Modified: portals/site-live/applications/webcontent/rproxy.html URL: http://svn.apache.org/viewvc/portals/site-live/applications/webcontent/rproxy.html?rev=1901430&r1=1901429&r2=1901430&view=diff ============================================================================== --- portals/site-live/applications/webcontent/rproxy.html (original) +++ portals/site-live/applications/webcontent/rproxy.html Tue May 31 02:23:06 2022 @@ -1,1066 +1,1320 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> +<!-- Generated by Apache Maven Doxia Site Renderer 1.4 at 26 May 2022 --> +<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> + <title>Apache Portals Applications - + Introduction to Reverse Proxy Service</title> + <style type="text/css" media="all"> + @import url("../css/maven-base.css"); + @import url("../css/maven-theme.css"); + @import url("../css/site.css"); + </style> + <link rel="stylesheet" href="../css/print.css" type="text/css" media="print" /> + <meta name="Date-Revision-yyyymmdd" content="20220526" /> + <meta http-equiv="Content-Language" content="en" /> + + </head> + <body class="composite"> + <div id="banner"> + <a href="http://portals.apache.org/"; id="bannerLeft"> + <img src="../images/apache-portals.gif" alt="Apache Software Foundation" /> + </a> + <a href="http://portals.apache.org/applications/"; id="bannerRight"> + Apache Portals Applications + </a> + <div class="clear"> + <hr/> + </div> + </div> + <div id="breadcrumbs"> + + + <div class="xleft"> + <span id="publishDate">Last Published: 26 May 2022</span> + | <span id="projectVersion">Version: 1.0</span> + </div> + <div class="xright"> <a href="http://portals.apache.org/"; class="externalLink" target="_nw" title="Portals">Portals</a> + | + <a href="http://portals.apache.org/jetspeed-2"; class="externalLink" target="_nw" title="Jetspeed-2">Jetspeed-2</a> + | + <a href="http://portals.apache.org/bridges"; class="externalLink" target="_nw" title="Bridges">Bridges</a> + + + </div> + <div class="clear"> + <hr/> + </div> + </div> + <div id="leftColumn"> + <div id="navcolumn"> + + + <h5>Essentials</h5> + <ul> + <li class="none"> + <a href="../index.html" title="Welcome">Welcome</a> + </li> + <li class="none"> + <a href="../news.html" title="News and Status">News and Status</a> + </li> + <li class="none"> + <a href="../download.html" title="Download">Download</a> + </li> + <li class="none"> + <a href="../getting-started.html" title="Getting Started">Getting Started</a> + </li> + </ul> + <h5>Subprojects</h5> + <ul> + <li class="none"> + <a href=".././portals-gems/index.html" title="Gems">Gems</a> + </li> + <li class="none"> + <a href=".././demo/index.html" title="Demo">Demo</a> + </li> + <li class="none"> + <a href=".././rss-main/index.html" title="RSS">RSS</a> + </li> + <li class="expanded"> + <a href=".././webcontent2/index.html" title="WebContent-2">WebContent-2</a> + <ul> + <li class="none"> + <a href=".././webcontent2/modules-overview.html" title="Modules Overview">Modules Overview</a> + </li> + <li class="none"> + <a href=".././webcontent2/content-rewriter-module.html" title="Content Rewriter Module">Content Rewriter Module</a> + </li> + <li class="none"> + <a href=".././webcontent2/reverse-proxy-module.html" title="Reverse Proxy Module">Reverse Proxy Module</a> + </li> + <li class="none"> + <a href=".././webcontent2/portlets-module.html" title="Portlets Module">Portlets Module</a> + </li> + <li class="none"> + <a href=".././webcontent2/war-module.html" title="WAR Module">WAR Module</a> + </li> + <li class="none"> + <a href=".././webcontent2/build-from-source.html" title="Build from source">Build from source</a> + </li> + <li class="none"> + <a href=".././webcontent2/apidocs/index.html" title="JavaDocs">JavaDocs</a> + </li> + <li class="none"> + <a href=".././webcontent2/faq.html" title="FAQ">FAQ</a> + </li> + </ul> + </li> + <li class="none"> + <a href=".././webcontent/index.html" title="WebContent-1">WebContent-1</a> + </li> + <li class="none"> + <a href=".././dbbrowser/index.html" title="DB Browser">DB Browser</a> + </li> + <li class="none"> + <a href=".././logging/index.html" title="Logging">Logging</a> + </li> + </ul> + <h5>Support</h5> + <ul> + <li class="none"> + <a href="../team-list.html" title="Project Team">Project Team</a> + </li> + <li class="none"> + <a href="../license.html" title="Project License">Project License</a> + </li> + <li class="none"> + <a href="http://wiki.apache.org/portals/applications"; class="externalLink" title="Project Wiki">Project Wiki</a> + </li> + <li class="none"> + <a href="../mail-lists.html" title="Mailing List">Mailing List</a> + </li> + <li class="none"> + <a href="../issue-tracking.html" title="Issue Tracking">Issue Tracking</a> + </li> + </ul> + <a href="http://maven.apache.org/"; title="Built by Maven" class="poweredBy"> + <img class="poweredBy" alt="Built by Maven" src="../images/logos/maven-feather.png" /> + </a> + + + </div> + </div> + <div id="bodyColumn"> + <div id="contentBox"> + <!-- Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version + 2.0 (the "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at - - - - - - - - - - -<html xmlns="http://www.w3.org/1999/xhtml";> - <head> - <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> - <title>Apache Portals Applications - Introduction to Reverse Proxy Service</title> - <style type="text/css" media="all"> - @import url("../css/maven-base.css"); - @import url("../css/maven-theme.css"); - @import url("../css/site.css"); - </style> - <link rel="stylesheet" href="../css/print.css" type="text/css" media="print" /> - </head> - <body class="composite"> - <div id="banner"> - <a href="http://portals.apache.org/"; id="bannerLeft"> - - <img src="../images/apache-portals.gif" alt="" /> - - </a> - <a href="http://portals.apache.org/applications/"; id="bannerRight"> - - Apache Portals Applications - - </a> - <div class="clear"> - <hr/> - </div> - </div> - <div id="breadcrumbs"> - + http://www.apache.org/licenses/LICENSE-2.0 Unless required by + applicable law or agreed to in writing, software distributed under + the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES + OR CONDITIONS OF ANY KIND, either express or implied. See the + License for the specific language governing permissions and + limitations under the License. --> + <div class="section"> +<h2>Overview<a name="Overview"></a></h2> + +<p> + The Reverse Proxy Service is a servlet component which can be used as a + <a class="externalLink" href="http://en.wikipedia.org/wiki/Reverse_proxy";>Reverse Proxy</a>. + Normally, this reverse proxy service is used by the Reverse Proxy IFrame portlet by + replacing the orignial SRC URLs by proxied URLs to this reverse proxy service. + </p> + +<p> + The Reverse Proxy Service is basically stateless like other normal proxy servers. + Client states such as cookies are just passed via the Reverse Proxy Service between clients and the target servers. + This is a difference from other HTTP Client based Web Content Portlets which normally manage client states in the server side. + </p> + +<p> + By using Reverse Proxy service component, more sophisticated content can be + served by setting content rewriting configurations, and also Cross-Domain Scripting can be enabled. + The Web Content Portlet Application includes Reverse Proxy Service servlet and related components. + </p> + + +<p> + <i> + Note: The ReverseProxyService should be able to access application level session attribute + shared by a portlet of IFrameGenericPortlet or its descendant, which is conforming + with the Portlet Specification. + If you are using Tomcat, then be sure to set the following in the server.xml to enable + this proper Portlet API session management requirements. + Modify the Connector element (default on port 8080) by adding the folowing attribute: + </p> +<div class="source"> +<pre>emptySessionPath="true"</pre></div> + </i> + + +<p> + The ReverseProxyService component is initialized by the ReverseProxyServlet configured in the web.xml as follows: + </p> +<div class="source"> +<pre> +<!-- Default Reverse Proxy Servlet --> +<servlet> + <servlet-name>ReverseProxyServlet</servlet-name> + <servlet-class>org.apache.portals.applications.webcontent.proxy.impl.DefaultHttpReverseProxyServlet</servlet-class> + <init-param> + <param-name>reverseproxy.configuration</param-name> + <param-value>/WEB-INF/conf/reverseproxy*.properties</param-value> + </init-param> + <init-param> + <param-name>reverseproxy.configuration.refresh.delay</param-name> + <param-value>60000</param-value> + </init-param> + <load-on-startup>11</load-on-startup> +</servlet> - - - - - - <div class="xleft"> - Last Published: 4 March 2015 - </div> - <div class="xright"> <a href="http://portals.apache.org/"; class="externalLink">Portals</a> - | - <a href="http://portals.apache.org/jetspeed-2"; class="externalLink">Jetspeed-2</a> - | - <a href="http://portals.apache.org/bridges"; class="externalLink">Bridges</a> +<!-- Map /rproxy path to the Default Reverse Proxy Servlet --> +<servlet-mapping> + <servlet-name>ReverseProxyServlet</servlet-name> + <url-pattern>/rproxy/*</url-pattern> +</servlet-mapping> + </pre></div> + + +<p> + The above servlet can have the following init parameters: + </p> +<table border="0" class="bodyTable"> + +<tr class="a"> - +<th>Name</th> + +<th>Example Value</th> + +<th>Description</th> + </tr> + +<tr class="b"> + +<td>reverseproxy.configuration</td> + +<td> + /WEB-INF/conf/reverseproxy.properties<br /> + or<br /> + /WEB-INF/conf/reverseproxy*.properties<br /> + or<br /> + file:///etc/portals/reverseproxy.properties<br /> + or<br /> + file:///etc/portals/reverseproxy*.properties<br /> + or<br /> + classpath:/META-INF/conf/reverseproxy.properties + or<br /> + classpath:/META-INF/conf/reverseproxy*.properties + </td> + +<td> + The context relative path of the configuration properties file. + <br /> + The configuration path can be an absolute file path prefixed by 'file:', + or it can be a classpath resource prefixed by 'classpath:'. + <br /> + Also, the configuration path can contain glob expression, in which case + all configuration files matched to the glob expression are loaded. + </td> + </tr> + +<tr class="a"> + +<td>reverseproxy.configuration.refresh.delay</td> + +<td>60000</td> + +<td> + The milliseconds of automatic refreshing interval. + If this value is set to a positive number, then + the servlet checks if the configuration file has been modified and + it tries to reload the configuration if there's any changes. + By default, this value is set to zero without automatic refreshment. + </td> + </tr> + </table> + + +<p> + In the above servlet mapping configuration, + the entry path mapping of this reverse proxy servlet is set to '/rproxy/*'. + So, the remaining local path info after the '/rproxy' is used to map the path + to the remote url. + This mapping configurations and other sophisticated http parameters are configured + in '/WEB-INF/conf/reverseproxy.properties' by default. + A simple configuration example can be as follows: + </p> +<div class="source"> +<pre> +# A very simple configuration of reverseproxy.properties +# +# Proxy Pass Reverse Mapping configurations for each category +# ... Put the path item names here. Each path item will be evaluated by the order. +proxy.reverse.pass = apache, portals - - - - - - </div> - <div class="clear"> - <hr/> - </div> - </div> - <div id="leftColumn"> - <div id="navcolumn"> - - +proxy.reverse.pass.apache.local = /apache/ +proxy.reverse.pass.apache.remote = http://www.apache.org/ - +proxy.reverse.pass.portals.local = /portals/ +proxy.reverse.pass.portals.remote = http://portals.apache.org/ + </pre></div> + + +<p> + In the above example, just two path mappings are defined: + One for http://www.apache.org/ and the other for http://portals.apache.org/. + For http://www.apache.org/, the local path, /apache/, is mapped. + And for http://portals.apache.org/, the local path, /portals/, is mapped. + </p> + +<p> + That is, the servlet path mappings would be like the followings: + </p> +<ul> + +<li>/webcontent/rproxy/apache/* --> http://www.apache.org/*</li> + +<li>/webcontent/rproxy/portals/* --> http://portals.apache.org/*</li> + </ul> + <i>Note: '/webcontent' is just a context path and '/rproxy' is just a servlet mapping for the reverse proxy servlet.</i> + + +<p> + So, if you visit the reverse proxy url like 'http://localhost:8080/webcontent/rproxy/portals/index.html + in your browser, then you can browse the Apache Portals homepage via the reverse proxy component! + </p> + </div> - - - <h5>Essentials</h5> - <ul> - - <li class="none"> - <a href="../index.html">Welcome</a> - </li> - - <li class="none"> - <a href="../news.html">News and Status</a> - </li> - - <li class="none"> - <a href="../download.html">Download</a> - </li> - - <li class="none"> - <a href="../getting-started.html">Getting Started</a> - </li> - </ul> - <h5>Subprojects</h5> - <ul> +<div class="section"> +<h2>Reverse Proxy Service Configurations<a name="Reverse_Proxy_Service_Configurations"></a></h2> + +<p> + The Reverse Proxy Service uses <a class="externalLink" href="http://commons.apache.org/configuration/";>Commons Configuration</a> to read configuration properties files. + So, you can leverage the power of Commons Configurations to configure properties. Here are two useful tips for that: + </p> +<ul> + +<li> + <i> + Tip #1: Variables, which are previously defined, can be expanded when the configuration has + the variable references wrapped by '${' and '}' like the following example: - <li class="none"> - <a href=".././portals-gems/index.html">Gems</a> +<div class="source"> +<pre> +my.cookie.policy = netscape +proxy.http.client.param.cookiePolicy = ${my.cookie.policy} + </pre></div> + </i> </li> + +<li> + <i> + Tip #2: String array typed configuration variables can be defined in one comma separated line or in multiple lines. + The following two examples are equivalent each other: - <li class="none"> - <a href=".././demo/index.html">Demo</a> - </li> +<div class="source"> +<pre> +proxy.reverse.pass.site1.response.cookie.path.rewrite.include = JSESSIONID, PHPSESSIONID + </pre></div> - <li class="none"> - <a href=".././rss-main/index.html">RSS</a> +<div class="source"> +<pre> +proxy.reverse.pass.site1.response.cookie.path.rewrite.include = JSESSIONID +proxy.reverse.pass.site1.response.cookie.path.rewrite.include = PHPSESSIONID + </pre></div> + </i> </li> - - - + </ul> - +<p> + </p> +<table border="0" class="bodyTable"> + +<tr class="a"> - +<th>Property</th> - +<th>Default Value</th> - +<th>Example Value</th> - +<th>Description</th> + </tr> + +<tr class="b"> + +<td>proxy.http.client.param.allowCircularRedirects</td> + +<td>false</td> + +<td>false</td> + +<td>Flag whether the internal http client object should allow circular redirects.</td> + </tr> + +<tr class="a"> + +<td>proxy.http.client.param.cookiePolicy</td> +<td>best-match</td> + +<td>netscape</td> + +<td> + Flag whether the internal http client object should allow circular redirects. + Please see the documentation of httpclient 4.x on cookie policies. + </td> + </tr> + +<tr class="b"> + +<td>proxy.http.client.default.proxy</td> + +<td></td> + +<td>proxyserver1, proxyserver2</td> + +<td> + The system default comma delimited HTTP proxy names. Each proxy name should be used + in the following configuration properties to set detailed http connection options + for each proxy. + </td> + </tr> + +<tr class="a"> + +<td>proxy.http.client.default.proxy.<proxyname>.hostname</td> + +<td></td> + +<td>proxyserver1</td> + +<td> + <proxyname> should be replaced by the real proxy name. + With this example, you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. + <br /> + The host name of the target of this proxy. + </td> + </tr> + +<tr class="b"> + +<td>proxy.http.client.default.proxy.<proxyname>.port</td> + +<td></td> + +<td>10080</td> + +<td> + <proxyname> should be replaced by the real proxy name. + With this example, you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. + <br /> + The port number of the target of this proxy. + If you don't set this property, it means ANY port is allowed for this proxy. + </td> + </tr> + +<tr class="a"> + +<td>proxy.http.client.default.proxy.<proxyname>.scheme</td> + +<td></td> + +<td>http</td> + +<td> + <proxyname> should be replaced by the real proxy name. + With this example, you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. + <br /> + The scheme of the target of this proxy. + If you don't set this property, it means ANY scheme is allowed for this proxy. + </td> + </tr> + +<tr class="b"> + +<td>proxy.http.connManager.param.maxTotalConnections</td> + +<td>2</td> + +<td>200</td> + +<td> + The maximum http connection counts. + If there's any http connections available, then it will block the request until it gets a connection. + </td> + </tr> + +<tr class="a"> + +<td>proxy.http.connManager.param.timeout</td> + +<td>0</td> + +<td>10000</td> + +<td> + The maximum waiting time to create http connection. + If this is set to zero, it waits without timeout option, so it depends on the system configuration. + </td> + </tr> + +<tr class="b"> + +<td>proxy.http.route.param.defaultMaxPerRoute</td> + +<td></td> + +<td>20</td> + +<td> + The default maximum http connection count per route. + </td> + </tr> + +<tr class="a"> + +<td>proxy.http.route.<routename>.target.hostname</td> + +<td></td> + +<td>portals.apache.org</td> + +<td> + <routename> should be replaced by the real route name. + With this example, you may use 'apache' or 'portals'. + <br /> + The host name of the target of this route. + </td> + </tr> + +<tr class="b"> + +<td>proxy.http.route.<routename>.target.port</td> + +<td></td> + +<td>80</td> + +<td> + <routename> should be replaced by the real route name. + With this example, you may use 'apache' or 'portals'. + <br /> + The port number of the target of this route. + If you don't set this property, it means ANY port is allowed for this route. + </td> + </tr> + +<tr class="a"> + +<td>proxy.http.route.<routename>.target.scheme</td> + +<td></td> + +<td>http</td> + +<td> + <routename> should be replaced by the real route name. + With this example, you may use 'apache' or 'portals'. + <br /> + The scheme of the target of this route. + If you don't set this property, it means ANY scheme is allowed for this route. + </td> + </tr> + +<tr class="b"> + +<td>proxy.http.route.<routename>.maxConnections</td> + +<td></td> + +<td>40</td> + +<td> + <routename> should be replaced by the real route name. + With this example, you may use 'apache' or 'portals'. + <br /> + The maximum http connection count of the target of this route. + </td> + </tr> + +<tr class="a"> + +<td>proxy.http.route.<routename>.local</td> + +<td></td> + +<td></td> + +<td> + <routename> should be replaced by the real route name. + With this example, you may use 'apache' or 'portals'. + <br /> + The local address to connect from. + </td> + </tr> + +<tr class="b"> + +<td>proxy.http.route.<routename>.secure</td> + +<td>false</td> + +<td></td> + +<td> + <routename> should be replaced by the real route name. + With this example, you may use 'apache' or 'portals'. + <br /> + Whether the route is (supposed to be) secure. + </td> + </tr> + +<tr class="a"> + +<td>proxy.http.route.<routename>.tunnelled</td> + +<td>plain</td> + +<td>tunneled</td> + +<td> + <routename> should be replaced by the real route name. + With this example, you may use 'apache' or 'portals'. + <br /> + Whether the the route is tunnelled through the proxy. + </td> + </tr> + +<tr class="b"> + +<td>proxy.http.route.<routename>.layered</td> + +<td>plain</td> + +<td>layered</td> + +<td> + <routename> should be replaced by the real route name. + With this example, you may use 'apache' or 'portals'. + <br /> + Whether the route is layered. + </td> + </tr> + +<tr class="a"> + +<td>proxy.http.route.<routename>.proxy</td> + +<td></td> + +<td>proxyserver1, proxyserver2</td> + +<td> + The comma delimited HTTP proxy names. Each proxy name should be used + in the following configuration properties to set detailed http connection options + for each proxy. + </td> + </tr> + +<tr class="b"> + +<td>proxy.http.route.<routename>.proxy.<proxyname>.hostname</td> + +<td></td> + +<td>proxyserver1</td> + +<td> + <routename> and <proxyname> should be replaced by the real route name and proxy name. + With this example, you may use 'apache' or 'portals' for <routename> + and you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. + <br /> + The host name of the target of this proxy. + </td> + </tr> + +<tr class="a"> + +<td>proxy.http.route.<routename>.proxy.<proxyname>.port</td> + +<td></td> + +<td>10080</td> + +<td> + <routename> and <proxyname> should be replaced by the real route name and proxy name. + With this example, you may use 'apache' or 'portals' for <routename> + and you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. + <br /> + The port number of the target of this proxy. + If you don't set this property, it means ANY port is allowed for this proxy. + </td> + </tr> + +<tr class="b"> + +<td>proxy.http.route.<routename>.proxy.<proxyname>.scheme</td> + +<td></td> + +<td>http</td> + +<td> + <routename> and <proxyname> should be replaced by the real route name and proxy name. + With this example, you may use 'apache' or 'portals' for <routename> + and you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. + <br /> + The scheme of the target of this proxy. + If you don't set this property, it means ANY scheme is allowed for this proxy. + </td> + </tr> + +<tr class="a"> + +<td>proxy.reverse.pass.dynamicProxyPathMapperCacheCount</td> + +<td>1000</td> + +<td>2000</td> + +<td> + The cache count of proxy path mappers which are dynamically created by glob style mappings. + </td> + </tr> + +<tr class="b"> + +<td>proxy.reverse.pass.maxMatchingPathPartCount</td> + +<td>2</td> + +<td>3</td> + +<td> + The max matching path part count. + </td> + </tr> + +<tr class="a"> + +<td>proxy.reverse.pass.reverseProxyRequestContextProviderClassName</td> + +<td></td> + +<td></td> + +<td> + The request context information provider class name, which should implement org.apache.portals.applications.webcontent.proxy.ReverseProxyRequestContextProvider. + The reverse proxy service will use this provider to check if the user of the request is in the specific role when the reverse proxy path resource is secured and + so some specificed allowed roles are configured. + <br /> + If not configured, then the default implementation checks if the user is in the specified role via the provided HttpServletRequest object. + </td> + </tr> + +<tr class="b"> + +<td>proxy.reverse.pass.<pathname>.local</td> + +<td></td> + +<td> + /portals/<br /> + or<br /> + /*.apache/ + </td> + +<td> + <pathname> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The base local path info of the reverse proxy mapping. + For example, if the relative url is '/webcontent/rproxy/portals/index.html', then + because the path info is '/portals/index.html', this path mapping is selected. + <br /> + This property can have a glob expression with '*'. Each '*' expression is translated + into regular expression variable references in the remote URL values. + </td> + </tr> + +<tr class="a"> + +<td>proxy.reverse.pass.<pathname>.remote</td> + +<td></td> + +<td> + http://portals.apache.org/<br /> + or<br /> + http://$1.apache.org/ + </td> + +<td> + <pathname> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The base remote url of the reverse proxy mapping. + For example, if the relative url is '/webcontent/rproxy/portals/index.html', then + because the path info is '/portals/index.html', this path mapping is selected and + the translated remote url can be 'http://portals.apache.org/index.html'. + </td> + </tr> + +<tr class="b"> + +<td>proxy.reverse.pass.<pathname>.roles.allow</td> + +<td></td> + +<td> + dev<br /> + or<br /> + account, engineering + </td> + +<td> + <pathname> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + When this property is set, the reverse proxy path resource is secured. + The request user should be in the specified roles to access this resource. + <br /> + By default, it is checked via javax.servlet.http.HttpServletRequest#isUserInRole(role). + However, you could provide a customized request context provider implementation with + proxy.reverse.pass.reverseProxyRequestContextProviderClassName property. + </td> + </tr> + +<tr class="a"> + +<td>proxy.reverse.pass.<pathname>.rewriter.basic</td> + +<td></td> + +<td> + org.apache.portals.applications. webcontent.rewriter. WebContentRewriter + </td> + +<td> + <pathname> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The basic content rewriter class name. + </td> + </tr> + +<tr class="b"> + +<td>proxy.reverse.pass.<pathname>.rewriter.basic.property.<propertyName></td> + +<td></td> + +<td>propertyValue</td> + +<td> + <pathname> and >propertyName< should be replaced by the real property name. + <br /> + Sets property with the value on the basic rewriter bean instance. + </td> + </tr> + +<tr class="a"> + +<td>proxy.reverse.pass.<pathname>.rewriter.rulebased</td> + +<td></td> + +<td> + org.apache.portals.applications. webcontent.rewriter. WebContentRewriter + </td> + +<td> + <pathname> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The rule-based content rewriter class name. + </td> + </tr> + +<tr class="b"> + +<td>proxy.reverse.pass.<pathname>.rewriter.rulebased.property.<propertyName></td> + +<td></td> + +<td>propertyValue</td> + +<td> + <pathname> and >propertyName< should be replaced by the real property name. + <br /> + Sets property with the value on the rule-based rewriter bean instance. + </td> + </tr> + +<tr class="a"> + +<td>proxy.reverse.pass.<pathname>.rewriter.parserAdaptor</td> + +<td></td> + +<td> + html, xml + </td> + +<td> + <pathname> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The comma delimited parser adaptor names. Each parser adaptor name should be used + in the following configuration properties to set detailed parser adaptor properties. + </td> + </tr> + +<tr class="b"> + +<td>proxy.reverse.pass.<pathname>.rewriter.parserAdaptor.<parserAdaptorName></td> + +<td></td> + +<td> + org.apache.portals.applications .webcontent.rewriter.html.neko .NekoParserAdaptor + </td> + +<td> + <pathname> and <parserAdaptorName> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname> + and you may use 'html' or 'xml' for <parserAdaptorName>. + <br /> + The parser adaptor class name. + </td> + </tr> + +<tr class="a"> + +<td>proxy.reverse.pass.<pathname>.rewriter.parserAdaptor.<parserAdaptorName>.mimeType</td> + +<td></td> + +<td> + text/html + </td> + +<td> + <pathname> and <parserAdaptorName> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname> + and you may use 'html' or 'xml' for <parserAdaptorName>. + <br /> + The mime type which this parser adaptor concerns. + </td> + </tr> + +<tr class="b"> + +<td>proxy.reverse.pass.<pathname>.rewriter.parserAdaptor.<parserAdaptorName>.<propertyName></td> + +<td></td> + +<td>propertyValue</td> + +<td> + <pathname>, <parserAdaptorName> and >propertyName< should be replaced by the real property name. + <br /> + Sets property with the value on the rule-based rewriter bean instance. + </td> + </tr> + +<tr class="a"> + +<td>proxy.reverse.pass.<pathname>.rewriter.ruleMappings</td> + +<td></td> + +<td> + /WEB-INF/conf/rewriter-rules-mapping.xml + </td> + +<td> + <pathname> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The rewriting rule mappings configuration and + rewriter rule definition. + <br /> + The configuration path can be an absolute file path prefixed by 'file:', + or it can be a classpath resource prefixed by 'classpath:'. + </td> + </tr> + +<tr class="b"> + +<td>proxy.reverse.pass.<pathname>.rewriter.rules</td> + +<td></td> + +<td> + /WEB-INF/conf/default-rewriter-rules.xml + </td> + +<td> + <pathname> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The rewriter rules definition. + <br /> + The configuration path can be an absolute file path prefixed by 'file:', + or it can be a classpath resource prefixed by 'classpath:'. + </td> + </tr> + +<tr class="a"> + +<td>proxy.reverse.pass.<pathname>.request.header.<headerName></td> + +<td></td> + +<td> + proxy.reverse.pass.somewhere.request.header.Accept-Language = en + </td> + +<td> + <pathname> and <headerName> should be replaced by the real path name and header name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The default request header values which are sent to the target remote url. + </td> + </tr> + +<tr class="b"> + +<td>proxy.reverse.pass.<pathname>.request.cookie.<cookieName></td> + +<td></td> + +<td> + proxy.reverse.pass.somewhere.request.cookie.Custom1 = Value1 + </td> + +<td> + <pathname> and <cookieName> should be replaced by the real path name and cookie name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The default request cookies which are sent to the target remote url. + </td> + </tr> + +<tr class="a"> + +<td>proxy.reverse.pass.<pathname>.response.cookie.path.rewrite.include</td> + +<td></td> + +<td> + JSESSIONID, PHPSESSIONID + </td> + +<td> + <pathname> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The cookies which should have rewritten paths. + By default, every cookie path is rewritten if there's no inclusion/exclusion configuration. + </td> + </tr> + +<tr class="b"> + +<td>proxy.reverse.pass.<pathname>.response.cookie.path.rewrite.exclude</td> + +<td></td> + +<td> + CUSTOM1, CUSTOM2 + </td> + +<td> + <pathname> should be replaced by the real path name. + With this example, you may use 'apache' or 'portals' for <pathname>. + <br /> + The cookies which should have the original path as provided by the target web site. + If a cookie name is configured as an exclusion one, then the path of the cookie is not rewritten. + By default, every cookie path is rewritten if there's no inclusion/exclusion configuration. + </td> + </tr> + </table> + </div> + + +<div class="section"> +<h2>Example Reverse Proxy Mapping Configurations<a name="Example_Reverse_Proxy_Mapping_Configurations"></a></h2> + + +<div class="section"> +<h3>Simple Reverse Proxy Mapping<a name="Simple_Reverse_Proxy_Mapping"></a></h3> + +<p> + In this example, we configure a simple reverse proxy mapping from the local path, /apache/, to the remote target path, http://apache.org/. + With this example configuration, the mappings are like the following: + </p> +<ul> + +<li>/webcontent/rproxy/apache/index.html --> http://apache.org/index.html</li> + +<li>/webcontent/rproxy/apache/foundation/ --> http://apahce.org/foundataion/</li> +<li>...</li> + </ul> + + +<div class="source"> +<pre> +# Registers a mapping named 'apache' by the following line +proxy.reverse.pass = apache +# Sets the local path +proxy.reverse.pass.apache.local = /apache/ +# Sets the remote target path +proxy.reverse.pass.apache.remote = http://apache.org/ +# Sets the default web content rewriter to rewrite contents such as links +proxy.reverse.pass.apache.rewriter.basic = org.apache.portals.applications.webcontent.rewriter.WebContentRewriter +# Registers the mime type named 'html' for a parser adaptor +proxy.reverse.pass.apache.rewriter.parserAdaptor = html +# Sets the parse adaptor for the html mime type name. +proxy.reverse.pass.apache.rewriter.parserAdaptor.html = org.apache.portals.applications.webcontent.proxy.impl.DefaultReverseProxyLinkRewritingParserAaptor +# Sets the mime type string for the registered 'html' mime type name +proxy.reverse.pass.apache.rewriter.parserAdaptor.html.mimeType = text/html +# Sets the flag if the content rewriter should check all reverse proxy mappings during link rewriting +proxy.reverse.pass.apache.rewriter.parserAdaptor.html.property.lookUpAllMappings = true + </pre></div> + +<p> + + </p> + </div> - - <li class="expanded"> - <a href=".././webcontent2/index.html">WebContent-2</a> - <ul> - - <li class="none"> - <a href=".././webcontent2/modules-overview.html">Modules Overview</a> - </li> - - <li class="none"> - <a href=".././webcontent2/content-rewriter-module.html">Content Rewriter Module</a> - </li> - - <li class="none"> - <a href=".././webcontent2/reverse-proxy-module.html">Reverse Proxy Module</a> - </li> - - <li class="none"> - <a href=".././webcontent2/portlets-module.html">Portlets Module</a> - </li> - - <li class="none"> - <a href=".././webcontent2/war-module.html">WAR Module</a> - </li> - - <li class="none"> - <a href=".././webcontent2/build-from-source.html">Build from source</a> - </li> - - <li class="none"> - <a href=".././webcontent2/apidocs/index.html">JavaDocs</a> - </li> - - <li class="none"> - <a href=".././webcontent2/faq.html">FAQ</a> - </li> - </ul> - </li> - - <li class="none"> - <a href=".././webcontent/index.html">WebContent-1</a> - </li> - - <li class="none"> - <a href=".././dbbrowser/index.html">DB Browser</a> - </li> - - <li class="none"> - <a href=".././logging/index.html">Logging</a> - </li> + +<div class="section"> +<h3>Secured Reverse Proxy Mapping<a name="Secured_Reverse_Proxy_Mapping"></a></h3> + +<p> + In this example, we configure a secured reverse proxy mapping from the local path to the secured remote target path. + The only difference is that the remote target path starts with 'https:' instead of 'http:'. + With this example configuration, the mappings are like the following: + </p> +<ul> + +<li>/webcontent/rproxy/secure/blogs/ --> https://blogs.apache.org/</li> + +<li>...</li> </ul> - <h5>Support</h5> - <ul> - - <li class="none"> - <a href="../team-list.html">Project Team</a> - </li> - - <li class="none"> - <a href="../license.html">Project License</a> - </li> - - <li class="none"> - <a href="http://wiki.apache.org/portals/applications"; class="externalLink">Project Wiki</a> - </li> - - <li class="none"> - <a href="../mail-lists.html">Mailing List</a> - </li> - - <li class="none"> - <a href="../issue-tracking.html">Issue Tracking</a> - </li> + + +<div class="source"> +<pre> +proxy.reverse.pass = secure_blogs +proxy.reverse.pass.secure_blogs.local = /secure/blogs/ +proxy.reverse.pass.secure_blogs.remote = https://blogs.apache.org/ +proxy.reverse.pass.secure_blogs.rewriter.basic = org.apache.portals.applications.webcontent.rewriter.WebContentRewriter +proxy.reverse.pass.secure_blogs.rewriter.parserAdaptor = html +proxy.reverse.pass.secure_blogs.rewriter.parserAdaptor.html = org.apache.portals.applications.webcontent.proxy.impl.DefaultReverseProxyLinkRewritingParserAaptor +proxy.reverse.pass.secure_blogs.rewriter.parserAdaptor.html.mimeType = text/html +proxy.reverse.pass.secure_blogs.rewriter.parserAdaptor.html.property.lookUpAllMappings = true + </pre></div> + +<p> + + </p> + </div> + + +<div class="section"> +<h3>Glob-based Reverse Proxy Mapping<a name="Glob-based_Reverse_Proxy_Mapping"></a></h3> + +<p> + In this example, we configure a glob-based reverse proxy mapping from the local paths to the remote target paths. + With this example configuration, you can add multiple mappings like the followings: + </p> +<ul> + +<li>/webcontent/rproxy/www_apache/* --> http://www.apache.org/*</li> + +<li>/webcontent/rproxy/projects_apache/* --> http://projects.apache.org/*</li> + +<li>/webcontent/rproxy/people_apache/* --> http://people.apache.org/*</li> + +<li>/webcontent/rproxy/blogs_apache/* --> http://blogs.apache.org/*</li> + +<li>...</li> </ul> - <a href="http://maven.apache.org/"; title="Built by Maven" class="poweredBy"> - <img alt="Built by Maven" src="../images/logos/maven-feather.png"></img> - </a> - - - - - - - - - </div> - </div> - <div id="bodyColumn"> - <div id="contentBox"> - <subtitle></subtitle><div class="section"><h2><a name="Overview"></a>Overview</h2> -<p> - The Reverse Proxy Service is a servlet component which can be used as a - <a class="externalLink" href="http://en.wikipedia.org/wiki/Reverse_proxy";>Reverse Proxy</a>. - Normally, this reverse proxy service is used by the Reverse Proxy IFrame portlet by - replacing the orignial SRC URLs by proxied URLs to this reverse proxy service. - </p> -<p> - The Reverse Proxy Service is basically stateless like other normal proxy servers. - Client states such as cookies are just passed via the Reverse Proxy Service between clients and the target servers. - This is a difference from other HTTP Client based Web Content Portlets which normally manage client states in the server side. - </p> -<p> - By using Reverse Proxy service component, more sophisticated content can be - served by setting content rewriting configurations, and also Cross-Domain Scripting can be enabled. - The Web Content Portlet Application includes Reverse Proxy Service servlet and related components. - </p> -<p><em> - Note: The ReverseProxyService should be able to access application level session attribute - shared by a portlet of IFrameGenericPortlet or its descendant, which is conforming - with the Portlet Specification. - If you are using Tomcat, then be sure to set the following in the server.xml to enable - this proper Portlet API session management requirements. - Modify the Connector element (default on port 8080) by adding the folowing attribute: - <div class="source"><pre>emptySessionPath="true"</pre> -</div> -</em></p> -<p> - The ReverseProxyService component is initialized by the ReverseProxyServlet configured in the web.xml as follows: - <div class="source"><pre> -<!-- Default Reverse Proxy Servlet --> -<servlet> - <servlet-name>ReverseProxyServlet</servlet-name> - <servlet-class>org.apache.portals.applications.webcontent.proxy.impl.DefaultHttpReverseProxyServlet</servlet-class> - <init-param> - <param-name>reverseproxy.configuration</param-name> - <param-value>/WEB-INF/conf/reverseproxy*.properties</param-value> - </init-param> - <init-param> - <param-name>reverseproxy.configuration.refresh.delay</param-name> - <param-value>60000</param-value> - </init-param> - <load-on-startup>11</load-on-startup> -</servlet> - -<!-- Map /rproxy path to the Default Reverse Proxy Servlet --> -<servlet-mapping> - <servlet-name>ReverseProxyServlet</servlet-name> - <url-pattern>/rproxy/*</url-pattern> -</servlet-mapping> - </pre> -</div> -</p> -<p> - The above servlet can have the following init parameters: - <table class="bodyTable"><tr class="a"><th>Name</th> -<th>Example Value</th> -<th>Description</th> -</tr> -<tr class="b"><td>reverseproxy.configuration</td> -<td> - /WEB-INF/conf/reverseproxy.properties<br /> - - or<br /> - - /WEB-INF/conf/reverseproxy*.properties<br /> - - or<br /> - - file:///etc/portals/reverseproxy.properties<br /> - - or<br /> - - file:///etc/portals/reverseproxy*.properties<br /> - - or<br /> - - classpath:/META-INF/conf/reverseproxy.properties - or<br /> - - classpath:/META-INF/conf/reverseproxy*.properties - </td> -<td> - The context relative path of the configuration properties file. - <br /> - - The configuration path can be an absolute file path prefixed by 'file:', - or it can be a classpath resource prefixed by 'classpath:'. - <br /> - - Also, the configuration path can contain glob expression, in which case - all configuration files matched to the glob expression are loaded. - </td> -</tr> -<tr class="a"><td>reverseproxy.configuration.refresh.delay</td> -<td>60000</td> -<td> - The milliseconds of automatic refreshing interval. - If this value is set to a positive number, then - the servlet checks if the configuration file has been modified and - it tries to reload the configuration if there's any changes. - By default, this value is set to zero without automatic refreshment. - </td> -</tr> -</table> -</p> -<p> - In the above servlet mapping configuration, - the entry path mapping of this reverse proxy servlet is set to '/rproxy/*'. - So, the remaining local path info after the '/rproxy' is used to map the path - to the remote url. - This mapping configurations and other sophisticated http parameters are configured - in '/WEB-INF/conf/reverseproxy.properties' by default. - A simple configuration example can be as follows: - <div class="source"><pre> -# A very simple configuration of reverseproxy.properties -# -# Proxy Pass Reverse Mapping configurations for each category -# ... Put the path item names here. Each path item will be evaluated by the order. -proxy.reverse.pass = apache, portals - -proxy.reverse.pass.apache.local = /apache/ -proxy.reverse.pass.apache.remote = http://www.apache.org/ - -proxy.reverse.pass.portals.local = /portals/ -proxy.reverse.pass.portals.remote = http://portals.apache.org/ - </pre> -</div> -</p> -<p> - In the above example, just two path mappings are defined: - One for http://www.apache.org/ and the other for http://portals.apache.org/. - For http://www.apache.org/, the local path, /apache/, is mapped. - And for http://portals.apache.org/, the local path, /portals/, is mapped. - </p> -<p> - That is, the servlet path mappings would be like the followings: - <ul><li>/webcontent/rproxy/apache/* --> http://www.apache.org/*</li> -<li>/webcontent/rproxy/portals/* --> http://portals.apache.org/*</li> -</ul> -<em>Note: '/webcontent' is just a context path and '/rproxy' is just a servlet mapping for the reverse proxy servlet.</em></p> -<p> - So, if you visit the reverse proxy url like 'http://localhost:8080/webcontent/rproxy/portals/index.html - in your browser, then you can browse the Apache Portals homepage via the reverse proxy component! - </p> -</div> -<div class="section"><h2><a name="Reverse_Proxy_Service_Configurations"></a>Reverse Proxy Service Configurations</h2> -<p> - The Reverse Proxy Service uses <a class="externalLink" href="http://commons.apache.org/configuration/";>Commons Configuration</a> to read configuration properties files. - So, you can leverage the power of Commons Configurations to configure properties. Here are two useful tips for that: - <ul><li><em> - Tip #1: Variables, which are previously defined, can be expanded when the configuration has - the variable references wrapped by '${' and '}' like the following example: - <div class="source"><pre> -my.cookie.policy = netscape -proxy.http.client.param.cookiePolicy = ${my.cookie.policy} - </pre> -</div> -</em></li> -<li><em> - Tip #2: String array typed configuration variables can be defined in one comma separated line or in multiple lines. - The following two examples are equivalent each other: - <div class="source"><pre> -proxy.reverse.pass.site1.response.cookie.path.rewrite.include = JSESSIONID, PHPSESSIONID - </pre> -</div> -<div class="source"><pre> -proxy.reverse.pass.site1.response.cookie.path.rewrite.include = JSESSIONID -proxy.reverse.pass.site1.response.cookie.path.rewrite.include = PHPSESSIONID - </pre> -</div> -</em></li> -</ul> -</p> -<p><table class="bodyTable"><tr class="b"><th>Property</th> -<th>Default Value</th> -<th>Example Value</th> -<th>Description</th> -</tr> -<tr class="a"><td>proxy.http.client.param.allowCircularRedirects</td> -<td>false</td> -<td>false</td> -<td>Flag whether the internal http client object should allow circular redirects.</td> -</tr> -<tr class="b"><td>proxy.http.client.param.cookiePolicy</td> -<td>best-match</td> -<td>netscape</td> -<td> - Flag whether the internal http client object should allow circular redirects. - Please see the documentation of httpclient 4.x on cookie policies. - </td> -</tr> -<tr class="a"><td>proxy.http.client.default.proxy</td> -<td></td> -<td>proxyserver1, proxyserver2</td> -<td> - The system default comma delimited HTTP proxy names. Each proxy name should be used - in the following configuration properties to set detailed http connection options - for each proxy. - </td> -</tr> -<tr class="b"><td>proxy.http.client.default.proxy.<proxyname>.hostname</td> -<td></td> -<td>proxyserver1</td> -<td> - <proxyname> should be replaced by the real proxy name. - With this example, you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. - <br /> - - The host name of the target of this proxy. - </td> -</tr> -<tr class="a"><td>proxy.http.client.default.proxy.<proxyname>.port</td> -<td></td> -<td>10080</td> -<td> - <proxyname> should be replaced by the real proxy name. - With this example, you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. - <br /> - - The port number of the target of this proxy. - If you don't set this property, it means ANY port is allowed for this proxy. - </td> -</tr> -<tr class="b"><td>proxy.http.client.default.proxy.<proxyname>.scheme</td> -<td></td> -<td>http</td> -<td> - <proxyname> should be replaced by the real proxy name. - With this example, you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. - <br /> - - The scheme of the target of this proxy. - If you don't set this property, it means ANY scheme is allowed for this proxy. - </td> -</tr> -<tr class="a"><td>proxy.http.connManager.param.maxTotalConnections</td> -<td>2</td> -<td>200</td> -<td> - The maximum http connection counts. - If there's any http connections available, then it will block the request until it gets a connection. - </td> -</tr> -<tr class="b"><td>proxy.http.connManager.param.timeout</td> -<td>0</td> -<td>10000</td> -<td> - The maximum waiting time to create http connection. - If this is set to zero, it waits without timeout option, so it depends on the system configuration. - </td> -</tr> -<tr class="a"><td>proxy.http.route.param.defaultMaxPerRoute</td> -<td></td> -<td>20</td> -<td> - The default maximum http connection count per route. - </td> -</tr> -<tr class="b"><td>proxy.http.route.<routename>.target.hostname</td> -<td></td> -<td>portals.apache.org</td> -<td> - <routename> should be replaced by the real route name. - With this example, you may use 'apache' or 'portals'. - <br /> - - The host name of the target of this route. - </td> -</tr> -<tr class="a"><td>proxy.http.route.<routename>.target.port</td> -<td></td> -<td>80</td> -<td> - <routename> should be replaced by the real route name. - With this example, you may use 'apache' or 'portals'. - <br /> - - The port number of the target of this route. - If you don't set this property, it means ANY port is allowed for this route. - </td> -</tr> -<tr class="b"><td>proxy.http.route.<routename>.target.scheme</td> -<td></td> -<td>http</td> -<td> - <routename> should be replaced by the real route name. - With this example, you may use 'apache' or 'portals'. - <br /> - - The scheme of the target of this route. - If you don't set this property, it means ANY scheme is allowed for this route. - </td> -</tr> -<tr class="a"><td>proxy.http.route.<routename>.maxConnections</td> -<td></td> -<td>40</td> -<td> - <routename> should be replaced by the real route name. - With this example, you may use 'apache' or 'portals'. - <br /> - - The maximum http connection count of the target of this route. - </td> -</tr> -<tr class="b"><td>proxy.http.route.<routename>.local</td> -<td></td> -<td></td> -<td> - <routename> should be replaced by the real route name. - With this example, you may use 'apache' or 'portals'. - <br /> - - The local address to connect from. - </td> -</tr> -<tr class="a"><td>proxy.http.route.<routename>.secure</td> -<td>false</td> -<td></td> -<td> - <routename> should be replaced by the real route name. - With this example, you may use 'apache' or 'portals'. - <br /> - - Whether the route is (supposed to be) secure. - </td> -</tr> -<tr class="b"><td>proxy.http.route.<routename>.tunnelled</td> -<td>plain</td> -<td>tunneled</td> -<td> - <routename> should be replaced by the real route name. - With this example, you may use 'apache' or 'portals'. - <br /> - - Whether the the route is tunnelled through the proxy. - </td> -</tr> -<tr class="a"><td>proxy.http.route.<routename>.layered</td> -<td>plain</td> -<td>layered</td> -<td> - <routename> should be replaced by the real route name. - With this example, you may use 'apache' or 'portals'. - <br /> - - Whether the route is layered. - </td> -</tr> -<tr class="b"><td>proxy.http.route.<routename>.proxy</td> -<td></td> -<td>proxyserver1, proxyserver2</td> -<td> - The comma delimited HTTP proxy names. Each proxy name should be used - in the following configuration properties to set detailed http connection options - for each proxy. - </td> -</tr> -<tr class="a"><td>proxy.http.route.<routename>.proxy.<proxyname>.hostname</td> -<td></td> -<td>proxyserver1</td> -<td> - <routename> and <proxyname> should be replaced by the real route name and proxy name. - With this example, you may use 'apache' or 'portals' for <routename> - and you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. - <br /> - - The host name of the target of this proxy. - </td> -</tr> -<tr class="b"><td>proxy.http.route.<routename>.proxy.<proxyname>.port</td> -<td></td> -<td>10080</td> -<td> - <routename> and <proxyname> should be replaced by the real route name and proxy name. - With this example, you may use 'apache' or 'portals' for <routename> - and you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. - <br /> - - The port number of the target of this proxy. - If you don't set this property, it means ANY port is allowed for this proxy. - </td> -</tr> -<tr class="a"><td>proxy.http.route.<routename>.proxy.<proxyname>.scheme</td> -<td></td> -<td>http</td> -<td> - <routename> and <proxyname> should be replaced by the real route name and proxy name. - With this example, you may use 'apache' or 'portals' for <routename> - and you may use 'proxyserver1' or 'proxyserver2' for <proxyname>. - <br /> - - The scheme of the target of this proxy. - If you don't set this property, it means ANY scheme is allowed for this proxy. - </td> -</tr> -<tr class="b"><td>proxy.reverse.pass.dynamicProxyPathMapperCacheCount</td> -<td>1000</td> -<td>2000</td> -<td> - The cache count of proxy path mappers which are dynamically created by glob style mappings. - </td> -</tr> -<tr class="a"><td>proxy.reverse.pass.maxMatchingPathPartCount</td> -<td>2</td> -<td>3</td> -<td> - The max matching path part count. - </td> -</tr> -<tr class="b"><td>proxy.reverse.pass.reverseProxyRequestContextProviderClassName</td> -<td></td> -<td></td> -<td> - The request context information provider class name, which should implement org.apache.portals.applications.webcontent.proxy.ReverseProxyRequestContextProvider. - The reverse proxy service will use this provider to check if the user of the request is in the specific role when the reverse proxy path resource is secured and - so some specificed allowed roles are configured. - <br /> - - If not configured, then the default implementation checks if the user is in the specified role via the provided HttpServletRequest object. - </td> -</tr> -<tr class="a"><td>proxy.reverse.pass.<pathname>.local</td> -<td></td> -<td> - /portals/<br /> - - or<br /> - - /*.apache/ - </td> -<td> - <pathname> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The base local path info of the reverse proxy mapping. - For example, if the relative url is '/webcontent/rproxy/portals/index.html', then - because the path info is '/portals/index.html', this path mapping is selected. - <br /> - - This property can have a glob expression with '*'. Each '*' expression is translated - into regular expression variable references in the remote URL values. - </td> -</tr> -<tr class="b"><td>proxy.reverse.pass.