[AIX Solaris HP-UX Linux Windows][z/OS]

Configuring a web server as a trusted proxy server

If your environment includes a web server, you must configure it as a trusted secure proxy server. By configuring the secure proxy server, you can inform the on-demand router (ODR) that the web server is a trusted secure proxy so that the ODR can receive requests.

Before you begin

You must first create an ODR, a proxy with advanced capabilities that Intelligent Management uses to route work to application server nodes. For more information, read about creating ODRs.

About this task

Configure a web server as a trusted secure proxy; a trusted security proxy is allowed to pass information such as the virtual hostname, or user identity to the ODR in private HTTP headers. Web servers read incoming requests to verify which ODR they are routed to. Private headers that are received from an untrusted proxy are discarded by the ODR. This configuration field enables intermediaries other than the ODR server to handle the request by explicitly telling the ODR that it is to trust them. A trusted security proxy receives requests before the ODR and then forwards requests to the ODR. For example, when the web server with the WebSphere® Application Server plug-in forwards requests to the ODR, the web server must be configured as a trusted security proxy.
Figure 1. Example topology of a simple Intelligent Management environment supported configuration that includes a web server
A simple intelligent management environment configuration

Procedure

  1. To configure a web server as a trusted proxy server, in the administrative console, click Servers > Server types > On demand routers > on_demand_router_name > On demand router settings > On demand router properties. If you are using dynamic clusters of on-demand routers, click Servers > Clusters > Dynamic clusters > server_template > On demand router properties > On demand router settings.
  2. Specify the name of the web server in the Trusted security proxies.
    This configuration field enables intermediaries other than the ODR server to handle the request by explicitly telling the ODR that it can trust the web server that you specify. Use an internet protocol or fully qualified hostname in this field. For example, myhost.com or an IP address such as 10.1.1.1.
    Important: This configuration field supports only an IP address or a fully qualified hostname. IP ranges and Classless Inter-Domain Routing (CIDR) notation are not supported.
  3. Click Apply.
  4. Click Save.

Results

Your Web server is now configured as a trusted proxy server.