Introduction to Reflection for the Web version 12.3
Beginning in version 12.3, Reflection for the Web is a separate web application that requires Host Access Management and Security Server to create, configure, and manage secure web-based sessions to a variety of hosts.
Reflection for the Web provides user access to web-based terminal emulation sessions that connect to host applications located inside or outside the firewall.
Briefly, hereâs how it works:
- An administrator installs Reflection for the Web on a server and either installs or uses an existing installation of Management and Security Server.
- The administrator uses the Administrative WebStation (in Management and Security Server) to create, configure, and secure terminal emulation sessions. Optional security settings can be configured on a per-session basis.
- The Reflection for the Web launcher is downloaded to the user's workstation.
- A user clicks a link to start a terminal session.
- The user connects to and communicates with the host system using the downloaded emulation applet.
- Installation. Since Reflection for the Web 12.3 relies on Host Access Management and Security Server (MSS) 12.3, MSS must be installed before Reflection for the Web is installed.
The automated installer installs both products, in the appropriate order.
Manual installation requires that Management and Security Server 12.3 be installed and accessible from Reflection for the Web's servlet runner. See the Reflection for the Web 12.3 Installation Guide, https://www.attachmate.com/documentation/rweb-12-3/rweb-installguide/, for details.
- Terms. Reflection for the Web 12.3 uses the
rebranded component names that were introduced in Reflection for the Web
12.2. For instance:
- The Administrative WebStation console is part of Host Access Management and Security Server, and that name appears at the top of the About box.
- Management Server is called Administrative Server.
- ReflectionData folder is called MSSData.
- ID Manager is called Terminal ID Manager.
Before you Begin
This guide is written for the administrator who wishes to evaluate the features available with Reflection for the Web version 12.3.
Note: If you are upgrading from a version earlier than 12.2, you need to first upgrade to version 12.2. Refer to KB 7022345 for details.
Follow the steps in the Evaluation Scenario to create and configure secure web-based terminal emulation sessions that can be deployed to end-users.
You may want to refer to these resources while evaluating Reflection for the Web:
Technical Resources â See the âNew to This Product?â section, http://support.microfocus.com/product/?prod=RWEB
Reflection for the Web 12.3 Installation Guide, https://www.attachmate.com/documentation/rweb-12-3/rweb-installguide/
An administrator is in charge of setting up Reflection for the Web version 12.3 to deploy secure sessions to mainframe applications via the web.
The administratorâs evaluation would include the following procedures from this guide:
Step 2. Create a Web-based session to a mainframe host
Step 3. Configure session settings
Step 4. Deploy the session
Step 5. Consider other security options
Step 6. Evaluate optional features
Step 1. Obtain and install the evaluation software
For this evaluation, you will use an automated Windows installer to install Reflection for the Web on a Windows 64-bit platform.
To expedite preliminary testing, a simple configuration is presented with all components installed on a single machine. For production, however, components can be installed on different machines.
The administratorâs workstation must meet the minimum system requirements:
- Windows 64-bit machine
- Java Virtual Machine 8 or higher, capable of running Java applications
- Any web browser using JRE 8 or later
- No previous installation of Reflection for the Web on the machine
Workstations must be running Windows 32-bit or higher for this evaluation.
For more details, see Supported Platforms and System Requirements: http://support.microfocus.com/techdocs/2522.html
Obtain the evaluation software
- Log in as administrator to the Windows machine that you are using for your evaluation.
- For this evaluation, click the file for Reflection for the Web Enterprise Edition.
Enter the requested information and click Submit. You will receive an email message with download instructions.
- Open the Product Evaluation email message and click the link to download the software.
- For this evaluation scenario, find the line for Reflection for the Web - Windows 64-bit, and click the file, rweb-12.3.110-eval-wx64.exe.
- Run the self-extracting file.
Install the Reflection for the Web evaluation software
For simplicity while evaluating, install all of the components onto the same computer.
