To configure a path-based proxy service:
Click Devices > Access Gateways > Edit > [Name of Reverse Proxy] > [Name of Path-Based Multi-Homing Proxy Service].
The following fields display information that must be configured on the parent proxy service (the first proxy service created for this reverse proxy).
Published DNS Name: Displays the value that users are currently using to access this proxy service. This DNS name must resolve to the IP address you set up as a listening address on Access Gateway.
Cookie Domain: Displays the domain for which the cookie is valid. The web server that the user is accessing must be configured to be part of this domain.
Configure the following options:
Description: (Optional) Provide a description of the purpose of this proxy service or specify any other pertinent information.
HTTP Options: Determines how the proxy service handles HTTP headers and caching. For more information, see Section 3.5.2, Controlling Browser Caching.
Advanced Options: (Access Gateway Service) See Section 3.6.2, Configuring Advanced Options for a Domain-Based and Path-Based Multi-Homing Proxy Service.
Configure the path options:
Remove Path on Fill: Determines whether the multi-homing path is removed from the URL before forwarding it to the web server. If the path is not a directory at the root of the web server, the path must be removed. If this option is selected, the path is stripped from the request before the request is sent to the web server.
If you enable this option, this proxy service can protect only one path. If you have configured multiple paths in the Path List, you cannot enable this option until you have deleted all but one path.
Reinsert Path in “set-cookie” Header: Determines whether the path is inserted into the Set-Cookie header. This option is only available if you enable the Remove Path on Fill option.
Determine whether you need to create a protected resource for your path.
In the Path List, the path you specified is listed along with the protected resource that best matches its path.
Access Gateway automatically selects the protected resource that is used with the specified path. It selects the current protected resource whose URL path most closely matches the specified path.
If you have a protected resource with a URL path of /*, Access Gateway selects that resource unless you have configured a protected resource that has a URL path that more closely matches the path specified on this page.
If you add a protected resource at a future time and its URL path more closely matches the path specified on this page, Access Gateway automatically reconfigures to use this new protected resource.
If you disable a protected resource that Access Gateway has assigned to a path-based service, Access Gateway automatically reconfigures and selects the next protected resource that most closely matches the path specified on this page.
In the Path List section, click the Protected Resource link.
Examine the contract, Authorization, Identity Injection, and Form Fill policies assigned to this protected resource to ensure that they meet the requirements for your path-based service.
To return to the Path-Based Multi-Homing page, click the Overview tab, then click OK.
Click OK, select the name of the parent proxy service, then click Protected Resources.
In the Protected Resource List, click New, specify a name, then click OK.
Select an Authentication Procedure.
In the URL Path List, specify the path you used when creating the path-based proxy service. For example, if your path was /apps, specify /apps/* or /apps in the URL Path List.
IMPORTANT:If you create multiple protected resources that exactly match the path-based multi-homing service, there is no guarantee that a specific protected resource will be used. For example, if you create protected resources for both of the paths specified above (/apps and /apps/*) and you have a path-based service with a path of /apps, either of these protected resources could be assigned to this path-based service in Administration Console or used when access is requested.
Make sure the protected resource you created is enabled. If the resource is disabled, it does not appear in the Path List for the path-based proxy service.
(Optional) Enable the policies the path-based proxy service requires. Click Authorization, Identity Injection, or Form Fill and enable the appropriate policies.
Click OK.
Click OK.
To apply the changes, click the Access Gateways link, then click Update > OK.