Protecting The Application Server With The Access Gateway; Setting Up A Path-Based Proxy Service For An Application Server - Novell ACCESS MANAGER 3.1 SP1 - AGENT GUIDE Manual

5 To update the Identity Server, click Identity Servers, then click Update > OK.
Whenever you set up a new trusted identity configuration, you need to update the Identity
Server configuration.
2.5 Protecting the Application Server with the
Access Gateway
When you configure the Access Gateway so it can protect your application server, the Access
Gateway must be configured to protect multiple resources. The first reverse proxy and proxy service
combination of the Access Gateway is assigned to perform authentication. The agent must be set up
as a secondary proxy service because the proxy service for an agent cannot be used for
authentication.
If the Access Gateway has multiple IP addresses, you can configure the Access Manager so that
users access different types of Web resources from each IP address. If the Access Gateway has only
one IP address, you still can configure it so users access different types of resources. In this case,
you configure the resources to use multi-homing. The following configuration steps assume that you
have only one IP address and that you must use multi-homing to access multiple resources, either
domain-base or path-based.
With path-based multi-homing, you use one DNS name for the Access Gateway, and have the user
specify a path-based URL to access the correct resource. For example:
You configure the name, www.mytest.com, to resolve to the Access Gateway, and the Access
Gateway is configured to proxy the request to a Web server.
You have users access the application server with the URL www.mytest.com/j2ee. The domain
name, www.mytest.com, resolves to the Access Gateway, and the Access Gateway uses the
path portion of the URL to proxy the request to the J2EE server.
For more information, see
Server," on page 53.
With domain-based multi-homing, your Access Gateway uses domain names to access multiple
resources. For example:
You configure the name mytest.company.com to resolve to the Access Gateway, and the Access
Gateway is configured to proxy the request to a Web server.
You configure the name j2ee.company.com to resolve to the Access Gateway, and the Access
Gateway is configured to proxy it to the application server.
For more information, see
Application Server," on page
2.5.1 Setting Up a Path-Based Proxy Service for an Application
Server
Figure 2-3 illustrates the basic configuration for a path-based proxy service. The www.mytest.com
name is the published DNS name of the parent proxy service that protects the Web servers. The
www.mytest.com/j2ee name resolves to the Access Gateway, and the Access Gateway uses the /j2ee
path to proxy the request to the application server.
Section 2.5.1, "Setting Up a Path-Based Proxy Service for an Application
Section 2.5.2, "Setting Up a Domain-Based Proxy Service for an
57.
Configuring the Agent for Authentication 53