Example transparent path junction
The following
example uses the pdadmin command
(entered as one line) to create a transparent path junction (/docs)
to the back-end server pubs.ibm.com:
pdadmin> server task web1-webseald-www.cruz.com create -t tcp -x
-h pubs.ibm.com /docsAfter a client
request for a back-end resource is made (via the
WebSEAL proxy server), a response page is returned from pubs.ibm.com containing
the following link (URL) in the HTML of that page:
http://pubs.ibm.com/docs/readme.htmlWebSEAL's standard filtering mechanism for junctions parses the HTML in the response page and modifies this link by changing the original absolute expression of the URL to a server-relative expression. However, the path is not filtered, because this is a transparent path junction (-x). This is the link as it now appears to the user:
/docs/readme.htmlhttp://www.cruz.com/docs/readme.htmlNow the user clicks the link to access the back-end resource
(readme.html).
The portion
of the URL representing the junction name (/docs)
is recognized by WebSEAL as associated with the /docs subdirectory
on the back-end server, pubs.ibm.com.
As a conclusion to the example, WebSEAL successfully locates the resource at:
http://pubs.ibm.com/docs/readme.htmlSome benefits of transparent path junctions include:
- Several different transparent path junctions to the same back-end server can be created to point to different regions (subdirectories) of that server.
- Each individual transparent path junction can handle a different authentication requirement and ACL control.