This documentation is for WSO2 Carbon 4.4.0. View documentation for the latest release.
Page Comparison - Adding a Custom Proxy Path (v.3 vs v.6) - Carbon 4.4.0 - WSO2 Documentation
Due to a known issue do not use JDK1.8.0_151 with WSO2 products. Use JDK 1.8.0_144 until JDK 1.8.0_162-ea is released.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

 

Note

Note that this the following:

  • This functionality is only available for WSO2 products that are based on Carbon 4.3.0 or a later Carbon version. See the  WSO2 product release matrix for more information about WSO2 Carbon platform releases.
  • Once you have configured your products with a proxy server, it will no longer be possible to access the product behind the proxy. See the section given below on configuring products to use the proxy server for more information. 

In the above example, "apimanager", "esb" and "appserver" are the "proxy context paths" of the respective products, which are configured in the carbon.xml file (stored in <PRODUCT_HOME>/repository/conf/ directory) for each product. When a client sends a request to the proxy entry url path, e.g.  https://wso2test.com/apimanager , the request is directed to the back-end service url ( https://10.100.1.1:<PortNumber>/carbon where the original service lies. Eventually, the client has to be served via the requested proxy entry url path. The mapping between the proxy url path and the back-end service url path is resolved by the reverse proxy server fronting the back-end service. 

...

This functionality will be demonstrated in this documentation using two WSO2 product servers as examples; WSO2 Application Server and WSO2 ESB as the back-end servers, and nginx as the reverse proxy. Note that the product versions you use here should be based on the WSO2 Carbon 4.3.0 platform as explained above.

Follow the steps given below.

Table of Contents
maxLevel4
minLevel4
 

...

  1. Download nginx server.
  2. Install the nginx server in your deployment server by executing the following command:

    Code Block
    sudo apt-get install nginx
  3. Create a folder called "ssl" inside /etc/nginx, and create the ssl certificates inside this folder by executing the following commands:

    Code Block
    sudo mkdir /etc/nginx/ssl
    cd /etc/nginx/ssl
  4. The next step is to create the server key and certificates.  First create the private key as shown below. Note that a pass phrase is prompted when creating the private key.

    Code Block
    sudo openssl genrsa -des3 -out server.key 1024
  5. Next, create the certificate signing request as shown below. 

    Code Block
    sudo openssl req -new -key server.key -out server.csr

    Fill in the required details. Most important entry is the Common Name. Enter the domain name or the ip address if there is no domain name.  

  6.   Next step is to sign the SSL certificate using the following command:

    Code Block
    sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

    The certificate is now created.

  7. The last step is to set up the virtual host displaying the new certificate.  Create a copy of the default, " sites-enabled" configuration using the following command:

    Code Block
    sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/wso2
  8. Now, create a symbolic between the " sites-enabled" directory and the "sites-available" directory using the following command:

    Code Block
    sudo ln -s /etc/nginx/sites-available/wso2 /etc/nginx/sites-enabled/wso2

    The host is now activated.

  9. Open the /etc/nginx/sites-enabled/wso2 file and enter the following configurations.

    Code Block
    #Configurations for listener 8243.
    server {
    	listen 8243;
     	server_name wso2test.com;
     	client_max_body_size 100M;
     
     	root /usr/share/nginx/www;
     	index index.html index.htm;
     
     	ssl on;
     	ssl_certificate /etc/nginx/ssl/server.crt;
     	ssl_certificate_key /etc/nginx/ssl/server.key;
     
    	#with portOffset 0 running AS
    	location /appserver/ {
    		proxy_pass https://wso2test.com:9443/;
    		proxy_redirect https://wso2test.com:8243/ https://wso2test.com:8243/appserver/;
    		proxy_cookie_path / /appserver;
    	}
     
    	#with portOffset 10 running ESB
    	location /esb/ {
    		proxy_pass https://wso2test.com:9453/;
    		proxy_redirect https://wso2test.com:8243/ https://wso2test.com:8243/esb/;
    		proxy_cookie_path / /esb;
    	}
    }
    
    #Configurations for listener 8280.
    server {
    	listen 8280;
     	server_name wso2test.com;
     	client_max_body_size 100M;
     
     	root /usr/share/nginx/www;
     	index index.html index.htm;
     
    	#with portOffset 0 running AS
    	location /appserver/ {
    		proxy_pass http://wso2test.com:9763/;
    		proxy_redirect http://wso2test.com:8280/ http://wso2test.com:8280/appserver/;
    		proxy_cookie_path / /appserver;
    	}
     
    	#with portOffset 10 running ESB
    	location /esb/ {
    		proxy_pass http://wso2test.com:9773/;
    		proxy_redirect http://wso2test.com:8280/ http://wso2test.com:8280/esb/;
    		proxy_cookie_path / /esb;
    	}
    }
    Note

    According to the nginx configuration, https requests with the /appserver/* pattern are directed to the /* pattern and then when the service is served to the client, it resolves the url pattern to /appserver/*. This works the same for http requests.

  10. Save the file and restart the nginx server using the following command to complete the nginx configuration:

    Code Block
    sudo service nginx restart
  11. In the above configuration, the https and http requests are listening on 8243 and 8280 ports respectively. Server name is set to wso2test.com. To test this in a local machine, you need to add wso2test.com and as.wso2.com to the /etc/hosts file as shown below.

    Code Block
    127.0.0.1  wso2test.com 
    127.0.0.1  as.wso2test.com
    127.0.0.1  esb.wso2test.com

Anchor
Step 2
Step 2
Step 2: Configure products with proxy context path 

  1. Download WSO2 Application Server and WSO2 ESB.
  2. Open the carbon.xml file stored in the <PRODUCT_HOME>/repository/conf/ directory and set the hostName to what you defined in the nginx configuration as shown below (for both products):

    Code Block
    <HostName>wso2test.com</HostName>
  3. Now, set the MgtHostName as shown below.

    •  For Application Server:

      Code Block
      <MgtHostName>as.wso2test.com</MgtHostName>
    • For ESB:

      Code Block
      <MgtHostName>esb.wso2test.com</MgtHostName> 
  4. Set the "ProxyContextPath" as shown below. This is the proxy path string, which will appear in the management console, web apps and services urls.  

    • For Application Server:

      Code Block
      <ProxyContextPath>appserver</ProxyContextPath> 
    • For ESB: 

      Code Block
      <ProxyContextPath>esb</ProxyContextPath> 
  5. Since you need to run both products (AS and ESB) simultaneously, set port offsets as shown below.

    • For Application Server: <Offset>0</Offset>

    • For ESB: <Offset>10</Offset>

  6. According to the nginx configuration, the https, http requests are listening on 8243 and 8280 ports. However, by default WSO2 products are listening on 9443 (WSO2 Application Server) and 9453 (WSO2 ESB). Therefore, the listening ports of the reverse proxy should be configured as proxy ports in Application Server and ESB respectively. T o enable proxy ports, open the <PRODUCT_HOME>/repository/conf/tomcat/catalina-server.xml file and add the "proxyPort" entries.

    Note

    Note that after you define proxy ports (8243 and 8280) in the catalina-server.xml file, it will no longer be possible to access the products using the normal ports (9443 and 9453).

    For example, the "proxyPort" entries for Application Server are as follows:

    Code Block
    <Connector  protocol="org.apache.coyote.http11.Http11NioProtocol"
                    port="9763"
    				proxyPort="8280"
                    redirectPort="9443" 
                    bindOnInit="false"
                    maxHttpHeaderSize="8192"
                    acceptorThreadCount="2"
                    maxThreads="250"
                    minSpareThreads="50"
                    disableUploadTimeout="false"
                    connectionUploadTimeout="120000"
                    maxKeepAliveRequests="200"
                    acceptCount="200"
                    server="WSO2 Carbon Server"
                    compression="on"
                    compressionMinSize="2048"
                    noCompressionUserAgents="gozilla, traviata"
                    compressableMimeType="text/html,text/javascript,application/xjavascript,application/javascript,application/xml,text/css,
                                          application/xslt+xml,text/xsl,image/gif,image/jpg,image/jpeg" 
                    URIEncoding="UTF-8"/>
        <!--
    	optional attributes:
    	proxyPort="443"
        -->
        <Connector  protocol="org.apache.coyote.http11.Http11NioProtocol"
                    port="9443"
    				proxyPort="8243"
                    bindOnInit="false"
                    sslProtocol="TLS"
                    maxHttpHeaderSize="8192"

...