Difference between revisions of "Setting up IIS as Reverse Proxy for QPR UI"

From Mea Wiki
Jump to navigation Jump to search
Line 1: Line 1:
Follow these instructions to route QPR UI http/https traffic though IIS. It has the following advantages:
+
Follow these instructions to route QPR UI http/https traffic though IIS, i.e. setting up IIS to work as a reverse proxy. It has the following advantages:
 
* Access QPR UI using more standard ports (usually 80 or 443) instead of GlassFish ports (usually 8080 or 8181).
 
* Access QPR UI using more standard ports (usually 80 or 443) instead of GlassFish ports (usually 8080 or 8181).
 
* QPR UI can use HTTPS connection that is configured in IIS, and then there is not need to configure https in GlassFish.
 
* QPR UI can use HTTPS connection that is configured in IIS, and then there is not need to configure https in GlassFish.
Line 5: Line 5:
  
 
Instructions:
 
Instructions:
# Download and run '''Microsoft Web Platform Installer''' (available in http://www.microsoft.com/web/downloads/platform.aspx). Use it to install '''URL Rewrite 2.1''' (or newer) and '''Application Request Routing 3.0''' (or newer) modules. Use the search box to find these components. If you had the IIS Manager open while installing the components, restart the IIS Manager.
+
 
# Create file '''C:\inetpub\wwwroot\EnticeServices\web.config''' with following contents (also create the '''EnticeServices''' folder):
+
1. Download and run '''Microsoft Web Platform Installer''' (available in http://www.microsoft.com/web/downloads/platform.aspx). Use it to install '''URL Rewrite 2.1''' (or newer) and '''Application Request Routing 3.0''' (or newer) modules. Use the search box to find these components. If you had the IIS Manager open while installing the components, restart the IIS Manager.
 +
 
 +
2. Create file '''C:\inetpub\wwwroot\EnticeServices\web.config''' with following contents (also create the '''EnticeServices''' folder):
 
<pre>
 
<pre>
 
<?xml version="1.0" encoding="UTF-8"?>
 
<?xml version="1.0" encoding="UTF-8"?>
Line 32: Line 34:
 
</configuration>
 
</configuration>
 
</pre>
 
</pre>
# Create file '''C:\inetpub\wwwroot\ui\web.config''' with following contents (also create the '''ui''' folder):
+
 
 +
3. Create file '''C:\inetpub\wwwroot\ui\web.config''' with following contents (also create the '''ui''' folder):
 +
 
 
<pre>
 
<pre>
 
<?xml version="1.0" encoding="UTF-8"?>
 
<?xml version="1.0" encoding="UTF-8"?>
Line 58: Line 62:
 
</configuration>
 
</configuration>
 
</pre>
 
</pre>
# Open '''Internet Information Services (IIS) Console''', click the top level in the left side hierarchy, doubleclick '''Application Requests Routing Cache''', click '''Server Proxy settings''' on the right pane, click '''Enable Proxy''' and click '''Apply'''.
+
 
# In '''Internet Information Services (IIS) Console''', click '''EnticeServices''' folder in the left side hierarchy and double-click '''URL Rewrite'''.
+
4. Open '''Internet Information Services (IIS) Console''', click the top level in the left side hierarchy, doubleclick '''Application Requests Routing Cache''', click '''Server Proxy settings''' on the right pane, click '''Enable Proxy''' and click '''Apply'''.
# Click '''View Server Variables...''', and add '''HTTP_X_ORIGINAL_ACCEPT_ENCODING''' and '''HTTP_ACCEPT_ENCODING''' using the '''Add''' button.
+
 
# Do the same for the '''ui''' folder.
+
5. In '''Internet Information Services (IIS) Console''', click '''EnticeServices''' folder in the left side hierarchy and double-click '''URL Rewrite'''.
# Check applicable instructions in [[Security_Hardening_in_QPR_UI|Security hardening steps]].
+
6. Click '''View Server Variables...''', and add '''HTTP_X_ORIGINAL_ACCEPT_ENCODING''' and '''HTTP_ACCEPT_ENCODING''' using the '''Add''' button.
# QPR UI can now be accessed using url '''http(s)://SERVER/ui/''' where SERVER is the hostname of the server.
+
7. Do the same for the '''ui''' folder.
 +
8. QPR UI can now be accessed using url '''http(s)://SERVER/ui/''' where SERVER is the hostname of the server.
  
