Show TOC

Background documentationConfiguring Reverse Proxy Servers Locate this document in the navigation structure

 

A reverse proxy is a server running in front of a Web server or a group of Web servers. It presents a single interface to the caller. The reverse proxy routes all incoming connections to the server, and, in case of a group of servers, dispatches the inbound network traffic among them.

You can use a reverse proxy to:

  • Balance the load of a server cluster.

  • Increase the defense by adding an additional security layer.

  • Rewrite the URLs of the requested resources.

  • Hide the back-standing application server (or servers) from the client.

The HTTP Provider Service of AS Java receives the client requests routed by the reverse proxy, processes the requests, sends responses to the reverse proxy, which, in its turn, routes these responses back to the client.

Configuring a reverse proxy server causes the ServletRequest interface methods getServerName, getServerPort, and getSchema to return the specified server name, port and schema, respectively.

The ReverseProxyMappings Nested Properties

To specify how the application server handles client requests routed by reverse proxies, you need to configure the ReverseProxyMappings nested properties set of the HTTP Provider Service. You can do this using the Config Tool (http service).

Note Note

By default, no reverse proxy servers are configured on AS Java. Therefore, you have to manually create the necessary properties.

End of the note.

For more information, see Modifying Service, Manager, or Application Properties.

The following table shows all nested properties available for customization within the ReverseProxyMappings configuration property set:

Property

Description

ReverseProxyMappings/

Root configuration element.

ReverseProxyMappings/ProxyConfigurations/

Assembles the configurations of all proxy servers.

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/

Root element of the configuration of a proxy server.

<ProxyAlias> is a user-defined name for the particular proxy server.

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/HttpProxyPort

HTTP port of the proxy server.

This property is optional. Use either HttpProxyPort, or HttpsProxyPort, or both.

Value type: INTEGER

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/HttpsProxyPort

HTTPS port of the reverse proxy server.

This property is optional. Use either HttpProxyPort, or HttpsProxyPort, or both.

Value type: INTEGER

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ProxyHost

Host name of the reverse proxy server.

This property is obligatory.

Value type: STRING

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ICMHTTPPort

Specifies the schema and the port to be returned. If the ICM port of the client request is equal to the value of this element, the returned schema is HTTP, and the returned port is HttpProxyPort.

This setting applies with lower priority compared to the ClientProtocolHeader configuration.

This property is optional.

Value type: INTEGER

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ICMHTTPSPort

Specifies the schema and the port to be returned. If the ICM port of the client request is equal to the value of this element, the returned schema is HTTPS, and the returned port is HttpsProxyPort.

This setting applies with lower priority compared to the ClientProtocolHeader configuration.

This property is optional.

Value type: INTEGER

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ClientProtocolHeader/

This element describes the ClientProtocol header configuration. If the client request contains a header with HeaderName and Http or Https value, then the schema of the request is determined to be HTTP or HTTPS, and the port to be used is HttpProxyPort or HttpsProxyPort, respectively.

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ClientProtocolHeader/HeaderName

Name of the ClientProtocol header.

Value type: STRING

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ClientProtocolHeader/Http

Value of the ClientProtocol header for HTTP.

Value type: STRING

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/ClientProtocolHeader/Https

Value of the ClientProtocol header for HTTPS.

Value type: STRING

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/SSLProxyRedirect

Specifies the SSL configuration to be used in cases of HTTP to HTTPS redirection. The value of this property is the relevant <ProxyAlias>.

This property is optional.

Value type: STRING

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/SSLProxyReplace

Specifies the SSL replacement of HTTPS in cases of HTTPS to HTTPS redirection (if the HTTP request should be redirected to another application server). The value of this property is the relevant <ProxyAlias>.

This property is optional.

Value type: STRING

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/HttpProxyRedirect

Specifies the HTTP configuration to be used in cases of HTTPS to HTTP redirection. The value of this property is the relevant <ProxyAlias>.

This property is optional.

Value type: STRING

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/HttpProxyReplace

Specifies the replacement of HTTP in cases of HTTP to HTTP redirection (if the HTTP request should be redirected to another application server). The value of this property is the relevant <ProxyAlias>.

This property is optional.

Value type: STRING

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/Header/

Root element. Specifies the configuration to be used in case the client request contains the defined header name and value.

This nested property is optional.

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/Header/HeaderName

Value type: STRING

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/Header/HeaderValue

Value type: STRING

ReverseProxyMappings/ProxyConfigurations/<ProxyAlias>/Override

Specifies if the HTTP Provider Service should override the client's host and port (if present in the client request) with the relevant ReverseProxyMappings values in the response to that client.

Value type: BOOLEAN

Default value: false

ReverseProxyMappings/IcmPortConfigurationOrder/

Root element. Determines the order in which the HTTP Provider Service checks the configurations.

ReverseProxyMappings/IcmPortConfigurationOrder/<ICMPort>

<ICMPort> can be either an ICM port number, or ALL.

Configurations for particular port numbers are processed with higher priority over the ALL setting. Thus, you can specify this property multiple times, that is, for several ICM port numbers, or for some particular ICM port numbers and for all other unspecified ICM port numbers.

The value of this property is a comma-separated list of the reverse proxy configurations (the aliases of the reverse proxy configurations) to be considered at client requests at the specified <ICMPort>.

Value type: STRING

Example

Example 1

The following is an example of the configuration properties of a reverse proxy server Proxy1.

Proxy1 accepts HTTP requests and adds a via header to the requests before forwarding them to the Application Server.

If the client request is HTTP and comes from proxy1.example.com at port 188, the ServletRequest interface methods getServerName, getServerPort, and getSchema return the configured values.

Property

Value

ReverseProxyMappings/ProxyConfigurations/Proxy1/HttpProxyPort

188

ReverseProxyMappings/ProxyConfigurations/Proxy1/ProxyHost

proxy1.example.com

ReverseProxyMappings/ProxyConfigurations/Proxy1/Header/HeaderName

via

ReverseProxyMappings/ProxyConfigurations/Proxy1/Header/HeaderValue

proxy1.example.com

ReverseProxyMappings/ProxyConfigurations/Proxy1/Override

true

ReverseProxyMappings/IcmPortConfigurationOrder/ALL

Proxy1
Example 2

The following is an example of the configuration properties of a reverse proxy server Proxy2.

Proxy2 accepts HTTP client requests and redirects them to the application server.

If the client request is HTTP and is received at port 50000, the ServletRequest interface methods getServerName, getServerPort, and getSchema return the values configured for Proxy2.

Property

Value

ReverseProxyMappings/ProxyConfigurations/Proxy2/HttpProxyPort

88

ReverseProxyMappings/ProxyConfigurations/Proxy2/ProxyHost

proxy2.example.com

ReverseProxyMappings/ProxyConfigurations/Proxy2/Override

true

ReverseProxyMappings/IcmPortConfigurationOrder/50000

Proxy2