Reverse Proxy configuration in iPlanet Web server

A Reverse Proxy is a type of server that retrieves resources from other servers on behalf of the client. The resources are returned to the client as though they are originated from the server itself. Client feels that the resources are being provided by the server itself, and unaware of the servers that have provided the resources.Forward proxy acts as an intermediary for its clients and returns the resources accessible on the internet.Reverse proxy acts as an intermediary for the servers to return the resources provided by other servers.Reverse proxy is most widely used when you want your application accessible in the internet, without exposing the Application Servers, in other words, it is used when you want your intranet application to be accessible through internet.The proxied server may be a webserver itself, or it may be an application server using a different protocol, or an application server.

How to Configure Reverse Proxy in iPlanet?

iPlanet 7 and above versions has inbuilt proxy plugins , so no need to load any plugins or libraries.

• Add below configuration lines in obj.conf file.

          NameTrans fn="map" from="/Revese_Proxy" name="reverse-proxy" to="http:/Revese_Proxy"
             <Object name="reverse-proxy">
                  Route fn="set-origin-server" server="http://backendserver.com"
             </Object>

            <Object ppath="http:*">
                Service fn="proxy-retrieve" method="*"
            </Object>

• Push/ Deploy the changes in iPlanet console. No need of restart.

Note: If you have custom Custom-obj.conf file (Virtual servers) and has client configuration your  Reverse proxy configuration is as below.

Custom-obj.conf
-----------------------------------------------------
<Object name="default">
     <Client urlhost="Reverse-Proxy-server.com">
          NameTrans fn="map" from="/Revese_Proxy" name="reverse-proxy" to="http:/Revese_Proxy"
     </Client>

</Object>

<Object name="reverse-proxy">
          Route fn="set-origin-server" server="http://backendserver.com"
</Object>

<Object ppath="http:*">
          Service fn="proxy-retrieve" method="*"
</Object>

Note:  Only one ppath="http:*" is required for multiple Reverse Proxy configuration. No need to duplicate the ppath block every time.

How Reverse Proxy works ?

When request comes to iplanet let ex http://Reverse-Proxy-server.com/Revese_Proxy

• The default object NameTrans  directive  map  attribute function will be execute and  convert the logical URL of the request to a physical path name.

NameTrans fn="map" from="/Revese_Proxy" name="reverse-proxy" to="http:/Revese_Proxy"

• If this physical path name (http:/Revese_Proxy) matches the  Object ppath="http:*" , ppath object directive proxy-retrieve function will be execute.

             <Object ppath="http:*">
                   Service fn="proxy-retrieve" method="*"
             </Object>

• proxy-retrieve
• The proxy-retrieve function retrieves a information from a remote server and returns it to the client. This function also enables you to configure the server to allow or block arbitrary methods. This function only works on the HTTP protocol.
• After execution of the ppath Object proxy-retrieve  function ,process goes to the Object name="reverse-proxy" block.

               <Object name="reverse-proxy">
                    Route fn="set-origin-server" server="http://backendserver.com"
               </Object>

• Route fn="set-origin-server
• Set the back end  server information where to send the request .

 Alternative ways to configure the Reverse Proxy in iPlanet

• Below configuration works same as above one but difference is removed the name attribute in NameTrans  and added the Route function in ppath Object.

           <Object name="default">

                  <Client urlhost="Reverse-Proxy-server.com">

                        NameTrans fn="map" from="/Revese_Proxy"  to="http:/Revese_Proxy"

                  </Client>

           </Object>

          <Object ppath="http:*">

                 Service fn="proxy-retrieve" method="*"

                 Route fn="set-origin-server" server="http://backendserver.com"

         </Object>