Ceptor Docs
Page History
...
| Code Block |
|---|
{
"destinations": [
{
"name": "demoapp",
"description": "Demonstration application",
"cookiesnapper": {
"pattern": "JSESSIONID",
"classifier": "default"
},
"ping": {
"expect": "200",
"timeout.seconds": 5,
"method": "HEAD",
"uri": "/",
"meod": "GET",
"interval.seconds": 30,
"response.verify.script": "if (input.contains('For further information about PortalProtect')) true; else false;"
},
"loadbalance": "roundrobin",
"target.consul.askviaconfigserver": false,
"target.consul.interval": 60,
"targets": [{
"scheme": "http",
"port": 8080,
"unavailable": false,
"name": "demoapp1",
"host": "127.0.0.1",
"disabled": false,
"limits": {
"queue.length": 100,
"max.idle.connections.hard": 20,
"idle.ttl": 10,
"max.idle.connections.soft": 5,
"max.concurrent.requests": 20
}
}],
"limits": {
"queue.length": 200,
"max.idle.connections.hard": 20,
"idle.ttl": -1,
"max.idle.connections.soft": 5,
"max.concurrent.requests": 10
},
"authentication": {
"plugins": [
"io.ceptor.authentication.target.TAuthenticatorBasicAuth",
"io.ceptor.authentication.target.TAuthenticatorSSL",
"io.ceptor.authentication.target.TAuthenticatorBearerToken"
],
"basicauth": {
"password": "password",
"anonymous.password": "password",
"anonymous.userid": "%{REQUEST_ID}",
"userid": "%{REQUEST_ID}"
},
"bearer": {
"authenticationplugin": 48,
"forward.from.request": true,
"call.newtoken": false,
"base64encode": false,
"newtoken.input": null,
"use.ticket.from.session": true
},
"ssl": {
"header.cipher": "SSL_CIPHER",
"header.sessionid": "SSL_SESSION_ID",
"header.clientcert": "SSL_CLIENT_CERT"
},
"request.headers": [
{
"name": "X-Forwarded-For",
"value": "%{REMOTE_ADDR}"
}
],
"response.headers": []
}
},
{
"sslcontext": {
"ssl.protocol": "TLS",
"keystore.provider": "BC",
"keystore.type": "PKCS12",
"verify.server.certificate": true,
"verify.server.name": true,
"excludeprotocols": "SSLv3",
"allowrenegotiate": false,
"trusted.server.certificates": [],
"excludeciphersuites": ".*NULL.*,.*RC4.*,.*MD5.*,.*DSS.*",
"includeprotocols": "TLS.*",
"includeciphersuites": "TLS_ECDHE.*,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA",
"useciphersuites.order": true
},
"http2.enable": true,
"keepalive.enable": true,
"ping": {
"expect": "200|302",
"method": "HEAD",
"uri": "/",
"interval.seconds": 60
},
"name": "google",
"sticky": false,
"keep.hostheader": true,
"description": "Proxying requests to google",
"targets": [{
"scheme": "https",
"port": 443,
"unavailable": false,
"name": "google1",
"host": "www.google.com",
"disabled": false
}]
},
]
} |
...
When you have entered this, you are brought to the Destination Configuration
Configuration is stored in the JSON object for the destination directly
...
Default: true
JSON key: keepalive.enable
Keep Host header
If set, existing HOST header is kept and forwarded unmodified to the target server - if not, it is discarded and a new HOST header matching the target servers host and port is sent instead.
| Tip |
|---|
This setting is off by default, to comply with RFC7230 specifying a proxy behavior in the HTTP protocol. You might want to enable it for providing backend servers a chance to react to virtual host settings. Note that newer backend webservers can do the same by looking either at X-Forwarded-Host or Forwarded (RFC7239) HTTP headers and reacting to them, assuming the gateway has been configured to send these headers too. |
Default: false
JSON key: keep.hostheader
Sticky
If set, stickiness is enabled, meaning a sticky cookie is set, so user hits the same server again next time.
...
Overview
Content Tools