SRA Gateway
Chapter 2
Portal Server Secure Remote Access Architecture
39
Proxy Configuration
The Gateway uses proxies that are specified in its profile to retrieve contents from
various web servers within the intranet and extranet. You can dedicate proxies for
hosts and DNS subdomains and domains.
Depending on the proxy configuration,
the Gateway uses the appropriate proxy to fetch the required contents. If the proxy
requires authentication, the proxy name is stored as part of the gateway profile,
that the Gateway uses automatically, when connecting to the proxy.
Gateway and HTTP Basic Authentication
The Gateway supports basic authentication, that is, prompting for a user ID and
password but not protecting those credentials during transmission from the user’s
computer to the site’s web server. Such protection usually requires the
establishment of a secure HTTP connection, typically through the use of SSL.
If a web server requires basic authentication the client prompts for user name and
password and sends the information back to the requesting server. With the
Gateway enabled for HTTP basic authentication, it captures the user name and
password information and stores a copy in the user’s profile in the Access Manager
for subsequent authentications and login attempts. The original data is passed by
the Gateway to the destination web server for basic authentication. The web server
performs the validation of the user name and password.
The Gateway also enables fine control of denying and allowing this capability on
an individual host basis.
Gateway and SSL Support
The Gateway supports both SSL v2 and SSL v3 encryption while running in HTTPS
mode. You can use the Access Manager administration console to enable or disable
specific encryption. The Gateway also supports Transport Layer Security (TLS).
SSL v3 has two authentication modes:
NOTE
Session stickiness is not required in front of a Gateway (unless you
are using Netlet), however performance is improved with session
stickiness. On the other hand, session stickiness to the Portal Server
instances is enforced by SRA.
Содержание Portal Server 6 2005Q1
Страница 8: ...8 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 10: ...10 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 12: ...12 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 20: ...Sun Welcomes Your Comments 20 Portal Server Secure Remote Access 6 2005Q1 Administration Guide...
Страница 36: ...A Typical Portal Server Installation 36 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 50: ...Proxylet 50 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 78: ...SRA Sizing 78 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 132: ...Identity and Directory Structure Design 132 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 142: ...Configuration Files 142 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 152: ...Tuning Parameters for etc system 152 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 158: ...Portal Server on an Application Server Cluster 158 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 178: ...Portal Design Task List 178 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 180: ...Comparison of Solaris and Linux Path Names 180 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 182: ...182 Portal Server 6 2005Q1 Deployment Planning Guide...
Страница 192: ...Section X 192 Portal Server 6 2005Q1 Deployment Planning Guide...