Configuring URL Groups

Contents

Overview
Configuration

Overview

The API Gateway can make connections on a round-robin basis to the URLs listed in a URL group, thus enabling a high degree of failover to external servers (for example, Entrust GetAccess, OCSP, SAML PDP, or XKMS).

The API Gateway attempts to connect to the listed servers according to the priorities assigned to them. For example, assume there are two High priority URLs, one Medium URL, and one Low URL configured. Assuming the API Gateway can successfully connect to the two High priority URLs, it alternates requests between these two URLs only in a round-robin fashion. The other group URLs are not used. However, if both of the High priority URLs become unavailable, the API Gateway then tries to use the Medium priority URL, and only if this fails is the Low priority URL used.

In general, the API Gateway attempts to round-robin requests over URLs of the same priority, but uses higher priority URLs before lower priority ones. When a new URL is added to the group, it is automatically given the highest priority. You can then change priorities by selecting the URL, and clicking the Up and Down buttons.

You can add and edit URLs by selecting the URL from the table, and clicking on the Add and Edit buttons.

Configuration

Configure the following fields in the URL Configuration dialog:

  • URL:

    Enter the full URL of the external server.

  • Timeout:

    Specify the timeout in seconds for connections to the specified server.

  • Retry After:

    Whenever the server becomes unavailable for whatever reason (for example, maintenance), no attempt is made to connect to that server until the time specified here has elapsed. In other words, when a connection failure is detected, the next connection to that URL is after this amount of time.

  • SSL Certificate:

    If the specified server requires clients to authenticate to it over two-way SSL, you must select an SSL Certificate from the Certificate Store for authentication.

  • Host/IP:

    If the specified server sits behind a proxy server, you must enter the host name or IP address of the proxy server.

  • Port:

    Enter the port on which the proxy is listening.

Prev  Up  Next
  Home