Announcement

**chrisplough** · February 21, 2008, 22:29

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Yes - OTM works with several reverse-proxy (RP) servers, though it was designed to work behind Apache-based RP servers. I've configured it in the past to work with Netegrity, Aventail, Apache and Microsoft ISA. Unfortunately, I haven't seen it work with WebSphere Edge

You are correct to configure the glog.webserver.URL to point towards your reverse-proxy:

Code:

glog.webserver.URL=https://reverse-proxy.nexweb.org:443

The problem you're experiencing is that OTM uses very complex javascript and the WebSphere Edge Server is trying to manipulate it in order to make it work. I've seen the same issue with Aventail and it just doesn't work. You'll need to do the following:

Disable all html, jsp, javascript and URL parsing in the reverse-proxy server.
Utilize a URL prefix (such as /otmprod) and allow the reverse-proxy server. This ensures that OTM will automatically prepend the URL prefix to all outbound URLs, including javascript.
Ensure that the reverse-proxy server strips the URL prefix off before passing requests back to OTM.

So your data transmission looks like this:

Request from browser to RPL:
- http://otmserver.mavenwire.com/otmprod/GC3/glog.webserver.servlet.umt.Login
Request from RP to OTM web:
- http://otmserver.mavenwire.com/GC3/glog.webserver.servlet.umt.Login
Response from OTM web to RP:
- http://otmserver.mavenwire.com/otmprod/GC3/glog.webserver.util.FrameGC3Servlet
Response from RP web to browser:
- http://otmserver.mavenwire.com/otmprod/GC3/glog.webserver.util.FrameGC3Servlet
Request from browser to RPL:
- http://otmserver.mavenwire.com/otmprod/GC3/glog.webserver.util.FrameGC3Servlet
Request from RP to OTM web:
- http://otmserver.mavenwire.com/GC3/glog.webserver.util.FrameGC3Servlet
... and so on.

This requires the proper configuration of your RP server and setting the following property in OTM:

Code:

glog.webserver.urlprefix=/otmprod

If that doesn't work, then the only option is to utilize one of the known-good reverse-proxy servers noted above.

Thanks,
--Chris

**dereference** · February 22, 2008, 02:43

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Thanks Chris. We will try the steps you suggested and will keep you posted on the results. Thanks again. Much Help

Dereference

**dereference** · February 22, 2008, 14:00

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Hi Chris,

We are working on the ibmproxy config file right now. Meantime, I have another question. Would you know or have you had situations where OTM was setup behind Squid as reverse-proxy?

We're just making plans for other options and Apache is definitely one option but we do have a linux box right now with squid.

Please advise

Thanks again Chris,

Joby

**chrisplough** · March 5, 2008, 15:31

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Joby,

Yes - I've seen Squid used also. This usually requires a one-to-one IP/hostname address mapping (external IP/hostname translates directly to the internal app IP/hostname). In this case, you may not need to use the URL Prefix option.

Otherwise, Apache works very well and it (including commercial derivatives) is the most widely used RP with OTM.

--Chris

**dereference** · March 5, 2008, 15:37

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Originally posted by chrisplough View Post

Joby,

Yes - I've seen Squid used also. This usually requires a one-to-one IP/hostname address mapping (external IP/hostname translates directly to the internal app IP/hostname). In this case, you may not need to use the URL Prefix option.

Otherwise, Apache works very well and it (including commercial derivatives) is the most widely used RP with OTM.

--Chris

Chris,

Thanks much. Still no progress with Webspere. We may have to go with Apache as RP. Any example config files you can point us to for a successful implementation of Apache as RP?

Again thanks so much for the infor.

Dereference

**chrisplough** · March 5, 2008, 15:50

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Unfortunately, the RP config files were for various clients and I don't have any full config files that I'm at liberty to share. I can share a partial config, however, and this may be enough to get you going down the right path:

Code:

ProxyPass /otm/ http://otm55prod.company.com
ProxyPassReverse / http://otm55prod.company.com
ProxyPassReverseCookiePath    /    /otm55prod/

This would require the URL Prefix in the OTM glog.properties file to be set to "/otm". Keep in mind that once OTM is configured for RP access using the URL Prefix, you won't be able to connect to it directly and get full screens.

BTW - I have run across one client no who is using WebSphere as a RP and it is working. Unfortunately, the same applies - can't share their data, since it is client specific.

--Chris

**dereference** · March 5, 2008, 15:55

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Originally posted by chrisplough View Post

Unfortunately, the RP config files were for various clients and I don't have any full config files that I'm at liberty to share. I can share a partial config, however, and this may be enough to get you going down the right path:

Code:

ProxyPass /otm/ http://otm55prod.company.com
ProxyPassReverse / http://otm55prod.company.com
ProxyPassReverseCookiePath    /    /otm55prod/

This would require the URL Prefix in the OTM glog.properties file to be set to "/otm". Keep in mind that once OTM is configured for RP access using the URL Prefix, you won't be able to connect to it directly and get full screens.

