|
Problem(Abstract) |
This technote provides setup information for the cache
agent to work successfully using Caching Proxy in a reverse proxy
configuration when the Proxy HTTP rule is disabled because of security
concerns. |
|
|
|
Cause |
The cache agent always sends a fully qualified URI, with
protocol and host name, to Caching Proxy when refreshing the cache for
Caching Proxy.
For security reasons, when you use a reverse proxy configuration, you
must disable the Proxy http:* rule in ibmproxy.conf. However,
disabling this rule prevents the cache agent from successfully sending
requests and refreshing the cache content of Caching Proxy.
|
|
|
Resolving the
problem |
Use the cacheAgentService directive, which is another
internal service provided by Caching Proxy, to avoid this problem. To
enable the service, put the following directive before any other mapping
rules in the ibmproxy.conf file:
Service /any-valid-string*
INTERNAL:cacheagentservice
The variable any-valid-string is any string that is valid
and that does not conflict with other mapping rules in the ibmproxy.conf
file.
Both Caching Proxy and cache agent parse the URI based on this service
directive. Instead of sending the URI directly to Caching Proxy, the cache
agent utility prepends the URI with the
/any-valid-string pattern in the service
directive.
For example, the cache agent transforms the URI http://www.ibm.com/ to
/any-valid-string/http://www.ibm.com/
The cache agent sends the URI with the prefix to Caching Proxy. When
Caching Proxy receives the request, it removes the prefix
/any-valid-string/. If the remaining URI
is a fully qualified unit, Caching Proxy directly serves the request
without mapping the URI against other rules.
Additionally, the cache agent can send a relative URI to the Caching
Proxy. For example, if you add LoadURL /abc/ using the previously
referenced service directive in the ibmproxy.conf file, the cache agent
transforms it into
/any-valid-string/abc/ and sends it to
Caching Proxy. Caching Proxy receives the URL, removes the prefix, maps
/abc/ against other mapping rules, and handles the request if
there is a match. |
|
|
|
|
Cross Reference information |
Segment |
Product |
Component |
Platform |
Version |
Edition |
Application Servers |
Runtimes for Java Technology |
Java SDK |
|
|
|
|
|
|