Using the XMLA connector with proxies and SSL



Similar documents
PAC File Best Practices with Web Security Gateway and Web Security Gateway Anywhere

Configuring Network Load Balancing with Cerberus FTP Server

Windows XP Exchange Client Installation Instructions

POP3 Connector for Exchange - Configuration

Apache JMeter HTTP(S) Test Script Recorder

What s new in ProactiveWatch 2.1!

Validating Digital Signatures in Adobe

How-to: HTTP-Proxy and Radius Authentication and Windows IAS Server settings. Securepoint Security System Version 2007nx

1 OVERVIEW IUCLID SERVER CONFIGURATION IUCLID CLIENT CONFIGURATION PERSPECTIVE RESTRICTIONS... 6

Prerequisites. Creating Profiles

Setup Guide for Exchange Server

App Orchestration 2.5

SELF SERVICE RESET PASSWORD MANAGEMENT WEB INTERFACE GUIDE

SBBWU PROXY SETTING IT CENTRE How to Set a Proxy Server in All Major Internet Browsers for Windows

Embedded Document Accounting Solution (edas) for Cost Recovery. Administrator's Guide

Installation Procedure SSL Certificates in IIS 7

Installing and Configuring vcloud Connector

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

TELNET CLIENT 5.11 SSH SUPPORT

Guide to Setting up Internet Connection Sharing for Windows

Reference and Troubleshooting: FTP, IIS, and Firewall Information

Configuring MassTransit Server to listen on ports less than 1024 using WaterRoof on Macintosh Workstations

Introduction to Mobile Access Gateway Installation

Secure Web Service - Hybrid. Policy Server Setup. Release Manual Version 1.01

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

NAS 224 Remote Access Manual Configuration

Security IIS Service Lesson 6

Outlook Web Access Guide to Installing Root Certificates, Generating CSR and Installing SSL Certificate

Elluminate Live! Access Guide. Page 1 of 7

PULSE. Pulse for Windows Phone Quick Start Guide. Release Published Date

Integrated SSL Scanning

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: October 08, 2014

How to recover IE Client

Eucalyptus User Console Guide

Spam Marshall SpamWall Step-by-Step Installation Guide for Exchange 5.5

Cyclope Internet Filtering Proxy

ADFS Integration Guidelines

GUIDE for Authentication

FTP, IIS, and Firewall Reference and Troubleshooting

The PostBase Connectivity Wizard

Virtual Server in SP883

Firewall VPN Router. Quick Installation Guide M73-APO09-380

ICONICS Using the Azure Cloud Connector

Multi-Homing Dual WAN Firewall Router

Designing and implementing effective PAC file solutions

UBS KeyLink Quick reference WEB Installation Guide

MassTransit 6.0 Enterprise Web Configuration for Macintosh OS 10.5 Server

Installing and Configuring vcloud Connector

Jeff Schertz MVP, MCITP, MCTS, MCP, MCSE

Using Microsoft Internet Explorer 6 (Windows 2000/ Windows XP/ Windows Server 2003)

Microsoft Exchange Mailbox Software Setup Guide

Steps to be taken when you are unable to get the license in Tally.ERP 9

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

EyeSoft Quick Setup Guide For latest software update / manual, please see Please see Manual for detailed instructions.

M86 Web Filter USER GUIDE for M86 Mobile Security Client. Software Version: Document Version:

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Installing and Configuring vcenter Multi-Hypervisor Manager

ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER

HELP DOCUMENTATION SSRPM WEB INTERFACE GUIDE

Elluminate Live! Access Guide. Page 1 of 7

SSL Intercept Mode. Certificate Installation Guide. Revision Warning and Disclaimer

Knowledgebase Article

Configure Managed File Transfer Endpoints

Talk-101 User Guides Web Content Filter Administration

Certificate Management for your ICE Server

Asia Web Services Ltd. (vpshosting.com.hk)

PART 1 CONFIGURATION 1.1 Installing Dashboard Software Dashboardxxx.exe Administration Rights Prerequisite Wizard

NAS 109 Using NAS with Linux

Configuring the NetBackup 7.7 Cloud Connector for use with StorReduce

HTTP Reverse Proxy Scenarios

1 Requirements. 2 Configuration. Axis-compatible Camera Application Integration.

Setup Instructions for Secure Hummingbird FTP

Quick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at

Sophos Endpoint Security and Control standalone startup guide

Install and Configure Oracle Outlook Connector

How to Connect SSTP VPN from Windows Server 2008/Vista to Vigor2950

Owner of the content within this article is Written by Marc Grote

ECA IIS Instructions. January 2005

Astaro Security Gateway V8. Remote Access via L2TP over IPSec Configuring ASG and Client

DAP Proxy Server Configuration. Technical Note

To Configure Network Connect, We need to follow the steps below:

client configuration guide. Business

Active Directory 2008 Implementation Guide Version 6.3

Barracuda Link Balancer Administrator s Guide

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

How to Migrate to MailEnable using the Migration Console

Docufide Client Installation Guide for Windows

Step-by-Step Configuration

How to Use Certificates for Additional Security

etoken Enterprise For: SSL SSL with etoken

Configuring Global Protect SSL VPN with a user-defined port

Smart Policy - Web Collector. Version 1.1

Introduction. What is a Remote Console? What is the Server Service? A Remote Control Enabled (RCE) Console

