Configuring Tomcat to work behind an Internet proxy
We encourage you to consider not configuring Internet connections on servers behind an Internet proxy.
It has some disadvantages, such as:
- You will need to use your proxy credentials each time you upgrade the application with the OpenKM automatic updater tools.
- You need to configure JVM parameters with your Internet proxy settings for the application to be able to connect to the Internet.
It is not very clear what the advantages are for this kind of configuration on Production Servers, which are not the same scenario as end users. Take it as is; only a suggestion.
Linux
The configuration below is based on setting proxy parameters in the JVM environment. Another option is configuring the proxy at the OS level; here is one of several options:
Edit your "/etc/bash.bashrc" file as root and add these lines to the end of your "/etc/bash.bashrc" file:
export http_proxy=http://username:password@proxyserver.net:port/
export ftp_proxy=http://username:password@proxyserver.net:port/
- Stop OpenKM.
- Edit the $TOMCAT_HOME/bin/setenv.sh file and add the following lines:
The http://proxy.url.com value must be your own proxy host URL.
The "user" value must be the username used to connect to the proxy. If your proxy does not require authentication you can remove the entire line where these parameters are set.
The "password" value must be the password for the user connecting to the proxy. If your proxy does not require authentication you can remove the entire line where these parameters are set.
# HTTP Proxy configuration
JAVA_OPTS="$JAVA_OPTS -Dhttp.proxyHost=proxy-host-or-ip -Dhttp.proxyPort=proxy-port"
JAVA_OPTS="$JAVA_OPTS -Dhttp.proxyUser=user -Dhttp.proxyPassword=password"
# HTTPS Proxy configuration
JAVA_OPTS="$JAVA_OPTS -Dhttps.proxyHost=proxy-host-or-ip -Dhttps.proxyPort=proxy-port"
JAVA_OPTS="$JAVA_OPTS -Dhttps.proxyUser=user -Dhttps.proxyPassword=password"At the end your setenv.sh should look something like this :
JAVA_OPTS="$JAVA_OPTS -Xms1024m -Xmx4096m -XX:+UseConcMarkSweepGC -Djava.awt.headless=true -Djava.net.preferIPv4Stack=true"
JAVA_OPTS="$JAVA_OPTS -Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8 -Dmail.mime.ignoreunknownencoding=true"
JAVA_OPTS="$JAVA_OPTS -Dhttp.proxyHost=192.168.100.128 -Dhttp.proxyPort=3128"
JAVA_OPTS="$JAVA_OPTS -Dhttps.proxyHost=192.168.100.128 -Dhttps.proxyPort=3128"If you have issues resolving DNS, you can also try the following configuration to use Google's DNS:
JAVA_OPTS="$JAVA_OPTS -Dsun.net.spi.nameservice.nameservers=8.8.8.8"
JAVA_OPTS="$JAVA_OPTS -Dsun.net.spi.nameservice.provider.1=dns,sun"- Start OpenKM.
- Go to Administration > Tools > Scripting and execute the script below (the Google HTML code should be shown).
import java.net.URL;
import java.net.HttpURLConnection;
import java.io.BufferedReader;
URL url = new URL("http://www.google.com");
HttpURLConnection urlConn = (HttpURLConnection) url.openConnection();
urlConn.setDoInput(true);
urlConn.setDoOutput(true);
urlConn.setUseCaches(false);
urlConn.setRequestMethod("GET");
BufferedReader input = new BufferedReader(new InputStreamReader(urlConn.getInputStream()));
String line;
StringBuilder sb = new StringBuilder();
while ((line = input.readLine()) != null) {
sb.append(line);
}
input.close();
print(sb.toString().replaceAll("\n","<br/>"));Windows
The configuration below is based on setting proxy parameters in the JVM environment. Another option is configuring the proxy at the OS level; consider looking for this information on the Microsoft TechNet website.
Step one
Verify starting and stopping OpenKM from the command line.
- First, stop the OpenKM service.
- Edit $TOMCAT_HOME/bin/setenv.bat file and add the following lines:
The http://proxy.url.com value must be your own proxy host URL.
The "user" value must be the username used to connect to the proxy. If your proxy does not require authentication you can remove the entire line where these parameters are set.
