Home > Articles > Operating Systems, Server > Solaris

Sun ONE Portal Server 3.0 Rewriter Configuration and Management Guide

  • Print
  • + Share This
The SRAP is a portal server add-on that enables end users to securely access enterprise web content using only a standard web browser with a Java virtual machine. Learn the best practices for the SRAP and how to configure it to leverage existing corporate intranet content while enabling flexibility for future growth.
Like this article? We recommend

Sun ONE Portal Server 3.0 Rewriter Configuration and Management Guide

How can a network administrator provide secure remote access to portal users who need to download and interact with web documents and web applications that are behind a strict firewall? There are three widely used technologies for providing remote users access and interaction with web documents residing behind a strict firewall:

  • Virtual private networks (VPNs)
  • Secure reverse proxies
  • URL rewriting

The first and most inflexible solution is to use a VPN. VPNs have two major advantages over the other two solutions in that no internal content needs to be modified, nor does the solution administrator need any inherent knowledge about the contents of the web documents for the documents to be viewable through the VPN connection. One major disadvantage, leading to the inflexibility of a VPN connection, is that all network traffic must be directed through the VPN to ensure its complete security. This can result in bottlenecks that could be avoided. Additionally, VPNs typically require client-side software to be installed. This is not feasible in the case of a nomadic user who needs to access privileged data through an Internet kiosk or similar means of connecting to the secure network.

The second solution is to use a secure reverse proxy. Like a VPN, the reverse proxy does not require internal content to be modified. The major disadvantage of using a reverse proxy is that every URL used to retrieve a document or access a web application must have explicit mappings that reside on the proxy. This means that embedded URLs must also have a URL mapping for the proxy to work successfully.

The third solution, and the primary focus of this document, is URL rewriting. The basic premise of URL rewriting is that browser requests always come back to a single location (gateway) when the request is for internal content, and the request goes directly to the public content server. Otherwise, sometimes referred to as VPN-on-demand, URL rewriting does not unnecessarily put stress on the network. It provides the needed security only when accessing potentially sensitive internal web sites or downloading sensitive information.

Intended Audience

This guide builds on, and in some cases reiterates, what is presented in Chapter 8 of the Sun ONE™ Portal Server Administration Guide. Specifically, it addresses real-world deployment scenarios and rewrite-by-example conventions.

This guide is targeted at Sun ONE Portal Server administrators. You are expected to be somewhat familiar with Portal Server terminology and have an extensive understanding of web application development and deployment.

You are also expected to be familiar with HTML SPEC. 4.0 tag syntax, JavaScript™ conventions, and the client-server relationship. Knowledge of HTTP and OOP programming is helpful as well. Programming examples are provided; however, the audience is expected to know what the examples actually do. In some cases, code snippets are provided. The audience must be able to understand how that code snippet relates to the larger context that the example is meant to illustrate.


All iPlanet™ products have been rebranded as Sun One products.

  • + Share This
  • 🔖 Save To Your Account