Cool Solutions

Force SSL on GroupWise 8 WebAccess and Calendar Publishing



By:

January 28, 2009 5:24 pm

Reads: 12472

Comments:3

Score:0

Background

Some organisations require webservices such as GroupWise WebAccess to run over an SSL based connection. This requires the default installation to simply reject any requests that are not SSL based or redirect them to an SSL based connection.

This TIP is based on GroupWise 8 running on OES2SP1 – Linux. It may work for other configurations, but I will leave that up to you.

Reference

This information is based on Disabling HTTP but Keeping HTTPS for WebAccess.

So after reading that idea and digging around the /etc/opt/novell/httpd directory as well as bit of other reading on this it looks like this is now quite simple, so here are a few options.

This assumes that you are using novell-tomcat5 and apache2.

Option 1 – Disable the service on port 80

cd /etc/opt/novell/httpd/conf.d/
rm gw.conf
rm gwcal.conf
rcapache2 restart

This removes the symbolic links of gw.conf and gwcal.conf from the directory. These were pointing to /etc/opt/novell/groupwise/calhost/gwcal.conf and /etc/opt/novell/groupwise/webaccess/gw.conf.

There should be symlinks to the same files in /etc/opt/novell/httpd/sslconf.d which enabled SSL based access by default.

Option 2 – Redirect requests to port 443

GroupWise WebAccess

In /etc/opt/novell/groupwise/webaccess/gw.conf add the module rewrite code below after

Alias /gw "/opt/novell/groupwise/webaccess/gw/" 
<IfModule !mod_rewrite.c>
    LoadModule rewrite_module /usr/lib/apache2/mod_rewrite.so
</IfModule>
<IfModule mod_rewrite.c>
    RewriteEngine on
    Rewritecond %{SERVER_PORT} ^80$
    RewriteRule ^/gw/(.*) https://%{HTTP_HOST}/gw/$1 [NC,R,L]
</IfModule>

GroupWise Calendar Publishing

In /etc/opt/novell/groupwise/webaccess/gwcal.conf add the module rewrite code below after

Alias /gwcal "/opt/novell/groupwise/calhost/gwcal"
<IfModule !mod_rewrite.c>
    LoadModule rewrite_module /usr/lib/apache2/mod_rewrite.so
</IfModule>
<IfModule mod_rewrite.c>
    RewriteEngine on
    Rewritecond %{SERVER_PORT} ^80$
    RewriteRule ^/gwcal/(.*) https://%{HTTP_HOST}/gwcal/$1 [NC,R,L]
</IfModule>

Additional

You can also force the welcome page to redirect to GroupWise WebAccess instead of the default. Simply modify the exiting /etc/opt/novell/httpd/conf.d/welcome-apache.conf.

We are using this along with Option 2 above, so I expect that it would need to be reworked if used with Option 1.

<Directory /srv/www/htdocs>
     ErrorDocument 403 /gw/
#    ErrorDocument 403 /welcome/redirect.html
<Directory>

Good Luck

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Tags: ,
Categories: Uncategorized

Disclaimer: This content is not supported by Novell. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.

3 Comments

  1. By:gerberd

    I believe that “Rewritecond” must actually be entered as “RewriteCond” in order to be recognized. At least it has both times I’ve used this…

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)
  2. By:Paullamontagne

    Applied Option 2 to a SLES 10 SP1 Server and it worked as well…

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)
  3. By:SOsterfeld

    WebAccess works fine, but I don’t see any published calendar with SSL.

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)

Comment

RSS