USER MANUALS


Reverse Proxy Settings (Design Studio, Data Catalog, Scheduler)

Due to the Content Security Policy (CSP) used in Design Studio, Data Catalog and Scheduler, for these applications to work properly when they run behind a proxy, the proxy should not alter the Cache-Control and Pragma HTTP response headers.

Reverse Proxy Configuration

The Design Studio, Data Catalog and Scheduler are able to run behind a reverse proxy and, to do so, they provide a configuration mechanism to build the URLs dynamically.

This feature is disabled by default. To enable it, open the appropriate configuration file:

  • For Design Studio: <DENODO_HOME>/conf/design-studio/DesignStudioBackend.properties and <SOLUTION_MANAGER_HOME>/conf/design-studio/DesignStudioBackend.properties

  • For Data Catalog: <DENODO_HOME>/conf/data-catalog/DataCatalogBackend.properties.

  • For Scheduler: <DENODO_HOME>/conf/scheduler-webadmintool/ConfigurationParameters.properties.

In these files, the following properties control the reverse proxy configuration of each component:

  • reverse-proxy.enabled=false

  • reverse-proxy.forwardedPrefix=

  • reverse-proxy.autodetect=false

  • reverse-proxy.autodetectHeaders=Forwarded X-Forwarded-For X-Forwarded-Proto X-Forwarded-Prefix

  • reverse-proxy.cookieRewrite=false

To enable the reverse proxy feature, set this property reverse-proxy.enabled=true.

If the proxy server provides the X-Forwarded-Prefix HTTP header, no more configuration is needed.

If the proxy server does not provide the X-Forwarded-Prefix HTTP header, configure the forwarded prefix value manually, by setting the parameter reverse-proxy.forwardedPrefix=<context-path>.

Note

The default context paths are /denodo-design-studio in the Design Studio, /denodo-data-catalog in the Data Catalog, and /webadmin/denodo-scheduler-admin in Scheduler.

If you configure the forwarded prefix manually using reverse-proxy.forwardedPrefix and the web application should resolve HTTP requests sent by the proxy and HTTP requests not sent by the proxy, set reverse-proxy.autodetect=true.

In addition, you can provide the list of request headers that will be used to detect if the request was sent by the proxy or not, by setting reverse-proxy.autodetectHeaders. The default value of this parameter is Forwarded X-Forwarded-For X-Forwarded-Proto X-Forwarded-Prefix

The HTTP request including any of the reverse-proxy.autodetectHeaders will be considered as requests sent by the proxy. In that case, the generated URLs will reference the prefix reverse-proxy.forwardedPrefix. Otherwise, the URLs will reference the default context path.

If the proxy server does not support cookie path rewrite, set reverse-proxy.cookieRewrite=true and the web container will rewrite the cookie path with the value of reverse-proxy.forwardedPrefix. Take into account that, with reverse-proxy.cookieRewrite enabled, the cookie path will be modified for every request and the non-proxy requests will not work.

For these changes to take effect, restart the component you have modified.

Add feedback