Connect to IDM Through a Proxy Server

To configure IDM to communicate through a proxy server:

  1. Add the following JVM parameters to the value of OPENIDM_OPTS in your startup script (startup.sh or startup.bat):

    -Dhttps.proxyHost

    Hostname or IP address of the proxy server; for example, proxy.example.com or 192.168.0.1.

    -Dhttps.proxyPort

    Port number used by IDM; for example, 8443 or 9443.

    For example: 

    # Only set OPENIDM_OPTS if not already set
[ -z "$OPENIDM_OPTS" ] && OPENIDM_OPTS="-Xmx1024m -Xms1024m -Dhttps.proxyHost=localhost -Dhttps.proxyPort=8443"

  2. Enable the ForwardedRequestCustomizer class so that Jetty honors X-Forwarded- headers.

    To enable the class, uncomment the following excerpt in your conf/jetty.xml file: 

    <Call name="addCustomizer">
    <Arg>
        <New class="org.eclipse.jetty.server.ForwardedRequestCustomizer">
            <Set name="forcedHost">
                <Call class="org.forgerock.openidm.jetty.Param" name="getProperty">
                    <Arg>openidm.host</Arg>
                </Call>:
                <Call class="org.forgerock.openidm.jetty.Param" name="getProperty">
                    <Arg>openidm.port.https</Arg>
                </Call>
            </Set>
        </New>
    </Arg>
</Call>

    For more information on this class, see the Jetty documentation.

Read a different version of :