LOTUS INOTES


Using an HTTP-proxy Servlet to restrict URLs to external servers
For IBM® Lotus® iNotes™ features that send requests either to external servers (for external calendar overlays) or to Web services (Lotus Quickr integration) you must configure an HTTP-proxy servlet to intercept calls and retrieve information from a remote site.

What has changed since version 8.5

In Domino 8.5, the HTTP-proxy servlet was configured by creating a proxy-config.properties file located in the Domino\data\properties directory. This file is no longer supported. Instead, you must create or edit a Security setting policy, using the information in this file. Once you have done so, you can delete this file, however leaving it in place will not adversely affect your configuration.

What is an HTTP-proxy servlet

An HTTP-proxy servlet specifies which sites are allowed and filters out unwanted sites. Then, instead of making a request call to an external server such as a Lotus Quickr server or a Google™ server, calls are passed through the HTTP-proxy servlet. If the external server is included as one of the allowed sites in the whitelist rule for proxy servlets in the Security policy settings document, then the request is passed on to the external server. And any information received from the external server is also returned.

Configuring proxies

To configure proxies, you use a Security Settings document. For information on other security settings that apply to Lotus iNotes, see the topic "Creating security policy settings for Lotus iNotes users." For a full explanation about using policies and the relationship between Policy documents and Policy Settings documents, see the "User and Server Configuration - Policies" section of the Domino® Administrator Help.

1. From the Domino Administrator, create or edit a Security Settings document.

2. Click the Proxies tab.

3. Click Edit List.

4. Enter the following information to create a white-list rule for each site you want to allow. Note if you created a proxy-config.properties file in a previous release, use the information there to populate these fields.
PropertyDescription
ContextThe path of the request to the proxy server, specifies which proxy the rule is for. Examples include:

/xsp/proxy/QuickrProxy/

/xsp/proxy/GoogleProxy/

/xsp/proxy/BasicProxy/

URLAddress of the site to which this policy applies.

This is the target of the proxy.

ActionsThe set of HTTP actions this policy allows.

These can be GET, POST, HEAD, PUT, DELETE. The most frequently used are GET and POST. For Lotus Quickr integration with Lotus iNotes, make sure that HEAD is included.

CookiesCookies allowed for this site. That is, the cookies that will be passed from the browser to the target URL server.

Note Cookies with specified names will always be proxied to this site. In addition, any incoming (Set-Cookie response headers) received from the site will also be remembered and eventually sent back on subsequent requests to this site.

Mime-typesContent types allowed back from the target server, or use * to allow all.
HeadersHeaders allowed for this site, or use * to allow all. This attribute determines which headers are forwarded to the target server.

Note Cookies are not handled as a standard header. Putting the entry "cookie" in the headers list will have no effect.

Related topics