ITM Integration Series: Accessing the TEP console via a reverse proxy server. It can be done!
Oneil 20000003NT Comment (1) Visits (12166)
Hi All -
In this specific example we will use the Oracle 1.7 JRE, a browser client and an Apache reverse proxy (which provides a https based URL which is redirected via the junction to the TEP console at a http URL). As there are an array of JREs, reverse proxy and browser combinations it is not possible for IBM to verify and officially support them all, but hopefully these steps will help you along the path of making the successful connection from your browser to the TEP console!
As a first step, lets compile a diagram showing the expected communication path. We can then add the necessary configuration changes needed
The following diagram shows the components in the environment and the points of configuration that need to be modified...
The TEP console URL should reflect the actual address to be used if launching the TEP directly without the inclusion of the reverse proxy server
If your TEPS was listening on https then the redirect would be to http
(2) Next we will check the applet.html that will be downloaded by the end user's broswer. In the applet.html add the following protocol setting...
(The file can be found under $CAN
Add this property to the 'var parameters' section near the bottom of the file...
[This allows us to establish a http interface between the TEP client and the server instead of the default IIOP connection which the proxy server is not able to handle and redirect.
Again if your TEPS was listening on https the protocol value would be 'https']
(3) Please make the following change in the TEPS eWAS virtualhost.xml file.
The file is located in the following directory on the TEPS...
[note the HostAlias value is increased by 1 and the port is set to the redirect port used by the reverse proxy - this change allows the eWAS webserver to accept incoming connections from the reverse proxy server]
The TEP console login page is returned to the end user's browser.
Remember, this is not an officially supported procedure (i.e. it has not been verified or certified in-house), so the onus will be on you to maintain the changes
Check out all our other posts and updates: