
Edit the new_inputfile to set the Access Manager SDK and set the following configuration parameters:
SERVER_NAME
SERVER_HOST
SERVER_PORT
DEPLOY_LEVEL=3 (If you want to configure only in Access Manager SDK)
DS_HOST
DS_DIRMGRPASSWD
ROOT_SUFFIX
ADMINPASSWD
AMLDAPUSERPASSWD
COOKIE_DOMAIN
Run the amconfig command using the newly created input file.
cd opt/SUNWam/bin ./amconfig -s new_inputfile
The amconfig script requires the JDK to be installed and linked to /usr/jdk/entsys-j2se.
Install Gateway in Configure Later mode.
Modify the attributes in example10.xml appropriately. Ensure that the RestrictiveMode attribute is set to true.
Run the ./psconfig --config example10.xml command to configure Gateway.
Run the ./psadmin start-sra-instance --user username --passwordfile passwordfile -N gatewayprofile -t gateway --restrictive to start the Gateway instance.
If you need to stop the Gateway instance, run the ./psadmin stop-sra-instance --user username --passwordfile passwordfile -N gatewayprofile -t gateway command.
The --restrictive option in the above commands is necessary to start the Gateway.
Install Gateway in Configure Later mode.
Modify the attributes in example2.xml file appropriately and run the ./psconfig --config example2.xml command.
Copy the /opt/SUNWportal/template/sra/GWConfig.properties.template and modify the attributes appropriately.
Run the ./psadmin create-sra-instance --adminuser amadmin --passwordfile passwordfile -S GWConfig.properties -t gateway --restrictive command.
Run the ./psadmin start-sra-instance --user username --passwordfile passwordfile -N gatewayprofile -t gateway --restrictive command to start the Gateway instance created.