4.7. Running ChronoScan Web Server through a Reverse Proxy (Helicon APE)To solve limitations of the IIS reverse proxy we recommend using the Helicon APE reverse proxy utility. It is faster and gives more flexibility when it comes to server configuration.
To setup the reverse proxy there are two options. The first one allows Active directory integration:
RewriteEngine On
RewriteCond %{HTTP_HOST} / [OR] ## where / is your mounting point
RewriteCond %{REQUEST_URI} (.+)
RewriteProxy .? http://wciserver:10000%1 [A]
For that the IIS site has to be configured as Windows authentication so that we can obtain the windows user. If Windows authentication is not available, install it on Roles and Features, Web Server(IIS)-Web Server-Security-Windows Authentication.
The second option is easier to setup but it doesn't have any Active directory integration:
ProxyPass /server1/ http://wciserver1:10000%1
ProxyPass /server2/ http://wciserver2:10000%1 When working with AD, to assign a windows user to a ChronoScan user, the chronoscan user variable "uservar.LDAP_USER_AUTH" must be set to the windows username on the edit user window.
ChronoScan will use APE variables to authenticate the users.
# "app" will be mounting directory on your Server
RewriteBase /
It is also necessary to setup the "wci_scan_plugin_directory" and "wci_scan_plugin_host" variables on the Administration tab so that the web scan plugin can redirect scanned pages correctly:
The variables must be set to the proxy entry point host and directory if applicable.
Examples
http://server:10000->reversed proxy to->https://www.chronoscan.org
wci_scan_pluin_directory = ""
wci_scan_pluin_host = "https://www.chronoscan.org"
http://server:10000->reversed proxy to->https://www.chronoscan.org/client1
http://server:10001->reversed proxy to->https://www.chronoscan.org/client2
Configuration for server:10000
wci_scan_pluin_directory = "client1"
wci_scan_pluin_host = "https://www.chronoscan.org"
Configuration for server:10001
wci_scan_pluin_directory = "client2"
wci_scan_pluin_host = "https://www.chronoscan.org"
|