F5 Logo MyF5
Search
  1. MyF5 Home
  2. BIG-IP Access Policy Manager: Portal Access
  3. Configuring Resources for Portal Access
Manual Chapter : Configuring Resources for Portal Access

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 16.0.1, 16.0.0, 15.1.0
Manual Chapter

Configuring Resources for Portal Access

Creating a portal access configuration

  1. On the Main tab, click
    Access
    Connectivity / VPN
    Portal Access
    Portal Access Lists
    .
    The Portal Access List screen opens.
  2. Click the
    Create
     button.
    The New Resource screen opens.
  3. Type the name and an optional description.
  4. From the
    ACL Order
     list, specify the placement for the resource.
    Option
    Description
    Last
    Select this option to place the new portal access resource last in the ACL list.
    After
    Select this option to select, from the list of configured ACLs, the ACL that this portal access resource should follow in sequence.
    Specify
    Select this option to specify an order number, for example,
    0
     or
    631
    for the ACL.
  5. From
    Configuration
    , select
    Basic
     or
    Advanced
    .
    The
    Advanced
     option provides additional settings so you can configure a proxy host and port.
  6. For the
    Match Case for Paths
     setting, select
    Yes
     to specify that portal access matches alphabetic case when matching paths in the portal access resource.
  7. From the
    Patching Type
     list, select the patching type for the web application.
    For both full and minimal patching types, you can select or clear patching methods specific to your selection.
  8. If you selected
    Minimal Patching
     and the
    Host Patching
     option, type a host search string, or multiple host search strings separated with spaces, and the host replace string, which must be the Access Policy Manager virtual server IP address or fully qualified domain name.
  9. To publish a link for the web application on the full webtop, or to use hosted content files, for the
    Publish on Webtop
     setting, select the
    Enable
     check box.
    Do not enable the
    Publish on Webtop
     setting if you are configuring the portal access resource for minimal patching.
  10. If you enabled
    Publish on Webtop
    , select whether the
    Link Type
     is an application URI or a file uploaded to the hosted content repository.
    • Application URI:
       This is the main URI used to start this portal access resource. You can configure other URIs with specific caching and compression settings by adding resource items to the portal access resource, after the main resource is configured.
    • Hosted Content:
       Use content uploaded to the hosted content repository to present on the webtop. When you select a hosted content file (typically a web-browser readable file), that file becomes the main destination for this webtop link.
      In the
      Resource Items
       area, you must add all resources that you have uploaded to the hosted content repository that apply to this particular hosted content link.
  11. In the Customization Settings for English area, in the
    Caption
     field, type a caption.
    The caption appears on the full webtop, and is required. This field is required even if you do not select the
    Publish on webtop
     option.
  12. Optionally, in the
    Detailed Description
     field type a description for the web application.
  13. In the
    Image
     field, specify an icon for the web application link. Click the
    View/Hide
     link to show the current icon.
  14. If your application is behind a proxy server, to specify a proxy host and port, you must select
    Advanced
     for the configuration to display additional fields, and type the proxy host and proxy port.
    Portal access does not support forwarding HTTPS requests through the HTTPS proxy. If you specify the HTTPS scheme in the
    Application URI
     field and specify a proxy host, portal access does not forward the requests.
  15. Click the
    Create
     button.
This completes the portal access resource configuration.
Add resource items to the portal access resource to provide functionality for your web applications.

Creating a portal access resource item

You create a portal access resource item to add a port, path, and other portal access functionality to a portal access resource. If your portal access resource is a hosted content file (for example, a web application) you must add that file, and all related files from the hosted content repository that are used with the hosted content file. For example, you might add image files, CSS, and scripts that are required by the web page or application. You typically use resource items to refine the behavior for web application directories; for example, you might specify
No Compression
 and a
Cache All
 caching policy for the
/attachment
 directory for a portal access resource.
  1. On the Main tab, click
    Access
    Connectivity / VPN
    Portal Access
    Portal Access Lists
    .
    The Portal Access List screen opens.
  2. Click the name of a portal access resource.
    The Portal Access Properties screen for that resource opens.
  3. In the Resource Items area, click the
    Add
     button.
    A New Resource Item screen for that resource opens.
  4. Select whether the resource item is application paths or hosted content.
    • Paths:
       If you select this option, set the host name or IP address, URI paths, the scheme, and the port.
    • Hosted Content:
       If you select this option, choose an item from the list of content uploaded to the hosted content repository
      You must add all files that you have uploaded to the hosted content repository that apply to this particular hosted content resource.
  5. Configure the properties for the resource item.
    • To add headers, select
      Advanced
       next to New Resource Item.
    • To configure
      Session Update
      ,
      Session Timeout
      , and
      Home Tab
      , select
      Advanced
       next to Resource Item Properties.
  6. Click
    Finished
    .
    This creates the portal access resource item.

