The proxy does not attempt to rewrite the URL request in the body of the data returned in the HTTP response. As an example, the proxy mapping rule, <proxy:mapping contextpath="/http/*" />, located in the proxy-config.xml file allows a request to the proxy with the context path, /http/www.myothersite.com. The request redirects to http://www.myothersite.com and returns the result to the browser. Consider the image tag <IMG href="/images/mypicture.jpg" /> file in an HTML page returned by www.myothersite.com. The browser issues a request for /images/mypicture.jpg to the proxy servlet, which responds with a 404 error. The proxy does not resolve that the image request is intended for www.myothersite.com/images/mypicture.jpg.
The proxy does not filter incoming IP addresses. As an example, even though
the proxy is configured to be used by your application, another application
can access the proxy. If you need to secure the proxy, then complete this action
in the context of JavaTM EE security. The WebSphere® Application Server Information Center
provides additional information on how to secure your Java EE application.