Entering content frame

Procedure documentation Installing the IisProxy Module

Use

To access the IisProxy module, you must specify the module as an ISAPI filter on the IIS. If you are replacing the SAPJ2EE module, then you must remove the SAPJ2EE module from the ISAPI filters. Also, you must set certain parameters in the configuration file, for example, the redirect URL to the SAP J2EE Engine. Use the procedure below to specify the module as a filter DLL on the IIS and specify the parameters for the module in the configuration file.

Prerequisites

If the connection from the IIS to the SAP J2EE Engine uses SSL, then the host name used for the redirect URL must correspond to the Common Name part of the SAP J2EE Engine’s Distinguished Name found in its SSL server certificate.

Procedure

...

       1.      Install the library, the debug database file and the configuration file ( IisProxy.dll, IisProxy.pdb and IisProxy.xml) in the IIS scripts directory.

Example

C:\Inetpub\Scripts\IisProxy.dll

C:\Inetpub\Scripts\IisProxy.pdb

C:\Inetpub\Scripts\IisProxy.ini

       2.      Install the library IisProxy.dll as an ISAPI filter on the IIS.

Note

You can find the filters in the properties for the Web site under the tab page ISAPI Filters. Add the IisProxy module to the filters. (Choose Add.)  Enter a name for the filter, for example, IisProxy, and the path and filename for the library in the corresponding fields.

       3.      If you are replacing the SAPJ2EE module, then delete the ISAPI filter that contains it as the executable.

       4.      In the properties for the Web site’s scripts, set up the application extensions for the IisProxy library.

                            a.      Create an application in the Web site’s home directory that maps to the physical folder containing your files (for example, Scripts).

Note

Choose Action ® New ® Virtual Directory. Follow the instructions provided by the wizard. Assign an alias for the directory (for example, Scripts) and select the location in the file system that contains your content (for example, C:\Inetpub\Scripts). Assign the permissions, Read, Run scripts, and Execute.

                            b.      Add an application mapping in the application's configuration.

                                                  i.       Open the properties for the application, for example, Scripts (not the Web site).

This graphic is explained in the accompanying text

                                                ii.       In the Virtual Directory tab strip, enter a name for the application and choose Configuration.

                                               iii.       Add the IisProxy module to the application mappings using the following information:

·         Executable:     <path>\IisProxy.dll

·         Extension:        *

·         Verbs:              (all)

·         Script engine:  (yes)

       5.         Edit the IisProxy.xml file.

                            a.      Create the < mapping > elements that you need. Use the IisProxy samples and Secure IisProxy samples mappings as templates.

A < mapping > element contains one or more < source > elements and one < target > element. Make sure that the sub-elements coincide to your system environment.

Configure the < config> elements to match your requirements. Note that opening the configuration to remote machines may expose too much information.

Specify the parameters in the IisProxy.xml file as shown in the table below.

IisProxy Module Parameters

Element

Value

Example

source

Incoming protocol and URL.

Note

You can specify an additional host or port, which become a part of the matching pattern.

< protocol > http</protocol>
<prefix>/irj/</prefix>

< host > myportal.sap.com</host>
<port>1080</port>

target

Outgoing protocol and redirect URL.

Note

When using HTTPS, the name you specify for the redirect URL must correspond to the Common Name part of the SAP J2EE Engine’s Distinguished Name found in its SSL server certificate.

< protocol > http</protocol>
<host>p12345.wdf.sap.corp</host>
<port>1080</port>

protocol-header

In case of a protocol change, the name of the header variable containing the original protocol.

ClientProtocol

certificate-header

The name of the header variable containing a user’s client certificate (optional).

SSL_CLIENT_CERT

keystore-dir

Path where the IisProxy module’s default PSE file ( SAPSSLC.pse) and credentials are to be located. This file is needed for SSL initialization.

C:\sec

keystore-path

Path to the PSE file that is used for an individual mapping.

C:\sec\Target.pse

       6.      The IisProxy module needs the MSVCR71.dll (C++ runtime DLL) to load. Copy the   MSVCR71.dll in a directory on the IIS server that is accessible by the system’s %PATH% environment variable, for example, C:\WinNT\System32.

       7.      Restart the Internet Information Server.

       8.      Create another backup for the new configuration.

Result

The IIS uses the IisProxy module as an ISAPI filter. All incoming URLs that match a specific < source > pattern will be redirected to the URL specified in the < target > section of the mapping. If a client certificate is also provided for user authentication, then it will be placed in the parameter specified in < certificate-header >.

Continue with Structure linkTesting the IisProxy Module.

 

 

Leaving content frame