+

Search Tips   |   Advanced Search

Configuration metadata for outbound HTTP connections

We can add general proxy configuration parameters to the file proxy-config.xml using meta-data settings.

We can specify all of these parameters within a proxy-rules or mapping setting.

    HTTP connection handling parameters:
    Determine how the proxy handles the HTTP connection:

      socket-timeout
      Default socket timeout in milliseconds. The socket timeout determines how long the proxy server waits for data after it successfully establishes a connection with the target server. The default value is 20 seconds. A timeout value of zero means that a timeout is not applied.

      retries
      Number of retries that we want the proxy to do if it cannot establish a connection with the target server. The default value is 2 retries.

      max-total-connections
      Maximum number of HTTP connections the proxy can open to connect to arbitrary target hosts. The default value is 100 connections.

      max-connections-per-host
      Number of HTTP connections the proxy can open to connect to a specific host. The default value is 5 connections per host.

    User Agent identifier:
    Redefine the user agent parameter:

      user-agent
      Specify the user agent identifier to be used for the outbound connection.

    Control Redirection:
    Reaction on an HTTP redirect status (HTTP status 302):

      follow-redirects
      Set true if the caller wants an HTTP redirect status to be resolved automatically, that is, the connection is reestablished to the redirection URL. Set this parameter to false if no automated redirection is required. In that case, the proxy returns an HTTP status 302 to the caller. If we do not set this parameter, then the default reaction on a 302 HTTP status depends on the HTTP request method:

      • For all requests of HEAD and GET, the portal follows the HTTP redirection.

      • For all other request methods, the portal does not follow the HTTP redirection.

    Deactivate policy rules, mappings, or custom connection filters:
    A policy rule, a mapping, or a custom connection filter can be set to be deactivated. In this case, the disabled policy rule or mapping remains in the configuration, but does not take effect at run time. Control the activation state of a policy rule or mapping:

      active
      Valid values are false and true:

        true
        Default value. If true, the policy rule is in effect.

        false
        The policy rule to be deactivated, set the active parameter to the value false.

    Security parameters
    Security-related settings of the proxy. We can also define these security-related parameters within policy settings.

      unsigned_ssl_certificate_support
      Valid values are false and true:

        true
        If true, the proxy connects to any HTTPS URL allowed by the policy, regardless of whether it trusts the specified host. Default value.

        false
        If false, the proxy connects only to HTTPS URLs that it trusts.

      forward-http-errors
      Define whether the proxy forwards extra HTTP error codes to the client. Valid values are false and true:

        false
        Default value. It means that only 2xx and 3xx status codes are forwarded, whereas 4xx error codes are automatically mapped to a 404 'Not Found' error.

        true
        If we set the forward-http-errors parameter to true, the proxy forwards every status code, even if it represents an error code.

      forward-credentials-from-vault
      Define whether user credentials that are retrieved from the credential vault of the portal can be forwarded to the specified target host using an HTTP authorization request header. Valid values are false and true:

        false
        Default value. If false, the proxy does not forward credentials.

        true
        If true, the proxy forwards credentials.

      xhr-authentication-support
      Define whether HTTP BASIC user credential challenges from the external service are rewritten. Valid values are false and true:

        false
        Default value. If false, the proxy does not change the WWW-Authenticate HTTP header, and the user is prompted for credentials.

        true
        If true , the browser does not ask the user to provide credentials. Instead, the client side code can handle that challenge under the cover. In detail, the proxy changes the value of the HTTP header WWW-Authenticate from BASIC to XHRBASIC.

    Configure a Boundary (pass-through) Proxy:
    Make connections through a boundary (pass-through) proxy:

      passthru_host
      Define the host name of the pass-through proxy.

      passthru_port
      Define the port of the pass-through proxy.

      passthru_realm
      Optional. It defines the authentication realm of the pass-through proxy.

      passthru_username
      Optional. It defines the user name for the pass-through proxy.

      passthru_password
      Optional. It defines the password for the pass-through proxy.


Parent Description of the outbound HTTP connection configuration script