Configuration
A setup script for Caching Proxy is provided with the Access Manager plug-in.
Steps to take before using the configuration script
Before running the script, do the following:
- Install all necessary software.
- Ensure that the proxy server is set to use port 80 (This is the default value.)
- Configure your LDAP and Access Manager components, and make sure they
are running while you configure the Access Manager plug-in.
- Make sure that you have the Access Manager administrator ID and the LDAP
administrator name available. These values are required to set up the proxy server.
Using the configuration script
The set up script is named wslconfig.sh and
it is provided in the /opt/pdweb-lite/bin/ directory.
Enter the Access Manager administrator ID and the LDAP administrator name
when prompted.
The configuration script automatically performs the following steps:
- Sets the Caching Proxy user ID to root and group ID to other
- Sets the noLog directive to *, which causes no items to be
written to Caching Proxy's Access Log
- Creates a ServerInit directive with the following information:
ServerInit /opt/pdweb-lite/lib/wesauth.so:WTESeal_Init
/opt/pdweb-lite/etc/ibmwesas.conf
- Creates a PreExit directive with the following information:
PreExit /opt/pdweb-lite/lib/wesauth.so:WTESeal_PreExit
- Creates an Authorization directive with the following information:
Authorization * /opt/pdweb-lite/lib/wesauth.so:WTESeal_Authorize
- Creates a ServerTerm directive with the following information:
ServerTerm /opt/pdweb-lite/lib/wesauth.so:WTESeal_Term
Creates a Protect
statement and Protection setup that forwards all requests to the Access Manager
authentication process, as follows:
Protection PROXY-PROT {
ServerId WebSEAL-Lite
Mask All@(*)
AuthType Basic
}
Protect * PROXY-PROT