Connecting to IDM Through a Proxy Server

To configure IDM to communicate through a proxy server:

  1. Add the following JVM parameters to the value of OPENIDM_OPTS in your startup script (startup.sh or startup.bat):

    -Dhttps.proxyHost

    Hostname or IP address of the proxy server; for example, proxy.example.com or 192.168.0.1.

    -Dhttps.proxyPort

    Port number used by IDM; for example, 8443 or 9443.

    For example:

    # Only set OPENIDM_OPTS if not already set
    [ -z "$OPENIDM_OPTS" ] && OPENIDM_OPTS="-Xmx1024m -Xms1024m -Dhttps.proxyHost=localhost -Dhttps.proxyPort=8443"
  2. Enable the ForwardedRequestCustomizer class so that Jetty honors X-Forwarded- headers.

    To enable the class, uncomment the following excerpt in your conf/jetty.xml file:

    <Call name="addCustomizer">
        <Arg>
            <New class="org.eclipse.jetty.server.ForwardedRequestCustomizer">
                <Set name="forcedHost">
                    <Call class="org.forgerock.openidm.jetty.Param" name="getProperty">
                        <Arg>openidm.host</Arg>
                    </Call>:
                    <Call class="org.forgerock.openidm.jetty.Param" name="getProperty">
                        <Arg>openidm.port.https</Arg>
                    </Call>
                </Set>
            </New>
        </Arg>
    </Call>
    

    For more information on this class, see the Jetty documentation.

Read a different version of :