2.5.2 Configuring a Public Protected Resource

The first protected resource in discussed in this configuration is configured to be a public resource. For information about how to set up authentication for a protected resource, see Section 2.5.3, Configuring Access Gateway for Authentication.

  1. In Proxy Service List, click [Name of Proxy Service] > Protected Resources.

  2. In Protected Resource List, click New, specify a name for the resource, and click OK.

  3. In the Contract field, select None.

    The Contract field must be set to None. This is makes this resource a public resource.

  4. Configure URL Path List.

    The default path is /*, which allows access to everything on the web server. Modify this if you need to restrict access to a specific directory on your web server.

    • To delete the default path, select the check box next to the path, then click Delete.

    • To edit a path in the list, click the path, modify it, then click OK.

    • To add a path, click New, specify the path, then click OK. For example, to allow access to the pages in the public directory on the web server, specify the following path:

      /public/*

  5. Click OK.

  6. In the Protected Resource List, verify that the protected resource you created is enabled, then click OK.

  7. Click Devices > Access Gateways.

  8. Click Update > OK.

    The system sends configuration changes to the server and writes the configuration to the configuration data store. When the update has completed successfully, the server returns the status of Current.

    To save the changes to the configuration store without applying them, do not click Update. Instead, click Edit. If you have pending configuration settings, the OK button is active, and the configuration page indicates which services will be updated. Click OK to save these changes to the configuration store. The changes are not applied until you Update on Access Gateways page.

  9. To update Identity Server to establish the trust relationship with Access Gateway, click Devices > Identity Servers > Update > OK.

    Wait until the Command status is Complete and the Health status is green.

  10. (Optional). To test this configuration from a client browser, specify the published DNS name as the URL in the browser. In the example illustrated in Figure 2-3, specify the following URL:

    http://www.mytest.com

    This must resolve to the published DNS name you specified in Step 8, and the user must be connected to the web server through Access Gateway.

  11. Continue with Section 2.5.3, Configuring Access Gateway for Authentication.

IMPORTANT:You must not modify the default NAM-Service proxy service.