Puede utilizar SSO con un servidor proxy en el entorno de Application Engine. Para habilitar este enfoque opcional, edite el archivo web.xml de WebSphere Application Server.
vía_acceso_instalación_AE/Workplace/WEB-INF/web.xml
<param-name>challengeProxyEnabled</param-name>
<param-value> false </param-value>
<web-resource-collection> <web-resource-name>action</web-resource-name> <description>Define thecontainer secured resource</description> <url-pattern>/containerSecured/*</url-pattern> <!-- Uncomment this section if all resources that require credentials must be secured in order to obtain a secured Thread. If using WebSphere, this section must be uncommented. --> Move this commenting tag here from just before the </web-resource- collection> closing tag below. <url-pattern>/containerSecured/*</url-pattern> <url-pattern>/</url-pattern> <url-pattern>/author/*</url-pattern> <url-pattern>/Browse.jsp</url-pattern> <url-pattern>/eprocess/*</url-pattern> <url-pattern>/Favorites.jsp</url-pattern> <url-pattern>/GetPortalSitePreferences.jsp</url-pattern> <url-pattern>/GetTokenSignIn.jsp</url-pattern> <url-pattern>/GetUserInformation.jsp</url-pattern> <url-pattern>/GetUserToken.jsp</url-pattern> <url-pattern>/HomePage.jsp</url-pattern> <url-pattern>/IntegrationWebBasedHelp.jsp</url-pattern> <url-pattern>/is/*</url-pattern> <url-pattern>/operations/*</url-pattern> <url-pattern>/properties/*</url-pattern> <url-pattern>/redirect/*</url-pattern> <url-pattern>/regions/*</url-pattern> <url-pattern>/Search.jsp</url-pattern> <url-pattern>/select/*</url-pattern> <url-pattern>/SelectReturn.jsp</url-pattern> <url-pattern>/Tasks.jsp</url-pattern> <url-pattern>/UI-INF/*</url-pattern> <url-pattern>/utils/*</url-pattern> <url-pattern>/WcmAdmin.jsp</url-pattern> <url-pattern>/WcmAuthor.jsp</url-pattern> <url-pattern>/WcmBootstrap.jsp</url-pattern> <url-pattern>/WcmCloseWindow.jsp</url-pattern> <url-pattern>/WcmDefault.jsp</url-pattern> <url-pattern>/WcmError.jsp</url-pattern> <url-pattern>/WcmJavaViewer.jsp</url-pattern> <url-pattern>/WcmObjectBookmark.jsp</url-pattern> <url-pattern>/WcmQueueBookmark.jsp</url-pattern> <url-pattern>/WcmSignIn.jsp</url-pattern> <url-pattern>/WcmSitePreferences.jsp</url-pattern> <url-pattern>/WcmUserPreferences.jsp</url-pattern> <url-pattern>/WcmWorkflowsBookmark.jsp</url-pattern> <url-pattern>/wizards/*</url-pattern> <url-pattern>/Author/*</url-pattern> <url-pattern>/axis/*.jws</url-pattern> <url-pattern>/Browse/*</url-pattern> <url-pattern>/ceTunnel</url-pattern> <url-pattern>/CheckoutList/*</url-pattern> <url-pattern>/downloadMultiTransferElement/*</url-pattern> <url-pattern>/ExternalUrl/*</url-pattern> <url-pattern>/findRecordTarget</url-pattern> <url-pattern>/formCallback/*</url-pattern> <url-pattern>/getAnnotSecurity/*</url-pattern> <url-pattern>/getCEAnnotations/*</url-pattern> <url-pattern>/getContent/*</url-pattern> <url-pattern>/getForm/*</url-pattern> <url-pattern>/getISAnnotations/*</url-pattern> <url-pattern>/getISAnnotSecurity/*</url-pattern> <url-pattern>/getISContent/*</url-pattern> <url-pattern>/getMultiContent/*</url-pattern> <url-pattern>/getPreview</url-pattern> <url-pattern>/getProcessor/*</url-pattern> <url-pattern>/getRealms/*</url-pattern> <url-pattern>/getUsersGroups/*</url-pattern> <url-pattern>/Inbox/*</url-pattern> <url-pattern>/integrationCommandProxy</url-pattern> <url-pattern>/integrationResponse</url-pattern> <url-pattern>/integrationResponseProxy</url-pattern> <url-pattern>/integrationWebBasedCommand</url-pattern> <url-pattern>/keepAlive</url-pattern> <url-pattern>/launch/*</url-pattern> <url-pattern>/PublicQueue/*</url-pattern> <url-pattern>/putContent/*</url-pattern> <url-pattern>/QuickSearch/*</url-pattern> <url-pattern>/signingServlet/*</url-pattern> <url-pattern>/transport/*</url-pattern> <url-pattern>/upload/*</url-pattern> <url-pattern>/vwsimsoapservlet</url-pattern> <url-pattern>/vwsoaprouter</url-pattern> <url-pattern>/Workflows/*</url-pattern> Move the closing comment tag from here to the location indicated at the beginning of this example. </web-resource-collection>
<auth-constraint> <!-- <role-name>*</role-name> --> <!-- For WebSphere 6, use the role-name line below instead of the wildcard role above. --> <role-name>All Authenticated</role-name> <!-- For WebSphere 6, add this security-role element below the login-config element (below). <security-role> <description>All Authenticated</description> <role-name>All Authenticated</role-name> </security-role> --> </auth-constraint>
<security-role> <description>All Authenticated</description> <role-name>All Authenticated</role-name> </security-role>
<security-constraint> <web-resource-collection> <web-resource-name>action</web-resource-name> <description>Define the non-secured resource</description> <url-pattern>/P8BPMWSBroker/*</url-pattern> </web-resource-collection> </security-constraint>
<!-- <login-config> <auth-method>FORM</auth-method> <realm-name>AE Workplace</realm-name> <form-login-config> <form-login-page>/ContainerLogin.jsp</form-login-page> <form-error-page>/ContainerError.jsp</form-error-page> </form-login-config> </login-config> -->
Estos valores de parámetro se utilizan para modificar uno o más elementos del URL nativo que Workplace ve en una solicitud. Allí donde el valor de un elemento host de proxy SSO en la solicitud URL sea distinto de la información equivalente para el host donde Workplace se haya desplegado, debe establecer el parámetro <proxy host element> de SSO correspondiente para ese elemento del URL en el valor del host de proxy de SSO.
<init-param> <param-name>víaAccesoContextoProxySSO</param-name> <param-value></param-value> </init-param> <init-param> <param-name>hostProxySSO</param-name> <param-value></param-value> </init-param> <init-param> <param-name>puertoProxySSO</param-name> <param-value></param-value> </init-param> <init-param> <param-name>puertoSSLProxySSO</param-name> <param-value></param-value> </init-param>
<param-name>víaAccesoContextoProxySSO</param-name> <param-value>/Workplace</param-value>
<param-name>hostProxySSO</param-name> <param-value>sso_proxy_server</param-value>
<param-name>puertoProxySSO</param-name> <param-value>80</param-value>
<param-name>puertoSSLProxySSO</param-name> <param-value>443</param-value>