You can configure NetIQ Access Manager (NAM) to act as Reverse Proxy service for CE site when using the Online-Edit option. This helps you provide the ease of single sign-on and establish a trusted relationship with the Access Gateway. Using CE in conjunction with NetIQ Access Manager adds enterprise-level security to your Filr system.
When a user performs Online Edit on a file, the Online Edit session (Filr) communicates to CE Via NAM.
Log in to the NAM Administration Console.
Click Devices > Access Gateways > AG-Cluster.
Under Content Settings, click Advanced Options.
In the Advanced Options window, add NAGGlobalOptions noURLNormalize=on.
Add this option to ensure that CE works with NAM.
Click OK.
Click Devices > Access Gateways > AG-Cluster > <Name of the Reverse Proxy> that you have created.
Under the Proxy Service List create a new proxy service for CE. For example, CE_edit
Select the proxy service (CE_edit) that you created in Step 4.
In the Reverse Proxy Service > Proxy Service, select Advanced Options.
In the Advanced Options, specify AllowEncodedSlashes NoDecode.
This option ensures that files can be downloaded with CE.
Click OK.
Click Web Servers.
Enable the option Connect Using SSL.
Web Server Trusted Root: Select Do not verify.
Connect Port: Specify the value 443.
Click OK.
Click HTML Rewriting. The HTML rewriter profile was created for Filr, the same profile is used for CE.
For the versions earlier than CE 23.2, use the following configuration:
For the CE 23.2 and later versions, use the following configuration:
Click Protected Resources.
Create a new protected resource. For example, edit_public.
Enter the description.
Select Authentication Procedure as Contracts: None.
For the versions earlier than CE 23.2, in the URL Path list, add two new paths. For example, /loleaflet/* and /lool/*.
For the CE 23.2 and later versions, in the URL Path list, add two new paths. For example, /browser/* and /cool/*.
Click OK.
Click Logging.
Select Enable Logging.
Click OK.
To apply all your changes, click Devices > Access Gateways, then click Update All.
Perform the following steps, to add the DNS hostname of the CE appliance that was configured in NAM.
Login to Filr: https://filr_appliance_ip_or_dns:8443/.
To access the Administration Console, click on Username > Administration Console.
Under System > Content Editor, specify the Server URL as the NAM hostname for CE.
This is the Published DNS name that you have configured for CE on the NAM server.
This works with the Filr 4 and later servers.
Perform the following steps, to add the DNS hostname of the Filr appliance that was configured in NAM.
Login to CE: https://content_editor_appliance_ip_or_dns:9443/.
In the Allowed Hosts field, specify the NAM hostname for Filr.
This is the Published DNS name that you have configured for Filr on the NAM server.
When a user performs Online Edit on a file, the Online Edit session (Filr) communicates to CE via NAM. The URL of the Online Edit session is shown accessing via NAM for CE.