In production, however, the administrator would likely install the server components (Administrative Server, Security Proxy Server, Metering Server, and Terminal ID Management Server) on different servers by running the installer on each machine.
- In your download location, open the install_automated folder. In addition to the product executable, you will see an mss folder and an activation file.
The Reflection for the Web automated installer installs both Reflection for the Web and Management and Security Server version 12.3 (using the files in the mss folder).
Double-click rweb-12.3.110-eval-wx64.exe to start the installation.
- When the automated installer does not detect an installation of the required Management and Security Server, it presents these options.
Choose Install MSS and continue.View Full Size
Note: The other options are for an existing installation of Management and Security Server in another location. See the Reflection for the Web Installation Guide, https://www.attachmate.com/documentation/rweb-12-3/rweb-installguide/, for details.
- The installer proceeds to install Management and Security Server first. Continue through the installation dialogs, accepting the defaults.
Once the MSS installation process is finished, you can continue with the Reflection for the Web installation.
- For this first-time installation, select Run Initial Configuration Utility to configure the installed MSS components.
- Click Next and proceed through the utility, accepting the defaults.
- Enter your VPA and organization information, if known. You may leave these fields blank for now.
- For the administrative password, enter admin.
- When prompted, click Done.
- On the Install and Start Services page, leave the Start server components now checked, and click Next.
- On the Installation Complete page, note the link under Administrative Server, which is the Server URL. You can open it now; however, the Reflection for the Web installation still needs to be completed.
- Focus returns to the Reflection for the Web installation. Click Next to continue.
When you are prompted to restart the MSS Server, click Next.
- When installation is complete, click Finish.
Step 2. Using the Administrative WebStation
Reflection for the Web is accessed through Management and Security Server's Administrative WebStation. The Administrative WebStation is a centralized site that contains administrative tools and is the interface for the Administrative Server. From this central location, you can create, secure, deploy, and monitor terminal emulation sessions.
Open the Administrative WebStation
The Administrative WebStation is password-protected to allow for remote administration and access by multiple administrators.
- Open the Administrative Server from Start > Micro Focus Host Access Management and Security Server > Administrative Server.
Note: The Start menu does not display "Reflection for the Web."
(Or, if you clicked the Server URL after Management and Security Server was installed, the Administrative Server is already open.)
- When prompted for a password, enter admin. Click Submit.
The dialog will later be populated with the sessions you configure.
- Click Administrative WebStation (bottom right).
Administrative WebStation Home
In addition to the administrative tools (Activities) used to create, configure, and manage terminal sessions, the Administrative WebStation provides introductory information, scripting samples, and other references.
NOTE: To avoid a session timeout while you are evaluating, go to Security Setup. On the Security tab, find the âRequire new login afterâ field. Enter a value greater than the 60-minute default, and click Save Settings.
Now that the product is installed and the Administrative WebStation is open, you are ready to create a session.
Step 3. Create a Web-based session to a mainframe host
Use the Session Manager to create and configure the terminal sessions you want to deploy to end users.
To create a terminal session
- In the Administrative WebStation, click Session Manager.
- Click Add. The session types are listed.
- Under the Web-Based session types, select IBM 3270.
Enter a Session name for your terminal session, such as 3270test. Click Continue.
- On the Configure a Web-Based Reflection Session page, note the default settings, and click Launch (bottom right).
If you want to test the connection to the mainframe, enter the name of your host computer and click OK. Otherwise, click Cancel. You do not need to be connected to configure the session.
Now you are ready to configure the emulation settings for the end-usersâ terminal session.
Step 3. Configure session settings
You do not need to be connected to the host to configure settings.
Note: As an administrator, when you launch a session from the Administrative WebStation, all of the menu options are visible and enabled. The end users, however, are able to access only the menu options filtered by the End user menu level selected in the Profiler, described below.
Try some commonly used features
In this evaluation guide, some commonly used features are highlighted with detailed steps. If you wish to try others, refer to Help for more information.
The Reflection for the Web Profiler can be used to restrict access to entire menus, dialog boxes, toolbars, or to specific items within them.
To experiment with these access levels, use the Profiler from within the session menu:
- In the open session you just created, click Administration > User Interface Profiler.
- The default Profile type is Basic, which restricts Administration. Change the Profile type to see what is enabled or restricted on the Menu profiling tab.
- Then, on the Dialog box profiling and Toolbar profiling tabs, review the options that you can lock (or unlock) for this profile. Click OK.
Click Help for more information.
To modify display features, in the terminal session, click Setup. Then click the menu item and follow the logical navigation, which varies among session types.
For example, to change foreground and background screen colors, click Setup > Color. Click OK or Cancel to return to the session.
To create a custom keyboard mapping, click Setup > Keyboard. Click the Add button and follow the directions in the dialog. Click Help for more details. Click OK or Cancel to return to the session.
Macro recording and editing
Both administrators and end users (with the permissions to access the Reflection for the Web profiler) can create macros. The macros that an administrator creates are delivered to all users when they access the terminal session, whereas the macros created by an end user are private to just that user.
To get started with macros, try recording a host logon macro:
- In a terminal session, connect to your host computer, but do not log on yet.
- From the Macro menu, select Start Recording.
- Log on to the host as you usually do.
- Once you are logged on to the host, click Macro > Stop Recording.
- In the Save Macro dialog box, enter a name for the macro.
- Configure other options (described in the online help), and then click Save.
The macro is saved as follows:
- If you record the macro while configuring the session in the Administrative WebStation, the macro will be saved to the Administrative Server after you save and exit the session.
- If you record the macro while running the session as an end user, the macro is saved locally as soon as you click Save in the Save Macro dialog box.
In addition to recording macros, you can edit macros and also write your own macros. See KB 7022340 for more information.
Use the macro you created to log on to the host as described above:
- In a launched session, click Setup > Toolbar. Drag the existing items to rearrange them.
- Click the Add button. In the Define Toolbar Item dialog box, add text (for example, My Logon).
- Click Select to associate an Action with the new button.
For example, in the Define Action dialog box, open the Action Type menu and select Execute Command.
- Scroll through the commands and select Run Macro.
- At the bottom of the dialog box, select your logon macro from the drop-down menu. Click OK.
- When you return to the Define Toolbar Item dialog box, Choose an icon for your new toolbar button, such as:
- Click OK twice. Drag the icon to the toolbar. (You can rearrange the icons by dragging.)
- Click OK. Your new button is included in the Custom toolbar items.
Save the session
When you are finished configuring the emulation features, save the session by clicking File > Save and Exit (and Save/Exit, if prompted).
This session is then added to the Session Manager list in the Administrative WebStation, viewable by administrators. (Click Refresh Links List.)
End users cannot access the session until the session is deployed. The Session Saved page (in Session Manager) provides the direct URL for the session â and a link to map session access. When mapped, the session is available to the authorized users that you select, and is displayed in their links lists.
Now that you have created and configured a terminal session, you are ready to deploy the session to end users.
Step 4. Deploy the session
Use the Access Mapper to give authorized users access to specific sessions, which will then appear on their list of links.
To use the Access Mapper:
- In the Administrative WebStation, click Access Mapper. Or, if the Session Saved page is still open (from the previous step), click the "Map session access" link.
- Check the session you want to make available to all users. Click Save Settings.
Note: If your environment uses an LDAP-compatible directory service, you can assign terminal sessions to specific users, groups, or folders, based on your existing LDAP database. See Help for more information.
Step 5. Consider other security options
In addition to Access Mapper (used in Step 4), Reflection for the Web provides several options to secure user access to your host applications.
Reflection for the Web supports many types of authentication. Each type is described in the Help topic: Administrative WebStation > Access Control Setup > Help.
In the Administrative WebStation, click Security Setup. On the Security tab, you can set options for server access, passwords, smart card libraries, and cryptography settings. Click Help for information about the available options.
