Remote Provisioning

Page restrictions apply
Attachments:5
Added by Barbara Weinstein, last edited by Barbara Weinstein on Feb 22, 2010 (view change)

Chapter 9 Accessing Data Across Subdomains

With remote provisioning, the deployed application files and the General Interface Framework are located on a web server. A browser on a remote machine accesses the files using an HTTP URL and loads files into cache. When an HTTP URL is used, default browser security settings prevent your application from communicating with web servers outside the subdomain. The following figure illustrates the remote provisioning scenario before any configuration is performed.

Remote Provisioning Before Configuration

Without configuration, an application can only communicate with www.mydomain.com. The browser prevents communication with other subdomains, such as inside.mydomain.com and rss.yahoo.com. However, the same application in a local provisioning scenario can communicate directly with web servers outside the subdomain.

Configuring Proxy Communication

To enable proxy communication, you configure the web server where the application is deployed and the application. This allows the web server to broker interactions between the application and web servers outside the subdomain.

Remote Provisioning After Proxy Services Configuration

Configuring the Server

Steps for configuring the web server vary according to vendor.

Apache Install and configure the mod_proxy module. Then use the ProxyPass directive to route responses through the General Interface application domain server, such as www.mydomain.com, rather than a web server outside the subdomain. For details, see the Apache HTTP Server documentation at http://httpd.apache.org.
Microsoft IIS Install and configure the Microsoft Internet Security and Acceleration (ISA) Server. Write an ISAPI Filter to perform reverse-proxying or use an equivalent third-party product. The software must intercept an HTTP Request made to the General Interface application domain server, such as www.mydomain.com. Copy the entire HTTP header packet, change the HTTP Host header, and perform a new HTTP Request using the WinHttp API. For details, see http://www.microsoft.com/isaserver/default.mspx.
Custom Write a server process, such as a servlet, .NET service, or web service, that acts as a proxy between the General Interface application domain server and other subdomains.

Configuring the Application

There are two ways to retrofit a General Interface application so that it requests data from servers using a proxy:

Modify absolute URLs to refer to the proxy URL
Convert non-proxied URLs to proxied URLs

Modify Absolute URLs

The simplest way is to modify any absolute URLs in the project to refer to the proxy URL. Absolute URLs may exist in many types of project source files including JavaScript, service mapping rules, and component serialization files. Use your favorite text editor to perform a global search and replace in the project source files for strings matching "http://" or "https://".

Convert Non-proxied URLs to Proxied URLs

The second way to retrofit a General Interface application so that it requests data through a proxy is more complicated but provides a mechanism for easily switching back and forth between proxied and non-proxied requests. This is accomplished by defining a function that converts a non-proxied URL to a proxied URL and then modifying any request before it is sent to use the proxied URL. Consider the following code sample as shown in the following example.

jsx3.Package.definePackage("eg.proxy", function(proxy) {

   // switch, if true all URLs are converted to the proxied format
   proxy.PROXY = (window.location + "").indexOf("file") != 0;

   // the domain of my proxy host
   proxy.PROXY_HOST = "proxy.eg.com";

   // the path prefix of the proxied URLs
   proxy.PATH_PREFIX = "proxy/";

   /**
    * Converts a non-proxied URI to a proxied URI if PROXY is true.
    * <p/>
    * <code>http://www.domain.com/service/op</code> will be converted to
    * <code>http://PROXY_HOST/PATH_PREFIX/www.domain.com/service/op</code>
    *
    * @param strURI {String} the URI to convert
    * @returns {String} the converted URI
    */
   proxy.convertURI = function(strURI) {
      if (proxy.PROXY) {
         var uri = new jsx3.net.URI(strURI);
         if (uri.getHost() != proxy.PROXY_HOST &&
               (uri.getScheme() h1.  "http" || uri.getScheme()  "https")) {
            return jsx3.net.URI.fromParts(uri.getScheme(), null,
               proxy.PROXY_HOST,null, proxy.PATH_PREFIX + uri.getHost() +
               uri.getPath(), null, null).toString();
         } else {
            return strURI;
         }
      } else {
            return strURI;
      }
   };

   /**
    * Open all requests with this method to ensure that URLs are properly
    * converted for proxy.
    */
   proxy.openRequest = function(strURL) {
      var objRequest = new jsx3.net.Request();
      objRequest.open("GET", proxy.convertURI(strURL));
      return objRequest;
   };

   /**
     * Open all services with this method to ensure that URLs are properly
     * converted for proxy.
    */
   proxy.openService = function(strRulesURL, strOpName) {
      var objService = new jsx3.net.Service(strRulesURL, strOpName);
      objService.setEndpointURL(proxy.convertURI(objService.getEndpointURL()));
      return objService;
   };
});

Modifying Internet Explorer Security Settings

An alternative to configuring proxy services is to modify Internet Explorer security settings on each client machine that accesses the application.

This option is only available for Internet Explorer. For Firefox, you must configure proxy communications. See Configuring Proxy Communication.

When the security settings are set to accept the subdomain where the application is deployed as a trusted site, the browser allows direct communication with web servers outside the subdomain.

Remote Provisioning After Browser Configuration

To modify Internet Explorer browser settings on a client machine, complete these steps:

Exit General Interface Builder.
In Internet Explorer, select Tools > Internet Options from the browser menu. The Internet Options dialog displays.
Click the Security tab and click the Trusted Sites zone.

Click here to expand screenshot...
Click the Custom Level button.
Enable the Access data sources across domains setting, then click OK.
Click the Sites button.

Click here to expand screenshot...
Type the name of the subdomain where the application is deployed in the Add this Web site to the zone field, and then click OK.
Click OK again to close the Internet Options dialog.