To understand the WebAccess component of your GroupWise system, it is important to understand the WebAccess architecture. This will help with installing, configuring, and troubleshooting the WebAccess components. Understanding the WebAccess AgentWebAccess is composed of three main pieces: the agent, the document viewer, and the application. The first piece is referred to as the WebAccess Agent and is responsible for requesting and receiving data from a user's mailbox. This WebAccess Agent can run on NetWare as an NLM (GWINTER.NLM), on Windows 2000/2003 as an executable (GWINTER.EXE) or as a Windows 2000/2003 service, and on Linux (gwinter). You can think of the WebAccess Agent as a client that communicates directly via TCP/IP with a post office agent (POA) via its client/server port, such as 1677. Understanding the WebAccess Document Viewer AgentA new process in GroupWise 7 is the Document Viewer Agent, which will transform all attachments into HTML viewable content, something previously handled by the WebAccess Agent itself. With the document-viewing task being a separate process, a corrupt or unwieldy attachment will not have an adverse impact on the WebAccess Agent. Historically in prior versions of GroupWise, the WebAccess Agent could be problematic in environments with large or corrupt mail message attachments. The Document Viewer Agent makes such problems a thing of the past. Understanding the WebAccess ApplicationThe third main part of WebAccess is referred to as the WebAccess Application. It is responsible for taking the data received by the WebAccess Agent and delivering it to the user's web browser that is being used to access WebAccess. The WebAccess Application runs on a web server as a Java servlet. It runs on any of the following supported web server platforms:
Tip Although you can still use Apache 1.3 plus Tomcat 3.3 on NetWare 6, we strongly advise you to consider upgrading your Apache services to Apache 2 plus Tomcat 4. This newer version is more robust and less prone to security attacks. Also, we strongly advise you to keep all of your web servers up-to-date, because we've seen issues with security leaks with nonup-to-date servers. The WebAccess Application communicates with the WebAccess Agent via TCP/IP. By default, the WebAccess Agent listens on port 7205 for information coming from the WebAccess Application. The data that is exchanged between the Agent and the Application is encrypted using an encryption key. This is not your standard SSL type of encryption, but simply an encryption key that each piece (Agent and Application) uses to encrypt data between them. The encryption key is discussed later in this chapter in the section "Configuring the GroupWise WebAccess Gateway." Understanding the WebAccess ProcessLet's quickly see how a request coming in from a web browser in order to log in to a GroupWise mailbox would act. This will help you understand the flow of information through a WebAccess system, as well as help you see the relationship between the WebAccess Application and Agent:
This represents a quick and simple outline of how a user's request flows from an actual browser into a GroupWise mailbox. At this point, we don't discuss the return path of the data from the post office to the web browser. Basically, the return path for the data coming from the post office is in reverse order, minus a few of the lookups, because a session ID is in place to route the data back from the Agent to the Application. This should give you a basic understanding of how the WebAccess Application and the Agent work together to access the user's mail via WebAccess. Now that you have an understanding of GroupWise WebAccess architecture, you're ready to install GroupWise WebAccess. |