test

Sun Java System Portal Server Secure Remote Access 7.2 Administration Guide

Using Web Proxies

You can configure the Gateway to contact HTTP resources using third party web proxies. Web proxies reside between the client and the Internet.

Web Proxy Configuration

Different proxies may be used for different domains and subdomains. These entries tell the Gateway which proxy to use to contact specific subdomains in specific domains. The proxy configuration specified in the Gateway works as follows:

Note –

If you are accessing the URL through the Bookmark channel of the standard Portal Desktop, and none of the above conditions are met, the Gateway sends a redirect to the browser. The browser accesses the URL using its own proxy settings.

Syntax


domainname [web_proxy1:port1]|subdomain1 [web_proxy2:port2]|

Example


sesta.com wp1:8080|red wp2:8080|yellow|* wp3:8080

* is a wild card that matches everything

where,

sesta.com is the domain name and wp1 is the proxy to contact on port 8080.

red is a subdomain and wp2 is the proxy to contact on port 8080.

yellow is a subdomain. Since no proxy is specified, the proxy specified for the domain is used, that is, wp1 on port 8080.

* indicates that for all other subdomains wp3 needs to be used on port 8080.

Note –

Port 8080 is used by default if you do not specify a port.

Processing the Web Proxy Information

When a client tries to access a particular URL, the host name in the URL is matched with the entries in the Proxies for Domains and Subdomains list. The entry that matches the longest suffix of the requested host name is considered. For example, suppose that the requested host name is host1.sesta.com. The following searches occur in order until a match is found.

Consider the following entries in the Proxies for Domains and Subdomains list:


com p1| host1 p2 | host2 | * p3
sesta.com p4 | host5 p5 | * p6
florizon.com | host6
abc.sesta.com p8 | host7 p7 | host8 p8 | * p9
host6.florizon.com p10
host9.sesta.com p11
siroe.com | host12 p12 | host13 p13 | host14 | * p14
siroe.com | host15 p15 | host16 | * p16
* p17

The Gateway internally maps these entries into a table as shown in the following table.

Table 2–2 Mapping of Entries in the Proxies for Domains and Subdomains List

Number 

Entry in Proxies for Domains and Subdomains List 

Proxy 

Description 

com 

p1 

As specified in the list. 

host1.com 

p2 

As specified in the list. 

host2.com 

p1 

The proxy for the domain is used because no proxy is specified for host2. 

*.com 

p3 

As specified in the list. 

sesta.com 

p4 

As specified in the list. 

host5.sesta.com 

p5 

As specified in the list. 

*.sesta.com 

p6 

As specified in the list. 

florizon.com 

Direct 

See the description for entry 14 for details. 

host6.florizon.com 

– 

See the description for entry 14 for details. 

10 

abc.sesta.com 

p8 

As specified in the list. 

11 

host7.abc.sesta.com 

p7 

As specified in the list. 

12 

host8.abc.sesta.com 

p8 

As specified in the list. 

13 

*.abc.sesta.com 

p9 

As specified in the list. For all hosts other than host7 and host8 under the abc.sesta.com domain, p9 is used as the proxy.

14 

host6.florizon.com 

p10 

This entry is the same as entry 9. Entry 9 indicates a direct connection, whereas this entry indicates that proxy p10 should be used. In a case with two entries such as this, the entry with the proxy information is considered as the valid entry. The other entry is ignored. 

15 

host9.sesta.com 

p11 

As specified in the list. 

16 

siroe.com 

Direct 

A direct connection is attempted because no proxy is specified for siroe.com, .

17 

host12.siroe.com 

p12 

As specified in the list. 

18 

host13.siroe.com 

p13 

As specified in the list. 

19 

host14.siroe.com 

Direct 

A direct connection is attempted because no proxy is specified for host14.

20 

*.siroe.com 

p14 

See the description for entry 23. 

21 

host15.siroe.com 

p15 

As specified in the list. 

22 

host16.siroe.com 

Direct 

A direct connection is attempted because no proxy is specified for host16 or siroe.com.

23 

*.siroe.com 

p16 

Similar to entry 20, but the proxies specified are different. In such a case, the exact behavior of the Gateway is not known. Either of the two proxies may be used. 

24 

p17 

If no other entry matches the requested URL, p17 is used as the proxy.

Tip –

Instead of separating the proxy entries in the Proxies for Domains and Subdomains list with the | symbol, you can place individual entries on separate lines in the list. For example, instead of an entry such as:


sesta.com p1 | red p2 | * p3

you can specify this information as:


sesta.com p1
red.sesta.com p2
*.sesta.com p3

This list format makes it easier to track repeated entries or any other ambiguities.

Rewriting Based on the Proxies for Domains and Subdomains List

The entries in the Proxies for Domains and Subdomains list are also used by Rewriter. Rewriter rewrites all URLs whose domains match the domains listed in the Proxies for Domains and Subdomains list.

Caution – Caution –

The * entry in the Proxies for Domains and Subdomains list is not considered for rewriting. For example, entry 24 is not considered.

For information on Rewriter, see Chapter 4, Working with Rewriter .

Default Domain and Subdomain

When the destination host in the URL is not a fully qualified host name, the default domain and subdomain are used to arrive at the fully qualified name.

Assume that the entry in the Default Domains field of the administration console is:


red.sesta.com
Note –

You need to have the corresponding entry in the Proxies for Domains and Subdomains list.

In the example above, sesta.com is the default domain and the default subdomain is red.

If the requested URL is host1, this entry is resolved to host1.red.sesta.com using the default domain and subdomain. The Proxies for Domains and Subdomains list is then checked for host1.red.sesta.com.