Applies To:

Show Versions Show Versions

Manual Chapter: Configuring Rewrite Profiles for Portal Access
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

About rewrite profiles

A rewrite profile defines client caching settings for a virtual server. You can configure a rewrite profile and select the rewrite profile when you configure the virtual server for a portal access policy. Alternatively, you can use the default rewrite profile, rewrite.

A rewrite profile provides four options for client caching. When a portal access resource item's Client Cache setting is set to Default, the system uses the caching option configured in the rewrite profile. If the Client Cache option is configured for any other setting, the portal access resource item configuration overwrites the setting in the rewrite profile. These options are available in the rewrite profile.

Client Cache setting Description
CSS and JavaScript Caches CSS and JavaScript. This is the default rewrite caching configuration, and provides a balance between performance and security.
CSS, Images and JavaScript Caches CSS, images, and JavaScript. This provides faster client performance but is slightly less secure because of cached images in the client browser cache.
No Cache Caches nothing. This provides the slowest client performance and is the most secure.
Cache All Uses the unmodified cache headers from the backend server.

About split tunneling with rewrite profiles

Consider these factors when split tunneling is enabled:

  • Access Policy Manager matches the URI to the expressions specified on the Bypass list first. If an expression matches, then the URI is bypassed and links are not rewritten.
  • If the URI does not match the Bypass list, then it is compared to the Rewrite list. If the URI matches the expressions specified on the Rewrite list, the URI links are rewritten. If there are no matches, links are not rewritten.
  • If the URI does not match anything on the Bypass or Rewrite lists, and if the host name in the URI is a short name, not a fully qualified domain name, then links for that URI are rewritten.

Creating a rewrite profile

You can create a rewrite profile to specify the rewriting and bypass lists, and define client caching in the virtual server definition.
  1. Click Access Policy > Portal Access > Rewrite Profiles . The Rewrite Profile List screen opens.
  2. Click Create. The New Profile screen opens.
  3. In the Name field, type a name for the rewrite profile.
  4. (Optional) From the Parent Profile list, select a parent profile. The new rewrite profile inherits the Client Caching Type setting from the parent profile.
  5. (Optional) Above the Settings area, select the Custom check box to change the Client Caching Type or Split Tunneling setting.
  6. From the Client Caching Type list, select the caching option.
  7. To enable split tunneling for portal access connections, select Split Tunneling from the list. Split tunneling provides two options to access your web page: Rewrite and Bypass. If you enable split tunneling, Access Policy Manager® presents only web pages that satisfy one of these filters. Others are blocked (although a blocked public site may still be available outside the webtop). If you do not use split tunneling, Access Policy Manager processes all portal access URLs through the rewriting engine. You can specify a URL pattern using the following syntax: scheme: //host[:port]/path. You can also use wildcards such as the asterisk ( * ) to denote any sequence of characters and the question mark ( ? ) for any single character. Access Policy Manager rewrites links in all pages specified for Rewrite.
    • Rewrite - Rewrites URLs. When you use this option, Access Policy Manager controls the redirection of the URL. Use this option to access URLs inside the network. Type a URL match pattern for the sites where you need to create the reverse-proxy and click the Add to Rewrite List button.
    • Bypass - Directly accesses the URL and leaves the URL unmodified. Use this option to speed up serving public sites. Type a URL match pattern for URLs to be accessed directly, bypassing the rewrite engine, and click the Add to Bypass List button.
  8. If Java Patching is enabled for the portal access resource, configure the Java Patcher options for verification and re-signing of signed applets.
  9. To configure the Trusted Certificate Authorities, first select the check box to the right of this setting, and then from the list select a CA against which to verify signed applets signatures.
  10. To configure a Signer, first select the check box to the right of this setting, and then from the list select a certificate to use for re-signing.
  11. To configure a Signing Key, first select the check box to the right of this setting, and then from the list select a corresponding private key for re-signing.
  12. To set a Sign Key Pass Phrase, first check the box to the right of this setting, and then type a passphrase for the private key to be encrypted with.
  13. Click Finished.
The rewrite profile appears in the Rewrite Profiles list.
To use portal access rewriting, you must next assign the rewrite profile to the virtual server that is also assigned the access profile for portal access.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?

NOTE: Please do not provide personal information.

Additional Comments (optional)