Proxy-Based WAM


Proxy-Based WAM architectures is where all web requests are routed through the Proxy Server.

Access to the back-end HTTP-Application servers can only be accessed via the Proxy-Based WAM.

Proxy-Based WAM can provide a more universal integration with HTTP servers since the common standard protocol, HTTP, is used instead of vendor-specific application programming interfaces (APIs).

Proxy-Based WAM acts as a contact point between the user's web browser and the HTTP-Server as a Protected Resource.

The Proxy-Based WAM masks the protected web server by presenting different external URLs to the internal URLs.

The Proxy-Based WAM becomes the communication point and can control access and carry out Single Sign-On operations. Ideally, it is not necessary to modify the protected application.

Advantages of Proxy-Based WAM#

Proxy-Based WAM has several advantages:
  • Proxy-Based WAM completely independent of the web servers, both technically and environmentally.
  • Several Proxy-Based WAM implementations provide high availability and load balancing of the access points.
  • Several Proxy-Based WAM implementations are able to consolidate WEB Server to appear as a single site.
    • Applications served from two different WEB servers could appears as the same: willeke.com/cars and willeke.com/boats could be hosted on different servers.
  • Several Proxy-Based WAM implementations allow administrative delegation so WEB Admins can alter their site configurations.
  • Migration from one product to another is less impactful to the environment.
  • No Agent installations or upgrades.

Drawbacks of Proxy-Based WAM[1]#

Nevertheless, this technology does have some drawbacks:
  • The web application must be correctly written and contain clean URLs, and typically the URLs must be relative to the root of the website.
  • Some reverse proxies only modify the HTTP headers and are not able to modify the HTML content of the pages.
  • The advent of AJAX technologies and URL and Javascript modifications make it difficult for reverse proxies to analyse page links and reconstruct external URLs.
  • The web application should not contain absolute links to other internal applications which are also accessible behind a reverse proxy.

More Information#

There might be more information for this subject on one of the following: