Using Reflection for the Web or Reflection Security Gateway with the Oracle WebLogic Portal

  • 7022219
  • 27-Oct-2005
  • 13-Mar-2018

Environment

Reflection for the Web 2014 (All Editions)
Reflection for the Web 2011 (All Editions)
Reflection for the Web 2008 (All Editions)
Reflection Security Gateway 2014
Oracle WebLogic Portal version 10g

Situation

This technical note steps you through the process to display Reflection in your portal: configuring Reflection to use the portal for authentication, selecting security options, and creating portlets to display a Reflection session or session list in the portal.

Resolution

Before You Begin

The Reflection management server and the Oracle WebLogic Portal version 10g (formerly BEA WebLogic Portal) must be installed. For detailed information on installing the management server, see the Installation Guide for your product:

Configuring Reflection for the Web or Reflection Security Gateway to display in your Oracle portal is a multi-step process.

Step One: Configure Portal Authentication

In the Administrative WebStation, under Tools, click Access Control Setup.

  1. To open the "Set Up Reflection for a Portal" page, click Configure, select Portal, and click Next.
  2. Select "Oracle (or BEA) WebLogic or IBM WebSphere" as the portal type.
  3. Unless you need to change the shared secret, accept the default. If you change the shared secret, you must make a corresponding change to the portal's deployment descriptor.

To change the shared secret in the deployment descriptor, edit the <Portal application name>/WEB_INF/web.xml file by adding the following text after the opening <web-app> tag:

<context-param>
<param-name>AC.RWebSSOSharedKey</param-name>
<param-value>shared secret</param-value>
</context-param>

If you change the deployment descriptor, you must restart your portal.

  1. (Optional) If you want to increase security, specify the portal server IP addresses from which Reflection accepts connections. You can use spaces, commas, or tabs as list delimiters. The Reflection management server refuses connections from any IP address not listed (unless the list is blank).
  2. Click Next, which opens the Choose Authorization Methods page.

Step Two: Select an Authorization Method

You can use your portal alone to authorize access to Reflection, or you can combine your portal access control with Reflection's LDAP authorization feature.

  • If you grant access to Reflection using the portal alone, no extra authorization is performed on session access.
  • If you provide access to specific sessions, users log onto the portal and can go directly to their sessions.
  • If you provide access to the Reflection links list, all users with the Reflection links list portlet have access to all published sessions.

By using both the portal and Reflection's LDAP authorization, you have an extra layer of control over session access.

  • If you provide access to the Reflection links list, you can use the Access Mapper to assign sessions to specific users and groups. Users log onto the portal and go to their links list, then click a link to any session they are authorized to access.
  • If you provide access to specific published sessions, users log onto the portal and go to their sessions. Reflection checks that the user's login ID is authorized to access the session, and if so, delivers the session. If the user is not authorized, an error message displays.

On the Choose Authorization Methods page:

  1. Select an authorization type.
  2. Click Next.
  3. If you chose LDAP authorization, enter information about your LDAP server and click Next.
  4. View your choices and click Save Settings.

Step Three: Create and Publish or Map Terminal Sessions

You can configure terminal sessions before or after you have integrated Reflection with your portal.

  1. In the Administrative WebStation, click Tools > Session Manager.
  2. Click Add and continue through the Session Manager to configure and save a session.
  3. Click Tools > Access Mapper. If you chose to use only portal authorization, publish the session by selecting the check box next to its name. If you chose LDAP authorization, search for users or groups, and map the session to them.

Step Four: Set up Portal Domain

On the portal server, copy the RWebBroker.jar file from the rweb/WEBINF/misc/ directory to the following directory on your destination portal domain environment:

<Portal application name>/WEB-INF/lib/

You may need to restart your portal domain to load the RWebBroker.jar file.

Step Five: Create Portlets

Create portlets to display Reflection sessions or links lists.

  1. Follow the standard Oracle WebLogic procedure to create and deploy portlets in your portal domain.
  2. Add one of the following code fragments to your portlet JSP.

To display a Reflection session, use this fragment:

<%= new com.wrq.java13plus.management.portal.RWebBrokerWLP().getContent(request, "<Reflection URL>&portal=true&appletOnly=true") %>

For example, to link to a Web-based session called "accounting" on a server named "pascal" using port 8080 and the default rweb context, use this fragment:

<%= new com.wrq.java13plus.management.portal.RWebBrokerWLP().getContent(request, "http://pascal:8080/rweb/RWebSession.do?link=accounting&portal=true&appletOnly=true") %>

To link to a Windows-based session called "timesheets" on the same server, use this fragment:

<%= new com.wrq.java13plus.management.portal.RWebBrokerWLP().getContent(request, "http://pascal:8080/rweb/WIXSession.do?link=timesheets&portal=true&appletOnly=true") %>

To display the end user links list, use this fragment:

<%= new com.wrq.java13plus.management.portal.RWebBrokerWLP().getContent(request, "<Reflection URL>/LoginPage.do?portal=true&appletOnly=true") %>

Note: Make sure you have the correct URL. In particular, if you create a session under the HTTP protocol, and then switch to HTTPS, you must change the URL accordingly.

The port number is needed only if you are not using the default protocol ports (80 for HTTP or 443 for HTTPS).

You can find the session URL in two places in the Session Manager:

    • Click View URLs to see a complete list of all session URLs.
    • Click the session name to go to the session configuration page. The URL is displayed at the top of the page after the session name.

Additional Information

Legacy KB ID

This article was originally published as Attachmate Technical Note 1863.