Portal access resource item properties

Use these properties to configure a resource item for a portal access resource.
Property
Value
Description
Item Type
Paths or Hosted Content
Specifies whether the resource item is a path to a web resource or an uploaded file from the hosted content repository.
Destination
Host name, IP address, or network address and mask
Specifies whether the web application destination is a host or an IP address, and provides the host name or IP address. You can specify an IPv4 or IPv6 IP address, or a host name that resolves to either an IPv4 or IPv6 address. When a resource is configured using the host name, and the host name resolves to both IPv4 and IPv6 addresses, the IP address family preference setting in the client's DNS configuration is used to choose the IP address type from the DNS response.
Hosted Files
A local file
If the item type is Hosted Content, you can select a local file from this list to specify as the resource.
If the portal access resource is a hosted content file, all related files must be defined separately as portal access resource items within that portal access resource.
Port
A port number or
0
Specifies the port for the web application.
0
 means the web application matches port
80
 for the
http
 scheme option, and port
443
 for the
https
 scheme option.
Scheme
http
,
https
, or
any
Specifies whether the URI scheme for the web application is
http
,
https
, or any (either HTTP or HTTPS) scheme.
Paths
An application path or paths, separated by spaces
Specifies any paths for the web application. You can separate multiple paths with spaces. You can use wildcards, for example
/*
.
Headers
Name-value pairs
Specifies any custom headers required by the web application. To add a header, type the header name in the
Name
 field, and the header content in the
Value
 field, then click the
Add
 button.
Compression
No compression
 or
GZIP compression
No Compression
 specifies that application data sent to the client browser is not compressed.
GZIP Compression
 specifies that application data sent to the client browser is compressed with GZIP compression.
To use GZIP compression with a portal access resource, in the virtual server definition, you must specify the
HTTP Compression Profile
 setting as
httpcompression
.
Client Cache
Default
,
Cache All
, or
No Cache
Specifies settings for client caching of web applications. In the rewrite profile that you associate with the virtual server for the portal access resource, you can specify a client caching option:
CSS and JavaScript
,
CSS, Images and JavaScript
,
No Cache
 or
Cache All
. If you configure a client cache setting other than
Default
 in the portal access resource item, that resource setting overrides the cache setting in the rewrite profile.
  • Default
     uses the client cache settings from the rewrite profile.
  • Cache All
     uses cache headers as is from the back-end server, and allows caching of everything that can be cached, including CSS, images, JavaScript, and XML. May provide better client performance and lower security depending on the server configuration.
  • No Cache
     caches nothing. This provides the slowest client performance and is the most secure.
SSO Configuration
SSO configuration, selected from a list of available SSO configurations
Specifies an SSO configuration to use with the portal access resource item for Single Sign-On.
Session Update
Enable or disable
Some application web pages that start through portal access connections contain JavaScript code that regularly refreshes the page or sends HTTP requests, regardless of user activity or inactivity. A session that is abandoned at such a site does not time out, because it appears to be active. When disabled, the session update feature prevents these sessions from remaining active indefinitely.
Session Timeout
Enable or disable
Enables or disables session timeouts.
Home Tab
Enable or disable
This option inserts into HTML pages a small amount of HTML code that includes the JavaScript that displays the home tab, which contains links to the Home and Logout functions and a URL bar. To enable the home tab on a web application page, select the
Home Tab
 check box. Web pages generated without the home tab JavaScript code contain no home or logout links. You can customize the appearance and configuration of the home tab on the webtop customization page. When you start a web application from the full webtop, the home tab is displayed on the webtop only, and not on web pages launched from the webtop, regardless of this setting.
Log
None
 or
Packet
Specifies the log level that is logged when actions of this type occur.

