Making UWC appear to all be running from *one* port

Noticed the other day that a few more documents had appeared on suns website. Some interesting sounding technotes had appeared one of which promised to fix the problem of non-ie browsers not being able to compose in HTML. Given that I hate html email I wouldn’t have been too interested had it not been for the fact that it mentioned using a a reverse proxy plugin. Anyway, a bit of fiddling and it appears to work but the really neat side effect of this is that the whole of comms express now appears to be running on just the one standard port. This has been a big problem for us as users go off to conferences and the like where they are stuck behind a firewall or a limited proxy that only allows :80 and :443 access.

Anyway, Suns docs seem to assume that you know more about how to configure Sun webserver than I did so I’m posting this up in the hope that it may help save someone else a bit of time.

Assuming a fully working (well, as fully working as it ever gets ;-)) UWC installation you should have comms express running on one port (we had :443) and Messenger express on another (we had :8443). Machine name in our case is msgproxyinta.

  1. download the reverse proxy plugin for the webserver from here. I went for the compress tar version and not the packaged one – not sure how that works. You should end up with a file called libpassthrough.so. Assuming you’ve got everything installed in default locations this lib needs to be put in /opt/SUNWwbsvr/plugins/passthrough/libpassthrough.so. Create dirs as needed and ensure it is readable by the webserver user.
  2. Configure the webserver to load this plugin. To do this edit magnus.conf (in our case found in /opt/SUNWwbsvr/https-msgproxyinta.kent.ac.uk/config/) to load the plugin. The docs given by sun are a little vague here but playing around and hunting through the webserver manuals I discovered that adding the line

    Init fn="load-modules" shlib="/opt/SUNWwbsvr/plugins/passthrough/libpassthrough.so"

    (should be all one line) to the end of the file does the trick. If you restart the webserver at this point you should see something like

    PASS1000: Sun ONE Web Server 6.1SP3 Reverse Proxy Plugin B09/09/2004 11:59

    confirming that the plugin has loaded ok.

  3. Next you have to configure the plugin. Again, the sun doc has the correct information but lacks the detail (no doubt assuming you know how a obj.conf file works – I didn’t!). Bascially, you need to add a couple of line to the top of the file and a couple of sections at the bottom. At the top


    <object name="default">
    AuthTrans fn="match-browser" browser="*MSIE*" ssl-unclean-shutdown="true"
    NameTrans fn="assign-name" from="/uwc(|/*)" name="uwc"
    NameTrans fn="assign-name" from="/*" name="messengerXpress"
    NameTrans fn="ntrans-j2ee" name="j2ee"
    [[snip]]
    </object>

    If you have other things served from the webserver that UWC is installed on then you will need to adjust this a bit as this basically proxies everything that isn’t /uwc. You then need a couple of sections at the bottom of the file describing what to do:


    <object name="uwc">
    ObjectType fn="check-passthrough" type="magnus-internal/passthrough"
    </object>

    <object name="messengerXpress">
    Service fn="service-passthrough" servers="https://msgproxyinta.kent.ac.uk:8443"
    </object>

    these two additions basically proxy everything except /uwc through to the msg express server listening on 8443.

  4. Final thing todo is to tell UWC where the “new” (ie proxied) msg express lives and to turn off ipsecurity. Edit /var/opt/SUNWuwc/WEB-INF/config/uwcconfig.properties (assuming default install locations) to set webmail.port to be the port that webserver is listening on instead of the port that msg express is using and edit /var/opt/SUNWuwc/WEB-INF/config/uwcauth.properties to set messagingsso.ipsecurity to be false.
  5. Restart the webserver and Robert is your mothers brother. HTML editing will now work on Netscape/firefox and (more importantly to us) people with only stand web port access will be able to use comms express again. Hurrah! Now if only Sun would put back the option to have a default view and I could work out how to change the dafault type to be plain text life would be sweet again 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *