Reverse Proxy Settings (Design Studio, Data Catalog, Scheduler)¶
Due to the Content Security Policy (CSP) used in Design Studio, Data Catalog
and Scheduler, for these applications to work properly when they run behind
a proxy, the proxy should not alter the Cache-Control
and Pragma
HTTP response headers.
Reverse Proxy Configuration¶
The Design Studio, Data Catalog and Scheduler are able to run behind a reverse proxy and, to do so, they provide a configuration mechanism to build the URLs dynamically.
This feature is disabled by default. To enable it, open the appropriate configuration file:
For Design Studio:
<DENODO_HOME>/conf/design-studio/DesignStudioBackend.properties
and<SOLUTION_MANAGER_HOME>/conf/design-studio/DesignStudioBackend.properties
For Data Catalog:
<DENODO_HOME>/conf/data-catalog/DataCatalogBackend.properties
.For Scheduler:
<DENODO_HOME>/conf/scheduler-webadmintool/ConfigurationParameters.properties
.
In these files, the following properties control the reverse proxy configuration of each component:
reverse-proxy.enabled=false
reverse-proxy.forwardedPrefix=
reverse-proxy.autodetect=false
reverse-proxy.autodetectHeaders=Forwarded X-Forwarded-For X-Forwarded-Proto X-Forwarded-Prefix
reverse-proxy.cookieRewrite=false
To enable the reverse proxy feature, set this property
reverse-proxy.enabled=true
.
If the proxy server provides the X-Forwarded-Prefix
HTTP header,
no more configuration is needed.
If the proxy server does not provide the X-Forwarded-Prefix
HTTP header,
configure the forwarded prefix value manually, by setting the parameter
reverse-proxy.forwardedPrefix=<context-path>
.
Note
The default context paths are /denodo-design-studio
in the
Design Studio, /denodo-data-catalog
in the Data Catalog, and
/webadmin/denodo-scheduler-admin
in Scheduler.
If you configure the forwarded prefix manually using
reverse-proxy.forwardedPrefix
and the web application should resolve
HTTP requests sent by the proxy and HTTP requests not sent by the proxy,
set reverse-proxy.autodetect=true
.
In addition, you can provide the list of request headers that will
be used to detect if the request was sent by the proxy or not, by setting reverse-proxy.autodetectHeaders
.
The default value of this parameter is Forwarded X-Forwarded-For X-Forwarded-Proto X-Forwarded-Prefix
The HTTP request including any of the reverse-proxy.autodetectHeaders
will be considered as requests sent by the proxy. In that case, the generated
URLs will reference the prefix reverse-proxy.forwardedPrefix
.
Otherwise, the URLs will reference the default context path.
If the proxy server does not support cookie path rewrite, set reverse-proxy.cookieRewrite=true
and the web container will rewrite the cookie path with the value of reverse-proxy.forwardedPrefix
.
Take into account that, with reverse-proxy.cookieRewrite
enabled, the cookie path will be modified
for every request and the non-proxy requests will not work.
For these changes to take effect, restart the component you have modified.