Thursday, September 15, 2011

AJAX proxy

AJAX proxy is required to connect several different target hosts and make cross domain calls. As browsers don't allow to send ajax request to different host other than origin server so, there is a need of intermediate server side handler to serve request.
In websphere either you can add Ajax proxy capability in your own project or you can use websphere default Global Ajax proxy.

The global proxy configuration of the portal is located in a separate enterprise application that is deployed during the portal installation. The corresponding enterprise application archive is named AJAX Proxy Configuration.ear. The file proxy-config.xml that represents the global configuration is located in the WAR file wp.config.proxy.war.
To update the global proxy configuration, redeploy the enterprise application archive that contains the modified proxy-config.xml file and restart it. You do not need to restart the entire portal server.
For security reasons the global proxy configuration does not define any specific access policies. In other words, by default, the proxy blocks each request unless you add access policies to "unlock" your trusted sites.

AJAX proxy configurations file (proxy-config.xml) allows you to create specific access policy to restrict the set of allowed HTTP operations
You can also configure AJAX proxy to support single sign-on, the configuration makes the proxy forward the respective LTPA and JSessionID cookies.

URL format to use proxy is
<protocol>://<portal-domain>/<proxyurl>/<protocol>/<host>%3a<port>/<url>?<query>
Examples
Refer to the following sample proxy URLs. They show how you can load a URL via the proxy depending on the context path mapping in the proxy configuration.
URL: http://www.ibm.com/developerworks/news/dw_dwtp.rss
Context path mapping (from proxy-config.xml): <mapping contextpath="/proxy" url="*"/>
Proxy URL: http://myportal.com:10040/wps/proxy/http/www.ibm.com/developerworks/news/dw_dwtp.rss

You can also specify timeout in proxy-config.xml, this will be applicable to each proxy:policy urls
i.e.
<proxy:meta-data>
<proxy:name>connection-timeout</proxy:name>
<proxy:value>600000</proxy:value>
</proxy:meta-data>

Proxy also support http basic authentication and you can also automate passing user/password using jquery
To support http basic authentication modify proxy-config.xml
<proxy:policy acf="none" url="http://<url>/*" basic-auth-support="true">
To pass user/password using jquery use this :
<script language="JavaScript">
$.ajax({
type: "GET",
cache: false,
dataType: "xml",
url: "http://localhost:10039/.MEMCREST/proxy/http/some.com/getresult",
username: 'username',
password: 'password',
success: function(data) {
var $xml = $(data);
//iterate $xml and generate html markup
},
error : function(jqXHR, textStatus, errorThrown) {
alert("error: "+textStatus);
}
});
</script>

Lets say you want to access youtube channel content inside your webpage, do the following :
1) Edit proxy-config.xml file add followling lines so that only url which start from http://www.youtube.com/user/* will be served from this proxy
<?xml version="1.0" encoding="UTF-8"?><proxy:proxy-rules xmlns:proxy="http://www.ibm.com/xmlns/prod/sw/ajax/proxy-config/1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <proxy:mapping contextpath="/proxy" url="*"/>
    <proxy:policy acf="none" url="http://www.youtube.com/user/*">
        <proxy:actions>
            <proxy:method>GET</proxy:method>
            <proxy:method>POST</proxy:method>
        </proxy:actions>
    </proxy:policy>
</proxy:proxy-rules>
2) Call youtube url using proxy, I have used here Jquery ajax
<script src="http://code.jquery.com/jquery-latest.js"></script>
<div id="results"></div>
<script language="JavaScript">
    $.ajax({
         type: "GET",
         cache: false,
         url: "http://localhost:10039/.YouTubeChannel/proxy/http/www.youtube.com/user/BoxOffice", //Requesting to proxy to get response from youtube
         success: function(html) {
             $("#results").append(html);
        },
        error : function(jqXHR, textStatus, errorThrown) {
            alert("error: "+textStatus);
        }
   });
</script>

For More Info Visit IBM Infocenter link : http://publib.boulder.ibm.com/infocenter/wpdoc/v6r1/topic/com.ibm.wp.ent.doc_v6101/dev/ajax_proxy.html

2 comments:

  1. Very useful post. Just want to share some more information on this topic.

    I found the post when I was trying ajax proxy with dojo and basic auth. I found that if you pass user and password in dojo to ajax proxy you run into an issue described in https://www-304.ibm.com/support/docview.wss?uid=swg21473928.

    So I have to move user headers in dodjo xhr call like that:
    https://www-304.ibm.com/support/docview.wss?uid=swg21473928

    headers: {
    Authorization : "Basic T1RQUEJcc3ZjX2ludmRhc2hfZGV2OkQ0JGhib2FyZA==",
    Credentials : "myuser:mypassword"
    }

    Another option that I will probably will implement for PROD is Credential Vault in Portal:
    http://publib.boulder.ibm.com/infocenter/wpdoc/v6r1/index.jsp?topic=/com.ibm.wp.ent.doc_v6101/dev/ajax_proxy.html

    ReplyDelete
    Replies
    1. Thanks for sharing your experience, you may refer following link 'http://absolutebrain.blogspot.in/2011/06/ltpatoken-from-credential-vault.html' to established URLConnection using Credential Vault.

      Delete