Sun Java System Portal Server Secure Remote Access 7.1 Administration Guide

Using a Reverse Proxy with the Gateway

A proxy server serves Internet content to the intranet, while a reverse proxy serves intranet content to the Internet. Deployments of reverse proxies can be configured to serve the Internet content to achieve load balancing and caching.

If the deployment has a third-party reverse proxy in front of the Gateway, the response has to be rewritten with the reverse proxy's URL instead of the Gateway's URL. For this, the following configurations are needed.

ProcedureTo Enable a Reverse Proxy

  1. Log in as root and edit the platform.conf file of the required Gateway instance:

    /etc/opt/SUNWportal/platform.conf.gateway-profile-name

  2. Add the following entries:

    gateway.virtualhost=fully-qualified-gateway-host gateway-ip-address fully- qualified-reverse-proxyhost

    gateway.enable.customurl=true (This value is set to false by default.)

    gateway.httpurl=http reverse-proxy-URL

    gateway.httpsurl=https reverse-proxy-URL

    gateway.httpurl is used to rewrite the response for the request received at the port which is listed as HTTP port in the gateway profile.

    gateway.httpsurl is used to rewrite the response for the request received at the port which is listed as HTTPS port in the gateway profile.

  3. Restart the Gateway:

    ./psadmin start-sra-instance –u amadmin – f <password file> –N <profile name>– t <gateway>

    If these values are not specified, the Gateway defaults to normal behavior.