Set up the proxy server
The proxy server is a specific type of application server that routes HTTP requests to content servers that perform the work. The proxy server is the initial point of entry, after the firewall, for requests into the enterprise.
About this task
The proxy server for WebSphere Application Server requires that you install the V6.0.2 update. Additionally, augment the profiles that are associated with the deployment manager and the nodes that are expected to host the proxy server to contain the artifacts that we need to administer and manage the proxy server feature.
The proxy server acts as a surrogate for content servers within the enterprise. As a surrogate, we can configure the proxy server with rules to route to and load balance the clusters of content servers. The proxy server is also capable of securing the transport, using Secure Sockets Layer (SSL), and the content using various authentication and authorization schemes. Another important feature is its capability to protect the identity of the content servers from the Web clients by using response transformations (URL rewriting). The proxy server can also improve performance by caching content locally and by protecting the content servers from surges in traffic.
The proxy server is available in the WAS Network Deployment V6.0.2 offering and higher.
A proxy server configuration provides settings that control how a proxy server can provide services for the enterprise applications and their components. This section describes how to create and configure proxy servers in an existing application server environment.
Augmentation of the deployment manager profile enables the management of the proxy server feature in the administrative console. You must stop the deployment manager prior to augmentation to update the deployment manager profile. The augmentProxyServer script provided with WAS must be run on the deployment manager as well as all nodes that host a proxy server. If we need to remove the feature from your deployment, we can unaugment the proxy server feature from the profiles that are previously augmented. Unaugmenting also removes any proxy servers that are configured in the cell. You must stop the deployment manager prior to unaugmentation. To augment or unaugment an existing profile, use the following scripts from the bin directory of WebSphere Application Server.
Procedure
To augment the deployment manager profile.
- Stop the deployment manager for the profile that you want to augment.
- Run the augmentProxyServer command as follows: On Windows operating systems
On Linux and UNIX platformsaugmentProxyServer.bat <profile>augmentProxyServer.sh <profile>- Start the deployment manager. We can see the proxy server options by clicking Servers > Proxy Servers in the administrative console.
Repeat these steps on any nodes that have a proxy server.
To unaugment the deployment manager profile.
- Stop the deployment manager.
- Run the unaugmentProxyServer command as follows: On Windows operating systems
On Linux and UNIX platformsunaugmentProxyServer.bat <profile>unaugmentProxyServer.sh <profile>
- Create a proxy server to route requests to application server nodes.
- Create an HTTP or Session Initiation Protocol proxy server to route requests to application server nodes.
- Modify or add HTTP endpoints
What to do next
Next, create proxy servers in the cell.We can uninstall the proxy server by uninstalling the V6.0.2 updates. Any features that you apply to deployment manager profiles using augmentation, after the update is installed on the node, have to be unaugmented prior to uninstalling the update on the node.
If you receive the following error message
then your application requires security between the Web modules and Enterprise JavaBeans (EJB) modules. You must configure WebSphere Application Security by doing the following:HMGR0149E: An attempt by another process to connect to this process via the core group transport has been rejected. The connecting process provided a source core group name of network1server1a.com9353network2server2a.com9353, a target of <null> a member name of 10.42.45.18:9353 and an IP address of /10.42.45.18.
- Review the time, date, and time zone on all machines in both cells. The machines in the primary and backup cells must be within five minutes of each other.
- Configure a user registry with a Lightweight Directory Access Protocol (LDAP) server, OS security or a custom user registry.
See Configuring Lightweight Third Party Authentication keys for more information.
See also
Creating a proxy server
Customizing routing to applications
Routing requests to ODC-compliant application servers in other cells
Configuring rules to route requests to Web servers
Modifying the HTTP endpoints that the proxy server listens on
Adding a new HTTP endpoint for the proxy server
Setting up caching in the proxy server
Routing requests from a plug-in to a proxy server
Overview of the custom error page policy
Request mapping
Session failover in the proxy server
Troubleshooting the proxy server