BTW - I have run across one client no who is using WebSphere as a RP and it is working. Unfortunately, the same applies - can't share their data, since it is client specific.

--Chris

Chris,

Thanks. That's much help. We'll take it from there and let you know how it goes.

Thanks again

Joby

**dereference** · March 6, 2008, 14:32

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Originally posted by dereference View Post

Chris,

Thanks. That's much help. We'll take it from there and let you know how it goes.

Thanks again

Joby

Originally posted by chrisplough View Post

Unfortunately, the RP config files were for various clients and I don't have any full config files that I'm at liberty to share. I can share a partial config, however, and this may be enough to get you going down the right path:

Code:

ProxyPass /otm/ http://otm55prod.company.com
ProxyPassReverse / http://otm55prod.company.com
ProxyPassReverseCookiePath    /    /otm55prod/

This would require the URL Prefix in the OTM glog.properties file to be set to "/otm". Keep in mind that once OTM is configured for RP access using the URL Prefix, you won't be able to connect to it directly and get full screens.

BTW - I have run across one client no who is using WebSphere as a RP and it is working. Unfortunately, the same applies - can't share their data, since it is client specific.

--Chris

Chris, We fixed the problem.

Thanks so much! Your notes helped tremendously. More power to you.l

Sincerely

Dereference

**chrisplough** · March 6, 2008, 14:39

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Hello,

I'm glad to hear that you've gotten it working. Which route did you finally go down? Apache, Squid, WebSphere?

Please post the details to your final solution. This will help others who encounter a similar issue and keep our community growing.

Thanks,
Chris

**dereference** · March 6, 2008, 14:46

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Originally posted by chrisplough View Post

Hello,

I'm glad to hear that you've gotten it working. Which route did you finally go down? Apache, Squid, WebSphere?

Please post the details to your final solution. This will help others who encounter a similar issue and keep our community growing.

Thanks,
Chris

Hi Chris,

Here are our final settings:

snippet from glog.properties in both OTM Web and App Servers:
========================================
glog.webserver.urlprefix=/otm

# web server URL (may differ from server name)
glog.webserver.URL=https://reverseproxy.our.org:443$glog.webserver.urlprefix$

And in ibmproxy.conf...

ReversePass https://otmprod.our.us/* https://reverseproxy.our.org/*

Thanks again so much

Joby

**dereference** · March 6, 2008, 20:50

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Originally posted by dereference View Post

Hi Chris,

Here are our final settings:

snippet from glog.properties in both OTM Web and App Servers:
========================================
glog.webserver.urlprefix=/otm

# web server URL (may differ from server name)
glog.webserver.URL=https://reverseproxy.our.org:443$glog.webserver.urlprefix$

And in ibmproxy.conf...

ReversePass https://otmprod.our.us/* https://reverseproxy.our.org/*

Thanks again so much

Joby

Oh by the way, the RP is IBM Websphere Edge Server. If we had not gotten this to work, we were gearing up to use Apache.

Just FYI

Thanks again Chris

Dereference

**pritam** · September 5, 2008, 19:02

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Hi,
I tried the steps given in this forum, still I am facing a weird error. I can get to the logon page through reverse proxy but when I type in id and password, the screen comes back to logon page (the id/password are valid

Here are the links that I see -
1. I type http://my.reverseproxy.com/appname in the browser
2. The request goes to OTM installation

http://my.reverseproxy.com/appname/GC3/glog.webserver.servlet.umt.Login

3. all the js and image files are loaded correctly on page
4. I type in the user id and password and click login
5. The request goes to -

http://my.reverseproxy.com/appname/GC3/glog.webserver.servlet.umt.Login/1220640897958

then it is redirected (status 302) to -

http://my.reverseproxy.com/appname/GC3/glog.webserver.util.FrameGC3Servlet

then next request is -

http://my.reverseproxy.com//appname/GC3/glog.webserver.servlet.umt.Login/1220641053505?redir=%2Fappname%2FGC3%2Fglog.webserver.util.FrameGC3Servlet%3F

showing me the logon page again.
I am not able to understand why this is happening. When I remove the reverse proxy configuration, the application works fine.

Any pointers on this?
Thanks,
- Pritam.

**chrisplough** · September 7, 2008, 16:53

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Pritam,

Ensure that your RP is not parsing or modifying the javascript elements of the OTM pages. I've seen similar issues in the past when this was the case.

Also - what RP are you using?

Thanks,
Chris

**pritam** · September 7, 2008, 17:02

Re: Trouble with OTM behind Websphere Edge as reverse-proxy?

Thanks Chris.
We are using Apache reverse proxy (2.2.9). How do I know that apache is doing something which it should, atleast the main logon page shows correctly with all the images, css and js loaded correctly.
Is there any specific configuration on apache to avoid the javascript element parsing?
Thanks,
- Pritam.

Announcement

Trouble with OTM behind Websphere Edge as reverse-proxy?

Trouble with OTM behind Websphere Edge as reverse-proxy?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment