Table of Contents
Advertisement
For example, if the backend application has a hard-coded IP address and scheme within URLs
as follows, Application Offloading must rewrite the URL.
<a href="http://1.1.1.1/doAction.cgi?test=foo">
This can be done by enabling the Enable URL Rewriting for self-referenced URLs setting for
the Application Offloading Portal, but all the URLs may not be rewritten, depending on how the
Web application has been developed. (This limitation is usually the same for other WAF/SRA
vendors employing reverse proxy mode.)
Cross Domain Single Sign-On
External Website Bookmarks can be created for application offloading portals to achieve a
single point of access for users. This allows users to automatically log into application
offloading portals after logging into the main portal.
To use Cross Domain Single Sign-on (SSO), perform the following steps:
Create two or more portals with the same shared domain (from Virtual Host Domain name) and
Step 1
that need authentication. One portal should be a regular portal. These portals are also in the
same SRA appliance's domain so that a user can log in to both of them with the same
credentials.
Log into the portal and create a bookmark, as explained in
Step 2
on page
Set the service to External Web Site, as explained in
Step 3
Enable Automatically log in for the bookmark, which enables Cross Domain SSO for this
Step 4
bookmark.
Specify a Host, which is a portal with the same shared domain name.
Step 5
Save the bookmark and launch it. The new portal is logged in automatically without any
Step 6
credential.
The shared domain names don't need to be identical; a sub-domain also works. For example,
one portal is a regular portal whose virtual host domain name is "www.example.com" and its
shared domain name is ".example.com". The other portal's virtual host domain name is
"intranet.eng.example.com" and the shared domain name is ".eng.example.com". If a
bookmark to xyz.eng.example.com is created in the
SSO works because ".eng.example.com" is a sub-domain of ".example.com".
ActiveSync Authentication
Application Offloading now supports authentication for ActiveSync.Application Offloading
technology delivers Web applications using Virtual Hosting and Reverse Proxy. Users still need
to authenticate with the SRA appliance before accessing the backend Web application.
However, the proxy avoids URL rewriting in order to deliver the Web applications seamlessly.
ActiveSync is a protocol used by a mobile phone's email client to synchronize with an Exchange
server. The Administrator can create an offloading portal and set the application server host to
the backend Exchange server. Then, a user can use the new virtual host name in a mobile
phone's email client, and synchronize with the backend Exchange server through the SRA
appliance. Before SRA 6.0, users had to disable authentication for ActiveSync offloading
portals, because ActiveSync requests are different from requests sent from the browser.
28 | SRA 6.0 Administrator's Guide
"Adding Portals" on page 131
302.
explains how to create a portal.
"Adding or Editing User Bookmarks"
"External Web Site" on page
www.example.com
309.
portal, Cross Domain
Hide quick links:
Advertisement
Chapters
Table of Contents
