Ceptor Docs

Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
{
  "destinations": [
    {
      "name": "demoapp",
      "description": "Demonstration application",
      "cookiesnapper": {
        "pattern": "JSESSIONID",
        "classifier": "default"
      },
      "ping": {
        "expect": "200",
        "timeout.seconds": 5,
        "method": "HEAD",
        "uri": "/",
        "meod": "GET",
        "interval.seconds": 30,
        "response.verify.script": "if (input.contains('For further information about PortalProtect')) true; else false;"
      },
      "loadbalance": "roundrobin",
      "target.consul.askviaconfigserver": false,
      "target.consul.interval": 60,
      "targets": [{
        "scheme": "http",
        "port": 8080,
        "unavailable": false,
        "name": "demoapp1",
        "host": "127.0.0.1",
        "disabled": false,
        "limits": {
          "queue.length": 100,
          "max.idle.connections.hard": 20,
          "idle.ttl": 10,
          "max.idle.connections.soft": 5,
          "max.concurrent.requests": 20
        }
      }],
      "limits": {
        "queue.length": 200,
        "max.idle.connections.hard": 20,
        "idle.ttl": -1,
        "max.idle.connections.soft": 5,
        "max.concurrent.requests": 10
      },
      "authentication": {
        "plugins": [
          "io.ceptor.authentication.target.TAuthenticatorBasicAuth",
          "io.ceptor.authentication.target.TAuthenticatorSSL",
          "io.ceptor.authentication.target.TAuthenticatorBearerToken"
        ],
        "basicauth": {
          "password": "password",
          "anonymous.password": "password",
          "anonymous.userid": "%{REQUEST_ID}",
          "userid": "%{REQUEST_ID}"
        },
        "bearer": {
          "authenticationplugin": 48,
          "forward.from.request": true,
          "call.newtoken": false,
          "base64encode": false,
          "newtoken.input": null,
          "use.ticket.from.session": true
        },
        "ssl": {
          "header.cipher": "SSL_CIPHER",
          "header.sessionid": "SSL_SESSION_ID",
          "header.clientcert": "SSL_CLIENT_CERT"
        },
        "request.headers": [
          {
            "name": "X-Forwarded-For",
            "value": "%{REMOTE_ADDR}"
          }
        ],
        "response.headers": []
      }
    },
	{
      "sslcontext": {
        "ssl.protocol": "TLS",
        "keystore.provider": "BC",
        "keystore.type": "PKCS12",
        "verify.server.certificate": true,
        "verify.server.name": true,
        "excludeprotocols": "SSLv3",
        "allowrenegotiate": false,
        "trusted.server.certificates": [],
        "excludeciphersuites": ".*NULL.*,.*RC4.*,.*MD5.*,.*DSS.*",
        "includeprotocols": "TLS.*",
        "includeciphersuites": "TLS_ECDHE.*,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA",
        "useciphersuites.order": true
      },
      "http2.enable": true,
      "keepalive.enable": true,
      "max.connect.retries": 3,
      "ping": {
        "expect": "200|302",
        "method": "HEAD",
        "uri": "/",
        "interval.seconds": 60
      },
      "name": "google",
      "sticky": false,
      "keep.hostheader": true,
      "description": "Proxying requests to google",
      "targets": [{
        "scheme": "https",
        "port": 443,
        "unavailable": false,
        "name": "google1",
        "host": "www.google.com",
        "disabled": false
      }]
    },
  ]
}

...

When you have entered this, you are brought to the Destination Configuration

Image RemovedImage Added

Configuration is stored in the JSON object for the destination directly

...

Default: true
JSON key: sticky

Max connect retry attemps

The number of retries in case connection fails to one of the target servers.

Default: 3
JSON key: max.connect.retries

TCP Binding

Bind Address

If specified, this is the address to bind to when making the connection to the target server - leave blank to auto assign. This is useful when you want to select a particular network interface.

...

Name of application cluster to automatically choose targets from - all servers in the applicationcluster will be used"

Note

Must be specified in the form of a macro - eg. ${applicationcluster:target:xxxxx} - where xxxxx is the name of the application cluster. See the Macros section in Ceptor Configuration Server for more info.


Default: none
JSON key: target.applicationcluster 

...