https://connect.hyland.com/t5/alfresco-forum/best-practize-to-configure-alfresco-behind-a-webproxy/m-p/114926#M31910 <HTML><HEAD></HEAD><BODY><P>Hi Florian,</P><P>I don't have experience with Watchguard but there are some points which are more or less generic:</P><UL><LI>tomcat needs to know the hostname (<CODE class="">proxyName</CODE>), port (<CODE class="">proxyPort</CODE>) and protocol the end user called you could<UL><LI>pass protocol and host in header variables to be mapped on tomcat in tomcat you could use RemoteIpValve to automatically map IP, host and protocol</LI><LI>hard code protocol, host, port by defining multiple tomcat connectors setting scheme, proxyPort in the connector attributes</LI></UL></LI><LI>in alfresco-global.properties the value of share.host will be whitelisted in the Alfresco Share "CSRF Token Filter". Please read <A class="link-titled" href="https://docs.alfresco.com/6.1/concepts/csrf-policy.html" title="https://docs.alfresco.com/6.1/concepts/csrf-policy.html" rel="nofollow noopener noreferrer">Cross-Site Request Forgery (CSRF) filters for Share | Alfresco Documentation</A> to understand how to configure/change the behavior of that filter.</LI></UL></BODY></HTML> Thu, 05 Sep 2019 08:26:48 GMT heiko_robert 2019-09-05T08:26:48Z https://connect.hyland.com/t5/alfresco-forum/best-practize-to-configure-alfresco-behind-a-webproxy/m-p/114925#M31909 Hi,can someone give me some hints how to configure Alfresco behind a webproxy (Watchguard)?The communication between alfresco tomcat and webproxy should be non encrypted to improve performance.The communication between client and webproxy is secured by SSL.On the webproxy I have enabled TLS/SSL offl Thu, 05 Sep 2019 07:36:19 GMT https://connect.hyland.com/t5/alfresco-forum/best-practize-to-configure-alfresco-behind-a-webproxy/m-p/114925#M31909 nettania 2019-09-05T07:36:19Z https://connect.hyland.com/t5/alfresco-forum/best-practize-to-configure-alfresco-behind-a-webproxy/m-p/114926#M31910 <HTML><HEAD></HEAD><BODY><P>Hi Florian,</P><P>I don't have experience with Watchguard but there are some points which are more or less generic:</P><UL><LI>tomcat needs to know the hostname (<CODE class="">proxyName</CODE>), port (<CODE class="">proxyPort</CODE>) and protocol the end user called you could<UL><LI>pass protocol and host in header variables to be mapped on tomcat in tomcat you could use RemoteIpValve to automatically map IP, host and protocol</LI><LI>hard code protocol, host, port by defining multiple tomcat connectors setting scheme, proxyPort in the connector attributes</LI></UL></LI><LI>in alfresco-global.properties the value of share.host will be whitelisted in the Alfresco Share "CSRF Token Filter". Please read <A class="link-titled" href="https://docs.alfresco.com/6.1/concepts/csrf-policy.html" title="https://docs.alfresco.com/6.1/concepts/csrf-policy.html" rel="nofollow noopener noreferrer">Cross-Site Request Forgery (CSRF) filters for Share | Alfresco Documentation</A> to understand how to configure/change the behavior of that filter.</LI></UL></BODY></HTML> Thu, 05 Sep 2019 08:26:48 GMT https://connect.hyland.com/t5/alfresco-forum/best-practize-to-configure-alfresco-behind-a-webproxy/m-p/114926#M31910 heiko_robert 2019-09-05T08:26:48Z