Installing and configuring IIS 5.0 on Windows 2000

This section explains how to set up the IIS Web-server plug-in on Windows 2000.

Microsoft IIS is packaged with Windows 2000. You must install and configure IIS using the Microsoft instructions before you install and configure the Enterprise Security plug-in.

NoteMake sure that the SYBASE environment variable points to the directory where you have installed Sybase Enterprise components.

This plug-in is supported on IIS 5.0 only.

StepsConfiguring IIS to load the plug-in

  1. Change to the %SYBASE%\Security\lib directory.

  2. Unjar plugins.jar. You can use the WinZip utility.

  3. Unjar iis.jar.

  4. Copy all the .html files to the document root directory.

    When you install IIS 5.0, the installation process creates the default document root directory, C:\\inetpub\wwwroot.

  5. Copy the libsybepsecurity_iis.dll file to the directory where you want the plug-in to reside.

  6. Copy the sample plug-in configuration file, SybSecurityPluginConfig.txt, to %SYBASE%.

  7. Copy the plugins.lcu file to %SYBASE%\locales\unicode\sec_web\english. The plugins.lcu file is created when you extract the iis.jar file. You may have to create this directory path if it does not already exist.

  8. Edit the SybSecurityPluginConfig.txt file:

    NoteIf you set the SYB_SESSION_COOKIE_DOMAIN variable as described below, you must add the domain information to all the SYB_EP_WEB_* variables and the JAGUAR_SERVER_IIOP_URL variable. For example:

    SYB_EP_WEB_LOGIN_PAGE=http://myserver.mycompany.com:80/syb_ep_weblogin.html
    

    Includes the domain “.mycompany.com,” whereas:

    SYB_EP_WEB_LOGIN_PAGE=http://myserver:80/syb_ep_weblogin.html
    

    Does not include a domain name. If you do not include the domain name, be sure that the SYB_SESSION_COOKIE_DOMAIN variable remains set to the default of NOT_SPECIFIED.

    1. Add your host:port or IP Address:port to the JAGUAR_SERVER_IIOP_URL variable, where host is the name of the machine where EAServer is installed. For example:

      JAGUAR_SERVER_IIOP_URL=iiop://host:9000
      

      To retrieve the IP address for your Windows 2000 server, open a command prompt and type, ipconfig.

    2. For the following variables, replace all instances of “http­_servername” and port numbers with the IIS 5.0 server name and port number.

      When editing these variables, use the forward slash (/) instead of the back slash (\).

      • SYB_EP_WEB_LOGIN_PAGE

      • SYB_EP_WEB_INVALID_LOGIN_PAGE

      • SYB_EP_WEB_VALID_LOGIN_PAGE

      • SYB_EP_WEB_ERROR_PAGE

    3. Optionally, you can set the SYB_SESSION_COOKIE_DOMAIN variable to the domain name without the server name. For example:

      .mycompany.com
      

      Where mycompany is your company’s domain name.

    4. Set the variable SECURITY_PLUGIN_LOG_FILE_PATH to the location of your log file. For example:

      C:/inetpub/wwwroot/plugin.log
      
    5. Set the variable WEBSERVER_IP_ADDRESS to the IP address of the local server.

    6. Set the variable MISC_INFO_FILE to point to your default_credential.txt file that was created when you extracted the iis.jar file.

  9. Configure IIS 5.0 to load libsybepsecure_iis.dll as an ISAPI filter. It must be installed as a global filter for all WWW sites. See the instructions in the Microsoft IIS 5.0 documentation. You must perform this step for each individual site you create in IIS.

    Notelibsybepsecure_iis.dll is high priority. Sybase recommends that you install it first in the list of ISAPI .dll files.

  10. Configure application settings under the Home Directory tab under properties for the Web site (see the Microsoft IIS 5.0 documentation).

    1. Set the application name.

    2. Set Execute Permissions to “Scripts and Executables”.

    3. Set Application Protection to “low IIS process”.

    4. Click Configuration and:

      1. Select the App Mappings tab, and click Add.

      2. For the Executable: field, enter the full path to <path>\libsybepsecure_iis.dll.

      3. For the Extension: field, enter .com_sybase_ep_seclogin.

      4. Click the All Verbs button.

      5. Select Script Engine and make sure that “check that file exists” is not selected.

      6. Click OK.