Home

 

Configure the AJAX proxy for Search

By default, the AJAX proxy for the Search feature is configured to allow cookies, headers or mime.types, and all HTTP actions to allow data to be exchanged between Search and the other IBM Lotus Connections features. To make changes to the traffic that is allowed to other services, explicitly configure it.


This task is not required. Only perform it if you want to change the type of traffic that can be exchanged with the Search feature.


To configure the AJAX proxy for Search...

  1. Access the AJAX proxy configuration file:

    1. Open a command-line window, start the wsadmin tool, and then use the following commands to check out the proxy configuration file:

    2. Network deployments: 

        execfile("WAS_HOME/profiles/Dmgr01/config/bin_lc_admin/searchConfig.py")

    3. Check out the configuration file...

      where <temp_directory> is a temporary of your choice, and cell_name is the name of the cell where the Connections feature that uses the global proxy template file is located.

  2. From the temporary to which you checked out the configuration files, open the proxy-search-config.tpl file in a text editor.

  3. Make your edits. For example, you can do the following things:

    • To explicitly refuse all traffic from a specific site, add a policy like this: 

        <proxy:policy url="malicious.site.com" acf="none">
    <proxy:actions/>
    <proxy:headers/>
    <proxy:cookies/>
    </proxy:policy>

  4. To allow a particular service on your network to display a custom widget, you can add the following policy entry to the file: 

      <proxy:policy url="http://my.network.com/widget/*" acf="none">
    <proxy:actions>
        <proxy:method>GET</proxy:method>
    </proxy:actions>
    <proxy:headers>
      <proxy:header>User-Agent</proxy:header>
      <proxy:header>Accept.*</proxy:header>
      <proxy:header>Content.*</proxy:header>
      <proxy:header>Authorization.*</proxy:header>
      <proxy:header>X-Method-Override</proxy:header>
      <proxy:header>If-.*</proxy:header>
      <proxy:header>Pragma</proxy:header>
      <proxy:header>Cache-Control</proxy:header>
    </proxy:headers>
    <proxy:cookies>
        <proxy:cookie>JSESSIONID</proxy:cookie>
    </proxy:cookies>
</proxy:policy>

  5. To allow a particular service to run on your network and to pass cookies for LTPA tokens to the features: 

      <proxy:policy url="http://my.network.com/service/*" acf="none">
    <proxy:actions>
        <proxy:method>GET</proxy:method>
    </proxy:actions>
    <proxy:headers>
      <proxy:header>User-Agent</proxy:header>
      <proxy:header>Accept.*</proxy:header>
      <proxy:header>Content.*</proxy:header>
      <proxy:header>Authorization.*</proxy:header>
      <proxy:header>If-.*</proxy:header>
      <proxy:header>Pragma</proxy:header>
      <proxy:header>Cache-Control</proxy:header>
    </proxy:headers>
    <proxy:cookies>
      <proxy:cookie>JSESSIONID</proxy:cookie>
      <proxy:cookie>LtpaToken</proxy:cookie>
      <proxy:cookie>LtpaToken2</proxy:cookie>
    </proxy:cookies>
</proxy:policy>

    Specify the headers using regular expressions.

  6. Add any new policy blocks before the default policy setting in the template file. The default policy setting serves as a catch-all for all other requests and looks like this: 

      <proxy:policy url="*" acf="none"> 
    <proxy:actions>
      <proxy:method>GET</proxy:method>
    </proxy:actions>
    <proxy:headers/>
    <proxy:cookies/>
</proxy:policy>

    By default, it allows all services to send GET requests to the Lotus Connections features, and it prevents all cookies or headers from being directed to the features.

  7. Specify values for the following proxy configuration properties:

      circular_redirects

      Specifies that circular redirects are allowed. This property accepts a Boolean value of true or false specified in lower-case letters. If set to true, it supports using a proxy for a site that redirects to the same URL but with different parameters. Such a change is not recognized as a new URL. The default value of this property is true.

      connection-timeout

      Amount of time before an attempt to connect to a host times out. Specified in milliseconds, the default value of this property is 60,000, which is 1 minute.

      max_circular_redirects

      Maximum number of times a circular redirect is allowed before the proxy rejects it. Specified as an integer, the default value of this property is 100.

      maxconnectionsperhost

      Maximum number of simultaneous connections between the proxy and a given host. Specified as an integer, the default value of this property is 20.

      maxtotalconnections

      Maximum number of simultaneous connections between the proxy and all of the hosts together. Specified as an integer, the default value of this property is 50.

      socket-timeout

      Amount of time before an attempt to use a socket times out. Specified in milliseconds, the default value of this property is 60,000, which is 1 minute.

      unsigned_ssl_certificate_support

      Specifies that self-signed SSL certificates are supported. This property accepts a Boolean value of true or false specified in lower-case letters. The default value of this property is true. Change it to false when the system is ready for production.

  8. Save and close the file.

  9. Check the proxy-search-config.tpl file back in during the same session in which you checked it out. Use the following command to check the file in:

    where <temp_directory> is the temporary to which you checked out the configuration files, and cell_name is the name of the cell where the feature that uses the proxy-search-config.tpl file is located.

  10. Restart the application server hosting Lotus Connections.


Configure the AJAX proxy

+

Search Tips   |   Advanced Search