DataPower

 View Only

  • 1.  I would like to expose the Dev Portal using DataPowerGateway.

    Posted Fri September 15, 2023 01:29 AM

    Hi, 

    I would like to expose the Dev Portal on the private network using DataPowerGateway on the public network.

    Portal connects well using Nginx's Reverse Proxy.

    However, with DataPower's "Multi-Protocol Gateway" settings, the first page connection to DevPortal was successful, but an error occurred from the login process.

    The cause is CORS, but I don't know how to set it to "Multi-Protocol Gateway".

    ----- Response Message after logging in -----

    This XML file does not appear to have any style information associated with it. The document tree is shown below.
    <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
    <env:Body>
    <env:Fault>
    <faultcode>env:Client</faultcode>
    <faultstring>Internal Error</faultstring>
    </env:Fault>
    </env:Body>
    </env:Envelope>

    ---- Brower Error Message(CORS) ------

    Access to font at 'https://portal.domain.com/ibm/production/themes/connect_theme/fonts/extcharset/sans/IBMPlexSans-Regular.woff2' from origin 'https://devgw.domain.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

    .......



    ------------------------------
    dalsu Byun
    ------------------------------


  • 2.  RE: I would like to expose the Dev Portal using DataPowerGateway.

    Posted Mon September 18, 2023 01:23 AM

    Hi,

    I'd use Web Application Firewall for exposing a portal or some other web site. Depending of course your requirements.

    https://www.ibm.com/docs/en/datapower-gateway/10.5.x?topic=development-web-application-firewall



    ------------------------------
    Hermanni Pernaa
    ------------------------------

    Original Message


  • 3.  RE: I would like to expose the Dev Portal using DataPowerGateway.

    Posted Mon September 18, 2023 02:12 AM

    Hi,

    A similar problem occurs even if you register a WAF and expose the portal.
    Among css, image, and javascript files, the part where the path is written as Portal's full URL seems to cause an error in the browser.

    "net::ERR_CERT_AUTHORITY_INVALID"

    I would appreciate it if you could tell me in detail how to solve CORS.

    Wouldn't IBM provide a sample exposing Portal through WAF?



    ------------------------------
    dalsu Byun
    ------------------------------

    Original Message


  • 4.  RE: I would like to expose the Dev Portal using DataPowerGateway.

    Posted Tue September 19, 2023 05:35 PM

    Hi,

    we exposed the dev portal at several customers both via DP WAF and Reverse Proxy. 
    Did you keep in mind the following requirement?
    "The reverse proxy/DataPower WAF for incoming web traffic to the Developer Portal cluster must be a transparent proxy - no modification of the portal URL, port, host name or path is allowed."



    ------------------------------
    Jeroen Willems
    Integration Architect - Managing Partner
    Integration Designers
    ------------------------------

    Original Message


  • 5.  RE: I would like to expose the Dev Portal using DataPowerGateway.

    Posted Thu September 21, 2023 12:51 AM

    An error occurs when logging in.

    "web-application-firewall (devportal-proxy): Backside header ('N/A') failed to parse due to: Failed to establish a backside connection
    , URL: https://portal.apic.domain.com:443/ibm/production/user/login"

    How can I solve this?



    ------------------------------
    dalsu Byun
    ------------------------------

    Original Message


  • 6.  RE: I would like to expose the Dev Portal using DataPowerGateway.

    Posted Fri January 24, 2025 10:18 AM

    Hi Dalsu Byun,

    I hope you're doing well.

    I'm encountering a similar issue to what you've described previously. When I attempt to access the developer portal through the WAF, I receive the following error:

    

    web-application-firewall (reverse-proxy-WAF): Backside header ('N/A') failed to parse due to: Failed to establish a backside connection, URL: https://apiport.prontefflabs.com:443/user/login

    Could you please share how you troubleshooted and resolved this issue? If anyone else has insights or guidance, I'd greatly appreciate your help.

    Thanks in advance for your support!

    Best regards,
    Vignesh



    ------------------------------
    Vignesh Ganesan
    ------------------------------

    Original Message


  • 7.  RE: I would like to expose the Dev Portal using DataPowerGateway.

    Posted Mon January 27, 2025 04:26 AM

    Hello, perhaps this helps?
    Building a Reverse Proxy for the IBM Developer Portal with IBM DataPower

    Regards, Uli



    ------------------------------
    Uli Rauscher
    ------------------------------

    Original Message


  • 8.  RE: I would like to expose the Dev Portal using DataPowerGateway.

    Posted Mon January 27, 2025 11:20 PM

    Hi Uli Rauscher,

    Good Morning!!!

    I have already completed the setup you mentioned. However, as noted in the previous discussion with Dalsu and myself, once the initial configuration is done, you might encounter the error we described. To address this issue, there are additional steps required to successfully configure the reverse proxy for the IBM Developer Portal with IBM DataPower.

    The solution is detailed in the following IBM support article:
    Handling 302 Redirect Error Message

    As part of the remedy, an XSL file is provided in the article. This file needs to be uploaded to the file management section where the WAF is configured. Additionally, the XSL file must be modified to include XML logic specific to your requirements. For this step, you may need assistance from your development team.

    Thanks,
    Vignesh



    ------------------------------
    Vignesh Ganesan
    ------------------------------

    Original Message