Use this topic to perform advanced configuration on a proxy
server. Proxy settings enable the system administrator to fine tune
the behavior of the proxy server. In particular, you can configure
the connections and requests to the application server, enable caching,
configure the requests that must be rejected, define how error responses
are handled, and specify the location of the proxy logs.
The proxy server, upon creation, auto-senses the environment and
is capable of routing requests to WebSphere® Application Server. Additional configuration
can be applied to the proxy server to meet the needs of a particular
environment.
To view this administrative console page, click Servers > Proxy
Servers > server_name > HTTP Proxy Server Settings
> Proxy settings.
You can edit configurable field settings for the proxy server on
the Configuration tab.
Configuration tab
Content server connection
Configure basic HTTP connection parameters between the
proxy server and content servers.
Outbound request timeout: The default number of seconds
the proxy server waits for a response before timing out a request
to a content server. Consider this option carefully when changing
the value.
Outbound connect timeout: The number of milliseconds that
the proxy server waits to connect to a server. If this time expires,
the proxy server attempts to connect to a different server. If no
other available servers exist, the request times out. A value of 0
indicates that the proxy server should use the operating system kernel
timeout value.
Pool connections to content server: The option to pool connections
to the server is an optimization feature. Pooling prevents the need
to frequently create and destroy socket connections to the server,
by allowing the proxy server to pool these connections and reuse them.
Maximum connections per server: The maximum number of connections
that will be pooled to any single content server. Proxy custom properties
that tweak content server connections are as follows:
- key=http.maxTargetReconnects: Maximum number of reconnects to
the same target content server for each request. The default is 5.
- key=http.maxTargetRetries: Maximum number of times the proxy
will attempt to select a new target content server for each request.
The default is 5.
- key=http.routing.sendReverseProxyNameInHost: Determines if the
proxy server name is placed in the host header for content that is
not specific to WebSphere Application Server content
servers. The options are true or false and are not
case sensitive. The default is false.
- key=http.compliance.disable: Determines whether HTTP V1.1 compliance
is enforced on proxy content server connections. The options are true or false and
are not case sensitive. The default is false.
- key=http.compliance.via: The value of the via header that is appended
to requests and responses for HTTP compliance. If the value is null,
a via header will not be appended. If the value is true, a default
via value is appended. Otherwise, the specified string via value is
appended. The default is null.
SSL Configuration: Set the SSL configuration from one of
several sources:
Centrally managed |
Use the SSL configuration that is scoped for this endpoint. |
Specific to this endpoint |
Use a specific SSL configuration. |
Select SSL Configuration |
Options are NONE, CellDefaultSSLSettings, or NodeDefaultSSLSettings |
Caching
The proxy server can be configured to cache the content
of servers.
By default, caching content is enabled. The properties that follow
apply only if caching is enabled:
- Enable caching: Enables caching framework for the proxy
server and enables static content caching, as defined by HTTP 1.1
specifications.
- Cache instance name: The dynamic cache object cache instance
that is configured in detail under Resources > Cache instances
> Object cache instances, used to cache all static and dynamic
content responses. This object cache instance must be configured to
support new I/O (NIO) application program interfaces (APIs).
- Cache SSL content: Determines whether client proxy server
SSL connections that are terminated by the proxy server should have
their responses cached.
- Cache aggressively: Enables caching of HTTP responses that
would not normally be cached. Caching rules that are defined by HTTP
1.1 may be broken in order to gain caching optimizations.
- Cache dynamic content: Determines whether dynamic content
that is generated by WebSphere Application Servers
V6.02 or later is cached. Caching dynamic content generated by content
servers prior to WebSphere Application Server V6.02
is not supported.
Enable Web services support
Check this option to enable the proxy server to route Web
services traffic.
Exclusions
The proxy server examines every incoming request. You can
define certain methods for exclusion and if the requested HTTP method
matches any of the configured methods for exclusion, the proxy server
rejects the requests with a METHOD DISALLOWED error. Enter each method
as a single line.
Logging
The proxy server has logs that are generated for proxied
requests and stored cache requests. With this configuration, you can
specify the location of the proxy access log and the cache access
log.
Use the default location, or specify a directory location. There
is a third log called ${SERVER_LOG_ROOT}/local.log that logs
locally-served proxy content. This content does not come from the
proxy cache.
