Confluence 6 configuring Web proxy support

The content in the relevant platform on this page is not supported. Therefore, Atlassian supports There is no guarantee that you will be able to provide any support。 Please note that the information provided below this page is for your reference only and does not guarantee that all configurations will work properly. If you configure it according to the content on this page, all risks are at your own risk.

Some confluence macros, such as {RSS} and {jiraissues}, need to initiate a request to an external server and obtain data. If confluence is deployed in the database center or in the DMZ, you may not be able to access the Internet to obtain the required data completion requests. If you find that {RSS} macros are not working properly, ask your network administrator, or you may confluence need to be able to access external data through a proxy.

Configuring the external HTTP proxy in confluence

Proxy is supported by passing some system properties to the Java Virtual machine (Java VM) at boot time.

• Http.proxyhostconfl

• Http.proxyport (DEFAULT:80)

• Http.nonproxyhosts (default: <none>)

• Https.proxyhost

• Https.proxyport

In the smallest configuration scenario, you need to configure the proxy in the HTTP proxy definition http.proxyHost and https.proxyHost to configure HTTPS. The configuration of system attributes is described in the Configuring System Properties page.

The http.proxyHost 和  http.proxyPort Port property determines the ports that will be used by the proxy and proxy servers in the HTTP protocol processing. At the same time, https.proxyHost and https.proxyPort also for the HTTPS protocol, the same parameters are defined in the processing.

-dhttp.proxyhost=proxy.example.org-dhttp.proxyport=8080-dhttps.proxyhost=proxy.example.org-dhttps.proxyport= 8080

Property http.nonProxyHosts determines which hosts should be connected directly and which proxy servers do not pass through. This value can be a list of Master machines (hosts). Every host through | character to be split. If you want to make a further configuration, you can use the wildcard character (*) to match.

For example:

-dhttp.nonproxyhosts=*.foo.com|localhost

If you are using Confluence 6.0 or later, and you are using synchrony, you need to pass the following parameters to make sure confluence can connect directly to synchrony. Instead of localhost|127.0.0.1  your synchrony IP address, if you use the synchrony.host system property to modify the IP address used by synchrony.

-Dhttp.nonProxyHosts=localhost|127.0.0.1-Dhttps.nonProxyHosts=localhost|127.0.0.1

Note: You may need to ignore it on the command line | String.

If the http.nonProxyHosts property is not configured, all Web requests will be sent to the agent.

Note that any command-line arguments that are set from the processing list and information that anyone accesses the proxy through appropriate access may be empty. To avoid this problem, you can set these properties in the Catalina.properties file. This file is located confluence-install/conf/ in the directory. Add configuration parameters to the end of this file:

http.proxyHost=yourProxyURLhttp.proxyPort=yourProxyPorthttp.proxyUser=yourUserNamehttp.proxyPassword=yourPasswordhttps.proxyHost=yourProxyURLhttps.proxyPort=yourProxyPorthttps.proxyUser=yourUserNamehttps.proxyPassword=yourPassword

Configure HTTP Proxy Authorization

The proxy authorization is also configured by providing the system properties, which is configured in your application configuration file. It is mainly configured by the following 2 parameters:

• Http.proxyuser–username

• Http.proxypassword–secret

HTTP Proxy (Microsoft ISA) NTLM authorization

When confluence is running in a Window server environment, confluence can support NTLM authorization to provide proxy support for your external access traffic (outbound) HTTP.

This means that if your confluence server is able to access external data in a way that Windows collects, such as macros {RSS} and {jiraissues}, which can access external data. This support is different from the automatic use of NTLM with confluence user logon authorization. This authorization is used by user-contributed authorization.

To configure NTLM for your HTTP proxy authorization configuration, you need to define a domain name attribute in the System property,http.auth.ntlm.domain，你可能还需要配置更多的一些配置包括有用户名，端口等。

-dhttp.auth.ntlm.domain=mydomain

Configuring authorization Sequences

There are times when you need to provide multiple authorization modes in an HTTP proxy. If you receive an error message that the authorization failed, you should first check your user name and password, and then check the HTTP headers information for agent failure (this document does not explain how to debug, please search for references to other articles).

To test the authorization sequence for multiple authorization modes, you can set parameters in the system property http.proxyAuth , separating the authorization method with commas. The authorization methods that can be used are: Ntlm,digest and basic; These methods are also the authorization sequences used by the default authorization methods.

For example: you want to try a basic charge before NTLM is charged, and avoid diagnosing the entire authorization method. You can set http.proxyAuth the property to the following value:

-dhttp.proxyauth=basic,ntlm-dhttps.proxyauth=basic,ntlm

Problem solving

1. Here is a diagnostic used JSP file, where CONF-9719 defines the parameters used for the connection.

2. The 'Status Code [407] ' error is described in APR-160.

3. Autoproxies is not supported. Please refer to CONF-16941.

Https://www.cwiki.us/display/CONF6ZH/Configuring+Web+Proxy+Support+for+Confluence

Confluence 6 configuring Web proxy support