Configure the AJAX proxy to work with a pass-through proxy
If the organization has a pass-through proxy required for Internet access, configure the AJAX proxy to send requests to it. Otherwise, the connections to the Internet will not work. The AJAX proxy supports Basic authentication.
If the AJAX proxy needs to go through a border firewall before accessing the network, configure the AJAX proxy configuration file to connect to a pass-through proxy before accessing the network.
The AJAX proxy configuration file is stored in the LotusConnections-config directory. A common proxy configuration file, proxy-config.tpl, is shared by all the applications. To configure the AJAX proxy to work with a pass-through proxy:
- Access the common AJAX proxy configuration template file:
cd app_server_root/profiles/Dmgr01/bin
./wsadmin.sh -lang jython -user admin_user_id -password admin_password -port SOAP_CONNECTOR_ADDRESS_PORT
execfile("connectionsConfig.py")
LCConfigService.checkOutProxyConfig("temp_directory", "cell_name")
- Edit proxy-config.tpl.
- Add a <proxy:meta-data> element containing each of the following parameters:
passthru_host Address the proxy is listening. In most cases, accessing the host and port from a browser causes an authentication request popup to be displayed. Required. passthru_password Password that corresponds with passthru_username. Required. If we do not provide a user name and password, all other parameters are ignored. passthru_port The port at which the proxy is listening. If not specified, then a default value of port 80 is used. Required. passthru_realm User credential pairs are associated with realms, not URLs. This allows the same authorization information to be used for multiple URLs or whole URL trees. When a server sends back an unauthorized error, it includes the name of the realm the requested URL belongs to. The client can then look and see whether it has stored a username and password for the realm, and if so, it supplies that information without having to prompt the user again. If a user name and password are needed for the proxy, we can specify the realm for the proxy so the credentials do not get sent to any proxy. If we do not specify this parameter, then the credentials are sent for all authentication attempts. In the example that follows, Subversion User Authentication is specified as the passthru_realm. As a result, all authentication requests from this realm on the SVN server will be provided the given username and password. Specify the passthru_realm parameter in a production environment to prevent the user name and password information from being presented for all authentication requests.
passthru_username User name for authenticating with the pass-through proxy. In the that follows, any username which has read access to the subversion server will be sufficient when a GET request is sent to get authorization. Required. If we do not provide a user name and password, all other parameters are ignored.
The following example shows the configuration for a fictitious proxy firewall.
<proxy:meta-data> <proxy:name>passthru_host</proxy:name> <proxy:value>9.17.237.132</proxy:value> </proxy:meta-data> <proxy:meta-data> <proxy:name>passthru_port</proxy:name> <proxy:value>3128</proxy:value> </proxy:meta-data> <proxy:meta-data> <proxy:name>passthru_realm</proxy:name> <proxy:value>Subversion User Authentication</proxy:value> </proxy:meta-data> <proxy:meta-data> <proxy:name>passthru_username</proxy:name> <proxy:value>adamsmith</proxy:value> </proxy:meta-data> <proxy:meta-data> <proxy:name>passthru_password</proxy:name> <proxy:value>password123</proxy:value> </proxy:meta-data>
- Save and close the file.
- Check in the proxy-config.tpl file during the same session in which you checked it out:
LCConfigService.checkInProxyConfig("temp_directory", "cell_name")
- Restart the application server hosting IBM Connections.
Parent topic:
Configure the AJAX proxy