The "password" value must be the password for the user connecting to the proxy. If your proxy does not require authentication you can remove the entire line where these parameters are set.
# HTTP Proxy configuration
set JAVA_OPTS=%JAVA_OPTS% -Dhttp.proxyHost=proxy-host-or-ip -Dhttp.proxyPort=proxy-port
set JAVA_OPTS=%JAVA_OPTS% -Dhttp.proxyUser=user -Dhttp.proxyPassword=password
# HTTPS Proxy configuration
set JAVA_OPTS=%JAVA_OPTS% -Dhttps.proxyHost=proxy-host-or-ip -Dhttps.proxyPort=proxy-port
set JAVA_OPTS=%JAVA_OPTS% -Dhttps.proxyUser=user -Dhttps.proxyPassword=passwordAt the end your setenv.bat should look something like this:
set JAVA_OPTS=%JAVA_OPTS% -Xms1024m -Xmx4096m -XX:+UseConcMarkSweepGC -Djava.awt.headless=true -Djava.net.preferIPv4Stack=true
set JAVA_OPTS=%JAVA_OPTS% -Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8 -Dmail.mime.ignoreunknownencoding=true
set JAVA_OPTS=%JAVA_OPTS% -Dhttp.proxyHost=192.168.100.128 -Dhttp.proxyPort=3128
set JAVA_OPTS=%JAVA_OPTS% -Dhttps.proxyHost=192.168.100.128 -Dhttps.proxyPort=3128If you have issues resolving DNS, you can also try the following configuration to use Google's DNS:
set JAVA_OPTS=%JAVA_OPTS% -Dsun.net.spi.nameservice.nameservers=8.8.8.8
set JAVA_OPTS=%JAVA_OPTS% -Dsun.net.spi.nameservice.provider.1=dns,sun- Start OpenKM from the command line.
c:\tomcat-8.5.69\bin\> catalina.bat run
- Go to Administration > Tools > Scripting and execute the script below (the Google HTML code should be shown).
import java.net.URL;
import java.net.HttpURLConnection;
import java.io.BufferedReader;
URL url = new URL("http://www.google.com");
HttpURLConnection urlConn = (HttpURLConnection) url.openConnection();
urlConn.setDoInput(true);
urlConn.setDoOutput(true);
urlConn.setUseCaches(false);
urlConn.setRequestMethod("GET");
BufferedReader input = new BufferedReader(new InputStreamReader(urlConn.getInputStream()));
String line;
StringBuilder sb = new StringBuilder();
while ((line = input.readLine()) != null) {
sb.append(line);
}
input.close();
print(sb.toString().replaceAll("\n","<br/>"));Step two
If all went well in step one, you can now configure parameters for the OpenKM service.
- Stop OpenKM.
- Go to $TOMCAT_HOME/bin and execute the following command lines:
The command lines below do not register the parameters for DNS resolving. If you need them, simply add them.
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttp.proxyHost=proxy-host-or-ip"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttp.proxyPort=proxy-port"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttp.proxyUser=user"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttp.proxyPassword=password"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttps.proxyHost=proxy-host-or-ip"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttps.proxyPort=proxy-port"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttps.proxyUser=user"
c:\tomcat-8.5.69\bin\> OpenKM //US//OpenKM ++JvmOptions="-Dhttps.proxyPassword=password"
- Start OpenKM from services.
- Go to Administration > Tools > Scripting and execute the script below (the Google HTML code should be shown).
import java.net.URL;
import java.net.HttpURLConnection;
import java.io.BufferedReader;
URL url = new URL("http://www.google.com");
HttpURLConnection urlConn = (HttpURLConnection) url.openConnection();
urlConn.setDoInput(true);
urlConn.setDoOutput(true);
urlConn.setUseCaches(false);
urlConn.setRequestMethod("GET");
BufferedReader input = new BufferedReader(new InputStreamReader(urlConn.getInputStream()));
String line;
StringBuilder sb = new StringBuilder();
while ((line = input.readLine()) != null) {
sb.append(line);
}
input.close();
print(sb.toString().replaceAll("\n","<br/>"));
