1753 lines
102 KiB
HTML
1753 lines
102 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="topic" />
|
||
|
<meta name="DC.Title" content="Module mod_proxy" />
|
||
|
<meta name="abstract" content="This module contains directives that define support for the HTTP Proxy function." />
|
||
|
<meta name="description" content="This module contains directives that define support for the HTTP Proxy function." />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2002,2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2002,2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="rzaiemod_proxy" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Module mod_proxy</title>
|
||
|
</head>
|
||
|
<body id="rzaiemod_proxy"><a name="rzaiemod_proxy"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<!--Java sync-link--><h1 class="topictitle1">Module mod_proxy</h1>
|
||
|
<div><p> This module contains directives that define support for the HTTP
|
||
|
Proxy function.</p>
|
||
|
<div class="important"><span class="importanttitle">Important:</span> Information
|
||
|
for this topic supports the latest PTF levels for HTTP Server for i5/OS .
|
||
|
It is recommended that you install the latest PTFs to upgrade to the latest
|
||
|
level of the HTTP Server for i5/OS. Some of the topics documented here are
|
||
|
not available prior to this update. See <a href="http://www-03.ibm.com/servers/eserver/iseries/software/http/services/service.html" target="_blank">http://www.ibm.com/servers/eserver/iseries/software/http/services/service.htm</a> <img src="www.gif" alt="Link outside Information Center" /> for more information. </div>
|
||
|
<p>Directives for forward proxy function are as follows:</p>
|
||
|
<ul class="simple"><li><strong>Required</strong>: ProxyRequests </li>
|
||
|
<li><strong>Optional</strong>: AllowCONNECT, ProxyBlock, ProxyDomain, ProxyReceiveBufferSize,
|
||
|
ProxyVia</li>
|
||
|
</ul>
|
||
|
<p>Directives for reverse proxy function are as follows:</p>
|
||
|
<ul class="simple"><li><strong>Required</strong>: ProxyPass </li>
|
||
|
<li><strong>Optional</strong>: ProxyBlock, ProxyPassReverse, ProxyReceiveBufferSize,
|
||
|
ProxyVia</li>
|
||
|
</ul>
|
||
|
<p>Directives for proxy chaining function are as follows:</p>
|
||
|
<ul class="simple"><li><strong>Required</strong>: ProxyRemote </li>
|
||
|
<li><strong>Optional</strong>: NoProxy, (see forward or reverse proxy, above, for
|
||
|
additional directives).</li>
|
||
|
</ul>
|
||
|
<p>For a detailed description of these proxy functions and how they may be
|
||
|
used, see <a href="rzaieproxytypes.htm">Proxy server types and uses for HTTP Server (powered by Apache)</a>.</p>
|
||
|
<div class="note"><span class="notetitle">Note:</span> The mod_proxy directives require the following LoadModules in HTTP
|
||
|
Server configuration file:</div>
|
||
|
<ul class="simple"><li>LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</li>
|
||
|
<li>LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</li>
|
||
|
<li>LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</li>
|
||
|
<li>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</li>
|
||
|
</ul>
|
||
|
<p><strong>Directives</strong></p>
|
||
|
<ul><li><a href="#allowconnect">AllowCONNECT</a></li>
|
||
|
<li><a href="#noproxy">NoProxy</a></li>
|
||
|
<li><a href="#proxy"><Proxy></a></li>
|
||
|
<li><a href="#proxybadheader">ProxyBadHeader</a></li>
|
||
|
<li><a href="#proxyblock">ProxyBlock</a></li>
|
||
|
<li><a href="#proxycacheonly">ProxyCacheOnly</a></li>
|
||
|
<li><a href="#proxydomain">ProxyDomain</a></li>
|
||
|
<li><a href="#proxyerroroverride">ProxyErrorOverride</a></li>
|
||
|
<li><a href="#proxymatch"><ProxyMatch></a></li>
|
||
|
<li><a href="#proxymaxforwards">ProxyMaxForwards</a></li>
|
||
|
<li><a href="#proxynocache">ProxyNoCache</a></li>
|
||
|
<li><a href="#proxynoconnect">ProxyNoConnect</a></li>
|
||
|
<li><a href="#proxypass">ProxyPass</a></li>
|
||
|
<li><a href="#proxypassreverse">ProxyPassReverse</a></li>
|
||
|
<li><a href="#proxypreservehost">ProxyPreserveHost</a></li>
|
||
|
<li><a href="#proxyreceivebuffersize">ProxyReceiveBufferSize</a></li>
|
||
|
<li><a href="#proxyremote">ProxyRemote</a></li>
|
||
|
<li><a href="#proxyrequests">ProxyRequests</a></li>
|
||
|
<li><a href="#proxyreverse">ProxyReverse</a></li>
|
||
|
<li><a href="#proxytimeout">ProxyTimeout</a></li>
|
||
|
<li><a href="#proxyvia">ProxyVia</a></li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
<div class="hr" id="allowconnect"><a name="allowconnect"><!-- --></a><h2 class="topictitle2">AllowCONNECT</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: AllowCONNECT <var class="varname">port_list</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: AllowCONNECT 443 563</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<ul class="simple"><li>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</li>
|
||
|
<li>LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</li>
|
||
|
<li>LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</li>
|
||
|
<li>LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</li>
|
||
|
</ul>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: AllowCONNECT 443 563 1070 8088</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The AllowCONNECT directive specifies a list of port numbers the server
|
||
|
allows clients to specify when using the CONNECT method. Clients use the CONNECT
|
||
|
method when HTTPS connections are requested and proxy tunneling over HTTP
|
||
|
is in effect. By default, only the default HTTPS port (443) and the default
|
||
|
SNEWS port (563) are enabled. Use this directive to override the default and
|
||
|
only allow connections that use one of the listed ports.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em> port_list</em></dt>
|
||
|
<dd><ul><li> The <var class="varname">port_list</var> parameter can consist of a string of
|
||
|
port numbers separated by spaces (see example). </li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example</strong></dt>
|
||
|
<dd><pre>AllowCONNECT 443 563 1070 8088</pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<ul class="simple"><li>ProxyBlock may be used to block incoming requests prior to this directive's
|
||
|
consideration.</li>
|
||
|
<li>Setting ProxyRequests to off negates this directive.</li>
|
||
|
</ul>
|
||
|
<p>This directive may be configured multiple times in a container. The
|
||
|
directives are processed from the first to the last occurrence.</p>
|
||
|
</blockquote>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="noproxy"><a name="noproxy"><!-- --></a><h2 class="topictitle2">NoProxy</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: NoProxy <var class="varname">domain | subnet | ipaddr
|
||
|
| hostname [domain | subnet | ipaddr | hostname ...]</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: NoProxy .mycompany.com 192.168.112.0/21</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The NoProxy directive specifies a list of domains, subnets, IP addresses,
|
||
|
and/or hosts (in any combination) separated by spaces. Multiple NoProxy directives
|
||
|
are allowed. Items in each list are used to match requests for which the server
|
||
|
should attempt to handle directly rather than going through a remote proxy
|
||
|
server (specified using the ProxyRemote directive). When a client sends a
|
||
|
request that matches one or more listed items, the server attempts to connect
|
||
|
directly to the server specified in the URL rather than to a remote proxy
|
||
|
(specified by ProxyRemote) to chain the request. </p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>domain | subnet | ipaddr | hostname</em></dt>
|
||
|
<dd><ul><li> A <var class="varname">domain</var> is a partially qualified DNS domain name,
|
||
|
preceded by a period. It represents a group of hosts that logically belong
|
||
|
to the same DNS domain or zone (that is, the suffixes of the hostnames are
|
||
|
all ending in Domain).</li>
|
||
|
<li> A <var class="varname">subnet</var> is a partially qualified Internet address
|
||
|
in a numeric (dotted quad) form, optionally followed by a slash (/) and the
|
||
|
netmask, specified as the number of significant bits in the subnet. It is
|
||
|
used to represent a subnet of hosts that can be reached over a common network
|
||
|
interface. In the absence of the explicit netmask it is assumed that omitted
|
||
|
(or zero valued) trailing digits specify the mask. In this case, the netmask
|
||
|
can only be multiples of '8 bits' wide. For example, the subnet '192.168.0.0'
|
||
|
with an implied netmask of '16' valid bits (sometimes used in the netmask
|
||
|
form 255.255.0.0.).</li>
|
||
|
<li> An <var class="varname">ipaddr</var> represents a fully qualified Internet address
|
||
|
in numeric (dotted quad) form. Usually this address represents a host, but
|
||
|
there need not necessarily be a DNS domain name connected with the address.
|
||
|
For example: 192.168.123.7 </li>
|
||
|
<li> A <var class="varname">hostname</var> is a fully qualified DNS domain name that
|
||
|
can be resolved to one or more IP addresses via the DNS domain name service.
