Configuring a web server as a trusted proxy server
If your environment includes a web server, you must configure it as a trusted secure
proxy server. By configuring the secure proxy server, you can inform the on-demand router (ODR) that
the web server is a trusted secure proxy so that the ODR can receive requests.
Before you begin
You must first create an ODR, a proxy with advanced capabilities
that Intelligent Management uses to route
work to application server nodes. For more information, read about
creating ODRs.
About this task
Configure a web server as a trusted secure proxy; a trusted security proxy is allowed to
pass information such as the virtual hostname, or user identity to the ODR in private HTTP headers.
Web servers read incoming requests to verify which ODR they are routed to. Private headers that are
received from an untrusted proxy are discarded by the ODR. This configuration field enables
intermediaries other than the ODR server to handle the request by explicitly telling the ODR that it
is to trust them. A trusted security proxy receives requests before the ODR and then forwards
requests to the ODR. For example, when the web server with the WebSphere® Application Server plug-in forwards requests to the ODR, the
web server must be configured as a trusted security proxy.
Procedure
To configure a web server as a trusted proxy server, in the administrative console, click
Servers > Server types > On demand routers > on_demand_router_name > On demand router settings > On demand router
properties. If you are using dynamic clusters of on-demand routers, click
Servers > Clusters > Dynamic clusters > server_template > On demand router
properties > On demand router settings.
Specify the name of the web server in the Trusted security
proxies.
This configuration field enables intermediaries other than the ODR
server to handle the request by explicitly telling the ODR that it can trust the web server that you
specify. Use an internet protocol or fully qualified hostname in this field. For example,
myhost.com or an IP address such as 10.1.1.1.
Important: This configuration field supports only an IP address or a fully qualified hostname.
IP ranges and Classless Inter-Domain Routing (CIDR) notation are not supported.
Click Apply.
Click Save.
Results
Your Web server is now configured as a trusted proxy server.