Close popover
Mark Foster (MarkF291)
Accenture UK Ltd

Accenture UK Ltd
MarkF291 Member since 2018 1 post
Accenture UK Ltd
Posted: June 18, 2018
Last activity: July 6, 2018

Multiple proxy support

Hello all,

We have a large number of REST integrations. Most of these must go through no proxy. Some must go through proxy "A". Some must go through proxy "B".

It appears that nothing works related to this at all in terms of REST connectors, there is no way to feed in proxy details for a single call, and JVM system properties are ignored, meaning Pega can support no proxies for REST.

In a HTTP connector, JVM system properties for proxy are obeyed at least. But there is no way to feed in proxy details for a single call, meaning we can only support one proxy at a time for HTTP.

InvokeHTTPConnector has java code in it still (unlike pyInvokeRESTConnector, where everything is hidden behind a PublicAPI method), which at least gives us the potential to correct this major gap. We can see somewhere here in step 2 where it is supposedly capturing proxy details from the JVM system properties. We have tried extending this to capture proxy details passed on the parameter page. While it is sub-par to have to use a HTTP connector for a REST call, it would have been better than nothing.

   //BUG-140473 : Support for proxy
    String proxyHost = System.getProperty("http.proxyHost");
    if(proxyHost!=null && proxyHost.length()>0){
        String proxyPort = System.getProperty("http.proxyPort");                
        int proxyPortInt = Integer.parseInt(proxyPort);

        // Instantiate new HttpHost for proxy config
        com.pega.apache.http.HttpHost proxy = new com.pega.apache.http.HttpHost(proxyHost, proxyPortInt);
        String proxyUser = System.getProperty("http.proxyUser");
        if(proxyUser!=null && proxyUser.length()>0)
            String proxyPwd = System.getProperty("http.proxyPassword");
            // Set up Basic auth as Scheme for Proxy
            List<String> authpref = new ArrayList<String>();
            client.getParams().setParameter(com.pega.apache.http.auth.params.AuthPNames.PROXY_AUTH_PREF, authpref);
            // Configure proxy Authentication details
            com.pega.apache.http.client.CredentialsProvider credsProvider = client.getCredentialsProvider();
            credsProvider.setCredentials(new com.pega.apache.http.auth.AuthScope(proxyHost, proxyPortInt),
                new com.pega.apache.http.auth.UsernamePasswordCredentials(proxyUser, proxyPwd));
        // Set the httpClient to use our Proxy config
        client.getParams().setParameter(com.pega.apache.http.conn.params.ConnRoutePNames.DEFAULT_PROXY, proxy);
          if (oLog.isDebugEnabled())
            oLog.debug("Applied proxy routing : " + proxy + "  for the User : " + proxyUser);

Unfortunately, it has become clear that this code isn't actually used for anything at all. The values must be being taken from the JVM system properties somewhere else, as the values we set in the ConnRoutePNames.DEFAULT_PROXY client parameter are not used, and whether or not our call reaches the target depends entirely on whether or not the JVM system properties are set. To be sure of this, we deleted this block of code from step 2. As expected, the call still went through the proxy when the JVM system properties were set, and timed-out when they were not. So this code does literally nothing :(

There is an approach of creating a clipboard page with proxy details on it described in this post, although it is for SOAP:

There are a number of posts asking about the use of this approach for REST, none of which appear to have been successful, nor have they been able to get any concrete information on whether or not this is expected to work.

We have tried it none-the-less for both HTTP and REST connectors, using page names of pyProxySettingsForHTTP and pyProxySettingsForREST. This has had no effect on the platform behaviour.

If anyone has any ideas or experience around this, we would be most grateful, as it is looking like we will need to go back to the client and tell them that Pega does not support the use of multiple proxies at all, and only supports a single proxy for GET/POST HTTP invocations (none for PUT), which I don't expect to go down well given it is a non-optional and very basic requirement, one which is not an issue for anyone else in their predominantly java landscape.

Data Integration
Moderation Team has archived post