HTTPS and SSL/TLS
By default, Reflection for the Web enables web browsers to use the HTTP protocol to communicate between the client computer and the administrative server. Although HTTP is universally available to web browsers, it is not a secure protocol.
To secure the communication between the client and the web server, you can require web browsers to use the HTTPS protocol (which provides SSL/TLS encryption) when connecting to the Administrative Server. For more information, see Administrative WebStation > Welcome > Overviews > Security Overview.
Reflection for the Web provides support for TLS 1.2 and PKI Services Manager. For more information, see Administrative WebStation > Security Setup > Security tab > Help and Administrative WebStation > Welcome > Overviews > Security Overview.
Security Proxy Server (Optional)
The Security Proxy can be used to encrypt the data between the client and the Security Proxy. You can install the security proxy when you run the automated installer, and it can be installed on a different machine.
The Security Proxy is managed by Host Access Management and Security Server. For more information about using the Security Proxy, see:
- Host Access Management and Security Server Installation Guide, https://www.attachmate.com/documentation/mss-12-3/mss-installguide/
Navigate to Setting Up the Security Proxy.
- Administrative WebStation > Security Setup > Security Proxy tab > Help.
Step 6. Evaluate optional features
As you continue to evaluate Reflection for the Web, try these optional features:
Earlier, when you created and configured your terminal sessions, you were able to make some preliminary customization choices.
Reflection for the Web includes a well-documented API and some advanced tools that make it easy to customize terminal sessionsâeven if you do not have Java or HTML programming experience.
In the Administrative WebStation, click Advanced, click the links to learn about using scripts, HTML code, and applet parameters with Reflection.
The following example demonstrates how you can customize the behavior of a terminal session by changing the parameters for a specific attribute.
Example: Using the Applet Parameters Tool
Edit an applet tag to disable the Reflection for the Web start-up (splash) screen that normally appears when a terminal session is starting:
- In the Administrative WebStation, click Session Manager.
- Click the name of a session, and then click the Applet Parameters button (about mid-way) on the Configure page.
- On the Applet Parameters page, in the Add parameters section, select splash from the drop-down list.
- In the Value field, type false and then click Add. The splash=false parameter is added to the list of Current parameters.
- Click Continue, and then click Save Settings.
- To view the revised session, go to the Links List page (not the list in Session Manager). Click Refresh Links List, and then double-click the name of the session to launch it. The splash screen does not appear.
Note: Launching a session from the Links List represents the end-user experience. Launching a session from Session Manager represents the administrator experience.
For information about applet attributes and parameters see Administrative WebStation > Advanced > Applet Attributes and Parameters.
Usage metering can be used to audit and control access to both Web-based and Windows-based sessions. You may want to install the metering component if your site needs to carefully balance network and server loads.
For more information, see these resources:
- Under Reference: Welcome > [Product] Overviews > Usage Metering Overview
- Under Activities: Settings > Metering tab > Help
Host Access Management and Security Server Installation Guide:
Metering is managed by Management and Security Server. See the Installation Guide, https://www.attachmate.com/documentation/mss-12-3/mss-installguide/ for details.
- Navigate to Setting Up Metering
For more information about Reflection for the Web version 12.3, see these resources.
Technical Resources and Documentation
This page links to the Reflection for the Web documentation, technical notes, security updates, other helpful materials: http://support.microfocus.com/product/?prod=RWEB
Administrative WebStation References
From the left nav, click open the Welcome, Advanced, and Resources menus to find overviews, tutorials, and other topics.
Click Resources > About Management and Security Server to identify your installed version of Reflection for the Web. Product add-ons for which you have licenses are listed as well.
Management and Security Installation Guide
This guide describes how to set up and configure the components that are centrally managed using Management and Security Server. See https://www.attachmate.com/documentation/mss-12-3/mss-installguide/
To request technical support, see http://support.microfocus.com/contact/ for contact information.
When You Finish Evaluating
If you have any questions about Reflection for the Web, contact us: https://www.attachmate.com/company/contact/.