Creating a portal access resource item for minimal patching

Create a portal access resource item to add an port, path and other portal access functionality to a portal access resource. You typically use resource items to refine the behavior for web application directories; for example, you might specify
No Compression
 and a
Cache All
 caching policy for the
/attachment
 directory for a portal access resource.
  1. On the Main tab, click
    Access
    Connectivity / VPN
    Portal Access
    Portal Access Lists
    .
    The Portal Access List screen opens.
  2. Click the name of a portal access resource that is configured for minimal patching.
    The Portal Access Resource Properties screen opens.
  3. In the Resource Items area, click
    Add
    .
    The New Resource Item screen opens.
  4. In the
    Host Name
     field, type an asterisk
    *
    .
  5. From the
    Scheme
     list, select
    any
    .
    When you select
    any
    , the port changes correctly to
    0
    .
  6. In the
    Paths
     field, type
    /*
     .
  7. Click
    Finished
    .
    The portal access resource item is created.
This creates the portal access resource item required for a minimal patching configuration.

Creating a portal access configuration with the wizard

You can use the portal access wizard to quickly configure an access policy, resource, resource item, and a virtual server to allow portal access connections.
  1. On the Main tab, click
    Wizards
    Device Wizards
    .
    Follow the instructions in the wizard to create your access policy and virtual server.
  2. Select
    Portal Access Setup Wizard
     and click
    Next
    .
  3. Type the
    Policy Name
    , select the default language, and specify whether to enable the simple antivirus check in the access policy.
  4. Click
    Next
    .
  5. On the Select Authentication wizard screen, configure authentication. You can select an existing authentication server configured on the Access Policy Manager, or you can create a new authentication configuration.
    For a full discussion of Access Policy Manager authentication, see
    BIG-IP Access Policy Manager: Single Sign-On Concepts and Configuration
    .
  6. On the Portal Access screen, select a portal access application.
    DWA
    Configures a Domino Web Access configuration with common settings.
    OWA2003
    Configures an Outlook Web Access 2003 configuration with common settings.
    OWA2007
    Configures an Outlook Web Access 2007 configuration with common settings.
    OWA2010
    Configures an Outlook Web Access 2010 configuration with common settings.
    Custom
    Allows you to configure custom settings for a portal access configuration.
  7. In the
    Portal Access Start URI
     field, type the applicable URI.
  8. To configure SSO with the portal access configuration, select the
    Configure SSO
     check box.
    If you enable this setting, you also select the SSO method from the
    SSO Method
     list.
  9. Click
    Next
    .
  10. In the
    Virtual Server IP address
     field, type the IP address for your virtual server.
    Select the
    Create Redirect Virtual Server
     check box to create a redirect action for clients who attempt to connect over HTTP instead of HTTPS.
  11. Click
    Next
    .
  12. Review the configuration.
    You can click
    Next
     to accept the configuration and create the portal access configuration,
    Back
     to go back and change settings, or
    Cancel
     to discard the configuration.
Configuration is complete. You can test the portal access resource by browsing to the virtual server address.

Creating a portal access configuration with a template

You can create a portal access resource with a template for a common application, to add when you configure an access policy. When you create a portal access configuration with a template, you create the portal access resource, along with common resource items for the configuration.
  1. On the Main tab, click
    Access
    Connectivity / VPN
    Portal Access
    Portal Access Lists
    .
    The Portal Access List screen opens.
  2. Click the
    Create with Template
     button.
  3. Type a name for the portal access resource.
  4. From the
    Template
     list, select a portal access application template.
    • DWA
       - Configures a Domino Web Access configuration with common settings.
    • OWA2003
       - Configures an Outlook Web Access 2003 configuration with common settings.
    • OWA2007
       - Configures an Outlook Web Access 2007 configuration with common settings.
    • OWA2010
       - Configures an Outlook Web Access 2010 configuration with common settings.
  5. From the
    Order
     list, specify the sequence for the resource.
    Last
    Select this option to place the new portal access resource last in the ACL list.
    After
    Select this option to select, from the list of configured ACLs, the ACL that this portal access resource should follow in sequence.
    Specify
    Select this option to specify an order number, for example,
    0
    or
    631
     for the ACL.
  6. For the
    Destination
     setting, select
    Host Name
     or
    IP Address
     for the resource address, then type the resource address in the corresponding field or fields.
  7. Click the
    Finished
     button.
The Access Policy Manager creates a portal access resource and the associated common resource items from the template.
You can add resource items to the portal access resource, to provide more functionality for your web applications.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information