Proxy custom properties that can be used to tweak logging are as
follows:
- key=http.log.disableAll: This property disables all logging. A
value of true stops proxy, cache, and local logging.
- key=http.log.maxSize:The maximum log size in megabytes (MB). A
value of UNLIMITED indicates unlimited. 25 MB is the default.
- key=http.log.localFileName: Contains the name of the local log.
A value of NULL indicates that the default ${SERVER_LOG_ROOT}/local.log is
used.
HTTP requests are logged in one of three logs: proxy, cache, and
local. Local log configuration is not currently available in the administrative
console, but it is available at ${SERVER_LOG_ROOT}/local.log. Specify
the location of this log by setting the http.log.localFileName custom
property to the file location. The content of each log is formatted
using National Center for Supercomputing Applications (NCSA) common
log format.
- Proxy access log: Logs responses that are received from remote
servers.
- Cache access log: Logs responses that are served from the local
cache.
- Local access log: Logs all non-cache local responses, for example,
redirects and internal errors.
Security
Use this section to set up security options.
Proxy plugin configuration policy
- Generate plugin configuration: Use this parameter for the
generation of a proxy plugin configuration file that you can use on
a Web server that is deployed in front of the proxy server. The plugin
can determine the URI that the proxy is handling on behalf of the
application server. The plugin can determine the endpoint, or boundaries
of the proxy so that it can properly route requests that it receives
to the proxy. This feature is useful for those who prefer to deploy
a proven Web server in the demilitarized zone (DMZ), which is fully
capable of exploiting the ability of the proxy server.
Options are
available to define a level by which to generate the plugin, as follows:
Scope |
Description |
None |
No scope. |
All |
The proxy server generates a plugin configuration that includes
all of the URIs that are handled by proxy servers in the local cell
and all cells that are connected by a core group bridge. |
Cell |
The proxy server generates a plugin configuration that includes
all of the URIs that are handled by all the proxy servers in the cell. |
Node |
Includes all of the URIs that are configured for the node. |
Server |
The proxy server generates a plugin configuration file only
for the proxy server that is currently configured. |
- Plugin config change script: Specifies the path to a script
that is run after the WebSphere Application Server plugin
configuration is generated.
Custom error page policy
Use this field to support the use of customized error pages
when errors occur during the processing of the request.
The default is no customized error pages generated. The properties
that follow enable customized error pages for use when errors occur
during request processing:
- Error page generation application URI: If a valid URI to
an installed application is not provided, the custom error page policy
does not handle requests.
- Handle remote errors: When not selected, only HTTP response
error status codes generated by the proxy server are handled. When
selected, HTTP response error status codes generated by the proxy
server and HTTP response error status codes generated elsewhere after
the proxy on the proxy content server connection error responses are
handled. A best practice is to configure an error page application
on the same physical machine as the proxy server.
- Headers to forward to error page application: Specifies
additional header values from the client request to forward to the
error page application as query parameters. The responseCode and URI
query parameters are always sent to the error page application, in
addition to the ones that are configured. The responseCode parameter
is the HTTP status code that generates internally or is returned by
the content server. The URI parameter is the request URI for the client.
Example -
The error page URI is
/ErrorPageApp/ErrorPage, the headers
to forward contain
Host, and a client sends the following
request:
GET /house/rooms/kitchen.jpg HTTP/1.1
Host: homeserver.companyx.com
The request results in a HTTP 404 response (local or
remote), and the request URI to the error page application would be:
/ErrorPageApp/ErrorPage?responseCode=404&uri=/house/rooms/kitchen.jpg&Host= homeserver.companyx.com
- HTTP status codes that are to be recognized as errors:
The status codes that the error page policy provide a response for.
If a status code is not specified, the original content of responses
with that status code are returned. If no HTTP status codes are specified,
the defaults, 404 and 5XX, are used. Instead of
specifying status codes individually, the following method is recommended
to represent a range:
- 5XX: 500-599
- 4XX: 400-499
- 3XX: 300-399
- 2XX: 200-299
Proxy custom property to use when tweaking the custom error page: key=http.statuscode.errorPageRedirect. This
custom property determines whether error page generation is done using
the redirect, instead of using the proxy error page application. The
values are true or false. The default is false.