Using a reverse proxy with server farm and WebSphere Application Server Network Deployment topologies
You can use a reverse proxy with distributed topologies. If your topology uses a reverse proxy, configure the required JNDI properties for the administration service.
See the Glossary for the definition of a reverse proxy.
You can use a reverse proxy, such as IBM® HTTP Server, to front server farm or WebSphere® Application Server Network Deployment topologies. In this case, you must configure the administration components appropriately.
You can call the reverse proxy from:
- The browser when you access MobileFirst Operations Console.
- The runtime when it calls the administration service.
- The MobileFirst Operations Console component when it calls the Administration services.
If the reverse proxy is in a DMZ (a firewall configuration for securing local area networks) and a firewall is used between the DMZ and the internal network, this firewall must authorize all incoming requests from the application servers.
When a reverse proxy is used in front of the application server infrastructure, the following JNDI properties must be defined for the administration service.
| JNDI properties | Values |
|---|---|
| ibm.worklight.admin.proxy.protocol | The protocol used to communicate with the reverse proxy, which can be HTTP or HTTPS. |
| ibm.worklight.admin.proxy.host | The host name of the reverse proxy. |
| ibm.worklight.admin.proxy.port | The port number of the reverse proxy. |
The ibm.worklight.admin.endpoint property that references the URL of the reverse proxy is also required for MobileFirst Operations Console. See Defining the endpoint of the MobileFirst Administration services.
For detailed instructions to configure an IBM HTTP Server or a Data Store, see Typical topologies of a MobileFirst instance in an extranet infrastructure.