Symantec Access Management

  • Private Community

  • 1.  SPS proxyrule - Frontend url changes to backend url on redirection

    Posted Mar 03, 2016 08:17 AM

    Hi team,

    Please help me understanding a basic concept in Siteminder SPS proxyrule.

    Lets say, I have SPS in hostmachibe - abc.sitea.com

    I have 2 application ABC and MNC in a tomcat on server - xyz.siteb.com

    here ABC is a real application while MNO has a single jsp page.

    Proxy rules are written to forward resquest to these applications as below:

     

    <nete:proxyrules xmlns:nete="http://abc.sitea.com/" debug="yes">

    <nete:cond type="uri" criteria="beginswith"><nete:case value="/abc"><nete:forward>http://xyz.siteb.com:8080$0</nete:forward>

    </nete:case>

    <nete:cond type="uri" criteria="beginswith"><nete:case value="/mno"><nete:forward>http://xyz.siteb.com:8080$0</nete:forward>

    </nete:case>

    </nete:proxyrules>

     

    Now when I access as - abc.sitea.com/mno/c.html   -> Works fine

    But when I access - abc.sitea.com/abc/ --> Returns the page as http://xyz.siteb.com:8080/abc/login.do   (URL changing to backend server)

     

    So, I am not understanding what causes this behavior. When and why this url changes to the backend server?

    Please help.

     

    Thanks,

    Debasish Sarkar.



  • 2.  Re: SPS proxyrule - Frontend url changes to backend url on redirection
    Best Answer

    Broadcom Employee
    Posted Mar 03, 2016 09:58 PM

    Hi Debasish,

     

    Can you please look in your server.conf file located at /opt/CA/secure-proxy/proxy-engine/conf/server.conf

     

    Look in the Virtual Host section that you have defined for the abc.sitea.com virtual host.

     

    Please let me know if you have the following parameter enabled or identified here.

     

    enableproxypreservehost="yes"

     

     

     

    Here is a snippet from the SPS bookshelf referencing the host headers

    Preserve the HOST Header File

    You can preserve the HTTP HOST header file and send it to the backend server by using the enableproxypreservehost parameter. To use the enableproxypreservehost parameter, perform the following steps:

    1. Open the server.conf file.
    2. Add the following parameter in the Virtual Host section of the virtual host you want to configure:
      enableproxypreservehost
    3. Set the value of enableproxypreservehost to yes.

    When you enable enableproxypreservehost, the parameter takes precedence over a filter that is configured to control the HTTP HOST header. To disable enableproxypreservehost and let the filter take precedence over the parameter, perform the following steps:

    1. Open the server.conf file.
    2. Add the following parameter in the Virtual Host section of the virtual host you want to configure:
      filteroverridepreservehost
    3. Set the value of filteroverridepreservehost to yes.

    You can enable filteroverridepreservehost only if a filter is available to control the HTTP HOST header.

     

    Thank you,

     

    Adam Rusniak



  • 3.  Re: SPS proxyrule - Frontend url changes to backend url on redirection

    Posted Mar 04, 2016 12:19 AM

    Hi Adam,
    You really saved my day..
    After I added the parameter as you suggested, it solved my problem.
    Thanks for clarifying my doubt in details too.

     

    Thanks,

    Debasish Sarkar.



  • 4.  Re: SPS proxyrule - Frontend url changes to backend url on redirection

    Broadcom Employee
    Posted Mar 04, 2016 10:21 AM

    Hi Debasish,

     

    Great news that you got it working! Glad to be able to help.

     

    Adam