Confluence 4.0 : Configure Web Proxy Support for Confluence
This page last changed on Aug 24, 2011 by akazatchkov.
Some of Confluence's macros, such as {rss} and {jiraissues} need to make web requests to remote servers in order to retrieve data. If Confluence is deployed within a data-centre or DMZ, it may not be able to access the Internet directly to make these requests. If you find that the {rss} macro does not work, ask your network administrator if Confluence needs to access the Internet through a web proxy. Configuring an outbound HTTP proxy in ConfluenceProxy support is configured by passing certain system properties to the Java Virtual Machine on startup. These properties follow the conventions defined by Oracle:
At a minimum, you need to define Properties -Dhttp.proxyHost=proxy.example.org -Dhttp.proxyPort=8080 Property -Dhttp.nonProxyHosts=*.foo.com|localhost Note: You may need to escape the pipe character | in some command-line environments. If the
Configuring HTTP proxy authenticationProxy authentication is also configured by providing system properties to Java in your application server's configuration file. Specifically, the following two properties:
Authentication has a few more options in Confluence 2.10 and later, as documented below. HTTP proxy (Microsoft ISA) NTLM authentication (2.10 and later)Confluence 2.10 and later supports NTLM authentication for outbound HTTP proxies when Confluence is running on a Windows server. To clarify, this means the {rss} and {jiraissues} macro will be able to contact external websites if requests have to go through a proxy that requires Windows authentication. This support is not related to logging in Confluence users automatically with NTLM, for which there is a user-contributed authenticator available. To configure NTLM authentication for your HTTP proxy, you need to define a domain system property, -Dhttp.auth.ntlm.domain=MYDOMAIN Configuring authentication order (2.10 and later)Sometimes multiple authentication mechanisms are provided by an HTTP proxy. If you have proxy authentication failure messages, you should first check your username and password, then you can check for this problem by examining the HTTP headers in the proxy failure with a packet sniffer on the Confluence server. (Describing this is outside the scope of this document.) To set the order for multiple authentication methods, you can set the system property For example, to attempt Basic authentication before NTLM authentication, and avoid Digest authentication entirely, you can set the -Dhttp.proxyAuth=basic,ntlm Troubleshooting
|
![]() |
Document generated by Confluence on Sep 19, 2011 02:47 |