Configuring Reverse Proxy in Sun Java System Web Server 7.0

Configuring Reverse Proxy in Oracle iPlanet Web Server 7.0 

Origin Server <-- HTTP ---> Reverse Proxy Server <-- HTTP --> client/Browser

Introduction

A reverse proxy is a proxy that appears to be a web server (origin server) to clients but in reality forwards the requests it receives to one or more origin servers. Because a reverse proxy presents itself as an origin server, clients do not need to be configured to use a reverse proxy. By configuring a given reverse proxy to forward requests to multiple similarly configured origin servers, a reverse proxy can operate as an application level software load balancer. In a typical deployment one or more reverse proxies will be deployed between the browsers and the origin servers.
In this article I will describe how to configure reverse proxy in Sun Java System Web Server 7.0 via CLI.

Configuring reverse proxy in Oracle iPlanet Web Server 7.0

Go to Oracle iPlanet Wwb Server 7.0 installation directory.
Start Admin Server
./admin-server/bin/startserv
Start wadm.
/bin/wadm --user=admin
Please enter admin-user-password>
Sun Java System Web Server 7 B12/02/2005 18:02
wadm>

Then run create-reverse-proxy CLI

wadm>create-reverse-proxy --config test --vs test --uri-prefix=/ --server=http://abc.sun.com:8080

where server can contain more than one comma separated URLs.

obj.conf should have entries that look like

#obj.conf
<Object name="default">
...
NameTrans fn="map" from="/" name="reverse-proxy-/" to="http:/"
...
</Object>
...
<Object name="reverse-proxy-/">
Route fn="set-origin-server" server="http://abc.sun.com:8080"
</Object>

<Object ppath="http:\*">
Service fn="proxy-retrieve" method="\*"
</Object>

Other Advanced reverse proxy CLIs

  1. list-reverse-proxy-uris
  2. set-reverse-proxy-prop
  3. get-reverse-proxy-prop
  4. forward-reverse-proxy-header
  5. block-reverse-proxy-header
  6. list-reverse-proxy-headers

Related links :

Other blogs I have written on this :

There are various SSL and non SSL configurations we can have for Reverse Proxy and Origin Servers

  1. Origin Server <--- HTTP ---> Reverse Proxy Server <--- HTTP ---> client/Browser
  2. Origin Server <-- HTTP ---> Reverse Proxy Server <-- HTTPS --> client/Browser i.e. Reverse proxy SSL termination End point
  3. Origin Server <-- HTTPS ---> Reverse Proxy Server <-- HTTP --> client/Browser
  4. Origin Server <-- HTTPS ---> Reverse Proxy Server <-- HTTPS --> client/Browser

In this blog I tried out scenario 1.

Comments:

Hi Meena,

I have following scenario:

I have deploy my application in 2 dedicated weblogic servers, http://host1:7001/myapp and http://host2:7001/myapp. How can I configure the reverse proxy so whenever user enter the URL, webserver will forward different app server like below;
http://abc.com >> web server will forward to http://host1:7001/myapp
http://abc.com/download >> web server will forward to http://host2:7001/myapp

I have difficulties to configure the "http://abc.com/download" where web server will forward to http://host2:7001/myapp, since reverse proxy required valid URI (which in this case is /myapp).

Hope you can help.
Thanks

Posted by ateh on September 09, 2009 at 07:41 AM IST #

I have one Web Server 7.0 instance with the following obj.conf :

<Object name="default">
...
<If $uri =~ "/xyz">
NameTrans fn="map" from="/" name="reverse-proxy-/xyz" to="/"
</If>
<ElseIf $uri =~ "/abc">
NameTrans fn="map" from="/" name="reverse-proxy-/abc" to="/"
</ElseIf>
...
</Object>

<Object ppath="\*">
Service fn="proxy-retrieve" method="\*"
</Object>

<Object name="reverse-proxy-/abc">
Route fn="set-origin-server" server="http://server1.sun.com:80"
</Object>

<Object name="reverse-proxy-/xyz">
Route fn="set-origin-server" server="http://server2.sun.com:80"
</Object> ...