|
||
|
It represents a logical host (in contrast to domain, see above) and must be
|
||
|
resolvable to at least one ipaddr (or often to a list of hosts with different
|
||
|
IP addresses).</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example</strong></dt>
|
||
|
<dd><pre>ProxyRemote * http://firewall.mycompany.com:81
|
||
|
NoProxy .mycompany.com 192.168.112.0/21</pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li>ProxyBlock may be used to block incoming requests prior to consideration
|
||
|
for this directive.</li>
|
||
|
<li>This directive is commonly used in conjunction with the ProxyRemote and
|
||
|
ProxyDomain directives for directing proxy requests within intranets.</li>
|
||
|
<li>Setting ProxyNoConnect to on negates this directive.</li>
|
||
|
</ul>
|
||
|
<p>This directive may be configured multiple times in a container. The directives
|
||
|
are processed from the first to the last occurrence.</p>
|
||
|
<div class="note"><span class="notetitle">Note:</span> Hostname and domain name comparisons are done without regard to the
|
||
|
case, and are always assumed to be anchored in the root of the DNS tree.</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxy"><a name="proxy"><!-- --></a><h2 class="topictitle2"><Proxy></h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: <Proxy <var class="varname">criteria</var>> ... </Proxy></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host, Not in Limit</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: Forward proxy<pre><Proxy http://www.ibm.com/>
|
||
|
Allow from All
|
||
|
Order Allow,Deny
|
||
|
</Proxy></pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: Reverse proxy<pre><Proxy /docs/>
|
||
|
Allow from All
|
||
|
Order Allow,Deny
|
||
|
</Proxy></pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p>The <Proxy> and </Proxy> directives are used to enclose (or contain)
|
||
|
a group of directives that apply only to proxy requests that match the specified
|
||
|
criteria. Multiple proxy containers are allowed, however they may not be nested.
|
||
|
Requests that do not match container criteria are outside the context of the
|
||
|
enclosed directives. Any directive allowed within a directory context is also
|
||
|
allowed within a proxy context (see <Directory> for details on directory
|
||
|
containers).</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>criteria </em></dt>
|
||
|
<dd><ul><li> The <var class="varname">criteria</var> parameter accepts a partial URL or virtual
|
||
|
directory path used to identify requests to which the enclosed directives
|
||
|
apply. Partial URLs are used to identify both forward and reverse proxy requests.
|
||
|
A match is considered by comparing request URL strings to the specified criteria
|
||
|
string, starting with the first character. A match is made if the two strings
|
||
|
are identical, up to the length of the criteria string.<p>Refer to <ProxyMatch>
|
||
|
for details regarding the use of regular expression criteria for proxy containers.</p>
|
||
|
<p>Directives
|
||
|
within proxy containers apply only to matched requests handled by the proxy
|
||
|
function (including both forward and reverse proxy). Requests not handled
|
||
|
by the proxy function are not affected by directives within proxy containers.</p>
|
||
|
</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example One</strong></dt>
|
||
|
<dd><pre><Proxy /user/local/httpd/htdocs>
|
||
|
Allow from All
|
||
|
Order Allow,Deny
|
||
|
</Proxy></pre>
|
||
|
<div class="note"><span class="notetitle">Note:</span> Previously, directory containers were used to
|
||
|
enclose groups of directives that applied to proxy requests by appending the
|
||
|
prefix "proxy:" to the beginning of the directory name criteria specified
|
||
|
for <Directory> or <DirectoryMatch> directives. This is no longer supported.
|
||
|
The proxy function now ignores directives enclosed in <Directory> (or <File>)
|
||
|
containers.</div>
|
||
|
<p>Directives within <Location> containers (if matched)
|
||
|
take precedence over directives within <Proxy> containers. See <Location>
|
||
|
or <LocationMatch> for more information on <Location> containers.</p>
|
||
|
<p>When
|
||
|
request URLs match criteria strings of multiple proxy containers, directives
|
||
|
within all matched containers are combined and applied. <Proxy> sections
|
||
|
are processed in the order they appear in the configuration file. The following
|
||
|
is an example of how directives are combined and applied according to order.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example Two: Forward Proxy</strong></dt>
|
||
|
<dd><pre>ProxyRequest on
|
||
|
<Proxy http://>
|
||
|
Deny from All
|
||
|
ServerSignature on
|
||
|
</Proxy>
|
||
|
<Proxy http://www.ibm.com/>
|
||
|
Allow from All
|
||
|
</Proxy></pre>
|
||
|
<p>For this example, a request for http://www.ibm.com/docs/whitepaper.pdf
|
||
|
matches criteria specified for both proxy containers, therefore the server
|
||
|
applies the directives within both containers. Since the criteria specified
|
||
|
for the second container (<Proxy http://www.ibm.com/>) is more specific
|
||
|
(a better match) than the criteria specified for the first container (<Proxy
|
||
|
http://>) directives enclosed within the second container take precedence.
|
||
|
The request is therefore allowed since the second container has an "Allow
|
||
|
from All" directive. The ServerSignature directive would be applied to this
|
||
|
request as well (if needed). A request for http://web.samples.org/welcome.htm,
|
||
|
however, only matches the criteria for the first container, and is therefore
|
||
|
denied since this container has a "Deny from All" directive.</p>
|
||
|
<p>If request
|
||
|
URLs match criteria strings for one or more <Proxy> directives as well
|
||
|
as regular expression criteria for one or more <ProxyMatch> directives,
|
||
|
the server applies matched <Proxy> and <ProxyMatch> container directives
|
||
|
in the order they appear in the configuration file.</p>
|
||
|
<div class="note"><span class="notetitle">Example:</span> <pre>ProxyRequest on
|
||
|
<Proxy http://www.ibm.com/>
|
||
|
Allow from All
|
||
|
</Proxy>
|
||
|
<ProxyMatch ^(.*)>
|
||
|
Deny from All
|
||
|
</ProxyMatch></pre>
|
||
|
</div>
|
||
|
<p>A request for http://www.ibm.com/welcome.html
|
||
|
matches criteria specified for both proxy containers, therefore the server
|
||
|
applies the directives within both containers. Directives for the <Proxy>
|
||
|
container are applied first, then directives for the <ProxyMatch> container.
|
||
|
Due to the order that directives are applied, the request is denied since
|
||
|
the "Deny from All" directive (from the <ProxyMatch> container) is applied
|
||
|
last, eveh though the <Proxy> container is a more exact match.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<div class="note"><span class="notetitle">Note:</span> Setting ProxyRequests to <var class="varname">off</var> does not negate this
|
||
|
directive. It is available regardless of the forward proxy state.</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxybadheader"><a name="proxybadheader"><!-- --></a><h2 class="topictitle2">ProxyBadHeader</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyBadHeader <var class="varname">IsError | Ignore
|
||
|
| StartBody</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: ProxyBadHeader IsError</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server, virtual host</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyBadHeader Ignore</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> This directive tells the server how to handle a bad header line in a response.
|
||
|
The value <var class="varname">ignore</var> means the proxy ignores the bad header
|
||
|
and continues. The value <var class="varname">IsError</var> means that the proxy fails
|
||
|
out on the request. The value <var class="varname">StartBody</var> means that proxy
|
||
|
(if it has seen other headers before this bad one) starts sending the rest
|
||
|
of the headers as body and hopes that the server can handle it.</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxyblock"><a name="proxyblock"><!-- --></a><h2 class="topictitle2">ProxyBlock</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyBlock <var class="varname">word | host | domain
|
||
|
[word | host | domain ...] </var> </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: none </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyBlock somecompany.com www-1.ibm.com
|
||
|
www-2.ibm.com</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyBlock directive specifies a list of words, hosts, and/or domains
|
||
|
(in any combination), separated by spaces. Multiple ProxyBlock directives
|
||
|
are allowed. Requests to sites whose URLs contain matched words, hosts, or
|
||
|
domains are blocked by the server. At startup the server attempts to determine
|
||
|
list item IP addresses, that may be host names, and records them for a match
|
||
|
test.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>word | host | domain </em></dt>
|
||
|
<dd><ul><li>A <var class="varname">word</var> can be any keyword (for example, <samp class="codeph">ProxyBlock
|
||
|
hello server good-bye</samp>).</li>
|
||
|
<li>A <var class="varname">host</var> is a fully qualified DNS domain name that can
|
||
|
be resolved to one or more IP addresses via the DNS domain name service. It
|
||
|
represents a logical host (in contrast to domain, see below) and must be resolvable
|
||
|
to at least one IP address (or often to a list of hosts with different IP
|
||
|
addresses), otherwise it is simply treated as a word (see above).</li>
|
||
|
<li>A <var class="varname">domain</var> is a partially qualified DNS domain name,
|
||
|
preceded by a period. It represents a group of hosts that logically belong
|
||
|
to the same DNS domain or zone (that is, the suffixes of the hostnames are
|
||
|
all ending in Domain). </li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example</strong></dt>
|
||
|
<dd><pre>ProxyBlock ibm.com www-1.ibm.com www-2.ibm.com server hello</pre>
|
||
|
<p> The
|
||
|
'www-2.ibm.com' would also be matched if referenced by IP address since the
|
||
|
server records addresses at startup for a match test. Note that either 'ibm.com'
|
||
|
or 'ibm' is sufficient to match both 'www-1.ibm.com' and 'www-2.ibm.com' by
|
||
|
word. However, their corresponding IP addresses would not be blocked since
|
||
|
the server could not determine their addresses without having their hostnames
|
||
|
specifically listed.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<div class="note"><span class="notetitle">Note:</span> <samp class="codeph">" ProxyBlock *"</samp> effectively blocks requests to all
|
||
|
sites and therefore should be avoided.</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxycacheonly"><a name="proxycacheonly"><!-- --></a><h2 class="topictitle2">ProxyCacheOnly</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyCacheOnly <var class="varname">word | host | domain
|
||
|
[word | host | domain ...]</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: none (meaning cache all documents satisfying
|
||
|
other caching directives) </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none (meaning cache all documents satisfying
|
||
|
other caching directives)</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: iSeries™ </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyCacheOnly ibm.com www-1.ibm.com www-2.ibm.com</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyCacheOnly directive specifies a list of words, hosts, and domains
|
||
|
(in any combination), separated by spaces. Multiple ProxyCacheOnly directives
|
||
|
are allowed. Listed items are used to match requests for which the server
|
||
|
should cache documents if caching is enabled. The server may then serve cached
|
||
|
documents for subsequent requests. The server will also attempt to determine
|
||
|
list item IP addresses and records them for a match test.</p>
|
||
|
<p>If this directive is absent, all documents satisfying all other caching
|
||
|
directives (for example, ProxyNoCache, CacheMaxFileSize, CacheMinFileSize,
|
||
|
etc.) are cached. If this directive is present, only documents from matched
|
||
|
words, hosts, or domains are cached (as long as they also satisfy all other
|
||
|
caching directives).</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>word | host | domain</em></dt>
|
||
|
<dd><ul><li>A <var class="varname">word</var> can be any keyword (for example, <samp class="codeph">ProxyCacheOnly
|
||
|
hello server good-bye</samp>).</li>
|
||
|
<li>A <var class="varname">host</var> is a fully qualified DNS domain name that can
|
||
|
be resolved to one or more IP addresses via the DNS domain name service. It
|
||
|
represents a logical host (in contrast to domain, see below) and must be resolvable
|
||
|
to at least one IP address (or often to a list of hosts with different IP
|
||
|
addresses), otherwise it is simply treated as a word (see above).</li>
|
||
|
<li>A <var class="varname">domain</var> is a partially qualified DNS domain name,
|
||
|
preceded by a period. It represents a group of hosts that logically belong
|
||
|
to the same DNS domain or zone (that is, the suffixes of the hostnames are
|
||
|
all ending in Domain).</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example</strong></dt>
|
||
|
<dd><pre>ProxyCacheOnly ibm.com www-1.ibm.com sample.server.edu</pre>
|
||
|
<p> For
|
||
|
this example, 'sample.server.edu' would also be matched if referenced by IP
|
||
|
address since the server records addresses at startup for a match test. Note
|
||
|
that 'sample', 'server', 'edu', 'sample.server', or 'server.edu' is sufficient
|
||
|
to match 'sample.server.edu' by word, however documents for requests using
|
||
|
IP addresses corresponding to 'sample.server.edu' would not be cached since
|
||
|
the server could not determine the addresses unless the hostname is specifically
|
||
|
listed. </p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li>CacheMinFileSize, CacheMaxFileSize, and CacheTimeMargin may make documents
|
||
|
ineligible for cache prior to consideration for this directive.</li>
|
||
|
<li>ProxyNoCache provides counter function. Documents matching a previous
|
||
|
ProxyNoCache template in the configuration will not be cached, regardless
|
||
|
of whether they match a subsequent ProxyCacheOnly template. In other words,
|
||
|
a ProxyNoCache directive may override a ProxyCacheOnly directive if configured
|
||
|
prior to the ProxyCacheOnly directive.</li>
|
||
|
<li>This directive is used only if CacheRoot is set.</li>
|
||
|
<li>Setting ProxyNoConnect to off negates this directive.</li>
|
||
|
</ul>
|
||
|
<div class="note"><span class="notetitle">Note:</span> <samp class="codeph">"ProxyCacheOnly *"</samp> enables caching for all documents
|
||
|
if not preceded and matched by a ProxyNoCache directive.</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxydomain"><a name="proxydomain"><!-- --></a><h2 class="topictitle2">ProxyDomain</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyDomain <var class="varname">domain</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: <span id="proxydomain__directiveName_origin"><a name="proxydomain__directiveName_origin"><!-- --></a>Apache</span></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyDomain .mycompany.com</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyDomain directive specifies the default domain to which the server
|
||
|
belongs when acting as a forward proxy server. If a request specifies a host
|
||
|
without a domain name, the server sends a response that redirects the client
|
||
|
to the host with the configured domain appended. Possible values include all
|
||
|
domain names starting with a dot (or period) and consisting only of the characters
|
||
|
AZ, AZ, '.' (dot), '-' (dash), and 0-9.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>domain</em></dt>
|
||
|
<dd><ul><li> The <var class="varname">domain</var> is a partially qualified DNS domain name,
|
||
|
preceded by a period. It represents a group of hosts that logically belong
|
||
|
to the same DNS domain or zone (that is, the suffixes of the hostnames are
|
||
|
all ending in Domain). </li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example</strong></dt>
|
||
|
<dd><pre>ProxyRemote * http://firewall.mycompany.com:81
|
||
|
NoProxy .mycompany.com 192.168.112.0/21
|
||
|
ProxyDomain .mycompany.com</pre>
|
||
|
<p>For this example, if an unqualified
|
||
|
request for http://myserver/ comes in, the server will redirect the client
|
||
|
to a fully qualified host name using the default domain. That is, the client
|
||
|
will be redirected to http://myserver.mycompany.com/.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li>ProxyBlock may be used to block incoming requests prior to consideration
|
||
|
for this directive.</li>
|
||
|
<li>This directive is commonly used in conjunction with the NoProxy and ProxyRemote
|
||
|
directives for directing proxy requests within intranets.</li>
|
||
|
<li>Setting ProxyRequests to off negates this directive</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxyerroroverride"><a name="proxyerroroverride"><!-- --></a><h2 class="topictitle2">ProxyErrorOverride</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyErrorOverride <var class="varname">on | off</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: ProxyErrorOverride off </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyErrorOverride on</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyErrorOverride directive specifies if the server is to override
|
||
|
error response codes and message text sent by remote servers to enable local
|
||
|
error messaging for remote server problems. If disabled (the default), all
|
||
|
responses sent by remote servers (including errors) are relayed to clients
|
||
|
(local error messaging is not used). If enabled, server related error codes
|
||
|
and messages sent by remote servers (codes greater than or equal to 400) are
|
||
|
overridden and local error messaging is used to send responses that pertain
|
||
|
to the local server, rather than the remote server. Non-server related error
|
||
|
codes (codes less than 400) are not affected by this directive and are always
|
||
|
relayed to clients.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>on | off</em></dt>
|
||
|
<dd><ul><li>If <var class="varname">off</var>, is specified (the default), all response codes
|
||
|
and messages sent by remote servers are relayed to clients (unaltered).</li>
|
||
|
<li>If <var class="varname">on</var> is specified, error response codes and messages
|
||
|
sent by remote servers relating to server problems are overridden and local
|
||
|
error messaging is used to send responses to clients.</li>
|
||
|
</ul>
|
||
|
<p>By default, local error messaging will send hardcoded messages to
|
||
|
clients. However, it may be configured to send custom web pages as well, or
|
||
|
to redirect certain errors to local CGI programs (or servlets) or remote servers
|
||
|
to handle. When ProxyErrorOverride is used in conjunction with ErrorDocument
|
||
|
support, custom responses may be sent to clients when proxy requests fail
|
||
|
due to remote server problems. This is useful for reverse proxy setups where
|
||
|
remote server problems need to be concealed from clients or when web sites
|
||
|
must have a common error reporting appearance. It may be used, however, for
|
||
|
any proxy setup where remote server errors need to be handled in a certain
|
||
|
(customized) manner.</p>
|
||
|
<p>For example, suppose the local server has address
|
||
|
http://www.ibm.com/ and the following directives are setup for reverse proxy:</p>
|
||
|
<pre>ProxyPass /docs/ http://pubserver.ibm.com/public/documentation/
|
||
|
ProxyErrorOverride on
|
||
|
ErrorDocument proxyrmterror /cgi-bin/proxyerr.pgm</pre>
|
||
|
<p>Now further
|
||
|
suppose the local server was sent the request http://www.ibm.com/docs/whitepaper.html.
|
||
|
The ProxyPass directive will cause the request to be internally converted
|
||
|
into a request for http://pubserver.ibm.com/public/documentation/whitepaper.html.
