Security, Encryption, and Authentication
28
Portal Server 6 2005Q1 • Deployment Planning Guide
You can add additional servers and Gateways for site expansion. You can also
configure the components of SRA in various ways based on your business
requirements.
Security, Encryption, and Authentication
Portal Server system security relies on the HTTPS encryption protocol, in addition
to UNIX system security, for protecting the Portal Server system software.
Security is provided by the web container, which you can configure to use SSL, if
desired. Portal Server also supports SSL for authentication and end-user
registration. By enabling SSL certificates on the web server, the Portal Desktop and
other web applications can also be accessed securely. You can use the Access
Manager policy to enforce URL-based access policy.
Portal Server depends on the authentication service provided by Sun Java System
Access Manager and supports single sign-on (SSO) with any product that also uses
the Access Manager SSO mechanism. The SSO mechanism uses encoded cookies to
maintain session state.
Another layer of security is provided by SRA. It uses HTTPS by default for
connecting the client browser to the intranet. The Gateway uses Rewriter to enable
all intranet web sites to be accessed without exposing them directly to the Internet.
The Gateway also provides URL-based access policy enforcement without having
to modify the web servers being accessed.
Communication from the Gateway to the server and intranet resources can be
HTTPS or HTTP. Communication within the Portal Server system, for example
between web applications and the directory server, does not use encryption by
default, but it can be configured to use SSL.
Portal Server Deployment Components
Portal Server deployment consists of the following components:
•
IAccess Manager
Access Manager provides user and service management, authentication and
single sign-on services, policy management, logging service, debug utility, the
administration console, and client support interfaces for Portal Server. This
consists of:
Содержание Portal Server 6 2005Q1
Страница 8: ...8 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 10: ...10 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 12: ...12 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 20: ...Sun Welcomes Your Comments 20 Portal Server Secure Remote Access 6 2005Q1 Administration Guide...
Страница 36: ...A Typical Portal Server Installation 36 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 50: ...Proxylet 50 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 78: ...SRA Sizing 78 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 132: ...Identity and Directory Structure Design 132 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 142: ...Configuration Files 142 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 152: ...Tuning Parameters for etc system 152 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 158: ...Portal Server on an Application Server Cluster 158 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 178: ...Portal Design Task List 178 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 180: ...Comparison of Solaris and Linux Path Names 180 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 182: ...182 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 192: ...Section X 192 Portal Server 6 2005Q1 Deployment Planning Guide...