4 Replies Latest reply on Jan 11, 2009 4:59 PM by 679164

    How to mask Portal SSO Login Server URL address in 10.1.4

      I have little experience with portals developmet and administrationl.
      The current Portal 3.0.9 applications use in its HTML the following statement <FORM ACTION="javascript:openWindow1('../../pls/portal30/PORTAL_CUST.ELLOOKUPRESULTS.show' .

      As I recollect from precious readings, the fragment ../.. masks the URL address when an end user will use the IE menu View and then select Source.
      Namely the URL address appears as <FORM ACTION="javascript:openWindow1(''../../pls/portal30/PORTAL_CUST.ELLOOKUPRESULTS.show'')" METHOD="POST" NAME="custform1554735878">

      How can we mask the same way URL address in the migrated same provider portlet to 10.1.4?
      When we use "../.." we getting "...page not found.." or similar.
      Everything works if we do not use "../.." at all.
      We just put the address used by portal to check if portlets work before used on a page:
      <FORM ACTION="javascript:openWindow1('/portal/pls/portal/PORTAL_CUST.ELLOOKUPRESULTS.show')" .
      But this time when View Source of HTML page, the servername is exposed:
      <TD ALIGN="LEFT"><FONT CLASS="PortletText1"><A HREF="http://uwwxyyuy.fubbsinc.com:7606/portal/pls/portal/PORTAL_CUST.....

      Please advise what is missing?

        • 1. Re: How to mask Portal SSO Login Server URL address in 10.1.4
          Asif M. Naqvi
          Hi Lev,

          The calls for any page or procedure in 10.1.4 is slightly different from those in portal 3.0.9.
          In 10.1.4, these calls are made in the following manner:


          In 10.1.4, the default portal DAD name as well as portal schema name are PORTAL, unlike the 309 schema name which was portal30. And here baseurl is a parameter which is defined already in the portal, represents home of the servername with port (often this port is set on default port 80 or 443 and hence is hidden), and which usually is in the following pattern:
          for eg, http://www.myExampleDomain.com:80/

          Now when you call a procedure or page with a URL call address like "*../../page/portal/..*", then you might find them helpful to compare as the address of a file in a directory. so, borrowing that terminology, they would be like the following:
          *..* represents a parent folder, and */* represents a folder-level. Therefore, when you call something like ...
          then it means that jump up two levels from the current URL folder level, and then go to page/portal/PageGroupName/MyPage*. The current URL folder level is determined by the place you make this call (i.e., from the current URL address).

          This way, you can interpret the URL calls as you give them in your code, be it in the plsql code or in javascript or html.

          This does not have anything directly to do with the URL masking. However, you can mask the URLs by hiding the parts portal/page/portal or portal/pls/portal from your urls. this can be achieved by using some redirections or aliases in Apache webserver directives. This will be a little bit involved and I would recommend that you play with it only when you get fluent with your URL calls and their constructions.

          hope that it helps to clarify some important concepts about these calls.
          • 2. Re: How to mask Portal SSO Login Server URL address in 10.1.4
            Your reply is greatly appreciated, very helpful and clarified the fog in my head. Even after everything worked, I was actually concerned that we are cheating on the system somehow by getting rid from ../...
            I also hope that if we decide later to go ahead to use redirections or aliases in Apache webserver directives, we will not have to reinstall portal and recreate all portlets again.
            I think it should be done before going to production though.

            Thank you very much.
            Lev Vaynberg
            • 3. Re: How to mask Portal SSO Login Server URL address in 10.1.4
              Asif M. Naqvi
              i'm glad that my description served the purpose it was written for. you might wanna rate the replies now.

              in order to use alias directives in Apache, of course, you do not need to re-install anything here.
              You only need to use the appropriate directives in the Apache configuration files and restart the server. And that is it. However, please note that these directives are very powerful yet pretty delicate making them complex to understand. so be watchful of them.

              if you wish to implement them, read their descriptions in the following link for Apache servers. for eg, Alias, ScriptAlias, or ScriptAliasMatch, etc. The following link may in fact be sufficient to mask whatever you are trying to mask by some careful implementation.

              hope that helps!
              • 4. Re: How to mask Portal SSO Login Server URL address in 10.1.4
                Great answer AMN!
                I'll read through, if it'll be decided we need that effort, I will try hiding the servername from portal generated packages and hence from resulting HTML pages.
                Again, great help.
                Thanks, Lev.