<pathname>.remote</td> -<td></td> -<td> - http://portals.apache.org/<br /> - - or<br /> - - http://$1.apache.org/ - </td> -<td> - <pathname> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The base remote url of the reverse proxy mapping. - For example, if the relative url is '/webcontent/rproxy/portals/index.html', then - because the path info is '/portals/index.html', this path mapping is selected and - the translated remote url can be 'http://portals.apache.org/index.html'. - </td> -</tr> -<tr class="a"><td>proxy.reverse.pass.<pathname>.roles.allow</td> -<td></td> -<td> - dev<br /> - - or<br /> - - account, engineering - </td> -<td> - <pathname> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - When this property is set, the reverse proxy path resource is secured. - The request user should be in the specified roles to access this resource. - <br /> - - By default, it is checked via javax.servlet.http.HttpServletRequest#isUserInRole(role). - However, you could provide a customized request context provider implementation with - <CODE>proxy.reverse.pass.reverseProxyRequestContextProviderClassName</CODE> property. - </td> -</tr> -<tr class="b"><td>proxy.reverse.pass.<pathname>.rewriter.basic</td> -<td></td> -<td> - org.apache.portals.applications. webcontent.rewriter. WebContentRewriter - </td> -<td> - <pathname> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The basic content rewriter class name. - </td> -</tr> -<tr class="a"><td>proxy.reverse.pass.<pathname>.rewriter.basic.property.<propertyName></td> -<td></td> -<td>propertyValue</td> -<td> - <pathname> and >propertyName< should be replaced by the real property name. - <br /> - - Sets property with the value on the basic rewriter bean instance. - </td> -</tr> -<tr class="b"><td>proxy.reverse.pass.<pathname>.rewriter.rulebased</td> -<td></td> -<td> - org.apache.portals.applications. webcontent.rewriter. WebContentRewriter - </td> -<td> - <pathname> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The rule-based content rewriter class name. - </td> -</tr> -<tr class="a"><td>proxy.reverse.pass.<pathname>.rewriter.rulebased.property.<propertyName></td> -<td></td> -<td>propertyValue</td> -<td> - <pathname> and >propertyName< should be replaced by the real property name. - <br /> - - Sets property with the value on the rule-based rewriter bean instance. - </td> -</tr> -<tr class="b"><td>proxy.reverse.pass.<pathname>.rewriter.parserAdaptor</td> -<td></td> -<td> - html, xml - </td> -<td> - <pathname> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The comma delimited parser adaptor names. Each parser adaptor name should be used - in the following configuration properties to set detailed parser adaptor properties. - </td> -</tr> -<tr class="a"><td>proxy.reverse.pass.<pathname>.rewriter.parserAdaptor.<parserAdaptorName></td> -<td></td> -<td> - org.apache.portals.applications .webcontent.rewriter.html.neko .NekoParserAdaptor - </td> -<td> - <pathname> and <parserAdaptorName> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname> - and you may use 'html' or 'xml' for <parserAdaptorName>. - <br /> - - The parser adaptor class name. - </td> -</tr> -<tr class="b"><td>proxy.reverse.pass.<pathname>.rewriter.parserAdaptor.<parserAdaptorName>.mimeType</td> -<td></td> -<td> - text/html - </td> -<td> - <pathname> and <parserAdaptorName> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname> - and you may use 'html' or 'xml' for <parserAdaptorName>. - <br /> - - The mime type which this parser adaptor concerns. - </td> -</tr> -<tr class="a"><td>proxy.reverse.pass.<pathname>.rewriter.parserAdaptor.<parserAdaptorName>.<propertyName></td> -<td></td> -<td>propertyValue</td> -<td> - <pathname>, <parserAdaptorName> and >propertyName< should be replaced by the real property name. - <br /> - - Sets property with the value on the rule-based rewriter bean instance. - </td> -</tr> -<tr class="b"><td>proxy.reverse.pass.<pathname>.rewriter.ruleMappings</td> -<td></td> -<td> - /WEB-INF/conf/rewriter-rules-mapping.xml - </td> -<td> - <pathname> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The rewriting rule mappings configuration and - rewriter rule definition. - <br /> - - The configuration path can be an absolute file path prefixed by 'file:', - or it can be a classpath resource prefixed by 'classpath:'. - </td> -</tr> -<tr class="a"><td>proxy.reverse.pass.<pathname>.rewriter.rules</td> -<td></td> -<td> - /WEB-INF/conf/default-rewriter-rules.xml - </td> -<td> - <pathname> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The rewriter rules definition. - <br /> - - The configuration path can be an absolute file path prefixed by 'file:', - or it can be a classpath resource prefixed by 'classpath:'. - </td> -</tr> -<tr class="b"><td>proxy.reverse.pass.<pathname>.request.header.<headerName></td> -<td></td> -<td> - proxy.reverse.pass.somewhere.request.header.Accept-Language = en - </td> -<td> - <pathname> and <headerName> should be replaced by the real path name and header name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The default request header values which are sent to the target remote url. - </td> -</tr> -<tr class="a"><td>proxy.reverse.pass.<pathname>.request.cookie.<cookieName></td> -<td></td> -<td> - proxy.reverse.pass.somewhere.request.cookie.Custom1 = Value1 - </td> -<td> - <pathname> and <cookieName> should be replaced by the real path name and cookie name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The default request cookies which are sent to the target remote url. - </td> -</tr> -<tr class="b"><td>proxy.reverse.pass.<pathname>.response.cookie.path.rewrite.include</td> -<td></td> -<td> - JSESSIONID, PHPSESSIONID - </td> -<td> - <pathname> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The cookies which should have rewritten paths. - By default, every cookie path is rewritten if there's no inclusion/exclusion configuration. - </td> -</tr> -<tr class="a"><td>proxy.reverse.pass.<pathname>.response.cookie.path.rewrite.exclude</td> -<td></td> -<td> - CUSTOM1, CUSTOM2 - </td> -<td> - <pathname> should be replaced by the real path name. - With this example, you may use 'apache' or 'portals' for <pathname>. - <br /> - - The cookies which should have the original path as provided by the target web site. - If a cookie name is configured as an exclusion one, then the path of the cookie is not rewritten. - By default, every cookie path is rewritten if there's no inclusion/exclusion configuration. - </td> -</tr> -</table> -</p> -</div> -<div class="section"><h2><a name="Example_Reverse_Proxy_Mapping_Configurations"></a>Example Reverse Proxy Mapping Configurations</h2> -<div class="section"><h3><a name="Simple_Reverse_Proxy_Mapping"></a>Simple Reverse Proxy Mapping</h3> -<p> - In this example, we configure a simple reverse proxy mapping from the local path, /apache/, to the remote target path, http://apache.org/. - With this example configuration, the mappings are like the following: - <ul><li>/webcontent/rproxy/apache/index.html --> http://apache.org/index.html</li> -<li>/webcontent/rproxy/apache/foundation/ --> http://apahce.org/foundataion/</li> -<li>...</li> -</ul> -</p> -<div class="source"><pre> -# Registers a mapping named 'apache' by the following line -proxy.reverse.pass = apache -# Sets the local path -proxy.reverse.pass.apache.local = /apache/ -# Sets the remote target path -proxy.reverse.pass.apache.remote = http://apache.org/ -# Sets the default web content rewriter to rewrite contents such as links -proxy.reverse.pass.apache.rewriter.basic = org.apache.portals.applications.webcontent.rewriter.WebContentRewriter -# Registers the mime type named 'html' for a parser adaptor -proxy.reverse.pass.apache.rewriter.parserAdaptor = html -# Sets the parse adaptor for the html mime type name. -proxy.reverse.pass.apache.rewriter.parserAdaptor.html = org.apache.portals.applications.webcontent.proxy.impl.DefaultReverseProxyLinkRewritingParserAaptor -# Sets the mime type string for the registered 'html' mime type name -proxy.reverse.pass.apache.rewriter.parserAdaptor.html.mimeType = text/html -# Sets the flag if the content rewriter should check all reverse proxy mappings during link rewriting -proxy.reverse.pass.apache.rewriter.parserAdaptor.html.property.lookUpAllMappings = true - </pre> -</div> -<p></p> -</div> -<div class="section"><h3><a name="Secured_Reverse_Proxy_Mapping"></a>Secured Reverse Proxy Mapping</h3> -<p> - In this example, we configure a secured reverse proxy mapping from the local path to the secured remote target path. - The only difference is that the remote target path starts with 'https:' instead of 'http:'. - With this example configuration, the mappings are like the following: - <ul><li>/webcontent/rproxy/secure/blogs/ --> https://blogs.apache.org/</li> -<li>...