Reverse Proxy with URL Rewrite v2 and Application Request Routing

Reverse Proxy with URL Rewrite v2 and Application Request Routing

Introduction

By using URL Rewrite Module and Application Request Routing you can implement complex and flexible load balancing and reverse proxy configurations. A very common reverse proxy scenario is to make available several internal web applications over the Internet. An Internet-accessible Web server is used as a reverse-proxy server that receives Web requests and then forwards them to several intranet applications for processing: The following figure illustrates a typical configuration for a reverse-proxy scenario:

Assuming that the ARR server has a domain name http://contoso.com, each web application can be accessed by using these URLs:

When a request is made to http://contoso.com/webmail/default.aspx, ARR forwards these requests to an internal server using the URL http://webmail/default.aspx. Similarly, requests to http://contoso.com/payroll/ are forwarded tohttp://payroll/default.aspx.

In addition, if internal application inserts links into its response HTML that link to elsewhere in those applications, those links should be modified before the response is returned to the client. For example, a page from http://webmail/default.aspx might contain a link like this:

<a href=”/default.aspx?id=1″>link</a>

Then ARR server should change this link to the following:

<a href=”/webmail/default.aspx?id=1″>link</a>

Creating the Example Web Sites

For simplicity, the reverse-proxy scenario you will work with in this walkthrough will be implemented on a single server, with the IIS “Default Web Site” acting as a reverse-proxy site and webmail and payroll applications hosted in separate IIS web sites on the same server.

To create the example Web sites:

  1. Create two folders called “webmail” and “payroll” in the following folder:

    %SystemDrive%\inetpub\ folder.

  2. Create two IIS web sites called “webmail” and “payroll” that point to corresponding folders under %SystemDrive%\inetpub\. Use different IP ports for each site.
    You can use the following commands to create the sites:

    %windir%\System32\inetsrv\appcmd.exe add site /name:”webmail” /bindings:http/*:8081: /physicalPath:”%SystemDrive%\inetpub\webmail

    %windir%\System32\inetsrv\appcmd.exe add site /name:”payroll” /bindings:http/*:8082: /physicalPath:”%SystemDrive%\inetpub\payroll

  3. Create a file named default.aspx in the following folder:

    %SystemDrive%\inetpub\webmail

  4. Copy the following ASP.NET markup, paste it into the file, and save the file:

    <%@ Page Language=”C#” %>
    <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”&gt;
    <html xmlns=”http://www.w3.org/1999/xhtml”&gt;
    <head>
    <meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″ />
    <title>Reverse Proxy Test – WebMail Application</title>
    </head>
    <body>
    <h1>Reverse Proxy Test Page – WebMail Application</h1>
    <p>Requested URL path is <%= Request.ServerVariables[“SCRIPT_NAME”] %><p>
    <p><a href=”<%= Request.ServerVariables[“SCRIPT_NAME”] %>”>Here</a> is the link to this page.</p>
    </body>
    </html>

  5. Create a file named default.aspx in the following folder:

    %SystemDrive%\inetpub\payroll

  6. Copy the following ASP.NET markup, paste it into the file, and save the file:

    <%@ Page Language=”C#” %>
    <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”&gt;
    <html xmlns=”http://www.w3.org/1999/xhtml”&gt;
    <head>
    <meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″ />
    <title>Reverse Proxy Test – Payroll Application</title>
    </head>
    <body>
    <h1>Reverse Proxy Test Page – Payroll Application</h1>
    <p>Requested URL path is <%= Request.ServerVariables[“SCRIPT_NAME”] %><p>
    <p><a href=”<%= Request.ServerVariables[“SCRIPT_NAME”] %>”>Here</a> is the link to this page.</p>
    </body>
    </html>

  7. To make sure that sites are working correctly, open a Web browse and request the following URLs:

    http://localhost:8081/default.aspx
    http://localhost:8082/default.aspx

Configuring Rules for the Reverse Proxy

In this section of the walkthrough, you will configure reverse proxy functionality to work with the example Web sites that you have created.

ENABLING REVERSE PROXY FUNCTIONALITY

Reverse Proxy functionality is disabled by default, so you must begin by enabling it.

  1. Open IIS Manager
  2. Select a server node in the tree view on the left hand side and then click on the “Application Request Routing” feature:
  3. Check the “Enable Proxy” check box. Leave the default values for all the other settings on this page:

CREATING A RULE FOR WEBMAIL APPLICATION

You will create two rewrite rules:

  • A rewrite rule that will proxy any request to webmail application at http://localhost:8081/ as long as requested URL path starts with “webmail”.
  • A rewrite rule that will proxy any request to payroll application at http://localhost:8082/ as long as requested URL path starts with “payroll”.

To add the reverse proxy rewrite rules:

  1. Open the web.config file located in the following location:

    %SystemDrive%\inetpub\wwwroot\

  2. Under the /configuration/system.webServer element, add the following and then save the file:

    <rewrite>
    <rules>
    <rule name=”Reverse Proxy to webmail” stopProcessing=”true”>
    <match url=”^webmail/(.*)” />
    <action type=”Rewrite” url=”http://localhost:8081/{R:1}” />
    </rule>
    <rule name=”Reverse Proxy to payroll” stopProcessing=”true”>
    <match url=”^payroll/(.*)” />
    <action type=”Rewrite” url=”http://localhost:8082/{R:1}” />
    </rule>
    </rules>
    </rewrite>

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s