Domino Consulting - HCL Domino Administrator 12 Help

CONFIGURING

Using an HTTP-proxy servlet to restrict URLs to external servers

For HCL iNotes® features that send requests either to external servers for external calendar overlays, you must configure an HTTP-proxy servlet to intercept calls and retrieve information from a remote site.

About this task

An HTTP-proxy servlet specifies which sites are allowed and filters out unwanted sites. Then, instead of making a request call to an external server such as a Google server, calls are passed through the HTTP-proxy servlet. If the external server is included as one of the allowed sites in the whitelist rule for proxy servlets in the security policy settings document, then the request is passed on to the external server, and any information received from the external server is also returned.

In HCL Domino® 8.5, the HTTP-proxy servlet was configured by creating a proxy-config.properties file located in the Domino\data\properties directory. This file is no longer supported. Instead, you must create or edit a security settings policy, using the information in this file. Once you have done so, you can delete this file, however leaving it in place will not adversely affect your configuration.

To configure proxies, use a security settings document.

Procedure

1. From the Domino Administrator, create or edit a security settings document.

2. Click the Proxies tab.

3. Click Edit List.

4. Enter the following information to create a white-list rule for each site you want to allow.

Note:

If you created a

proxy-config.properties

file in a previous release, use the information in that file to populate these fields.

Table 1. Proxies tab fields

Property Description

Context The path of the request to the proxy server, specifies which proxy the rule is for. Examples include:

/xsp/proxy/GoogleProxy/
/xsp/proxy/BasicProxy/

URL Address of the site to which this policy applies.
This is the target of the proxy.

Actions The set of HTTP actions this policy allows.
These can be GET, POST, HEAD, PUT, DELETE. The most frequently used are GET and POST.

Cookies Cookies allowed for this site. That is, the cookies that will be passed from the browser to the target URL server.
Note: Cookies with specified names are always proxied to this site. In addition, any incoming (Set-Cookie response headers) received from the site will also be remembered and eventually sent back on subsequent requests to this site.

Mime-types Content types allowed back from the target server, or use * to allow all.

Headers Headers allowed for this site, or use * to allow all. This attribute determines which headers are forwarded to the target server.
Note: Cookies are not handled as a standard header. Adding the entry "cookie" in the headers list has no effect.

Related concepts
Configuring iNotes

Help on Help

All Help Contents

Help on Help

All Help Contents

Property	Description
Context	The path of the request to the proxy server, specifies which proxy the rule is for. Examples include: `/xsp/proxy/GoogleProxy/` `/xsp/proxy/BasicProxy/`
URL	Address of the site to which this policy applies. This is the target of the proxy.
Actions	The set of HTTP actions this policy allows. These can be GET, POST, HEAD, PUT, DELETE. The most frequently used are GET and POST.
Cookies	Cookies allowed for this site. That is, the cookies that will be passed from the browser to the target URL server. Note: Cookies with specified names are always proxied to this site. In addition, any incoming (Set-Cookie response headers) received from the site will also be remembered and eventually sent back on subsequent requests to this site.
Mime-types	Content types allowed back from the target server, or use * to allow all.
Headers	Headers allowed for this site, or use * to allow all. This attribute determines which headers are forwarded to the target server. Note: Cookies are not handled as a standard header. Adding the entry "cookie" in the headers list has no effect.