Monday, December 28, 2009

Proxy configuration in BPEL

Before understanding the porxy we must understand what a firewall mean.A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all (in and out) computer traffic between different security domains based upon a set of rules and other criteria.Proxt setting is one of the type of firewall techniques.


For enterprise customers it is important to be able to set up secure computing environments within their companies, and proxy configuration is an essential part of doing that. Proxy configuration acts as a security barrier, it ensures that the proxy server monitors all traffic between the Internet and the intranet. This is normally an integral part of security enforcement in corporate firewalls within intranets.


Lets suppose i have to access a bpel process that is running on a different network.Then i can not enter into any network i have to enter into that network through the proxy server.The proxy server will check if i have the proper authority to access the page,this may be based on some filter criteria also like it may filter by ip address.so once it will allow then only i can access the process.So proxy server is basically used to protect the internal process to be exposed to outside world.

To configure the Ant tasks and the Oracle BPEL Process Manager to use an http proxy
server you need to do the following

set OB_JAVA_PROPERTIES in SOA_HOME\orabpel\bin\obsetenv.bat

By defulat you will get the properties set to

set OB_JAVA_PROPERTIES="-Dhttp.proxySet=true" "-Dhttp.proxyHost=[HTTP_PROXY_HOST]" "-Dhttp.proxyPort=[HTTP_PROXY_PORT]" "-Dhttp.nonProxyHosts=[HTTP_NON_PROXY_HOSTS]"

YOu just need to provide the right details for the host and port

eg-

set OB_JAVA_PROPERTIES="-Dhttp.proxySet=true" "-Dhttp.proxyHost=myproxy.ora.com"
"-Dhttp.proxyPort=8090" "-Dhttp.nonProxyHosts=arahi.ora.com"


By setting http.proxySet to true, you activate the client proxy and redirect all the
outbound traffic through http.proxyHost and http.proxyPort. By setting the http.nonProxyHosts
to the server which hosts the BPEL server you prevent the local request from going
through the proxy. You might want to consider expanding the nonProxyHosts list to
include other servers inside your corporate network or other logical names for the
arahi.ora.com machine by using | as a delimiter.


here is our example we have the prooxy server myproxy.ora.com which runs on port 8090.Lets suppose i have a local network arahi.ora.com and i want to access some web service from a different network then all the request will be routed by this proxy server and port number.Since we have also defined that

-Dhttp.nonProxyHosts=arahi.ora.com

so our local request will not be routed to outside world.

No comments: