+

Search Tips   |   Advanced Search

Configure a reverse caching proxy


Overview

A reverse caching proxy...

  1. Intercepts browser requests
  2. Forwards them to the content host
  3. Caches returned data
  4. Delivers that data to the browser
  5. For subsequent requests for the same cont, sends back cached content.

Information is cached based on...

Recommended for optimal performance.


Configure Edge Components with Connections

  1. Install IBM WebSphere Edge Components, bundled with WebSphere Application Server Network Deployment.

  2. Set up a target backend edge server, and create an administrator account.

  3. Edit the Edge configuration file...

      /etc/ibmproxy.conf

    On Windows: C:\IBM\edge\cp\etc\en_US\

    ...and set...

    1. In the SendRevProxyName Directive section, set:

        SendRevProxyName yes
        PureProxy off
        SSLEnable On
        SSLCaching On
        KeyRing C:\ProxyKey\proxykey.kdb
        KeyRingStash C:\ProxyKey\proxykey.sth
        ReversePass http://httpserver/* http://proxyserver/*
        ReversePass https://httpserver/* https://proxyserver/*

      We can use a more specific URL, such as...

        http://httpserver/connections/*

      We can use more than one ReversePass rule if we specify different servers for each component.

    2. In the Mapping Rules section, set...

        Proxy /* http://httpserver:80/*
        Proxy /* https://httpserver:443/*

    3. Set the CacheTimeMargin rule to zero seconds.

        CacheTimeMargin 0 seconds

      When a document's expiry date is set to “soon”, and soon is defined by CacheTimeMargin, setting to zero disables the calculation, and forces all documents to be cached, regardless of their expiry date.

      This setting is required for Blogs caching to function properly, and does not negatively affect other applications.

    4. Prevent the validation of a cache object from sending multiple requests for the same resource to the backend server by setting the KeepExpired rule to on.

      An expired or stale copy of the resource will be returned for the brief time the resource is being updated on the proxy.

        KeepExpired On

    5. In the Method Directives section, set...

        Enable CONNECT
        Enable PUT
        Enable DELETE

    6. Add the following rule to the CacheQueries Directives section:

        CacheQueries PUBLIC

    7. Configure the proxy to allow large file uploads by editing and uncommenting the LimitRequestBody directive:

      LimitRequestBody n M

      where n is the maximum file size in MB. For example: LimitRequestBody 50 M allows a file size of up to 50 MB.

  4. Save and close ibmproxy.conf.

  5. Set dynamicHosts in LotusConnections-config.xml to reflect the URL of the proxy server: 

    <dynamicHosts enabled="true">        
    <host href="http://proxy.myco.com" 
          ssl_href="https://proxy.myco.com"/> 
</dynamicHosts>

    dynamicHosts does not affect interservice URLs, Connections still routes internal communication between the applications through their own interservice URLs. To force internal traffic to be routed over the proxy server, update the interservice URLs to use the proxy server.

    Each href attribute in LotusConnections-config.xml is case-sensitive and must specify a fully-qualified domain name.

  6. For Connections Content Manager, reconfigure FileNet Collaboration Services to be aware of the reverse proxy.

    Set fncsServerURL, fncsServerURLSecure and icURI properties as described in Configure FileNet Collaboration Services for the Connections Content Manager.

  7. Add Connections certificates to the proxy server key database:

    1. Start iKeyman

    2. Open the Connections kdb file and extract the certificates.

    3. Open the kdb file on the proxy server and add the certificates extracted from Connections.

  8. Restart the Edge server.


Parent topic:
Post-installation tasks


Related:
Mapping applications to IHS
Wiki - reverse-proxy