on 07-12-2007 9:28 PM
Hi,
We are planning to implement EP 7.0 and i was wondering what other people who have already implemented would recommend.
I need general guidelines like scalability, sizing, security.
We have been using digital certificates on out current portal and would like to use an other authentication mechanism since certificates are expensive and difficult to maintain if there are thousands of users since renewal process is time taking and it has to be done every year.
Could anyone suggest anything related to using Reverse proxy mechanisms,etc.
Also need to know how many nodes, servers which would bring out optimal performance to EP 7.0 .
All useful inputs are appreciated and rewarded.
Thanks,
Claudius
helllo Claudius,
We have implemented EP7.0 in our environment and interms of proxy we have a ISA server fronting the WDispatcher.Although very safe performance has been a issue.
Hope this helps
Ajey
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Claudius,
in this scenariov: Browser - AS-ABAP Communication Through a Reverse Proxy
the browser communicates always with the AS-ABAP through a reverse proxy server. For this reason all generated URLs must contain the name and port of the reverse proxy server.
Example:
Proxy: www.sap.com (http:80, https:443)
Host: webas.sap.corp (http:1080, https:1443)
HTTPURLLOC
MANDT SORT_KEY PROTOCOL APPL HOST PORT
100 010 HTTP * WWW.SAP.COM 80
100 011 HTTPS * WWW.SAP.COM 443
As there is no application filter, table http synchronizes all requests in order to generate new URLs. The protocol is the factor that decides which entry is used.
You can also use the Apache Web server as the intermediary server. In this case, configure the Apache Web server as a reverse proxy that routes requests based on a set of rules and conditions. For this configuration, the Apache Web server uses the mod_rewrite and mod_proxy modules.
mod_rewrite is a URL rewriting module that performs modifications to the URL received by the Web server and creates a new request. These modifications are based on a set of rules and conditions that you also specify in the configuration file.
mod_proxy is a module that makes the Apache Web server the intermediary server. It transforms the response from the backend system and sends it back to the client so that it appears to have been sent from the Apache Web server. The backend system remains hidden.
This documentation provides only a brief description of the Apache configuration. For more information about configuring the Apache Web server as a reverse proxy, see the Apache Web server documentation.
Prerequisites
The applications that are to be processed by the Apache Web server are deployed on the AS Java.
Procedure
...
1. Copy any of the applications files that are to be available to the client from its directory tree on the AS Java to the Apache Web servers document root tree.
Do not copy the WEB-INF and meta-inf files to the Apache Web servers directory tree. They contain specific information that does not need to be available to the client.
2. Edit the Apache Web server configuration file (httpd.conf):
...
a. Insert the mod_rewrite and mod_proxy modules in the Web servers LoadModule and AddModule entries.
Example Configuration Entries
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/libproxy.so
AddModule mod_rewrite.c
AddModule mod_proxy.c
RewriteLog "/etc/httpd/logs/rewrite_log"
RewriteLogLevel 9
b. Using <Location> </Location>tags, specify the rules and conditions to use for the redirection. Use a separate <Location> section for each application that is to be redirected by the Apache Web server.
Example Redirection Rules
<Location /application_root_dir>
RewriteEngine On
RewriteCond % \.jsp RewriteRule ^(.+) http://somehost.com:90% [P] RewriteCond % Example
RewriteRule ^(.+) http://somehost.com:90% [P]
</Location>
Result
The Apache Web server redirects the corresponding requests to the AS Java.
if it helpful reward points are appreciated
Message was edited by:
Pierluigi Demaria
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Claudius,
Here our landscape for 1.3k users.
PRD is a dual xeon 3ghz with 4gb ram, raid 1 143gb.
2004s SP08 portal.
Single sign-on with spnego kerberos microsoft active directory
Reverse proxy : we use an apache for some tasks (it's free).
Security : Some users have certificate for a ssl connection. Auto
self-signed certificates via openssl (free).
DEV-QA are on a vmware server.
However, we don't have nodes, but for many thousands users, it's a must I think.
Brad
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Can someone guide me in configuring a reverse proxy server and how useful is it (considering performance issues).
We have about 4000 users and planning to use Single sign on with simple user id and passwords since using certificates has caused some issue which we could not resolve.
Hope to get a head start with your suggestions.
Thanks,
Claudius.
User | Count |
---|---|
87 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.