Previous Topic: Example: Configuring Internet Information Services 7.0 on Windows Server 2008 as a Reverse Proxy Server

Next Topic: Working with Multiple LDAP Servers

Integration GuideIntegration with RSA SecurIDConfiguring a Web Server as a Reverse Proxy ServerExample: Configuring the Apache Web server 2.2.6 as a Reverse Proxy Server on a Red Hat Enterprise Linux 5.0

Example: Configuring the Apache Web server 2.2.6 as a Reverse Proxy Server on a Red Hat Enterprise Linux 5.0

In this example, Steve the system administrator installed the Enterprise Management Server on a Red Hat Enterprise Linux 5.0. Steve now needs to install and configure the Apache Web Server 2.2.6 as a reverse proxy server.

  1. Steve does the following to install and configure the Apache Web Server 2.2.6 with the proxy module:
    1. Configures the Apache Web Server 2.2.6 installation to install the proxy module, as follows: 
      tar -zxvf httpd_2.2.6.tar.gz 
./configure --prefix=/usr/local/apache --enable-proxy --enable-proxy-http 
make 
make install

      The Apache Web Server 2.2.6 is installed with the proxy module.

  2. Steve does the following to configure the reverse proxy:
    1. Navigates to the conf directory of the Apache web server.
    2. Opens the httpd.conf file for editing.
    3. Locates the LoadModule list of entries and adds the following section: 
      # Used for proxy to the Enterprise Management Server
ProxyPass	/iam http://196.168.1.1:8080/iam
ProxyPass	/castylesr5.1.1 http://192.168.1.1:8080/castylesr5.1.1
ProxyPassReverse	/iam http://192.168.1.1:8080/iam
    4. Saves and closes the file.
    5. Restarts the Apache Web Server.

    Steve configured the Apache Web Server 2.2.6 to act as a reverse proxy server.

  3. Steve configures the RSA web agent to ignore the web browser IP address for cookie validation:
    1. Navigates to the RSA web agent installation directory: 
      /usr/local/apache/rsawebagent/
    2. Runs the RSA web agent configuration utility.
    3. Selects the RSA server that is currently in use from the list.
    4. Browses to the second configuration screen.
    5. Verifies that the Ignore browser IP address for cookie validation is enabled.

    Steve has configured the RSA web agent to ignore the web browser IP address for cookie validation.

  4. Steve configures the RSA web agent to enable Single Sign Off (SSO) for CA Access Control Enterprise Management:
    1. Opens the Linux web agent distribution and locates the following file: 
      rsacookieapi.tar
    2. Copies the file to a temporary directory and extracts the content of the file.
    3. Locates the following files:
      • RSACookieAPI.jar
      • librsacookieapi.so
    4. Copies the librsacookieapi.so file to the following location, where JBOSS_HOME indicates the location where Steve installed Jboss: 
      JBOSS_HOME/server/default/deploy/IderntityMinder.ear/library
    5. Copies the RSACookieAPI.jar file to the following location: 
      JBOSS_HOME/server/default/deploy/IderntityMinder.ear/user_console.war/WEB-INF/lib/

    Steve configured the RSA web agent to enable SSO for CA Access Control Enterprise Management.