|
||
|
The proxy function will then be invoked to retrieve /public/documentation/whitepaper.html
|
||
|
from pubserver.ibm.com. The remote server (pubserver.ibm.com) then has an
|
||
|
error that causes it to return response code 500 (internal error) to the local
|
||
|
server (www.ibm.com). Since ProxyErrorOverride is enabled, the local server
|
||
|
overrides the response code (along with any message text) and enables local
|
||
|
error messaging to handle the response. Furthermore, since ErrorDocument is
|
||
|
setup for such a response (proxyrmterror), the error is passed to the cgi
|
||
|
program /cgi-bin/proxyerr.pgm which handles the problem by sending a customized
|
||
|
error page to the client.</p>
|
||
|
<p>In this example of a reverse proxy request
|
||
|
process, internal server errors from a remote server (pubserver.ibm.com) are
|
||
|
concealed from the client since local error messaging is enabled for proxy
|
||
|
requests on www.ibm.com. Similar handling may be setup for forward proxy scenarios
|
||
|
as well.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li>If custom error messages are not defined (not enabled via ErrorDocument),
|
||
|
local error messaging may still be used to send hardcoded messages pertaining
|
||
|
to the local server. </li>
|
||
|
<li>Setting ProxyRequests to off does not negate this directive. It is available
|
||
|
regardless of the forward proxy state.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxymatch"><a name="proxymatch"><!-- --></a><h2 class="topictitle2"><ProxyMatch></h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: <ProxyMatch <var class="varname">criteria</var>>
|
||
|
... </ProxyMatch></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: none </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: Reverse proxy<pre>ProxyReverse on
|
||
|
ProxyPass /docs/v4r4m0/ http://pubserver.ibm.com/public/v4r4m0/
|
||
|
<ProxyMatch "^http://pubserver.ibm.com/public/v[0-9]r[0-9]m[0-9]/(.*)">
|
||
|
Allow from All
|
||
|
Order Allow,Deny
|
||
|
</ProxyMatch></pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: Forward proxy<pre><ProxyMatch "^http://server[0-9]r[0-9]m[0-9]/docs/*">
|
||
|
Allow from All
|
||
|
Order Allow,Deny
|
||
|
</ProxyMatch></pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p>The <ProxyMatch> directive is used to enclose a group of directives
|
||
|
that apply only to proxy requests that match the specified criteria. Multiple
|
||
|
proxy containers are allowed, however they may not be nested. Requests that
|
||
|
do not match container criteria are outside the context of the enclosed directives.
|
||
|
Any directive allowed within a directory context is also allowed within a
|
||
|
proxy context.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>criteria</em></dt>
|
||
|
<dd><ul><li> The <var class="varname">criteria</var> parameter accepts a UNIX-style extended
|
||
|
regular expression used to identify requests to which the enclosed directives
|
||
|
apply. Expressions are used to identify both forward and reverse proxy requests.
|
||
|
A match is considered by comparing request URL strings to the specified expression.
|
||
|
Subexpressions are grouped within parentheses. Then, parenthetically enclosed
|
||
|
regular expressions are substituted in a subsequent $n statement. A match
|
||
|
is made if the URL string matches the expression using regular expression
|
||
|
logic. For reverse proxy, the specified expression must match the new outgoing
|
||
|
URL.</li>
|
||
|
</ul>
|
||
|
<p>Proxy containers defined by <ProxyMatch> directives (including
|
||
|
the directives enclosed by them) are handled in the same way as those defined
|
||
|
by <Proxy> directives. The only difference is in how the criteria is specified
|
||
|
and handled using regular expressions (for <ProxyMatch>) rather than string
|
||
|
literals (for <Proxy>). Refer to <Proxy> for further details regarding
|
||
|
proxy containers.</p>
|
||
|
<p></p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<p>For example, suppose the local server has address http://as400.ibm.com/
|
||
|
and the following directives are setup for reverse proxy:</p>
|
||
|
<dl><dt class="dlterm"><strong>Example</strong></dt>
|
||
|
<dd><pre>ProxyPass /v4r3m0/docs/ http://pubserver.ibm.com/public/vrm430/
|
||
|
ProxyPass /v4r4m0/docs/ http://pubserver.ibm.com/public/vrm440/
|
||
|
ProxyPass /v4r5m0/docs/ http://pubserver.ibm.com/public/vrm450/
|
||
|
ProxyPass /v5r1m0/docs/ http://pubserver.ibm.com/public/vrm510/
|
||
|
<ProxyMatch "^http://pubserver.ibm.com/public/v[0-9]r[0-9]m[0-9]/(.*)">
|
||
|
AuthName "iSeries Document Server"
|
||
|
AuthType Basic
|
||
|
Require group admin
|
||
|
PasswdFile QUSRSYS/DOC_USERS
|
||
|
GroupFile /groups/doc_readers
|
||
|
</ProxyMatch></pre>
|
||
|
<p>For this example, a request for /v4r5m0/docs/manual.html
|
||
|
is identified as a proxy request since it matches the third ProxyPass statement
|
||
|
(ProxyPass /v4r5m0/docs/ http://pubserver.ibm.com/public/vrm450/). Once identified
|
||
|
as a proxy request, it is compared against criteria specified for the proxy
|
||
|
container (ProxyMatch "^http://pubserver.ibm.com/public/v[0-9]r[0-9]m[0-9]/(.*)")
|
||
|
using regular expression logic. A match is made and the server applies the
|
||
|
directives within the container that requires the client to provide basic
|
||
|
authentication credentials (AuthType Basic). If the client is authenticated
|
||
|
(PasswdFile QUSRSYS/DOC_USERS) and authorized (GroupFile /groups/doc_readers,
|
||
|
or Require group admin) the request will be internally converted into a request
|
||
|
for http://publicserver.ibm.com/public/vrm450/manual.html and further handled
|
||
|
by the proxy function (see <a href="#proxypass">ProxyPass</a> for
|
||
|
more information on reverse proxy). If the client is not authenticated or
|
||
|
authorized, the request fails.</p>
|
||
|
<ul><li>The client is authenticated if a valid userid and password is provided,
|
||
|
according to the PasswdFile directive.</li>
|
||
|
<li>The client is authorized if the userid (or group) is allowed access, according
|
||
|
to the GroupFile or Require directives.</li>
|
||
|
</ul>
|
||
|
<p>Notice that in the above example the directives enclosed in the proxy
|
||
|
container will apply to requests matching any of the ProxyPass directives
|
||
|
since the regular expression criteria (specified for <ProxyMatch>) matches
|
||
|
all four virtual directory path names specified for ProxyPass.</p>
|
||
|
<ul><li>Setting ProxyRequests to off does not negate this directive. It is available
|
||
|
regardless of the forward proxy state.</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxymaxforwards"><a name="proxymaxforwards"><!-- --></a><h2 class="topictitle2">ProxyMaxForwards</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyMaxForwards <var class="varname">maximum</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: ProxyMaxForwards 10 </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyMaxForwards 8</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyMaxForwards directive specifies the value the server is to use
|
||
|
when adding Max-Forwards request headers to requests that do not contain a
|
||
|
Max-Forwards header. When the server receives requests that do not contain
|
||
|
a Max-Forwards header, it automatically adds one using the specified value.
|
||
|
This setting is not used for requests that already contain a Max-Forwards
|
||
|
header.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>maximum </em></dt>
|
||
|
<dd><ul><li> The <var class="varname">maximum</var> parameter accepts an integer value between
|
||
|
1 and 2,147,483,648 to specify the value the server is to use when it adds
|
||
|
Max-Forwards request headers to proxy requests.</li>
|
||
|
</ul>
|
||
|
<p>The server uses Max-Forwards headers to prevent infinite proxy loops,
|
||
|
and possibly certain types of denial of service attacks. This is accomplished
|
||
|
by ensuring that a Max-Forwards header is set for all requests to control
|
||
|
the maximum number of times it can be forwarded (or passed to subsequent servers).
|
||
|
</p>
|
||
|
<p>When the server receives requests containing a Max-Forwards header,
|
||
|
it will continue to process the requests only if the value for the header
|
||
|
is greater than 0 (zero). If the value is greater than zero, the server decrements
|
||
|
it and continues to process the request. If the request subsequently needs
|
||
|
to be forwarded to another server, the Max-Forwards header is sent with the
|
||
|
decremented value. This process is repeated until the request is fulfilled
|
||
|
(or rejected) by a server, or until the value for the Max-Forwards header
|
||
|
reaches zero. Once the value reaches zero (or less), the server will not forward
|
||
|
the request and will respond immediately (see example, request 3) with the
|
||
|
following response codes:</p>
|
||
|
<ul><li>If TRACE method is used, 200 (OK) is returned as well as any trace data.</li>
|
||
|
<li>If OPTIONS method is used, 200 (OK) is returned as well as any options
|
||
|
data.</li>
|
||
|
<li>If any other method is used, 502 (BAD_GATEWAY) is returned as well as
|
||
|
the server's customized error page for "proxyfail" (if enabled, see <a href="rzaiemod_core.htm#errordocument">ErrorDocument</a>).</li>
|
||
|
</ul>
|
||
|
<p>This setting is used for both forward and reverse proxy requests.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example: Forward Proxy</strong></dt>
|
||
|
<dd><pre>ProxyRequests on
|
||
|
ProxyMaxForwards 8</pre>
|
||
|
<p>For this example, consider the following
|
||
|
three requests:</p>
|
||
|
<dl><dt class="dlterm">Request 1</dt>
|
||
|
<dd><pre>GET http://docserver.ibm.com/manual.pdf HTTP/1.0</pre>
|
||
|
<p>For
|
||
|
this request, the server will use the value specified for ProxyMaxForwards
|
||
|
(8) to add the new header "Max-Forwards : 8" to the request (since it is not
|
||
|
already present), and then forward it to docserver.ibm.com as:</p>
|
||
|
<pre>GET /manual.pdf HTTP/1.0
|
||
|
Max-Forwards : 8</pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm">Request 2</dt>
|
||
|
<dd><pre>GET http://docserver.ibm.com/manual.pdf HTTP/1.0
|
||
|
Max-Forwards : 3</pre>
|
||
|
<p>For this request, the server will decrement
|
||
|
the value for the Max-Forwards header to 2, and then forward the request to
|
||
|
docserver.ibm.com as:</p>
|
||
|
<pre>GET /manual.pdf HTTP/1.0
|
||
|
Max-Forwards : 2</pre>
|
||
|
<p>In this case, the value specified for ProxyMaxForwards
|
||
|
is not used since the request already contained a Max-Forwards header.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm">Request 3</dt>
|
||
|
<dd><pre>GET http://docserver.ibm.com/manual.pdf HTTP/1.0
|
||
|
Max-Forwards : 0</pre>
|
||
|
<p>For this request, the server will immediately
|
||
|
return response code 502 (BAD_GATEWAY) since the request cannot be forwarded
|
||
|
any further due to the Max-Forwards header value. In this case, docserver.ibm.com
|
||
|
is never contacted.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<ul><li>Setting ProxyRequests to <var class="varname">off</var> does not negate this directive.
