A Web application is software that uses HTTP for communication and generates output based on user input. In many cases, an existing Web application can be displayed in the portal with no changes to the back-end code. This page addresses common configuration steps required for these integrations. (Deeper integrations require development of custom portlets and possibly extensive additions to the Web application.)
For example, you could integrate an existing employee benefits Web application. Users could complete transactions without leaving the portal environment or being prompted for credential information (user name and password). This seamless portal experience is more efficient because most users do not need to know about back-end systems and credential requirements. As users navigate through the Web application, the portal experience and navigation are preserved.
The following steps are required to configure an existing Web application for display within the portal:
Create a Credential Vault Lockbox (Optional)
You can also import resources from existing systems for use in the portal; for details, see Additional Integration Options at the bottom of this page.
If your Web application requires user authentication through HTTP basic authentication or form-based login, you can create a Lockbox to store those credentials in the portal so users do not need to enter them in the Web application.
If the application uses the same credentials as the portal or the same credentials for all users, you do not need to create a Lockbox.
Credential Vault Lockboxes are not based on SSO (single-sign on). SSO is primarily designed to protect Web-based resources. Most back-end systems use proprietary authentication mechanisms that require separate credentials. The credential vault supports standard basic authentication and form-based login by default. You can also use the IDK to implement custom authentication integration; for details see Using the Credential Vault.
Follow the steps below to create a Lockbox:
In portal administration, click Select Utility | Credential Vault Manager.
Click New Lockbox.
In the Lockbox Editor, type a name for the lockbox. Use an intuitive name that describes the Web application. The name you enter will appear in the Password Manager on the My Account page.
Under Lockbox Properties, type field names for the login credentials (such as "e-mail" and "password").
Click Finish in the Lockbox Editor, and click Finish again in the Credential Vault Manager.
After you create a Lockbox, users must enter their login credentials in the Password Manager on the My Account settings page. The portal will send these credentials to any Web service configured to use the associated Lockbox (see step 3 below). For details on the Password Manager, see the portal online help.
Create a Remote Server for your portlet if one does not already exist. Multiple Web Services can share a single Remote Server object. For information on the options in the Remote Server Editor, see ALI Portlet Configuration.
The Remote Server editor allows you to set up a server for use by multiple Web Services. The following settings are configured on the Main Settings page.
In portal administration, click Create Object | Remote Server.
Set the base URL of the Remote Server. Use the root directory, since Web Services that use the remote server will be configured using URLs relative to this location.
Select the authentication type. You can choose to use the portal login credentials or enter administrative credentials to be used for all users. If you are using a Lockbox, leave the Authentication Type setting as None and enter the RSA public encryption key. For details, see Using the Credential Vault.
Click Finish. In the Save As text box of the Save Object page, type a name for the Remote Server.
Click Save, then Close.
All portlets must have an associated Portlet Web Service. For more details about the options in the Web Service editor, see the ALI Portlet Configuration.
In portal administration, click Create Object | Web Service - Remote Portlet.
On the Main Settings page, select the Remote Server (see step 2 above). In the Portlet URL text box, type the relative URL to the file that will serve as the main page of the Web application portlet. (If you do not choose a Remote Server, you must enter an absolute URL.)
On the HTTP Configuration page, select how you want to host the Web application. All hosted Web applications initially appear in a portlet. The settings on this page determine whether subsequent pages are displayed within the portlet or in a hosted portal page.
To
display the entire Web application within a portlet, click Add Gateway Prefix and enter the base
URL for the Web application (if not all pages are in the same directory,
you can add multiple gateway prefixes). Select Inline
Refresh for all gateway prefixes or URLs that should be displayed
within the portlet. Gateway URL
prefixes must include a trailing slash and are case sensitive.
The image below illustrates how the entire Web application stays
within the context of the portlet.
To
host the Web application outside of the portlet context, but within
the portal, select Use hosted display mode on gateway pages.
Click Add Gateway Prefix and enter
the base URL for the Web application (if not all pages are in the same
directory, you can add multiple gateway prefixes). The initial page is
hosted in a portlet; when the user navigates to another page, a new window
displays the Web application with the portal header and footer.
The image below shows how clicking a link in the portlet opens
the Web application in hosted display mode.
On the Authentication Settings page, configure the authentication source. If you are using the Credential Vault, first choose the Lockbox you created in step 1 above.
|
Authentication Method |
Credential Source |
||
|---|---|---|---|
|
Login Form |
Portal |
Back-end Application (Credential Vault Lockbox) | |
|
Basic Authentication |
N/A |
Under Basic Authentication Settings, choose User’s Basic Authentication Information. |
Under Basic
Authentication Settings, choose User’s
Lockbox Credentials. |
|
Form-Based Login |
Under Form Based Login, choose None and enter the form URL and field names. |
Under Form
Based Login, choose Portal User
and enter the form URL and field names. |
Under Form Based Login, choose Lockbox User and enter the form URL and field names. |
For details on authentication options, see ALI Portlet Configuration | Web Service – Remote Portlet: Authentication Settings. Portlets can also use the IDK to access back-end credentials stored in a credential vault Lockbox. For details, see Using the Credential Vault.
Click Finish. In the Save As text box of the Save Object page, type the name of your Remote Portlet Web Service.
Click Save, then Close.
Each Portlet Web Service must be associated with at least one Portlet object.
In portal administration, click Create Object | Portlet.
Select the Web Service you created in step 3 above.
For most Web applications, you should configure the portlet alignment as wide or content canvas.
Click Finish. In the Save As text box, type the name of your portlet.
Click Save, then Close.
To add a portlet to a page, click My Pages | Add Portlets or My Community | Add Portlets. See the portal online help for more information.
If you have created a Lockbox, your users must enter their credential information in the Password Manager on their My Account settings page. Each Lockbox has its own section in the Password Manager. If users do not store their credentials in the Password Manager, they will be prompted to log in to the Web application each time they access it.
In addition to portlets, you can import resources from existing systems for use in the portal. Identity Services allow you to import existing users from company user systems, such as LDAP. Content Crawlers are used to import content into your portal from outside sources, such as the Web or internal company document repositories. Federated Search provides access to content sources without storing the content in your portal.