When I send a request to URI :
/abc/test1.html : the request gets served from server1 from docs/abc/test1.html.
/xyz/test2.html : the request gets served from server2 from docs/xyz/test2.html

Where as when you change obj.conf to (note the change in "from" parameter in "map" SAF)

<Object name="default">
...
<If $uri =~ "/xyz">
NameTrans fn="map" from="/xyz" name="reverse-proxy-/xyz" to="/"
</If>
<ElseIf $uri =~ "/abc">
NameTrans fn="map" from="/abc" name="reverse-proxy-/abc" to="/"
</ElseIf>
...
</Object>

<Object ppath="\*">
Service fn="proxy-retrieve" method="\*"
</Object>

<Object name="reverse-proxy-/abc">
Route fn="set-origin-server" server="http://server1:80"
</Object>

<Object name="reverse-proxy-/xyz">
Route fn="set-origin-server" server="http://server2:80"
</Object> ...

In this case when I send a request to URI :
/abc/test1.html : the request gets served from server1 from docs/test1.html.
/xyz/test2.html : the request gets served from server2 from docs/test2.html.

Posted by meena on September 10, 2009 at 08:41 AM IST #

Hi,
I have installed the web server and trying to use the proxy
I have 2 servers
server1: sun web server 7 proxy
server2: Lotus Domino with Lotus quickr
usually I access quickr directly from the Domino http server
http://domino.test.com/lotusquickr

after configuring the proxy as you defined on the settings posted I'm failing to access via the sun proxy
Trying: http://sunweb.test.com/lotusquickr

I keep getting an error that the resources isn;t available

any help will be appreciated

Posted by romuse on November 26, 2009 at 09:25 AM IST #

Please ask questions in http://forums.sun.com/forum.jspa?forumID=759

Posted by meena on January 08, 2010 at 07:11 AM IST #

Ho do you configure the webserver to be a proxy to client and revers proxy to external webserver
While the client post http request and the forwarding to the external and back is by https
how do use local certificate from the web server to the external web servers?

Posted by Jacob on August 06, 2010 at 03:02 AM IST #

Hi Jacob,
Can you please elaborate your question? I am confused when you talk about "external web server"?
Do you mean any kind of "forward" proxy capability?

Typically backend servers are referred as "origin-server"?

Posted by Basant Kukreja on August 09, 2010 at 05:48 AM IST #

Hi Basant,

Yes, the external web server is the origin webserver who will eventually will provide the content.
I need to catch client http requests on my webserver and then convert it to https requests and forward(with client certificates provided earlier by origin-server) it to an origin-server which will return content over https which in return will be again intercepted by my webserver and coonverted to http and forward back to the client.

Posted by Jacob on August 09, 2010 at 10:59 PM IST #

Hi Jacob,
It should not be hard to do. Web Server can listen on http and it can still talk to origin server as https.

Suppose Web Server is already configured to listen on http then you can configure the obj.conf for reverse proxy in following manner : (Simply change http to https, rest all remain the same)

NameTrans fn="map" from="/abc" name="reverse-proxy-/abc" to="/"

Route fn="set-origin-server" server="https://backend1/"

----------------------------------

Regarding client certificate, look at the Meena's blog :
http://blogs.sun.com/meena/entry/enabling_client_certificate_authentication_in

----------------------------------

Web Server will automatically convert requests from http to https and vice versa.

Posted by Basant Kukreja on August 10, 2010 at 03:49 PM IST #

Hi,
I want use Sun Java System Web Server 7.0 as re-proxy to web application deployed on Weblogic Server 10.03.
In this case need I a plugin?
If yes, which one?
Tk

Posted by Florindo on January 10, 2011 at 03:08 PM IST #

No you do not need a plugin. This built-in reverse proxy is enough.

Posted by Meena on January 11, 2011 at 05:29 AM IST #

Hi,

How can i configure sun java web proxy for a remote web server so that the web server hits will be reduced.
any idea can i do it with reverse proxy or caching?
if i want reverse or caching both wht wud the configuration :

Any help Will be appreciate:
i have configured reverse proxy server but hits are still comming on origin web server:

Regards,
Bipin Bahuguna

Posted by guest on June 24, 2011 at 04:35 AM IST #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Meena Vyas

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today