Configuring Tomcat to work behind an Internet proxy
We encourage you to consider not configuring Internet connections on servers behind an Internet proxy.
It has some disadvantages, such as:
- You will need to provide your proxy credentials each time you upgrade the application using OpenKM's automatic updater tools.
- You need to configure JVM parameters with your Internet proxy data for the application to be able to connect to the Internet.
It is not very clear what the advantages are for this kind of configuration on production servers, which are not the same scenario as end users. Take it as is, only a suggestion.
Linux
The configuration below is based on setting proxy parameters in the JVM environment. Another option is configuring the proxy at the OS level; here is one of several options:
Edit your "/etc/bash.bashrc" file as root and put these lines at the end of your "/etc/bash.bashrc" file:
export http_proxy=http://username:password@proxyserver.net:port/
export ftp_proxy=http://username:password@proxyserver.net:port/
- Stop OpenKM.
- Edit the $TOMCAT_HOME/bin/setenv.sh file and add the lines:
The http://proxy.url.com value must be the host URL of your proxy.
The "user" value must be the username used to connect to the proxy. If your proxy does not require authentication you can remove the entire line where these parameters are set.
The "password" value must be the password for the user connecting to the proxy. If your proxy does not require authentication you can remove the entire line where these parameters are set.
# HTTP Proxy configuration
JAVA_OPTS="$JAVA_OPTS -Dhttp.proxyHost=proxy-host-or-ip -Dhttp.proxyPort=proxy-port"
JAVA_OPTS="$JAVA_OPTS -Dhttp.proxyUser=user -Dhttp.proxyPassword=password"
# HTTPS Proxy configuration
JAVA_OPTS="$JAVA_OPTS -Dhttps.proxyHost=proxy-host-or-ip -Dhttps.proxyPort=proxy-port"
JAVA_OPTS="$JAVA_OPTS -Dhttps.proxyUser=user -Dhttps.proxyPassword=password"At the end your setenv.sh should look something like this:
JAVA_OPTS="$JAVA_OPTS -Xms1024m -Xmx4096m -XX:+UseConcMarkSweepGC -Djava.awt.headless=true -Djava.net.preferIPv4Stack=true"
JAVA_OPTS="$JAVA_OPTS -Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8 -Dmail.mime.ignoreunknownencoding=true"
JAVA_OPTS="$JAVA_OPTS -Dhttp.proxyHost=192.168.100.128 -Dhttp.proxyPort=3128"
JAVA_OPTS="$JAVA_OPTS -Dhttps.proxyHost=192.168.100.128 -Dhttps.proxyPort=3128"If you have issues resolving DNS, you can also try this configuration that uses Google DNS:
JAVA_OPTS="$JAVA_OPTS -Dsun.net.spi.nameservice.nameservers=8.8.8.8"
JAVA_OPTS="$JAVA_OPTS -Dsun.net.spi.nameservice.provider.1=dns,sun"- Start OpenKM.
- Go to Administration > Tools > Scripting and execute the script below (should display Google's HTML code).
import java.net.URL;
import java.net.HttpURLConnection;
import java.io.BufferedReader;
URL url = new URL("http://www.google.com");
HttpURLConnection urlConn = (HttpURLConnection) url.openConnection();
urlConn.setDoInput(true);
urlConn.setDoOutput(true);
urlConn.setUseCaches(false);
urlConn.setRequestMethod("GET");
BufferedReader input = new BufferedReader(new InputStreamReader(urlConn.getInputStream()));
String line;
StringBuilder sb = new StringBuilder();
while ((line = input.readLine()) != null) {
sb.append(line);
}
input.close();
print(sb.toString().replaceAll("\n","<br/>"));Windows
The configuration below is based on setting proxy parameters in the JVM environment. Another option is configuring the proxy at the OS level; consider looking for this information on the Microsoft TechNet website.
Step one
Check starting and stopping OpenKM from the command line.
- First, stop the OpenKM service.
- Edit $TOMCAT_HOME/bin/setenv.bat file and add the lines:
The http://proxy.url.com value must be the host URL of your proxy.
The "user" value must be the username used to connect to the proxy. If your proxy does not require authentication you can remove the entire line where these parameters are set.
The "password" value must be the password for the user connecting to the proxy. If your proxy does not require authentication you can remove the entire line where these parameters are set.
# HTTP Proxy configuration
set JAVA_OPTS=%JAVA_OPTS% -Dhttp.proxyHost=proxy-host-or-ip -Dhttp.proxyPort=proxy-port
set JAVA_OPTS=%JAVA_OPTS% -Dhttp.proxyUser=user -Dhttp.proxyPassword=password
# HTTPS Proxy configuration
set JAVA_OPTS=%JAVA_OPTS% -Dhttps.proxyHost=proxy-host-or-ip -Dhttps.proxyPort=proxy-port
set JAVA_OPTS=%JAVA_OPTS% -Dhttps.proxyUser=user -Dhttps.proxyPassword=passwordAt the end your setenv.bat should look something like this:
set JAVA_OPTS=%JAVA_OPTS% -Xms1024m -Xmx4096m -XX:+UseConcMarkSweepGC -Djava.awt.headless=true -Djava.net.preferIPv4Stack=true
set JAVA_OPTS=%JAVA_OPTS% -Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8 -Dmail.mime.ignoreunknownencoding=true
set JAVA_OPTS=%JAVA_OPTS% -Dhttp.proxyHost=192.168.100.128 -Dhttp.proxyPort=3128
set JAVA_OPTS=%JAVA_OPTS% -Dhttps.proxyHost=192.168.100.128 -Dhttps.proxyPort=3128If you have issues resolving DNS, you can also try this configuration that uses Google DNS:
set JAVA_OPTS=%JAVA_OPTS% -Dsun.net.spi.nameservice.nameservers=8.8.8.8
set JAVA_OPTS=%JAVA_OPTS% -Dsun.net.spi.nameservice.provider.1=dns,sun- Start OpenKM from the command line.
c:\tomcat-8.5.69\bin\> catalina.bat run
- Go to Administration > Tools > Scripting and execute the script below (should display Google's HTML code).
import java.net.URL;
import java.net.HttpURLConnection;
import java.io.BufferedReader;
URL url = new URL("http://www.google.com");
HttpURLConnection urlConn = (HttpURLConnection) url.openConnection();
urlConn.setDoInput(true);
urlConn.setDoOutput(true);
urlConn.setUseCaches(false);
urlConn.setRequestMethod("GET");
BufferedReader input = new BufferedReader(new InputStreamReader(urlConn.getInputStream()));
String line;
StringBuilder sb = new StringBuilder();
while ((line = input.readLine()) != null) {
sb.append(line);
}
input.close();
print(sb.toString().replaceAll("\n","<br/>"));Step two
If everything went right in step one, you can now configure the parameters in the OpenKM service.
- Stop OpenKM.
- Go to $TOMCAT_HOME/bin and execute the next command line:
The command lines below do not register the parameters for DNS resolving. If you need them, simply add them.
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttp.proxyHost=proxy-host-or-ip"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttp.proxyPort=proxy-port"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttp.proxyUser=user"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttp.proxyPassword=password"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttps.proxyHost=proxy-host-or-ip"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttps.proxyPort=proxy-port"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttps.proxyUser=user"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttps.proxyPassword=password"
- Start OpenKM from services.
- Go to Administration > Tools > Scripting and execute the script below (should display Google's HTML code).
import java.net.URL;
import java.net.HttpURLConnection;
import java.io.BufferedReader;
URL url = new URL("http://www.google.com");
HttpURLConnection urlConn = (HttpURLConnection) url.openConnection();
urlConn.setDoInput(true);
urlConn.setDoOutput(true);
urlConn.setUseCaches(false);
urlConn.setRequestMethod("GET");
BufferedReader input = new BufferedReader(new InputStreamReader(urlConn.getInputStream()));
String line;
StringBuilder sb = new StringBuilder();
while ((line = input.readLine()) != null) {
sb.append(line);
}
input.close();
print(sb.toString().replaceAll("\n","<br/>"));
