Agent for SharePoint Guide › Advanced Configuration Options › Configure Virtual Hosts on your Proxy Server
Configure Virtual Hosts on your Proxy Server
The following sections describe using virtual hosts with your CA SiteMinder® Agent for SharePoint.
Virtual Host Configurations
The CA SiteMinder® Agent for SharePoint supports virtual hosts. Virtual hosts conserve hardware resources by operating different websites on a single server.
The CA SiteMinder® Agent for SharePoint supports virtual hosts that use the following configuration methods:
- Port-based virtual hosts
-
Indicates a virtual host on your CA SiteMinder® Agent for SharePoint server that operates on a unique port number.
- Host-header-based virtual hosts
-
Indicates a virtual host on your CA SiteMinder® Agent for SharePoint server that uses unique host header values.
- Path-based virtual hosts
-
Indicates a virtual host on your CA SiteMinder® Agent for SharePoint server using unique URI values.
More information:
Set a Basic Proxy Rule
Define Virtual Hosts for each Web Application
Virtual hosts are required for each SharePoint web application you want to protect. Define a virtual host for each SharePoint web application on the CA SiteMinder® Agent for SharePoint server. A single virtual host definition on the CA SiteMinder® Agent for SharePoint server accommodates the following types of proxy rules:
- Port-based forwarding
- Host-header-based forwarding
- Path-based forwarding
Follow these steps:
- Use a text editor to open the following file:
Agent-for-SharePoint_home\proxy-engine\conf\server.conf
- Locate the following line:
hostnames="default_SharePoint_URL"
- Change the value of previous line to include a default URL to which you want to forward any requests that are not for your web applications. Any requests that are not for your web applications are forwarded to this default URL. For example, a generic SharePoint page can appear to users who do not request a specific resource.
- Copy the following section:
<VirtualHost name="default">
#addresses="192.168.1.100"
hostnames="default_SharePoint_URL"
defaultsessionscheme="default"
# specify the block size for request and response in KBs
requestblocksize="4"
responseblocksize="4"
#The defaults can be overriden
#not only for the Virtual Host
#but for the WebAgent for that
#virtual host as well
#<WebAgent>
#</WebAgent>
</VirtualHost>
- Add a new line below the </VirtualHost> tag.
- Copy the section from Step 4 and paste it into the new line you created in Step 5.
- Do the following steps:
- Replace the word default in the <VirtualHost name= tag with a unique name you want.
- Replace the URL in the <hostnames= tag with the URL of your web application.
- Save your changes to the file.
- Repeat Steps 5 through 8 until virtual hosts are defined for all your web applications.
How to Configure Port-based Virtual Hosts
Configuring port-based virtual hosts on your CA SiteMinder® Agent for SharePoint is a process that involves several separate procedures. Some procedures involve different components in your environment. To configure port-based virtual hosts on your CA SiteMinder® Agent for SharePoint server, use the following process:
- Define a virtual host for each web application.
- Have your network administrator update your DNS server with the virtual host settings.
- Create proxy rules for your port-based virtual hosts.
- On your SharePoint central administration server, do the following:
- Change the public URL of the web application to the virtual host defined in the CA SiteMinder® Agent for SharePoint.
- Change the internal URL of the web application to the actual URL of your SharePoint resource.
Update the DNS Tables with your Port-based Virtual Hosts
The virtual host names defined on your CA SiteMinder® Agent for SharePoint require an association with the IP address of the CA SiteMinder® Agent for SharePoint in the DNS servers of your organization. Have your network administrator update the DNS tables in your organization accordingly.
Create Proxy Rules for your Port-based Virtual Hosts
Port-based virtual hosts require different settings than the default proxy rule file used by the CA SiteMinder® Agent for SharePoint. After defining virtual hosts for your web applications, create proxy rules for your port-based virtual hosts.
Follow these steps:
- To preserve your current proxy rules, rename your existing proxyrules.xml file in the following directory:
Agent-for-SharePoint_home\proxy-engine\conf
- Open the following file with a text editor:
Agent-for-SharePoint_home\proxy-engine\examples\proxyrules\proxyrules_example1.xml
- Save a copy of the previous file using the following path and file name:
Agent-for-SharePoint_home\proxy-engine\conf\proxyrules.xml
- Locate the following line:
<nete:proxyrules xmlns:nete="http://www.company.com/">
- Replace the http://www.company.com/ with the name of your virtual host, as shown in the following example:
<nete:proxyrules xmlns:nete="http://www.example.com/">
- Locate the following line:
<nete:case value="banking.company.com:80">
- Replace the banking.company:com:80 with the domain name, suffix and port number for your SharePoint web application, as shown in the following example:
sharepoint.example.com:8606
- Add your other web applications to the proxy rules file by repeating Steps 5 through 7 in the following section:
<!-- replace bondtrading.company.com with a virtual host defined in the server.conf file -->
<nete:case value="bondtrading.company.com:80">
<!-- replace http://server2.company.com with the appropriate destination server -->
<nete:forward>http://server2.company.com$1</nete:forward>
</nete:case>
- Duplicate the previous section and modify it until all your port-based web applications have proxy rules.
