Sun ONE Portal Server 3.0 Rewriter Configuration and Management Guide
- Intended Audience
- Deployment Assumptions
- How the Gateway Works
- Concepts of the Rewriter
- Adding and Removing Rewriter Rules
- Methodology for Rule Extraction
- Out-Of-Box Rule Set
- Rewriting HTML Attributes
- Rewriting FORM Tag Input
- Rewriting JavaScript Content
- Rewriting Applet Parameters
- Rewriting Cascading Style Sheets
- Rewriting XML
- Performance
- Order Importance
- CASE Studies: How to Configure the Gateway to Rewrite a Web-Based JavaScript Navigation Bar
- Third Party Application Cookbooks
- Exchange
- How to Get Hot Patches
- Glossary
- Acknowledgements
Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
Sun ONE Portal Server 3.0 Rewriter Configuration and Management Guide
How can a network administrator provide secure remote access to portal users who need to download and interact with web documents and web applications that are behind a strict firewall? There are three widely used technologies for providing remote users access and interaction with web documents residing behind a strict firewall:
- Virtual private networks (VPNs)
- Secure reverse proxies
- URL rewriting
The first and most inflexible solution is to use a VPN. VPNs have two major advantages over the other two solutions in that no internal content needs to be modified, nor does the solution administrator need any inherent knowledge about the contents of the web documents for the documents to be viewable through the VPN connection. One major disadvantage, leading to the inflexibility of a VPN connection, is that all network traffic must be directed through the VPN to ensure its complete security. This can result in bottlenecks that could be avoided. Additionally, VPNs typically require client-side software to be installed. This is not feasible in the case of a nomadic user who needs to access privileged data through an Internet kiosk or similar means of connecting to the secure network.
The second solution is to use a secure reverse proxy. Like a VPN, the reverse proxy does not require internal content to be modified. The major disadvantage of using a reverse proxy is that every URL used to retrieve a document or access a web application must have explicit mappings that reside on the proxy. This means that embedded URLs must also have a URL mapping for the proxy to work successfully.
The third solution, and the primary focus of this document, is URL rewriting. The basic premise of URL rewriting is that browser requests always come back to a single location (gateway) when the request is for internal content, and the request goes directly to the public content server. Otherwise, sometimes referred to as VPN-on-demand, URL rewriting does not unnecessarily put stress on the network. It provides the needed security only when accessing potentially sensitive internal web sites or downloading sensitive information.
Intended Audience
This guide builds on, and in some cases reiterates, what is presented in Chapter 8 of the Sun ONE™ Portal Server Administration Guide. Specifically, it addresses real-world deployment scenarios and rewrite-by-example conventions.
This guide is targeted at Sun ONE Portal Server administrators. You are expected to be somewhat familiar with Portal Server terminology and have an extensive understanding of web application development and deployment.
You are also expected to be familiar with HTML SPEC. 4.0 tag syntax, JavaScript™ conventions, and the client-server relationship. Knowledge of HTTP and OOP programming is helpful as well. Programming examples are provided; however, the audience is expected to know what the examples actually do. In some cases, code snippets are provided. The audience must be able to understand how that code snippet relates to the larger context that the example is meant to illustrate.
NOTE
All iPlanet™ products have been rebranded as Sun One products.