It's all about the answers!

Ask a question

Jazz Authorization Server over Firewall/Proxy - Redirect

Leo Shin (1113) | asked Jul 15 '17, 7:35 p.m.
retagged Jan 16 '18, 1:47 a.m. by Minakshi Jaint (5113)

We have our CLM 603 applications set up on :// using Websphere 8.5.5.  Our jazz authorization server is set up on the same server using ://server1:3443 (default 9643 was not in the approved range) using the default liberty profile.  The above URL's are for the development network.  We work in the DoD and firewall rules take time and approvals, and we have little control over the F5 that they manage.

We were issued virtual alias/IP's to make this accessible on the non-classified network (separate VPN), and seemingly can hit the websphere applications (CLM) and Websphere liberty liberty (Jazz Auth Server) when entering the URL's directly.

:// translate over a firewall to
:// translates over a firewall to

The issue is now when you try to authenticate from Jazz Auth Server to the CLM applications, coming from :// (or rm/jts) takes you to the host name, not the alias (:// 

I've updated the files for qm/rm/jts to point to the new alias, but that doesn't seem to be working either.  Any advice/suggestions would be greatly appreciated.

One answer

permanent link
Donald Nong (14.5k414) | answered Jul 17 '17, 12:06 a.m.

You will nee to do "server rename".

Modifying the will not be enough (it is not the right approach anyway) as the public URI is stored in the database as well.

Leo Shin commented Jul 17 '17, 9:48 a.m.

Thanks for your response.  I am looking through the server rename documentation.  However, I saw this come up:

"Remember that clients can connect to the CCM application with an alias: This ability supports the case where a local caching proxy is set up for caching source-control content. For more information, see Using content caching proxies for Jazz Source Control on If you connect with an alias, you might be redirected to the public URI when you follow URIs that the application provides."

Do you think going this route is viable? (content caching with websphere/squid)?

Donald Nong commented Jul 20 '17, 12:55 a.m.

No. A content caching proxy only works for contents in SCM.

Your answer

Register or to post your answer.