Add a portal application

Create and configure a header-based application to route incoming traffic to specific back-end servers.

Access Gateway applications can use policies and specialized policy configurations to create portal applications. A portal directs some traffic to specific back-end servers based on access policy and URI requests, and directs any remaining traffic to another back-end server.

Architecture

When a user requests a resource, the portal receives the request and routes it to an appropriate back-end server. Each request consists of a core URL (www.myportal.com) and specific resources, which are the elements that follow the core URL (/2nd in the architecture diagram).

In the architecture diagram, requests to www.myportal.com/2nd are routed to 2ndbackend.myportal.com. Similarly, requests to www.myportal.com/3rd are routed to 3rdbackend.myportal.com. Other requests are routed to backend.myportal.com.

Rewrites

Portal applications use custom policies and configurations to define access to multiple back-end servers. A default policy redirects URIs that don't fall under other policies to a default back-end application. Additional policy statements and their configurations are used to rewrite requests and redirect the requests to specific back-end applications.

This table provides examples of how user requests are rewritten to meet the expected behaviors:

User request Expected behavior

Inbound and outbound rewrites

myportal.com/ Redirect to backend.myportal.com. backend.myportal.com

myportal.com/

myportal.com/abc.htm Redirect to backend.myportal.com/abc.htm. backend.myportal.com/abc.htm

myportal.com/abc.htm

myportal.com/2nd Redirect to 2ndbackend.myportal.com based on /2nd. 2ndbackend.myportal.com

myportal.com/2nd

myportal.com/2nd/efg.html Redirect to 2ndbackend.myportal.com based on /2nd.

Strip /2nd from the string for inbound rewrites. Add /2nd back to the string for outbound rewrites.

2ndbackend.myportal.com/efg.htm

myportal.com/2nd/efg.htm

myportal.com/3rd Redirect to 3rdbackend.myportal.com based on /3rd. 3rdbackend.myportal.com

myportal.com/3rd

myportal.com/3rd/hij.html Redirect to 3rdbackend.myportal.com based on /3rd.

Strip /3rd from the string for inbound rewrites. Add /3rd back to the string for outbound rewrites.

3rdbackend.myportal.com/hij.htm

myportal.com/3rd/hij.htm

Policies

Default

The default policy is applied to all requests that don't match some other specific policy. The default policy causes requests to be rewritten against the default application domain and then forwarded to the back-end application. After the request is serviced the result is rewritten back to the original domain and returned.

Rewrite policy for requests to /2nd

Each subsequent back-end includes a policy and advanced configuration to rewrite requests as required. In this example, the policy specifies /2nd as the root URI that triggers a rewrite. The rewriting rules remove the URI and redirect the request to a secondary back-end application (2ndbackend.myportal.com).

Rewrite policy for requests to /3rd

Each subsequent back-end includes a policy and advanced configuration to rewrite requests as required. In this example, the policy specifies /3rd as the root URI that triggers a rewrite. The rewriting rules remove the URI and redirect the request to a secondary back-end application (3rdbackend.myportal.com).

Before you begin

  • Determine the external URL used by the application, in this example www.myportal.com.
  • Determine the possible URI and back-end combinations. The sample architecture uses the following combinations:
    • www.myportal.com/2nd > 2ndbackend.myportal.com.
    • www.myportal.com/3rd > 3rdbackend.myportal.com.

    All other URIs use backend.myportal.com as their back-end.

  • Determine all required header attributes required for authentication.

Typical workflow

Task

Description

Create a containing group

Create an optional group to be assigned to the application.

Create header application

Create a header application that defaults to the shared common back-end.

Assign a certificate to a portal application

Assign an optional certificate to the application.

Add additional attributes

Add optional, but often necessary, additional attributes to the application.

Add required access policy

Add all required policies for all serviced URIs.

Test the application

Test the application using header and policy simulation.