Using Reflection with Oracle WebCenter Interaction Portal
Technical Note 1844
Last Reviewed 02-Jun-2011
Reflection for the Web 2014 (All Editions)
Reflection for the Web 2011 (All Editions)
Reflection for the Web 2008 (All Editions)
Reflection Security Gateway 2014
This technical note steps you through the process to display Reflection for the Web or Reflection Security Gateway in your Oracle WebCenter Interaction Portal (formerly BEA AquaLogic User Interaction Portal): configuring Reflection to use the portal for authentication, selecting security options, and creating portlets (or gadgets) to display Reflection sessions or links lists in the portal.
This technical note is presented in the following sections:
Before You Begin
The Reflection management server and Oracle WebCenter Interaction (formerly called BEA AquaLogic User Interaction) portal must be installed. For detailed information on installing the management server, see the Reflection for the Web Installation Guide.
Note: The Oracle WebCenter Interaction portal referred to portlets as gadgets. In this document, the term "portlet" will be used.
Step 1Set up Portal Authentication
To set up the portal authentication, follow these steps.
- In the Administrative WebStation, click Access Control Setup under Tools.
- Click Configure.
- Choose Portal.
- Click Next.
Step 2Configure Portal Options
To configure the portal options, follow these steps.
- On the Set Up Reflection for a Portal page, choose AquaLogic Interaction as the portal type.
- Enter a username and password to be used by AquaLogic in its Reflection portlet server. (Enter the username and password used to log onto the portal.)
- If you want to increase security, specify the portal server IP addresses Reflection accepts. You can use spaces, commas, or tabs as list delimiters. The Reflection management server refuses connections from any IP address not listed (unless the list is blank). This step is optional.
- Click Next.
Step 3Choose an Authorization Model
You can use your portal alone to authorize access to Reflection, or you can combine your portal access control with Reflection's LDAP authorization feature.
If you grant access to Reflection using the portal alone, no extra authorization is performed on session access.
Note the following:
- If you provide access to specific sessions, users log onto the portal and can go directly to the session.
- If you provide access to the Reflection links list, all users with the Reflection portlet have access to all published sessions.
If you use both the portal and Reflection's LDAP authorization, you have an extra layer of control over session access.
- If you provide access to specific sessions, users log onto the portal and go to the session. Reflection checks that the user's login ID is authorized to access the session, and if so, delivers the session. If the user is not authorized, an error message appears.
- If you provide access to the Reflection links list, you can use the Access Mapper to assign sessions to specific users and groups. Users log onto the portal and go to their links list, then click a link to any session they are authorized to access.
To choose the authorization model, follow these steps.
- On the Choose Authorization Methods page, choose an authorization type.
- Click Next.
- If you have chosen LDAP authorization, enter information about your LDAP server and click Next.
- View your choices and click Save Settings.
Step 4Create Terminal Sessions
To create terminal sessions, follow these steps.
- In the Administrative WebStation, click Session Manager.
- 2. Click Add and continue through the Session Manager to configure and save a session.
- 3. Click Access Mapper. If you have chosen to use portal authorization only, publish the session by checking the box next to its name. If you have chosen LDAP authorization, search for users or groups and map the session to them.
Step 5Add a Reflection Portlet Server
To add a Reflection portlet server, follow these steps.
- In the portal administrative interface, from the administrative menu, choose Portlet Servers > Add Portlet Server.
- Enter a name and description.
- Click Next.
- Enter the Reflection base URL:
http://<web server name>:<port>/<context>
For example, if you have installed Reflection on a server called "catwillie" using port 8080 and the default context, your base URL is http://www.catwillie.com:8080/rweb.
Note: Make sure you have the correct URL. In particular, if you originally create a session under the HTTP protocol, then switch to HTTPS, you must change the URL accordingly.
You must include the port number only if you are not using the default (80 for HTTP or 443 for HTTPS).
- Choose Administrator with this username and password as the basic authentication type.
- Enter the username and password you provided when configuring access control in the Reflection Administrative WebStation.
- Finish configuring the portlet server. You can accept the defaults for all remaining fields.
Step 6Create Portlets
You can display Reflection sessions or links lists in the portal by creating portlets.
- In the portal administrative interface, from the administrative menu, choose Portlets > Add Remote Portlet.
- On the General Information page, enter a portlet name.
- Choose the Reflection portlet server.
- On the HTTP Configuration page, locate the Reflection portlet server base URL and enter the portlet's specific URL in the accompanying field.
To display a session, use the following:
For example, if your session is called "accounting", the portlet URL is
Note: Certain characters in session names are converted to universal symbols.
You can find the correctly formatted session URL in two places in the Session Manager:
- Click View URLs to see a complete list of all session URLs.
- Click the session name to go to the session configuration page. The URL is displayed at the top of the page after the session name.
Paste the URL into a text editor and edit as needed.
- Delete the base URL (for example, http://www.catwillie.com:8080/rweb).
- After the session name, add &portal=true&appletOnly=true.
To display the end user links list, use:
- Choose None for the portlet authentication type. Reflection portlets are authenticated using the portlet server username and password.
- Finish configuring the portlet. You can accept the defaults for all remaining fields.