 
'''Offline installers:'''
 
'''Offline installers:'''

Revision as of 14:27, 7 January 2019

Follow these instructions to route QPR UI http/https traffic though IIS, i.e. setting up IIS to work as a reverse proxy. It has the following advantages:

  • Access QPR UI using more standard ports (usually 80 or 443) instead of GlassFish ports (usually 8080 or 8181).
  • QPR UI can use HTTPS connection that is configured in IIS, and then there is not need to configure https in GlassFish.
  • External presentation objects and embedded QPR Portal works better as the browser considers they are from the same site because same origin policy won't cause restrictions (more information: https://en.wikipedia.org/wiki/Same-origin_policy)

Instructions:

1. Download and run Microsoft Web Platform Installer (available in http://www.microsoft.com/web/downloads/platform.aspx). Use it to install URL Rewrite 2.1 (or newer) and Application Request Routing 3.0 (or newer) modules. Use the search box to find these components. If you had the IIS Manager open while installing the components, restart the IIS Manager.

2. Create file C:\inetpub\wwwroot\EnticeServices\web.config with following contents (also create the EnticeServices folder): 

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.webServer>
  <rewrite>
    <rules>
      <rule name="Reverse Proxy to EnticeServices" stopProcessing="true">
        <match url="(.*)" />
        <action type="Rewrite" url="http://localhost:8080/EnticeServices/{R:1}" />
	<serverVariables>
          <set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
          <set name="HTTP_ACCEPT_ENCODING" value="" />
        </serverVariables>
      </rule>
    </rules>
    <outboundRules>
      <rule name="Change port">
        <match filterByTags="A, Form, Img" pattern="^http://localhost:8080/(.*)" />
        <action type="Rewrite" value="http://localhost/{R:1}" />
      </rule>
    </outboundRules>
  </rewrite>
  </system.webServer>
</configuration>

3. Create file C:\inetpub\wwwroot\ui\web.config with following contents (also create the ui folder): 

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.webServer>
  <rewrite>
    <rules>
      <rule name="Reverse Proxy to QPR UI" stopProcessing="true">
        <match url="(.*)" />
        <action type="Rewrite" url="http://localhost:8080/ui/{R:1}" />
	<serverVariables>
          <set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
          <set name="HTTP_ACCEPT_ENCODING" value="" />
        </serverVariables>
      </rule>
    </rules>
    <outboundRules>
      <rule name="Change port">
        <match filterByTags="A, Form, Img" pattern="^http://localhost:8080/(.*)" />
        <action type="Rewrite" value="http://localhost/{R:1}" />
      </rule>
    </outboundRules>
  </rewrite>
  </system.webServer>
</configuration>

4. Open Internet Information Services (IIS) Console, click the top level in the left side hierarchy, doubleclick Application Requests Routing Cache, click Server Proxy settings on the right pane, click Enable Proxy and click Apply.

5. In Internet Information Services (IIS) Console, click EnticeServices folder in the left side hierarchy and double-click URL Rewrite. 6. Click View Server Variables..., and add HTTP_X_ORIGINAL_ACCEPT_ENCODING and HTTP_ACCEPT_ENCODING using the Add button. 7. Do the same for the ui folder. 8. QPR UI can now be accessed using url http(s)://SERVER/ui/ where SERVER is the hostname of the server.

Offline installers:

Retrieved from "https://wiki.onqpr.com/mea/index.php?title=Setting_up_IIS_as_Reverse_Proxy_for_QPR_UI&oldid=12438"