Cyclope Internet Filtering Proxy. - Installation Guide -

RSA Security Analytics

CA NetQoS Performance Center

Transcription:

Technical Note: Using the XMLA connector with proxies and SSL Revision History: Version Author Details 1 1.0 Laurentiu Iordache Created this document Page 1 of 8

Table of Contents Introduction... 3 XMLA Connector and proxies... 4 HTTP vs HTTPS... 5 Proxy Bypass... 6 Automatic configuration... 7 Authoritative Proxy... 7 SSL Support... 8 Page 2 of 8

Introduction This document details the usage of the XMLA Connector in conjunction with proxies. It also details SSL specific topics. Page 3 of 8

XMLA Connector and proxies The XMLA Connector is designed to automatically detect proxies. From the Windows perspective, the proxy settings are accessed from Control Panel by clicking Network and Internet and then Internet Options. In the dialog box that pops-up go to the Connections tab. On the bottom right of the tab click on LAN settings and the following dialog appears: Fig. 1 This example shows a system configured to use a proxy on 127.0.0.1:80. It also bypasses server for local addresses. Clicking on advanced will produce a popup like the one in the next figure: Fig. 2 Page 4 of 8

The configuration in the previous figure shows the system using the same proxy for all protocols. It also shows an exclusion list for the loopback address and https://www.google.com. From the perspective of the XMLA Connector only HTTP and Secure ports are used. The FTP and Secure proxies are ignored. Apart from this all the remaining settings have an effect to the functionality of the provider. The usage of a proxy server is a combination between the parameters aforementioned and the location, as it is typed in the Location text input when creating a new Connection. An example is given below: Fig. 3 HTTP vs HTTPS By default the provider tries to connect to the server using http. Using an http prefix is optional. With respect to the figure above, the address 127.0.0.1:8081 is equivalent to: http://127.0.0.1:8081 In order to use SSL the address must be prefixed with https://. For example, in the previous configuration, in order to connect using SSL he address should be: https://127.0.0.1:8081 Page 5 of 8

Proxy Bypass There are a number of options to bypass the proxy as follows: 1. With the checkbox Bypass proxy server for local addresses active any address starting with an IP in the local network will not use the proxy. For Example: If the computer running Excel has the IP 192.168.0.123 and the computer running the XMLA server has the IP 192.168.0.124, the address: http://192.168.0.124/saiku/xmla will bypass the proxy. Similarly, the address https://192.168.0.124/saiku/xmla will also bypass the proxy. However, if the XMLA server would have the IP 192.168.1.124 (notice the different networks: 192.168.1.0/24 for the server and 192.168.0.0/24 for the client), then the address: http://192.168.0.124/saiku/xmla will use the proxy as it is configured. 2. When the address is listed in the Exceptions (Fig. 2, in the bottom) list and the begging of the address matches the exception. For Example: If the Exceptions list contains the address https://contoso.com then the address: https://contoso.com :8080/mondrian/xmla will bypass the proxy. However the address http://contoso.com :8080/mondrian/xmla will use the proxy as it starts in http:// and not https://. 3. For loopback addresses when <-loopback> is present in the Exceptions. For example: With the configuration as shown in Fig. 2 when the server runs on the same machine as the client. The address: http://127.0.0.1:8081 will bypass the proxy. Similarly, an address as follows: https://localhost:8081 will also bypass the proxy. Page 6 of 8

Automatic configuration With respect to Fig. 1, if Using automatic configuration script is checked then the provider will download and use the proxy auto-config file specified in Address. Using this option overrides all the other settings enumerated before. For details about PAC files read the following http://en.wikipedia.org/wiki/proxy_auto-config (for example). The current version of provider has support for interpreting the following specific functions Pos Function 1 isinnet 2 isplainhostname 3 dnsdomainis 4 shexpmatch 5 dnsresolve 6 myipaddress 7 isresolvable Authoritative Proxy This feature allows bypassing the entire Windows configuration with respect to proxy. In order to enable this the following key should be present in the registry: [HKEY_CURRENT_USER\Software\Arquery\ODBO] Under this key a string value as follows control the proxy override: Name AUTHORITATIVE_PROXY Value address:port The figure below shows the system configured for a proxy on 127.0.0.1 listening on port 80: Fig. 4 Page 7 of 8

SSL Support The XMLA Connector works seamless with SSL servers. Prefixing the server address with https:// will switch to SSL communication. By default, the connector does validate the server certificate. This means that self-signed certificates will be rejected. In order to bypass the validation and allow working with self-signed server certificate the following key should be present in the registry: [HKEY_CURRENT_USER\Software\Arquery\ODBO] Under this key a DWORD value as follows controls the proxy override: Name Value SOAP_SSL_SKIP_HOST_CHECK 1 Write here any value different of 0 to bypass the validation. Check the next figure for an example: Fig. 5 Please note: Disabling server validation exposes the client to man in the middle attacks. This feature should be used with care. The recommended way of working with a given self-signed certificate is the following option: An alternate way of using a self-signed certificate is by importing it in the Windows certificate store. For details about importing a certificate read here: https://technet.microsoft.com/enus/library/cc754489.aspx?f=255&mspperror=-2147217396. The provider honors the trust exactly as it is honored by Windows. With respect to trusted Root CA the provider implements a mixed model: The most common CA certificated are preregistered with the provider. In addition to this the provider registers all the certificates on the Windows Trusted Root Certificate Authorities list. Page 8 of 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information