|
||
|
It is available regardless of the forward proxy state.</li>
|
||
|
</ul>
|
||
|
</blockquote>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxynocache"><a name="proxynocache"><!-- --></a><h2 class="topictitle2">ProxyNoCache</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyNoCache <var class="varname">word | host | domain</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: absent [meaning cache all files satisfying
|
||
|
other caching directives] </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyNoCache ibm.com www-1.ibm.com sample.example.edu</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyNoCache directive specifies a list of words, hosts, and domains
|
||
|
(in any combination), separated by spaces. HTTP and non-passworded FTP documents
|
||
|
from matched words, hosts or domains are not cached by the proxy server. The
|
||
|
proxy module will also attempt to determine IP addresses of list items, that
|
||
|
may be hostnames during startup, and cache them for a match test. If this
|
||
|
directive is absent, all documents satisfying all other caching directives
|
||
|
(for example: ProxyCacheOnly, CacheMaxFileSize, CacheMinFileSize, etc.) are
|
||
|
cached. If this directive is present, documents from matched words, hosts
|
||
|
or domains are not cached.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>word | host | domain</em></dt>
|
||
|
<dd><ul><li>A <var class="varname">word</var> can consist of any combination of keywords (for
|
||
|
example, ProxyNoCache hello server good-bye).</li>
|
||
|
<li>The <var class="varname">host</var> is a fully qualified DNS domain name that
|
||
|
can be resolved to one or more IP address via the DNS domain name service.
|
||
|
It represents a logical host (in contrast to domain, see above) and must be
|
||
|
resolvable to at least one IP address (or often to a list of hosts with different
|
||
|
IP addresses).</li>
|
||
|
<li>The <var class="varname">domain</var> is a partially qualified DNS domain name,
|
||
|
preceded by a period. It represents a list of hosts that logically belong
|
||
|
to the same DNS domain or zone (that is, the suffixes of the hostnames are
|
||
|
all ending in Domain). </li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example</strong></dt>
|
||
|
<dd><pre>ProxyNoCache ibm.com www-1.ibm.com sample.example.edu</pre>
|
||
|
<p> The
|
||
|
'sample.example.edu' would also be matched if referenced by IP address. Note
|
||
|
that 'example ' is sufficient to match 'example.edu'.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li>ProxyCacheOnly provides counter function. Documents matching a previous
|
||
|
ProxyCacheOnly template in the configuration will be cached, regardless of
|
||
|
whether they match a subsequent ProxyNoCache template. In other words, a ProxyCacheOnly
|
||
|
directive may override a ProxyNoCache directive if configured prior to the
|
||
|
ProxyNoCache directive.</li>
|
||
|
<li>This directive is used only if CacheRoot is set.</li>
|
||
|
<li>Setting ProxyRequests to <var class="varname">off</var> negates this directive.</li>
|
||
|
</ul>
|
||
|
<div class="note"><span class="notetitle">Note:</span> <samp class="codeph">"ProxyNoCache *"</samp> disables caching for all documents
|
||
|
if not preceded by the ProxyCacheOnly directive, however garbage collection
|
||
|
is not affected.</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxynoconnect"><a name="proxynoconnect"><!-- --></a><h2 class="topictitle2">ProxyNoConnect</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyNoConnect <var class="varname">on | off</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: ProxyNoConnect off </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: iSeries</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyNoConnect off</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyNoConnect directive specifies if the proxy is to connect to remote
|
||
|
content servers to retrieve documents. If the server is not allowed to connect
|
||
|
to remote content servers, it can only serve documents from cache.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>on | off</em></dt>
|
||
|
<dd><ul><li>If <var class="varname">off</var> is specified, the server may serve documents
|
||
|
from cache (if enabled) as well as issue outgoing requests to remote servers
|
||
|
to retrieve servable documents (see Example 1, below).</li>
|
||
|
<li>If set to <var class="varname">on</var> is specified, the proxy may only serve
|
||
|
documents from cache (if enabled). It will not establish outgoing connections
|
||
|
with remote servers. CacheRoot is required if on is specified (see Example
|
||
|
2, below).</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example 1</strong></dt>
|
||
|
<dd><pre>ProxyRequests on
|
||
|
ProxyNoConnect off
|
||
|
CacheRoot /QOpenSys/UserData/HTTPA/CacheRoot/myproxy</pre>
|
||
|
<p> In this
|
||
|
example, the proxy may serve documents from cache as well as issue outgoing
|
||
|
requests to remote servers.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example 2</strong></dt>
|
||
|
<dd><pre>ProxyRequests on
|
||
|
ProxyNoConnect on
|
||
|
CacheRoot /QOpenSys/UserData/HTTPA/CacheRoot</pre>
|
||
|
<p> In this example,
|
||
|
the proxy may only serve documents from cache. Documents will not be retrieved
|
||
|
from remote servers since outgoing connections are not permitted. Since the
|
||
|
server is not permitted to retrieve documents, items in cache must be managed
|
||
|
by another application or process other than the server itself.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li>CacheRoot is required if this directive is set to <var class="varname">on</var>.</li>
|
||
|
<li>The ProxyNoConnect directive causes the AllowCONNECT directive to be ineffective.
|
||
|
If ProxyNoConnect is present, and AllowCONNECT is also specified, then even
|
||
|
if the AllowCONNECT allows a SSL connection to be made on a specific port,
|
||
|
the ProxyNoConnect directive dictates that no connections are allowed.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxypass"><a name="proxypass"><!-- --></a><h2 class="topictitle2">ProxyPass</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyPass path <var class="varname">[url | !]</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: <span id="proxypass__directiveName_context"><a name="proxypass__directiveName_context"><!-- --></a>server config,
|
||
|
virtual host</span></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: <pre>ProxyPass /docs/confidential/ !
|
||
|
ProxyPass /docs/ http://pubserver.ibm.com/public/documentation/</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyPass directive specifies information used either to identify
|
||
|
and map requests into the space of remote servers, or to prevent requests
|
||
|
from being mapped into the space of remote servers, when the reverse proxy
|
||
|
function is enabled. Multiple ProxyPass directives are allowed. When enabled,
|
||
|
the server does not act as a proxy in the conventional sense, but appears
|
||
|
to be a mirror of remote servers by transforming requests that match specified
|
||
|
(virtual) directory paths into proxy requests using a corresponding partial
|
||
|
URL. If the reverse proxy function is not enabled, this directive has no affect
|
||
|
(see <a href="#proxyreverse">ProxyReverse</a>).</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter One</strong>: <em>path | url</em></dt>
|
||
|
<dd><ul><li>The <var class="varname">path</var> parameter is the name of a local virtual path.
|
||
|
When the directive is placed outside a location container, the first parameter
|
||
|
accepts a directory name used to identify requests to be handled by the proxy
|
||
|
function. The directory name does not need to specify an existing directory,
|
||
|
it may be a name used only as a virtual directory for the server.</li>
|
||
|
<li>The <var class="varname">url</var> parameter is a partial URL for the remote server.
|
||
|
When the directive is placed inside a location container, the first parameter
|
||
|
accepts a partial URL used to transform matched requests (for the location
|
||
|
container) into proxy requests. When matched, the portion of the original
|
||
|
request URL that matches the location container criteria is replaced with
|
||
|
the specified partial URL. Mapped requests are then handled by the proxy function
|
||
|
(see example two).</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Parameter Two</strong>: <em>url | !</em></dt>
|
||
|
<dd><ul><li>The <var class="varname">url | !</var> parameter is used when the directive is
|
||
|
placed outside a location container, the second parameter accepts a partial
|
||
|
URL or the negation operator (!). Partial URLs are used to transform matched
|
||
|
requests into proxy requests by replacing the portion of the original request
|
||
|
URL that matches the path parameter (parameter one) with the specified partial
|
||
|
URL (parameter two). Mapped requests are then handled by the proxy function.