- Locate the following line:
<nete:forward>http://home.company.com$1</nete:forward>
- Replace the http://home.company.com in the previous line with the URL of a default site you want to use for requests not matching your web applications.
- Save the file and close the text editor.
- Restart the CA SiteMinder® Agent for SharePoint.
Add Public and Internal URLs on your SharePoint Server for your Port-Based Hosts
Port-based proxy rules require the following alternate access mappings on your SharePoint central administration server:
- Set the public URL for the zone to the URL of your virtual host associated with the web application.
- Set the internal URL to the server to which the requests from the virtual host are forwarded.
The following table describes an example of the alternate access mappings for port-based proxy rules:
|
Internal URL
|
Zone
|
Public URL for Zone
|
|
http://www.sharepoint.example.com:8606
|
Default
|
http://sharepoint.example.com
|
- Follow these steps:
-
- Open your SharePoint central administration site.
- Click Application Management.
- Under Web Applications, click Configure Alternate Access Mappings.
- Use the examples in the previous table as a guide to edit your public URLs and Add Internal URLs.
How to Configure Host-Header-Based Virtual Hosts
Configuring host-header-based virtual hosts on your CA SiteMinder® Agent for SharePoint is a process that involves several separate procedures. Some procedures involve different components in your environment. To configure host-header-based virtual hosts on your CA SiteMinder® Agent for SharePoint server, use the following process:
- Define a virtual host for each web application.
- Have your network administrator update your DNS server with the virtual host settings.
- Create proxy rules for your host-header-based virtual hosts.
- On your SharePoint central administration server, do the following:
- Change the public URL of the web application to the virtual host defined in the CA SiteMinder® Agent for SharePoint.
- Change the internal URL of the web application to the actual URL of your SharePoint resource.
Update the DNS Tables with your Host-Header-Based Virtual Hosts
The virtual host names defined on your CA SiteMinder® Agent for SharePoint require an association with the IP address of the CA SiteMinder® Agent for SharePoint in the DNS servers of your organization. Have your network administrator update the DNS tables in your organization accordingly.
Create Proxy Rules for your Host-Header-Based Virtual Hosts
Host-header-based virtual hosts require different settings than the default proxy rule file used by the CA SiteMinder® Agent for SharePoint. After defining your virtual hosts for your web applications, create proxy rules for your host-header-based virtual hosts.
Follow these steps:
- To preserve your current proxy rules, rename your existing proxyrules.xml file in the following directory:
Agent-for-SharePoint_home\proxy-engine\conf
- Open the following file with a text editor:
Agent-for-SharePoint_home\proxy-engine\examples\proxyrules\proxyrules_example2.xml
- Save a copy of the previous file using the following path and file name:
Agent-for-SharePoint_home\proxy-engine\conf\proxyrules.xml
- Locate the following line:
<nete:proxyrules xmlns:nete="http://www.company.com/">
- Replace http://www.company.com/ in the previous line with the name of your virtual host, as shown in the following example:
<nete:proxyrules xmlns:nete="http://www.example.com/">
- Locate the following line:
<nete:cond type="header" criteria="equals" headername="HEADER">
- Replace HEADER in the previous line with the following:
HOST
- Locate the following line:
<nete:case value="value1">
- Replace value1 in the previous line with the value of a host header you want, as shown in the following example:
<nete:case value="sharepoint.example.com">
- Locate the following line:
<nete:forward>http://server1.company.com</nete:forward>
- Replace the http://server1.company.com with the URL of the server to which you want to forward requests that use the header value from Step 8. Use the following example as a guide:
<nete:forward>http://sharepointserver1.example.com</nete:forward>
- Add additional header values and destination servers by repeating Steps 8 through 11 on the following respective lines in the file:
<nete:case value="value2">
<nete:forward>http://server2.company.com</nete:forward>
- Locate the following line:
<nete:forward>http://home.company.com$1</nete:forward>
- Replace the http://home.company.com in the previous line with the URL of a default site you want to use for requests not matching your web applications.
- Save the file and close the text editor.
- Restart the CA SiteMinder® Agent for SharePoint.
Add Public and Internal URLs on your SharePoint server for your Host-Header-Based Hosts
Host-header-based proxy rules require the following alternate access mappings on your SharePoint central administration server:
- Set the public URL for the zone to the URL of your virtual host associated with the web application.
- Set the internal URL to the server to which the requests from the virtual host are forwarded.
The following table describes an example of the alternate access mappings for host-header-based proxy rules:
|
Internal URL
|
Zone
|
Public URL for Zone
|
|
http://www.sharepointserver1.example.com
|
Default
|
http://sharepoint.example.com
|
- Follow these steps:
-
- Open your SharePoint central administration site.
- Click Application Management.
- Under Web Applications, click Configure Alternate Access Mappings.
- Use the examples in the previous table as a guide to edit your public URLs and Add Internal URLs.
How to Configure Path-based Virtual Hosts
If your web applications share the same ports and use host-header values to separate traffic, you can configure path-based virtual hosts.
Configuring path-based virtual hosts on your CA SiteMinder® Agent for SharePoint is a process that involves several separate procedures. Some procedures involve different components in your environment. To configure path-based virtual hosts on your CA SiteMinder® Agent for SharePoint server, use the following process:
- Define a virtual host for each web application.
- Have your network administrator update your DNS server with the virtual host settings.
- Create proxy rules for your path-based virtual hosts.
- On your SharePoint central administration server, do the following:
- Change the public URL of the web application to the virtual host defined in the CA SiteMinder® Agent for SharePoint.
- Change the internal URL of the web application to the actual URL of your SharePoint resource.
Update the DNS Tables with your Path-based Virtual Hosts
The virtual host names defined on your CA SiteMinder® Agent for SharePoint require an association with the IP address of the CA SiteMinder® Agent for SharePoint in the DNS servers of your organization. Have your network administrator update the DNS tables in your organization accordingly.
Create Proxy Rules for your Path-based Virtual Hosts
Path-based virtual hosts require different settings than the default proxy rule file used by the CA SiteMinder® Agent for SharePoint. After defining your virtual hosts for your web applications, create proxy rules for your path-based virtual hosts.
Follow these steps:
- To preserve your current proxy rules, rename your existing proxyrules.xml file in the following directory:
Agent-for-SharePoint_home\proxy-engine\conf
- Open the following file with a text editor:
Agent-for-SharePoint_home\proxy-engine\examples\proxyrules\proxyrules_example2.xml
- Save a copy of the previous file using the following path and file name:
Agent-for-SharePoint_home\proxy-engine\conf\proxyrules.xml
- Locate the following line:
<nete:proxyrules xmlns:nete="http://www.netegrity.com/">
- Replace http://www.netegrity.com/ in the previous line with the name of your virtual host, as shown in the following example:
<nete:proxyrules xmlns:nete="http://www.example.com/">
- Locate the following line:
<nete:case value="/dir1">
- Replace the /dir1 in the previous line with the path (URI) for which you want the request redirected. For example, if the path is /sales, all URLs containing /sales are redirected to the resource you specify.
- Locate the following line:
<nete:forward>http://server1.company.com$2</nete:forward>
- Replace the http://server1.company.com with the URL of the server to which you want to forward requests that use the path (URI) value from Step 8. Use the following example as a guide:
<nete:forward>http://sharepointserver1.example.com</nete:forward>
- Add additional header values and destination servers by repeating Steps 6 through 9 on the following respective lines in the file:
<nete:case value="/dir2">
<nete:forward>http://server2.company.com$2</nete:forward>
- Locate the following line:
<nete:forward>http://home.company.com$1</nete:forward>
- Replace the http://home.company.com in the previous line with the URL of a default site you want to use for requests not matching your web applications.
- Save the file and close the text editor.
- Restart the CA SiteMinder® Agent for SharePoint.
Add Public and Internal URLs on your SharePoint server for Path-Based Virtual Hosts
Path-based proxy rules require the following alternate access mappings on your SharePoint central administration server:
- Set the public URL for the zone to the URL of your virtual host associated with the web application.
- Set the internal URL to the server to which the requests from the virtual host are forwarded.
The following table describes an example of the alternate access mappings for path-based proxy rules:
|
Internal URL
|
Zone
|
Public URL for Zone
|
|
http://www.sharepointserver1.example.com
|
Default
|
http://sharepoint.example.com
|
- Follow these steps:
-
- Open your SharePoint central administration site.
- Click Application Management.
- Under Web Applications, click Configure Alternate Access Mappings.
- Use the examples in the previous table as a guide to edit your public URLs and Add Internal URLs.
Copyright © 2014 CA.
All rights reserved.
|
|