</li> -</ul> -</p> -<div class="source"><pre> -proxy.reverse.pass = secure_blogs -proxy.reverse.pass.secure_blogs.local = /secure/blogs/ -proxy.reverse.pass.secure_blogs.remote = https://blogs.apache.org/ -proxy.reverse.pass.secure_blogs.rewriter.basic = org.apache.portals.applications.webcontent.rewriter.WebContentRewriter -proxy.reverse.pass.secure_blogs.rewriter.parserAdaptor = html -proxy.reverse.pass.secure_blogs.rewriter.parserAdaptor.html = org.apache.portals.applications.webcontent.proxy.impl.DefaultReverseProxyLinkRewritingParserAaptor -proxy.reverse.pass.secure_blogs.rewriter.parserAdaptor.html.mimeType = text/html -proxy.reverse.pass.secure_blogs.rewriter.parserAdaptor.html.property.lookUpAllMappings = true - </pre> -</div> -<p></p> -</div> -<div class="section"><h3><a name="Glob-based_Reverse_Proxy_Mapping"></a>Glob-based Reverse Proxy Mapping</h3> -<p> - In this example, we configure a glob-based reverse proxy mapping from the local paths to the remote target paths. - With this example configuration, you can add multiple mappings like the followings: - <ul><li>/webcontent/rproxy/www_apache/* --> http://www.apache.org/*</li> -<li>/webcontent/rproxy/projects_apache/* --> http://projects.apache.org/*</li> -<li>/webcontent/rproxy/people_apache/* --> http://people.apache.org/*</li> -<li>/webcontent/rproxy/blogs_apache/* --> http://blogs.apache.org/*</li> -<li>...</li> -</ul> -</p> -<div class="source"><pre> -# Registers a mapping named 'all_apache' by the following line -proxy.reverse.pass = all_apache -# Sets the local path with glob expression -proxy.reverse.pass.all_apache.local = /*_apache/ -# Sets the remote target path with the regular expression references. So, the first glob matched variable will be used as a replacement for $1. -proxy.reverse.pass.all_apache.remote = http://$1.apache.org/ -proxy.reverse.pass.all_apache.rewriter.basic = org.apache.portals.applications.webcontent.rewriter.WebContentRewriter -proxy.reverse.pass.all_apache.rewriter.parserAdaptor = html -proxy.reverse.pass.all_apache.rewriter.parserAdaptor.html = org.apache.portals.applications.webcontent.proxy.impl.DefaultReverseProxyLinkRewritingParserAaptor -proxy.reverse.pass.all_apache.rewriter.parserAdaptor.html.mimeType = text/html -proxy.reverse.pass.all_apache.rewriter.parserAdaptor.html.property.lookUpAllMappings = true - </pre> -</div> -</div> -</div> -<div class="section"><h2><a name="Advanced_HTTP_Components_Configurations"></a>Advanced HTTP Components Configurations</h2> -<p> - Because the Reverse Proxy Service uses <a class="externalLink" href="http://hc.apache.org/";>Apache HTTP Components</a> - and it exposes some important configurable properties, you can leverage the power of - the configurability of Apache HTTP Components. - </p> -<div class="section"><h3><a name="Configurations_on_HTTP_Connections"></a>Configurations on HTTP Connections</h3> -<p> - In an enterprise environment, it could be very important to limit the maximum network resources - for system availability or performance. - You can configure the following property to limit the maximum total http connection count. - With the following example, the HTTP connections will not increase over 200. - </p> -<div class="source"><pre> -proxy.http.connManager.param.maxTotalConnections = 200 - </pre> -</div> -<p> - Also, you can configure the timeout for an HTTP connection. - With the following example, the timeout is set to 10000 milliseconds. - </p> -<div class="source"><pre> -proxy.http.connManager.param.timeout = 10000 - </pre> -</div> -</div> -<div class="section"><h3><a name="Configurations_per_HTTP_Route"></a>Configurations per HTTP Route</h3> -<p> - The default maximum HTTP connection can be configured per route with the following property. - </p> -<div class="source"><pre> -proxy.http.route.param.defaultMaxPerRoute = 20 - </pre> -</div> -<p> - If the above configuration has been set, the maximum HTTP connections per each route will be limited to 20 - even though the total connections are fewer than the maximum total connection count, 200. - </p> -<p> - You can also configure other HTTP Connection properties per each HTTP route. - Here's an example for a specific HTTP route. - </p> -<div class="source"><pre> -proxy.http.route = apache -proxy.http.route.apache.target.hostname = www.apache.org -proxy.http.route.apache.target.port = 80 -proxy.http.route.apache.maxConnections = 5 -proxy.http.route.apache.proxy = proxyserver1 -proxy.http.route.apache.proxy.proxyserver1.hostname = proxyserver1 -proxy.http.route.apache.proxy.proxyserver1.port = 8000 - </pre> -</div> -<p> - With the above configuration, we set the maximum HTTP connection count to 5 for this specific route. - This configuration forces this HTTP Route to not have more than 5 connections regardless other default configurations. - </p> -<p> - Also, the above configuration has a proxy server configuration. - This is very useful when the web server should retrieve the remote content via the intranet proxy server. - </p> -</div> -</div> - + + +<div class="source"> +<pre> +# Registers a mapping named 'all_apache' by the following line +proxy.reverse.pass = all_apache +# Sets the local path with glob expression +proxy.reverse.pass.all_apache.local = /*_apache/ +# Sets the remote target path with the regular expression references. So, the first glob matched variable will be used as a replacement for $1. +proxy.reverse.pass.all_apache.remote = http://$1.apache.org/ +proxy.reverse.pass.all_apache.rewriter.basic = org.apache.portals.applications.webcontent.rewriter.WebContentRewriter +proxy.reverse.pass.all_apache.rewriter.parserAdaptor = html +proxy.reverse.pass.all_apache.rewriter.parserAdaptor.html = org.apache.portals.applications.webcontent.proxy.impl.DefaultReverseProxyLinkRewritingParserAaptor +proxy.reverse.pass.all_apache.rewriter.parserAdaptor.html.mimeType = text/html +proxy.reverse.pass.all_apache.rewriter.parserAdaptor.html.property.lookUpAllMappings = true + </pre></div> </div> </div> - <div class="clear"> - <hr/> - </div> - <div id="footer"> - <div class="xright">© - 2004-2015 - - Apache Software Foundation - - - - - - - </div> - <div class="clear"> - <hr/> +<div class="section"> +<h2>Advanced HTTP Components Configurations<a name="Advanced_HTTP_Components_Configurations"></a></h2> + +<p> + Because the Reverse Proxy Service uses <a class="externalLink" href="http://hc.apache.org/";>Apache HTTP Components</a> + and it exposes some important configurable properties, you can leverage the power of + the configurability of Apache HTTP Components. + </p> + + +<div class="section"> +<h3>Configurations on HTTP Connections<a name="Configurations_on_HTTP_Connections"></a></h3> + +<p> + In an enterprise environment, it could be very important to limit the maximum network resources + for system availability or performance. + You can configure the following property to limit the maximum total http connection count. + With the following example, the HTTP connections will not increase over 200. + </p> + +<div class="source"> +<pre> +proxy.http.connManager.param.maxTotalConnections = 200 + </pre></div> + +<p> + Also, you can configure the timeout for an HTTP connection. + With the following example, the timeout is set to 10000 milliseconds. + </p> + +<div class="source"> +<pre> +proxy.http.connManager.param.timeout = 10000 + </pre></div> </div> + + +<div class="section"> +<h3>Configurations per HTTP Route<a name="Configurations_per_HTTP_Route"></a></h3> + +<p> + The default maximum HTTP connection can be configured per route with the following property. + </p> + +<div class="source"> +<pre> +proxy.http.route.param.defaultMaxPerRoute = 20 + </pre></div> + +<p> + If the above configuration has been set, the maximum HTTP connections per each route will be limited to 20 + even though the total connections are fewer than the maximum total connection count, 200. + </p> + +<p> + You can also configure other HTTP Connection properties per each HTTP route.
[... 51 lines stripped ...]
