Reconfiguring the Loadbalancer in case of a DMZ or Reverse Proxy Setup
For on-premise deployments, the recommendation is to place API Portal behind a reverse proxy in the DMZ. The reverse proxy is required for tunneling of requests for the API Portal. The reverse proxy can either be an arbitrary reverse proxy like an Apache with mod_proxy or mod_rewrite modules, a third party security appliance, or a wM Enterprise Gateway (for the pure API traffic).
The API Portal load balancer by default redirects any clients to its fully-qualified host name. For example, if the server's host name is myportal.mycompany.com, and a user who is in the domain mycompany.com can access the server with its non-qualified name myportal, then the user (or rich client and so on being used) is redirected to myportal.mycompany.com.
When API Portal is placed behind a reverse proxy in the DMZ the redirect may not work properly with certain network configurations where there are internal and external IPs and no hostname. This can be solved by reconfiguring the Loadbalancer settings.
You have to reconfigure the following parameter settings:
HTTPD.servername parameter to manually tell the load balancer the proper external hostname of the reverse proxy (or IP address) to be used to redirect.
HTTPD.RewriteEngine parameter to disable the automatic redirection.
The loadbalancer registers itself as a service in zookeeper. This registration includes registration of a port, a hostname, and a scheme. This information can then be used by other API Portal applications to generate URLs that are passed to users (for example, in email notifications). In the reverse proxy case, the hostname used for registration should be the external (reverse proxy) address. This has to be configured by reconfiguring the zookeeper.application.instance.host parameter.