31.8 Verifying httpd.conf Updates for Webgates

It is a good idea to complete the following procedures to ensure that the Apache or IHS v2 httpd.conf file includes Web server configuration updates for Access Manager.

For details, see:

To update httpd.conf for reverse proxy on IHS Web servers, see "Activating Reverse Proxy For IHS v2 Web Servers". To customize httpd.conf for your Web server, see your Web server documentation.

31.8.1 Verifying Webgate Details

The example that follows shows the Webgate section in the httpd.conf file. The details will vary, depending on your environment.

This example is provided only to illustrate the type of changes you will see in httpd.conf.

To verify the Webgate section in httpd.conf

  1. Locate the updated httpd.conf file on the computer hosting the Webgate.

  2. Open the httpd.conf file and ensure that the section that loads the Webgate in your platform is present.

    For example:

    On Windows

    #*** BEGIN Oblix NetPoint Webgate Specific **** 
    <IfModule mod_ssl.c>
    LoadModule obWebgateModule "WebGate_install_dir\access\oblix\apps\webgate\bin\webgatessl.d ll"
          WebGateInstalldir "WebGate_install_dir"
          WebGateMode PEER
          </IfModule>
    <IfModule !mod_ssl.c>
    LoadModule obWebgateModule "WebGate_install_dir\access\oblix\apps\webgate\bin\webgate.dll"
          WebGateInstalldir "WebGate_install_dir"
          WebGateMode PEER
          </IfModule>
    <Location "\oberr.cgi">
    SetHandler obwebgateerr
          </Location>
          <LocationMatch "/*">
          AuthType Oblix
          require valid-user
          </LocationMatch>
    #*** END Oblix NetPoint Webgate Specific **** 
    

    On UNIX

    #*** BEGIN Oblix NetPoint Webgate Specific **** 
    LoadFile "/home/qa/netpoint/703/c1-copy/wg/access/oblix/lib/libgcc_s.so.1"
    LoadFile "/home/qa/netpoint/703/c1-copy/wg/access/oblix/lib/libstdc++.so.5"
    <IfModule mod_ssl.c>
       LoadModule obWebgateModule "/home/qa/netpoint/703/c1-copy/wg/access/oblix/ apps/webgate/bin/webgatessl.so"
    </IfModule>
    <IfModule !mod_ssl.c>
       LoadModule obWebgateModule "/home/qa/netpoint/703/c1-copy/wg/access/oblix/ apps/webgate/bin/webgate.so"
    </IfModule>
    WebGateInstalldir "/home/qa/netpoint/703/c1-copy/wg/access"
    WebGateMode PEER
    <Location /access/oblix/apps/webgate/bin/webgate.cgi> 
    SetHandler obwebgateerr 
    </Location>
    <Location "/oberr.cgi">
    SetHandler obwebgateerr
    </Location>
    <LocationMatch "/*">
    AuthType Oblix
    require valid-user
    </LocationMatch>
    #*** END Oblix NetPoint Webgate Specific ****
    

Notes for UNIX

When running Apache v2 on HP-UX, do not use nobody for User or Group, because shared memory may not work. Instead, use your login name as User Name with a group Group as "Oblix" (or "www" as User Name and "others" as Group Name). On HP-UX, "www" is equivalent to "nobody" on Solaris.

When running Apache v2 on HPUX 11.11, ensure that the AcceptMutex directive in the Apache httpd.conf file is set to "fcntl". If the directive is not present, add it to the httpd.conf file (AcceptMutex fcntl). For more information, see http://issues.apache.org/bugzilla/show_bug.cgi?id=22484).

Notes for IHS on AIX

#*** BEGIN Oblix NetPoint Webgate Specific ****
   LoadModule obWebgateModule DR/oblix/apps/webgate/bin/webgate.so
   WebGateInstalldir DR
   WebGateMode PEER
   <Location "/oberr.cgi">
      SetHandler obwebgateerr
   </Location>
   <LocationMatch "/*">
      AuthType Oblix
         require valid-user
   </LocationMatch>
#*** END Oblix NetPoint Webgate Specific ****
  1. Use the chmod -r username:groupname directory/file to change the User Name and Group Name of a directory or a file.

    When you do this, you need to change the User and Group parameters in the httpd.conf file accordingly.

  2. Complete any additional steps needed to finish the Access Manager implementation for Apache v2.

    See Tuning Apache/IHS v2 Webgates for Access Manager.

    Note:

    YYou use the following procedure only if you need to clear the httpd.conf file of Webgate-related changes, then complete the Apache v2 Web server configuration for the Webgate anew.

31.8.1.1 Starting httpd.conf updates anew

To start the httpd.conf updates newly, you can restore or update the file.

  1. Restore the original httpd.conf file to remove any Access Manager entries that are present.
  2. Update the httpd.conf file for Access Manager using one of the following methods:
    • Either open the file component_install_dir/access/oblix/lang/LangTag/docs/config.htm and perform a manual configuration.

      See Registering and Managing 10g WebGates with Access Manager 11g.

    • Or launch the ManageHttpConf program in component_install_dir/access/oblix/tools/setup/InstallTools/ManageHttpConf without any options to print instructions on its use.

      Note:

      If the ManageHttpConf program is run with Webgate entries already present in the httpd.conf file, an error message will be printed and the httpd.conf file will not be updated.

  3. Complete activities in "Tuning Apache/IHS v2 Webgates for Access Manager".

31.8.2 Verifying Language Encoding

You can ensure proper language encoding by setting the directives in the httpd.conf file.

The Access Manager HTML pages use UTF-8 encoding. Apache-based Web servers allow Administrators to specify a default character set for all HTML pages sent out using the AddDefaultCharset directive, which overrides any character specified by the application generating the HTML pages. If the AddDefaultCharset directive enables a character set other than UTF-8, Access Manager HTML pages are garbled.

To ensure proper language encoding

  1. Open the httpd.conf file.
  2. Locate the AddDefaultCharset directive.
  3. Complete one of the following activities to ensure that proper encoding of Access Manager HTML pages:
    • Either set the AddDefaultCharset directive to Off.

    • Or Comment out the AddDefaultCharset directive.

  4. Save the httpd.conf file and restart the Web server.