How to integrate WSO2 API-Manager with a proxy

source : http://cfindia.net/what-is-server-and-types-of-server.php

To improve the security of the production servers, the proxy servers are used in most of the production environments in a way that the production servers should connect to the proxy server to access the WEB. Also, the same architecture provides the capability of monitoring and tracking the servers. Considering the above facts, the WSO2 APIM also provides the capability to configure with the proxy servers depending on the requirement. Here I will explain two main points about configuring the APIM with proxy servers by explaining the way it works inside the architecture of the APIM.

Single node APIM(All-in-one) connects to its API back-ends via a proxy server

In the APIM, the default transport will be the pass-through transport that handles the API invocations related flows in the API-Gateway. So the pass-through transport will handle the connections between client and API-GW, and between API-GW and APIs back-end. Please find more details about WSO2-passthrough transport from[1].

If a deployment consists of a single APIM instance and it needs to connect to the API back-end via a proxy server, then we need to update the configuration related to the pass-through transport of the API-GW as below.

• Add the below configuration to the ‘deployment.toml’ file located in the ‘<APIM_HOME>/repository/conf’ directory.

[transport.passthru_http.sender.parameters]
"http.proxyHost" = '10.169.127.8'
"http.proxyPort" = '8080'
"http.nonProxyHosts" = 'apim.saneth.com|localhost|.*.abc.my.com'

Please make sure to add your own host-name of the APIM server under the section of non-proxy-hosts section to avoid the default API calls(/token, /revoke and etc) routing via the proxy server.

Distributed deployment of APIM connects to each component via a proxy server while connecting to the APIs back-end via the same proxy server

We just need to follow the same steps as above in order to connect to the APIs back-end via the proxy server in the Gateway component. Further, when multiple components of the APIM connects each other via the proxy server, then we need to update the relevant configuration of all the components (including the Gateway) which describe later on.

In the APIM, apart from the pass-through transport, there is another transport available for the external service calls which popular as ‘Servlet’ transport[2]. To expose the UI-consoles(management console, Publisher console, and Dev-portal console and etc) it used this Servlet transport. Also for external service calls resides in extensions and mediation as well as for the service calls between the components (of a Distributed Deployment) will be used the same Servlet transport.

Please follow the below steps to configure the Servlet transport with the proxy server.

• Add the below system properties to the startup script(‘<APIM_HOME>bin/wso2server.sh’ file) of the APIM server.

-Dhttp.proxyHost=10.169.127.8 
-Dhttp.proxyPort=8080

Hope this blog post provided an understanding of the transports in the APIM and how those configure with the proxy servers depending on the requirement.

References

[1] — https://docs.wso2.com/display/EI660/PassThrough+Transport

[2] — https://docs.wso2.com/display/EI660/HTTP+Servlet+Transport