General configuration parameters

General configuration parameters

We can add general proxy configuration parameters to the file proxy-config.xml using meta-data elements. We can specify all of them within a proxy-rules or mapping element.

HTTP connection handling parameters

Use the following configuration parameters to influence the HTTP connection handling of the proxy:

socket-timeout

This defines the default socket timeout in milliseconds. The socket timeout defines the timeout the proxy server waits for data after successfully establishing a connection with the target serverDefault is 20 seconds. A timeout value of zero is interpreted as an infinite timeout.

retries

This defines the number of retriethat should be performed if the proxy could not establish a connection with the target server. The default value is 2 retries.

max-total-connections

This defines the maximum number of HTTP connections that the proxy can open to connect to arbitrary target hosts.Default is 100 connections.

max-connections-per-host

This defines the number of HTTP connections the proxy can open to connect to a specific host.Default is 5 connections per host.

Security parameters

Use the following configuration parameters to specify security related settings of the proxy. We can also define these security related parameters within policy elements if they reference version 1.2 or a higher version of the xml schema.

unsigned_ssl_certificate_support

If true, the proxy connects to any HTTPS URL allowed by the policy, regardless of whether or not it trusts the specified host. The default setting is true.

forward-http-errors

This defines whether the proxy forwards additional HTTP error codes to the client. Valid values are false and true:

false

Default. It means that only 2xx and 3xx status codes are forwarded, whereas 4xx error codes are automatically mapped to a 404 'Not Found' error.

true

Set this parameter to true makes the proxy forward every status code, even if it represents an error code.

forward-credentials-from-vault

This defines whether user credentials retrieved from the credential vault of the portal can be forwarded to the specified target host using a HTTP authorization request header. Default is false.hich means that the proxy does not forward credentials.

xhr-authentication-support

This defines whether HTTP BASIC user credential challenges from the external service are rewritten. If true , the browser does not ask the end user to provide credentials. Instead, the client side code can handle that challenge under the cover. In detail, the proxy changes the value of the HTTP header WWW-Authenticate from BASIC to XHRBASIC.Default is false, which means that the proxy does not change the WWW-Authenticate HTTP header, and the user is prompted for credentials.

Configure a Boundary (Passthru) Proxy

Use the following configuration parameters to make connections through a boundary (passthru) proxy:

passthru_host

This defines the host name of the passthru proxy.

passthru_port

This defines the port of the passthru proxy.

passthru_realm

Optional. It defines the authentication realm of the passthru proxy.

passthru_username

Optional. It defines the user name for the passthru proxy.

passthru_password

Optional. It defines the password for the passthru proxy.

Parent: The proxy-config.xml file
Related:
Access policies
Context path mappings
IP filtering
Examples of AJAX proxy configurations