|
||
|
The negation operator is used to prevent requests that match the path parameter
|
||
|
(parameter one) from being mapped and handled by the proxy function, even
|
||
|
though they may match a succeeding ProxyPass directive. Example one, below,
|
||
|
shows both partial URLs and the negation operator being used for multiple
|
||
|
ProxyPass directives.</li>
|
||
|
<li>When the directive is placed inside a location container a second parameter
|
||
|
cannot be specified.</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<p>The server functions as a reverse proxy by mapping requests
|
||
|
for documents inside virtual directories (specified by the path parameter
|
||
|
or location container criteria) into the space of remote servers (specified
|
||
|
by the url parameter). It then retrieves the documents (via proxy), and serves
|
||
|
them while making it appear to the client as if they originated from the local
|
||
|
server. </p>
|
||
|
<p>The negation operator (!) is used to prevent specific virtual
|
||
|
subdirectories to be mapped into the space of remote servers, while allowing
|
||
|
higher level (parent) directories to be mapped. Order is important in these
|
||
|
situations. ProxyPass directives using the negation operator to prevent specific
|
||
|
virtual subdirectories from being mapped must be placed before those mapping
|
||
|
higher level (parent) directories (see example one). </p>
|
||
|
<p>Suppose the local
|
||
|
server has address http://iseries.ibm.com/:</p>
|
||
|
<dl><dt class="dlterm"><strong>Example 1</strong></dt>
|
||
|
<dd><pre>ProxyReverse on
|
||
|
ProxyPass /docs/v4r5m0/ http://pubserver.ibm.com/public/v4r5m0/
|
||
|
ProxyPass /docs/archives/confidential/ !
|
||
|
ProxyPass /docs/archives/private/ !
|
||
|
ProxyPass /docs/archives/ http://pubserver.ibm.com/archives/documents/example</pre>
|
||
|
<p> For
|
||
|
this example, since the reverse proxy function is enabled (ProxyReverse on),
|
||
|
the first ProxyPass directive will cause a local request for /docs/v4r5m0/manual.html
|
||
|
to be internally transformed into a request for http://pubserver.ibm.com/public/v4r5m0/manual.html.
|
||
|
The proxy function will then be used to retrieve /public/v4r5m0/manual.html
|
||
|
from pubserver.ibm.com and return the document to the requesting client. In
|
||
|
this way, a virtual /docs/v4r5m0/ directory on the local server (as400.ibm.com)
|
||
|
appears as a mirror of the /public/v4r5m0/ directory of the remote server
|
||
|
(pubserver.ibm.com). A request for /docs/archives/20020101.log will be handled
|
||
|
in a similar way, using the last ProxyPass directive (ProxyPass /docs/archives/
|
||
|
http://pubserver.ibm.com/archives/documents/). However, a request for /docs/archives/confidential/secrets.txt
|
||
|
will not be handled by the proxy function since the second ProxyPass directive
|
||
|
prohibits any request for documents within the /docs/archives/confidential/
|
||
|
virtual subdirectory. Likewise, the third ProxyPass directive prohibits any
|
||
|
request for documents within the /docs/archives/private/ virtual subdirectory.</p>
|
||
|
<p>The
|
||
|
following example shows the ProxyPass directive being used within a location
|
||
|
container to obtain results similar to example 1.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example Two</strong></dt>
|
||
|
<dd><pre>ProxyReverse on
|
||
|
<Location /docs/v4r5m0/>
|
||
|
ProxyPass http://pubserver.ibm.com/public/v4r5m0/
|
||
|
</Location>
|
||
|
ProxyPass /docs/archives/confidential/ !
|
||
|
ProxyPass /docs/archives/private/ !
|
||
|
ProxyPass /docs/archives/ http://pubserver.ibm.com/archives/documents/</pre>
|
||
|
<p>Notice
|
||
|
the first ProxyPass directive is placed within a location container and specifies
|
||
|
only one parameter. A local request for /docs/v4r5m0/manual.html is identified
|
||
|
by matching the location container criteria (/docs/v4r5m0/), transformed into
|
||
|
a request for http://pubserver.ibm.com/public/v4r5m0/manual.html by replacing
|
||
|
the matched portion with the ProxyPass parameter, and handled by the proxy
|
||
|
function in the same way described for example one.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li><a href="#proxypassreverse">ProxyPassReverse</a> may be used to handle
|
||
|
HTTP redirect responses from remote servers.</li>
|
||
|
<li>Setting <a href="#proxyreverse">ProxyReverse</a> to <var class="varname">off</var> negates
|
||
|
this directive.</li>
|
||
|
<li>Setting <a href="#proxyrequests">ProxyRequests</a> to <var class="varname">off</var> does
|
||
|
not negate this directive. It is available regardless of the forward proxy
|
||
|
state.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxypassreverse"><a name="proxypassreverse"><!-- --></a><h2 class="topictitle2">ProxyPassReverse</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyPassReverse <var class="varname">path | url</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host, directory</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyPassReverse /docs/ http://pubserver.ibm.com/public/documentation/</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p>The ProxyPassReverse directive may specify a directory path and a partial
|
||
|
URL used to identify and adjust URLs in response headers returned to the client
|
||
|
(via proxy). Multiple ProxyPassReverse directives are allowed. The server
|
||
|
adjusts the values for URI, Location, and Content-Location response headers
|
||
|
according to the specified values.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter One</strong>: <em> path | url</em></dt>
|
||
|
<dd><ul><li>The <var class="varname">path</var> parameter is the name of a local virtual path.
|
||
|
When the directive is placed outside a location container, the first parameter
|
||
|
accepts a directory name used to adjust response header values. If URLs specified
|
||
|
in response headers match the url parameter (parameter two), the portion that
|
||
|
matches is replaced with the specified directory name. Adjusted headers are
|
||
|
then returned to the client. The directory name does not need to specify an
|
||
|
existing directory, it may be a name used only as a virtual directory for
|
||
|
the server.</li>
|
||
|
<li>The <var class="varname">url</var> parameter is a partial URL for the remote server.
|
||
|
When the directive is placed inside a location container, the first parameter
|
||
|
accepts a partial URL used to identify URLs in URI, Location, and Content-Location
|
||
|
response headers returned to the server as requested by the proxy function.
|
||
|
If any of these request headers match the specified partial URL, the portion
|
||
|
that matches is replaced with the directory name specified for the location
|
||
|
container. Adjust headers are then returned to the client.</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Parameter Two</strong>: <em>url</em></dt>
|
||
|
<dd><ul><li>The <var class="varname">url</var> parameter is a partial URL for the remote server.
