Day: November 23, 2008

Using A Reverse Proxy For DWA

A few days ago we had a discussion on the German Notes Forum (www.atnotes.de) about how to setup DWA. One of the disadvantages of Domino is that you cannot use the passthru feature for web access as you would do when accessing a mailfile thru your companies firewall via a Notes client.

If you want to give your users access to their mails from outside the company via browser access, you would normally setup an additional server in the DMZ and store a replica of each user’s mailfile on the server. Another way of implementing web access is using a reverse proxy.

A reverse proxy is a gateway for servers, and enables one web server to provide content from another transparently. As with a standard proxy, a reverse proxy may serve to improve performance of the web by caching; this is a simple way to mirror a website. But the most common reason to run a reverse proxy is to enable controlled access from the Web at large to servers behind a firewall.

I’m not much of an administrator and when I searched Google for some How To I could not find any Lotus Notes / Domino related article. So I decided to try things out on my own. Here is what i found out so far.

I’m using OpenSUSE 10.3. The file/pathnames might be different in other distributions.

Install Linux; choose a minimal installation. I only added apache2 as an additional package. After installation you should see a “It works” page, when apache2 is running.

Now you can start to configure your reverse proxy settings.

Goto /etc/apache2 and append

Include /etc/apache2/mod_proxy_html.conf

to httpd.conf and save your changes.

Create a new file mod_proxy_html.conf in /etc/apache2 with the following content

# mod_proxy_html.conf, 2008 - Ulrich Krause

LoadModule proxy_module      /usr/lib/apache2/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache2/mod_proxy_http.so
LoadModule headers_module    /usr/lib/apache2/mod_headers.so

ProxyRequests off

ProxyPass /names.nsf http://Your_Internal_Server/names.nsf
ProxyPassReverse http://Your_Internal_Server/names.nsf /names.nsf

ProxyPass /domjava/ http://Your_Internal_Server/domjava/
ProxyPassReverse http://Your_Internal_Server/domjava /domjava/

ProxyPass /mail/ http://Your_Internal_Server/mail/
ProxyPassReverse /mail/ http://Your_Internal_Server/mail/

ProxyPass /iNotes/ http://Your_Internal_Server/iNotes/
ProxyPassReverse /iNotes/ http://Your_Internal_Server/iNotes/

ProxyPass /icons/ http://Your_Internal_Server/icons/
ProxyPassReverse /icons/ http://Your_Internal_Server/icons/

Save the file and restart apache with /etc/init.d/apache2 restart.

Type http://Your_Proxy/mail/yourmail.nsf in your browser. After login, your mailfile will be opened.

Not bad for a developer, isn’t it?

For additional reading on how to use Apache as reverse proxy, I recommend: Running a Reverse Proxy in Apache and Configuring iNotes Web Access with a WebSphere Edge reverse proxy server.