Under Community Review
over 1 year ago

Application level https proxy for DXA+CIL

As customers move from self hosted to hybrid SaaS models (CMS+CIS hosted by SDL, site self hosted) there is a need to secure the connection between de web app and the CIS, as this goes over the internet. In order to make use of a HTTP proxy for the internet connection, it is currently necessary to configure the proxy on server OS level. The solution would be more secure if the proxy could be configured (and thus limited to) application level. 

See also https://tridion.stackexchange.com/questions/18751/possible-to-configure-https-proxy-for-dxa-connection-to-microservices/18766#18766 

  • This would indeed require changes to the CIL & DXA to support such an application proxy. However, given that in Sites 9 our focus shall be on a new Public Content API (PCA), then this is likely to be something we look at in a new DXA PCA Provider.

    Is this a common request from our customers and partners? Do these presentation server machines need application-level proxies configured? And if so, what else is running on these machines that does not warrant OS-level secure routing?