You can run DTP in a reverse proxy environment by either configuring the reverse proxy or by configuring the Tomcat server. We assume that you are using one of these options, but not both.

Reverse Proxy Configuration

Configure your reverse proxy to send the following two HTTP Headers to DTP server:

  • X-Forwarded-Host
  • X-Forwarded-Proto

Tomcat Server Configuration

  1. Add another Connector element to the INSTALL_ROOT/tomcat/conf/server.xml file. This element must be the last Connector element in the server.xml file.
     

    <Connector URIEncoding="UTF-8" acceptCount="10" compressableMimeType="text/ html,text/xml,text/plain" compression="on" 
compressionMinSize="128" connectionTimeout="60000" debug="99" disableUploadTimeout="true" enableLookups="true" 
maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="8888" proxyName="proxy.parasoft.com" proxyPort="8443" 
scheme="https" secure="true"/>
  2. Modify the following attributes:
    • port: the port on DTP server to which the proxy server sends the request
    • proxyName: hostname of the proxy server
    • proxyPort: port on proxy server
    • scheme: scheme on proxy server (https or http)
    • secure: set to true if the scheme is https and false if scheme is http

In the example Connector element in step 1, DTP will receive HTTP requests on port 8888 from a proxy server configured at https://proxy.parasoft.com:8443.

Known Issues and Constraints

  • Reverse proxy path mappings must be exact in order for the UI to work, for example the proxy address https://proxy.parasoft.com/grs must correlate to the DTP server address https://server.parasoft.com/grs. Mapping https://proxy.parasoft.com/proxy/grs to https://server.parasoft.com/grs will fail.
  • When calling /v1/dtpServices through the proxy server, Data Collector URLs will default to port 8082 on the proxy server, which may not be open. We assume that DTP Engines accessing Data Collector will access its URL directly and not through the proxy server.
  • JMS Event Broker URLs will not be accessible through the proxy server because the proxy server’s ports are not JMS ports 43 Reverse Proxy Support.
  • The login redirect is based on the actual DTP server and not the proxy server. For example, if the proxy server receives via HTTPS and forwards via HTTP, then the browser will be redirected via HTTP instead of HTTPS.

 

  • No labels

Visit our support page if you need additional assistance.