|
||
|
When the directive is placed outside a location container, the second parameter
|
||
|
accepts a partial URL used to identify URLs in URI, Location, and Content-Location
|
||
|
response headers returned to the server as requested by the proxy function.</li>
|
||
|
<li>When the directive is placed inside a location container a second parameter
|
||
|
cannot be specified.</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<p>This directive provides support to be used in applications
|
||
|
when it is essential that clients are not directed to use URLs that bypass
|
||
|
the proxy function. It is mainly intended to provide additional function for
|
||
|
reverse proxy, however it may also be applied to forward proxy requests handled
|
||
|
by the server.</p>
|
||
|
<p>Suppose the local server has address http://iseries.ibm.com:</p>
|
||
|
<dl><dt class="dlterm"><strong>Example</strong></dt>
|
||
|
<dd><pre>ProxyReverse on
|
||
|
ProxyPass /docs/v4r4m0/ http://pubserver.ibm.com/public/v4r4m0/
|
||
|
ProxyPass /docs/v4r5m0/ http://pubserver.ibm.com/public/v4r5m0/
|
||
|
ProxyPass /docs/v5r1m0/ http://pubserver.ibm.com/public/v5r1m0/
|
||
|
ProxyPassReverse /docs/ http://pubserver.ibm.com/public/
|
||
|
ProxyPass /docs/archives/ http://pubserver.ibm.com/archives/</pre>
|
||
|
<p>For
|
||
|
this example, since the reverse proxy function is enabled (ProxyReverse on),
|
||
|
a request for /docs/v4r4m0/api_reference.htm will be internally transformed
|
||
|
into a proxy request for http://pubserver.ibm.com/public/v4r4m0/API_reference.htm
|
||
|
(the functionality the first ProxyPass directive provides here). The use of
|
||
|
ProxyPassReverse adjusts URLs in URI, Location, and Content-Location response
|
||
|
headers from pubserver.ibm.com. Therefore, when the server's request is subsequently
|
||
|
redirected by pubserver.ibm.com with the following response:</p>
|
||
|
<pre>301 "Permanently Moved"
|
||
|
Location: http://pubserver.ibm.com/public/archives/440/API_reference.htm
|
||
|
{other response headers}
|
||
|
|
||
|
{optional body text}</pre>
|
||
|
<p>The server changes the matching portion
|
||
|
of the URL in the Location header (http://pubserver.ibm.com/public/) to the
|
||
|
virtual server path (/docs/) before sending the following (adjusted) response
|
||
|
to the client:</p>
|
||
|
<pre>301 "Permanently Moved"
|
||
|
Location: http://as400.ibm.com/docs/archives/440/API_reference.htm
|
||
|
{other response headers}
|
||
|
|
||
|
{optional body text}</pre>
|
||
|
<p>In this way, any new request the client
|
||
|
sends due to the redirect response (301 "Permanently Moved") is directed back
|
||
|
to the proxy since the Location header is adjusted. The back end server and
|
||
|
path name (http://pubserver.ibm.com/public/) remain hidden from the client.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li>This directive is only useful when used in conjunction with the <a href="#proxypass">ProxyPass</a> directive.</li>
|
||
|
<li>Setting <a href="#proxyreverse">ProxyReverse</a> to <var class="varname">off</var> negates
|
||
|
this directive.</li>
|
||
|
<li>Setting <a href="#proxyrequests">ProxyRequests</a> to <var class="varname">off</var> does
|
||
|
not negate this directive. It is available regardless of the proxy state.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxypreservehost"><a name="proxypreservehost"><!-- --></a><h2 class="topictitle2">ProxyPreserveHost</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyPreserveHost on | off</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: ProxyPreserveHost off </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyPreserveHost on</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyPreserveHost directive specifies whether the server is to preserve
|
||
|
Host: headers when handling requests using the reverse proxy function.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>on | off</em></dt>
|
||
|
<dd><ul><li>If <var class="varname">off</var> is specified (the default), the server generates
|
||
|
Host: headers for requests handled by the reverse proxy function, using the
|
||
|
hostname (and optionally a port number) specified for the ProxyPass or RewriteRule
|
||
|
directives.</li>
|
||
|
<li>If <var class="varname">on</var> is specified, the server uses Host: headers sent
|
||
|
with requests, rather than generating Host: headers, and uses the hostname
|
||
|
(and optional port) specified for the ProxyPass or RewriteRule directives
|
||
|
only to route the request.</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<p>Suppose, for example, the local server has the address http://as400.ibm.com/
|
||
|
with the following directive set up for reverse proxy:</p>
|
||
|
<dl><dt class="dlterm"><strong>Example</strong></dt>
|
||
|
<dd><pre>ProxyPass /docs/ http://pubserver.ibm.com:8080/public/documentation/
|
||
|
ProxyPreserveHost on</pre>
|
||
|
<p>The server in this example is sent the
|
||
|
following request:</p>
|
||
|
<pre>GET /docs/manual.html HTTP/1.0
|
||
|
Host: virtual-host.ibm.com
|
||
|
{other request headers}
|
||
|
|
||
|
{optional body text}</pre>
|
||
|
<p>The ProxyPass directive will cause the
|
||
|
request to be internally transformed into a request for http://pubserver.ibm.com:8080/public/documentation/manual.html,
|
||
|
and the ProxyPreserveHost directive will cause the Host: header to be preserved
|
||
|
and passed by the proxy function, resulting in the following request sent
|
||
|
to pubserver.ibm.com:</p>
|
||
|
<pre>GET /public/documentation/manual.html HTTP/1.0
|
||
|
Host: virtual-host.ibm.com
|
||
|
{other request headers}
|
||
|
|
||
|
{optional body text}</pre>
|
||
|
<p>If off were specified for ProxyPreserveHost,
|
||
|
the Host: header would not be preserved. The server, in this case, would generate
|
||
|
a Host: header, resulting in the following request:</p>
|
||
|
<pre>GET /public/documentation/manual.html HTTP/1.0
|
||
|
Host: pubserver.ibm.com:8080
|
||
|
{other request headers}
|
||
|
|
||
|
{optional body text}</pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li><a href="#proxypassreverse">ProxyPassReverse</a> may be used to handle
|
||
|
HTTP redirect responses from remote servers.</li>
|
||
|
<li>Setting <a href="#proxyreverse">ProxyReverse</a> to <var class="varname">off</var> negates
|
||
|
this directive.</li>
|
||
|
<li>Setting <a href="#proxyrequests">ProxyRequests</a> to <var class="varname">off</var> does
|
||
|
not negate this directive. It is available regardless of the forward proxy
|
||
|
state.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxyreceivebuffersize"><a name="proxyreceivebuffersize"><!-- --></a><h2 class="topictitle2">ProxyReceiveBufferSize</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyReceiveBufferSize <var class="varname">bytes</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: ProxyReceiveBufferSize 0</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyReceiveBufferSize 2048 The ProxyReceiveBufferSize
|
||
|
directive specifies an explicit network buffer size for outgoing HTTP and
|
||
|
FTP connections (for increased throughput). This directive effectively overrides
|
||
|
the server's default TCP/IP buffer size. Possible values include 0 (zero)
|
||
|
and all positive integers greater than or equal to 512 (the maximum value
|
||
|
is 2,147,483,647 bytes). The value 0 (zero) indicates the system's default
|
||
|
buffer size should be used.</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>bytes</em></dt>
|
||
|
<dd><ul><li>The <var class="varname">bytes</var> parameter has to be greater than '512' or
|
||
|
set to '0' to indicate that the system's default buffer size should be used.</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxyremote"><a name="proxyremote"><!-- --></a><h2 class="topictitle2">ProxyRemote</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyRemote <var class="varname">match remote-server</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required
|
||
|
in the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyRemote ftp http://ftpproxy.mydomain.com:8080</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p>The ProxyRemote directive defines remote proxies for the local server.
|
||
|
Multiple ProxyRemote directives are allowed. When a client sends a request
|
||
|
that matches a ProxyRemote directive, the local server connects to the remote
|
||
|
proxy server specified in the directive, rather than to the server specified
|
||
|
in the URL. The remote proxy server retrieves the requested document and returns
|
||
|
it to the local server, who in turn returns it to the client. This is referred
|
||
|
to as a "proxy chain" since more than one proxy is used. </p>
|
||
|
<p>Proxy chains are useful in cases where multiple caches are used, or when
|
||
|
the local server doesn't support the protocol (or schema) specified in the
|
||
|
URL and must chain the request to a proxy that does support the protocol.
|
||
|
Proxy chains may also be useful in cases where certain requests must be chained
|
||
|
to another proxy server in order to get through a firewall or route across
|
||
|
a virtual private network.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter One</strong>: <em>match</em></dt>
|
||
|
<dd><ul><li> The <var class="varname">match</var> parameter is either the name of a URL scheme
|
||
|
that the remote proxy server supports, a partial URL that can be used to distinguish
|
||
|
requests that should be chained from requests that need not be chained, or
|
||
|
'*' to indicate the remote proxy server should be contacted (or chained) for
|
||
|
all requests.</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Parameter Two</strong>: <em>remote-server</em></dt>
|
||
|
<dd><ul><li> The <var class="varname">remote-server</var> parameter is a partial URL for the
|
||
|
remote server. <p><strong>Syntax</strong>: <var class="varname"><remote-server>=<protocol>://<hostname>[:port]</var></p>
|
||
|
<p>Where <var class="varname"><protocol></var> is the protocol that should be used to communicate with the remote server.
|
||
|
Only HTTP is supported by this module.</p>
|
||
|
</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example 1</strong></dt>
|
||
|
<dd><pre>ProxyRemote ftp http://ftpproxy.server.com:8080</pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example 2</strong></dt>
|
||
|
<dd><pre>ProxyRemote http://server.com/ http://mirrorserver.com:8000</pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example 3</strong></dt>
|
||
|
<dd><pre>ProxyRemote * http://server.com</pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<p>In example 1, the server will forward (or chain) all FTP
|
||
|
requests, encapsulated as yet another HTTP proxy request, to the server named
|
||
|
ftpproxy.server.com (port 8080), which then handles the request and returns
|
||
|
the document to the local server.</p>
|
||
|
<p>In example 2, the server will forward
|
||
|
all requests that match the partial URL http://server.com/ to the server named
|
||
|
mirrorserver.com (port 8000).</p>
|
||
|
<p>In example 3, all requests will be forwarded
|
||
|
to the server named server.com.</p>
|
||
|
</blockquote>
|
||
|
<ul><li><a href="#proxyblock">ProxyBlock</a> may be used to block incoming
|
||
|
requests prior to consideration for this directive.</li>
|
||
|
<li>Requests matching a <a href="#noproxy">NoProxy</a> directive
|
||
|
are not chained.</li>
|
||
|
<li>This directive is commonly used in conjunction with <a href="#noproxy">NoProxy</a> and <a href="#proxydomain">ProxyDomain</a> for
|
||
|
directing proxy requests within intranets.</li>
|
||
|
<li>Setting <a href="#proxynoconnect">ProxyNoConnect</a> to
|
||
|
on negates this directive.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxyrequests"><a name="proxyrequests"><!-- --></a><h2 class="topictitle2">ProxyRequests</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyRequests <var class="varname">on | off</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: ProxyRequests off </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyRequests on</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyRequest directive allows or prevents the server from functioning
|
||
|
as a forward proxy.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>on | off</em></dt>
|
||
|
<dd><ul><li>If set to <var class="varname">off</var> , the server does not function as a forward
|
||
|
proxy (see Example 1, below).</li>
|
||
|
<li>If set to <var class="varname">on</var>, the server functions as a forward proxy
|
||
|
and accepts proxy requests. All other directives for the mod_proxy module
|
||
|
are in effect.</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example 1</strong></dt>
|
||
|
<dd><pre>ProxyRequests off</pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example 2</strong></dt>
|
||
|
<dd><pre> ProxyRequests on
|
||
|
CacheRoot /QOpenSys/UserData/HTTPA/CacheRoot </pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example 3</strong></dt>
|
||
|
<dd><pre> ProxyRequests on
|
||
|
ProxyNoConnect on
|
||
|
CacheRoot /QOpenSys/UserData/HTTPA/CacheRoot </pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example 4</strong></dt>
|
||
|
<dd><pre> ProxyRequests on
|
||
|
CacheExpiryCheck off
|
||
|
CacheRoot /QOpenSys/UserData/HTTPA/CacheRoot </pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li>If CacheRoot is set, the proxy also activates its caching function and
|
||
|
may serve documents from cache (by default) as well as issue direct outgoing
|
||
|
requests (by default) (see Example 2, above). Expiry checking for cached documents
|
||
|
is performed (by default).</li>
|
||
|
<li>If CacheRoot is set and <a href="#proxynoconnect">ProxyNoConnect</a> is
|
||
|
set to <var class="varname">on</var>, the proxy activates its caching function but
|
||
|
will only serve documents from cache. It will not issue outgoing requests
|
||
|
(see Example 3, above). Expiry checking for cached documents is performed.</li>
|
||
|
<li>If CacheRoot is set and <a href="rzaiemod_cache.htm#cacheexpirycheck">CacheExpiryCheck</a> is set to <var class="varname">off</var>, the proxy activates
|
||
|
its caching function but will not check expiry times for cached documents.
|
||
|
Expired documents may be served from cache (see Example 4, above).</li>
|
||
|
<li>Setting <a href="#proxyrequests">ProxyRequests</a> to <var class="varname">off</var> negates
|
||
|
all directives for the mod_proxy module, except for the <a href="#proxypass">ProxyPass</a> and <a href="#proxypassreverse">ProxyPassReverse</a> directives.</li>
|
||
|
</ul>
|
||
|
<div class="note"><span class="notetitle">Note:</span> CacheRoot is required when ProxyNoConnect is set to <var class="varname">on</var>.</div>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxyreverse"><a name="proxyreverse"><!-- --></a><h2 class="topictitle2">ProxyReverse</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyReverse <var class="varname">on | off</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: ProxyReverse on</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: iSeries</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyReverse off</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyReverse directive specifies whether the server may function as
|
||
|
a reverse proxy to handle requests. The reverse proxy function is enabled
|
||
|
by default, however other directives must specify how the server identifies
|
||
|
and maps requests for reverse proxy. If off is specified, the reverse proxy
|
||
|
function is disabled, and directives that apply the function (ProxyPass and
|
||
|
RewriteRule directives using the 'proxy' flag) are ineffective. See <a href="#proxypass">ProxyPass</a> and <a href="rzaiemod_rewrite.htm#rewriterule">RewriteRule</a> for more details on reverse proxy.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>on | off</em></dt>
|
||
|
<dd><ul><li>If set to <var class="varname">off</var> , the server does not function as a reverse
|
||
|
proxy (see Example 1).</li>
|
||
|
<li>If set to <var class="varname">on</var>, the server functions as a reverse proxy
|
||
|
to handle requests identified and mapped for reverse proxy</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<dl><dt class="dlterm"><strong>Example 1</strong></dt>
|
||
|
<dd><pre>ProxyReverse off
|
||
|
ProxyPass /docs/ http://pubserver.ibm.com/public/documentation/</pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<p>For example one, the reverse proxy function is disabled.
|
||
|
The ProxyPass directive is ineffective. </p>
|
||
|
<p>In the following example,
|
||
|
the reverse proxy function is enabled. The server functions as a reverse proxy
|
||
|
to handle requests that match the path specified for the ProxyPass directive.</p>
|
||
|
<dl><dt class="dlterm"><strong>Example 2</strong></dt>
|
||
|
<dd><pre>ProxyReverse on
|
||
|
ProxyPass /docs/ http://pubserver.ibm.com/public/documentation/</pre>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<p>See <a href="#proxypass">ProxyPass</a> for more details. </p>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxytimeout"><a name="proxytimeout"><!-- --></a><h2 class="topictitle2">ProxyTimeout</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyTimeout <var class="varname">period</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: none (the general server timeout value
|
||
|
is used)</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyTimeout 300</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyTimeout directive specifies the maximum number of minutes the
|
||
|
server will wait for responses from remote servers when handling proxy requests.
|
||
|
If not specified, the general server timeout value is used (see the <a href="rzaiemod_core.htm#timeout">TimeOut</a> directive).</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>period</em></dt>
|
||
|
<dd><ul><li> The <var class="varname">period</var> parameter accepts an integer value between
|
||
|
1 and 2,147,483,648 to specify the maximum period of time the server should
|
||
|
wait for responses from remote servers (in seconds).</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
<p>If a response is not received in the specified number of
|
||
|
seconds, the server will cancel the request and return response code 504 (Gateway
|
||
|
timeout).</p>
|
||
|
<dl><dt class="dlterm"><strong>Example</strong></dt>
|
||
|
<dd><pre>ProxyTimeout 120</pre>
|
||
|
<p>For this example, the server
|
||
|
will wait up to 120 seconds (or 2 minute) for responses from remote servers.</p>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<ul><li><a href="#proxypassreverse">ProxyPassReverse</a> may be used to handle
|
||
|
HTTP redirect responses from remote servers.</li>
|
||
|
<li>Setting <a href="#proxyreverse">ProxyReverse</a> to <var class="varname">off</var> negates
|
||
|
this directive.</li>
|
||
|
<li>Setting <a href="#proxyrequests">ProxyRequests</a> to <var class="varname">off</var> does
|
||
|
not negate this directive. It is available regardless of the forward proxy
|
||
|
state.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="hr" id="proxyvia"><a name="proxyvia"><!-- --></a><h2 class="topictitle2">ProxyVia</h2>
|
||
|
<div>
|
||
|
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Module">Module</a></strong>: mod_proxy</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Syntax">Syntax</a></strong>: ProxyVia <var class="varname">off | on | full | block</var></td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Default">Default</a></strong>: ProxyVia off </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Context">Context</a></strong>: server config, virtual host </td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Override">Override</a></strong>: none</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Origin">Origin</a></strong>: Apache</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__UsageConsiderations">Usage Considerations</a></strong>: A LoadModule is required in
|
||
|
the configuration file prior to using the directive. The statement should
|
||
|
be as follows:<pre>LoadModule proxy_connect_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_ftp_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_http_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM
|
||
|
LoadModule proxy_module /QSYS.LIB/QHTTPSVR.LIB/QZSRCORE.SRVPGM</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr><td colspan="2" valign="top"><strong><a href="rzaiedirective-dict.htm#rzaiedirective-dict__Example">Example</a></strong>: ProxyVia on</td>
|
||
|
</tr>
|
||
|
</tbody>
|
||
|
</table>
|
||
|
</div>
|
||
|
<p> The ProxyVia directive controls the server's use of the Via: HTTP header.
|
||
|
Its intended use is to control the flow of proxy requests along a chain of
|
||
|
servers. See RFC2068 (HTTP/1.1) for an explanation of Via: header lines.</p>
|
||
|
<blockquote><dl><dt class="dlterm"><strong>Parameter</strong>: <em>off | on | full | block</em></dt>
|
||
|
<dd><ul><li>If set to <var class="varname">off</var> (the default value), no special processing
|
||
|
is performed. The proxy does not include a Via: header line, however any existing
|
||
|
Via: headers from other proxy servers are kept intact.</li>
|
||
|
<li>If set to <var class="varname">on</var> , each request and reply will get a Via:
|
||
|
header line added for the current host. The proxy includes its own, abbreviated
|
||
|
Via: header line. Any additional Via: header lines from other proxy servers
|
||
|
are kept intact.</li>
|
||
|
<li>If set to <var class="varname">full</var>, each generated Via: header line will
|
||
|
additionally have HTTP Server (powered by Apache) version shown on the Via:
|
||
|
comment field. The proxy includes its own, full Via: header (containing the
|
||
|
proxy's version description). Any additional Via: header lines from other
|
||
|
proxy servers are kept intact.</li>
|
||
|
<li>If set to <var class="varname">block</var>, every proxy request will have all
|
||
|
its Via: header lines removed. No new Via: header will be generated. The proxy
|
||
|
does not include a Via: header and removes all existing Via headers from other
|
||
|
proxy servers.</li>
|
||
|
</ul>
|
||
|
</dd>
|
||
|
</dl>
|
||
|
</blockquote>
|
||
|
<p>A server may be a participant in a proxy chain even though it is not specifically
|
||
|
configured to chain its own requests. For this reason, it may be necessary
|
||
|
to control the server's use of the Via: HTTP header even though it is not
|
||
|
specifically configured for proxy chaining (see <a href="#proxyremote">ProxyRemote</a> for more details about proxy chains).</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
|
||
|
</body>
|
||
|
</html>
|