A reverse proxy is a server running in front of a Web server or a group of Web servers. It presents a single interface to the caller. The reverse proxy routes all incoming connections to the server, and, in case of a group of servers, dispatches the inbound network traffic among them.
You can use a reverse proxy to:
Balance the load of a server cluster.
Increase the defense by adding an additional security layer.
Rewrite the URLs of the requested resources.
Hide the back-standing application server (or servers) from the client.
The HTTP Provider Service of AS Java receives the client requests routed by the reverse proxy, processes the requests, sends responses to the reverse proxy, which, in its turn, routes these responses back to the client.
Configuring a reverse proxy server causes the ServletRequest interface methods getServerName, getServerPort, and getSchema to return the specified server name, port and schema, respectively.
To specify how the application server handles client requests routed by reverse proxies, you need to configure the ReverseProxyMappings nested properties set of the HTTP Provider Service. You can do this using the Config Tool (http service).
Note
By default, no reverse proxy servers are configured on AS Java. Therefore, you have to manually create the necessary properties.
For more information, see Modifying Service, Manager, or Application Properties.
The following table shows all nested properties available for customization within the ReverseProxyMappings configuration property set:
Property |
Description |
---|---|
ReverseProxyMappings/ |
Root configuration element. |
ReverseProxyMappings/ProxyConfigurations/ |
Assembles the configurations of all proxy servers. |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ |
Root element of the configuration of a proxy server. <ProxyAlias> is a user-defined name for the particular proxy server. |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/HttpProxyPort |
HTTP port of the proxy server. This property is optional. Use either HttpProxyPort, or HttpsProxyPort, or both. Value type: INTEGER |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/HttpsProxyPort |
HTTPS port of the reverse proxy server. This property is optional. Use either HttpProxyPort, or HttpsProxyPort, or both. Value type: INTEGER |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ProxyHost |
Host name of the reverse proxy server. This property is obligatory. Value type: STRING |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ICMHTTPPort |
Specifies the schema and the port to be returned. If the ICM port of the client request is equal to the value of this element, the returned schema is HTTP, and the returned port is HttpProxyPort. This setting applies with lower priority compared to the ClientProtocolHeader configuration. This property is optional. Value type: INTEGER |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ICMHTTPSPort |
Specifies the schema and the port to be returned. If the ICM port of the client request is equal to the value of this element, the returned schema is HTTPS, and the returned port is HttpsProxyPort. This setting applies with lower priority compared to the ClientProtocolHeader configuration. This property is optional. Value type: INTEGER |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ClientProtocolHeader/ |
This element describes the ClientProtocol header configuration. If the client request contains a header with HeaderName and Http or Https value, then the schema of the request is determined to be HTTP or HTTPS, and the port to be used is HttpProxyPort or HttpsProxyPort, respectively. |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ClientProtocolHeader/HeaderName |
Name of the ClientProtocol header. Value type: STRING |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ClientProtocolHeader/Http |
Value of the ClientProtocol header for HTTP. Value type: STRING |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ClientProtocolHeader/Https |
Value of the ClientProtocol header for HTTPS. Value type: STRING |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/SSLProxyRedirect |
Specifies the SSL configuration to be used in cases of HTTP to HTTPS redirection. The value of this property is the relevant <ProxyAlias>. This property is optional. Value type: STRING |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/SSLProxyReplace |
Specifies the SSL replacement of HTTPS in cases of HTTPS to HTTPS redirection (if the HTTP request should be redirected to another application server). The value of this property is the relevant <ProxyAlias>. This property is optional. Value type: STRING |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/HttpProxyRedirect |
Specifies the HTTP configuration to be used in cases of HTTPS to HTTP redirection. The value of this property is the relevant <ProxyAlias>. This property is optional. Value type: STRING |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/HttpProxyReplace |
Specifies the replacement of HTTP in cases of HTTP to HTTP redirection (if the HTTP request should be redirected to another application server). The value of this property is the relevant <ProxyAlias>. This property is optional. Value type: STRING |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/Header/ |
Root element. Specifies the configuration to be used in case the client request contains the defined header name and value. This nested property is optional. |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/Header/HeaderName |
Value type: STRING |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/Header/HeaderValue |
Value type: STRING |
ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/Override |
Specifies if the HTTP Provider Service should override the client's host and port (if present in the client request) with the relevant ReverseProxyMappings values in the response to that client. Value type: BOOLEAN Default value: false |
ReverseProxyMappings/IcmPortConfigurationOrder/ |
Root element. Determines the order in which the HTTP Provider Service checks the configurations. |
ReverseProxyMappings/IcmPortConfigurationOrder/<ICMPort> |
<ICMPort> can be either an ICM port number, or ALL. Configurations for particular port numbers are processed with higher priority over the ALL setting. Thus, you can specify this property multiple times, that is, for several ICM port numbers, or for some particular ICM port numbers and for all other unspecified ICM port numbers. The value of this property is a comma-separated list of the reverse proxy configurations (the aliases of the reverse proxy configurations) to be considered at client requests at the specified <ICMPort>. Value type: STRING |
The following is an example of the configuration properties of a reverse proxy server Proxy1.
Proxy1 accepts HTTP requests and adds a via header to the requests before forwarding them to the Application Server.
If the client request is HTTP and comes from proxy1.example.com at port 188, the ServletRequest interface methods getServerName, getServerPort, and getSchema return the configured values.
Property |
Value |
---|---|
ReverseProxyMappings/ProxyConfigurations/Proxy1/HttpProxyPort |
188 |
ReverseProxyMappings/ProxyConfigurations/Proxy1/ProxyHost |
proxy1.example.com |
ReverseProxyMappings/ProxyConfigurations/Proxy1/Header/HeaderName |
via |
ReverseProxyMappings/ProxyConfigurations/Proxy1/Header/HeaderValue |
proxy1.example.com |
ReverseProxyMappings/ProxyConfigurations/Proxy1/Override |
true |
ReverseProxyMappings/IcmPortConfigurationOrder/ALL |
Proxy1 |
The following is an example of the configuration properties of a reverse proxy server Proxy2.
Proxy2 accepts HTTP client requests and redirects them to the application server.
If the client request is HTTP and is received at port 50000, the ServletRequest interface methods getServerName, getServerPort, and getSchema return the values configured for Proxy2.
Property |
Value |
---|---|
ReverseProxyMappings/ProxyConfigurations/Proxy2/HttpProxyPort |
88 |
ReverseProxyMappings/ProxyConfigurations/Proxy2/ProxyHost |
proxy2.example.com |
ReverseProxyMappings/ProxyConfigurations/Proxy2/Override |
true |
ReverseProxyMappings/IcmPortConfigurationOrder/50000 |
Proxy2 |