Chapter 4 Post Installation Tasks
This chapter discusses the tasks needed to configure Secure Remote Access for
use after installation.
Configuring Secure Remote Access
This chapter contains the following:
To Configure Search Archive
If the search server name is different from the default name of the machine
on which the search server resides, you must manually configure the Search the Search
Archive and Instant Messaging functionality.
Manually edit the IMArchiveDisplay.jsp file located
in par-src/default-portal/pbfiles/templateBaseDir/default/IMProviderfile to replace the existing rdmServer Attribute with the
search server URL you are using.
The following section of the IMArchiveDisplay.jsp file shows the section that you edit. Replace the
string between <%= and %> with the URL that
you are using.
<search:setRDMServer rdmServer ='<%= request.getScheme() +
"://" + request.getServerName() + ":" +
request.getServerPort()+"/search1/search" %>'/>
To Configure Secure Remote Access
If you have installed Secure Remote Access, use the following procedure to enable
the gateway.
-
Specify the complete protocol and fully qualified domain name for Non
Authenticated URL list in PortalServer7–base/export/request/enableSRAForPortal.xml file. By default, PortalServer7–base is /opt/SUNWportal. Use the following amadmin command:
./amadmin --runasdn ADMIN_DN --password ampassword --verbose --continue --data file
-
Do the following if Gateway is configured:
cd /etc/opt/SUNWportal/default
chmod -R 755 *
-
To enable access to the Portal Server via the Gateway, see 4 Enabling
Access to the Portal Server Via the Gateway.
-
To enable Gateway to access the Portal Server administration console,
modify enablePSConsoleForGW.xml file and use the following amadmin command to load the file.
AccessManager-base/bin/amadmin -u amadmin -w amadmin-pwd -t enablePSConsoleForGW.xml. By default, AccessManager-base is /opt/SUNWam
To Enable Access to the Portal Server Through the Gateway
-
Modify the following tokens in the PortalServer7-base/export/request/enableSRAForPortal.xml file to suit your
deployment. By default, PortalServer7–base is /opt/SUNWportal.
-
%INST_GWNAME%
-
Gateway Profile you are modifying
-
%FULLY_QUALIFIED_PORTAL_SERVER_URI%
-
Fully qualified portal URL
-
%PORTAL_SERVER_DOMAIN%
-
Domain in which the portal server resides
-
%DEPLOY_URI%
-
Deploy URL for the portal web application
-
Save the file after making the changes.
-
Load the file into the directory server using the Sun Java System Access Manager's amadmin command as follows:
AccessManager-base/bin/amadmin -u amadmin -w amadmin-pwd -t enableSRAForPortal.xml
-
Log in to the Portal Server administration console and navigate to Secure
Remote Access —> Profiles —> default —> Core —> Basic Options —
Portal Servers and remove INST_PS_SERVER_LIST.
-
Add http://PS-HOST:PS-PORT and restart the Gateway.
To Configure Gateway Standalone Installation on a Separate
Host
-
In the installer Select Directory Server and Access Manager SDK and install
the gateway with the “configure later” option.
The Directory
Server is used to run cacao mbeans.
-
Manually copy the cacao “security” folder (/etc/opt/SUNWcacao/security) from the Portal Server machine.
The security folder needs
to be copied to communicate with remote mbeans running inside portal machine.
-
Restart cacao of gateway machine.
-
Start the Directory Server.
-
If you are installing the gateway in the DMZ, open the following ports:
-
http port: port 80
-
jmx admin ports on the firewall: 10161, 10162 and 10163
-
Portal Server's port to the Directory server port: 389 (default)
-
Edit the example10.xml file under the PortalServer7-base/samples/psconfig directory. Go to the
directory PortalServer7-base/bin and
run
./psconfig --config example10.xml
By default, PortalServer7–base is /opt/SUNWportal.
-
Edit the AMConfig.properties to make the directory
host point to the local Directory Server.
Download this book in PDF (531 KB)