Chapter 8. HTTP-specific settings

The following sections describe configuration settings available only for the HTTP protocol. Use the following policies to control who, when, and how can access the HTTP connection. For details on configuring Channel Policies, see Procedure 7.5, Creating and editing channel policies. For a list of supported client applications, see Section 2.6, Supported protocols and client applications.

Auditing HTTP and HTTPS connections is possible in both transparent and non-transparent modes. PSM can also be used as an HTTP/HTTPS proxy to simplify client configuration and integration into your network environment, or it can forward HTTP traffic, behaving as a HTTP tunnel.

  • Channel Policy: The HTTP protocol has only one channel type with no special configuration options. The available channel policy options are the following: From, Target, Time, Audit, and Remote groups. Note that the Remote groups option is used only if the user performs inband authentication using one of the supported HTTP authentication methods (see Section 8.2, Authentication in HTTP and HTTPS). To retrieve the groups of an authenticated user from an LDAP database, you must also set an LDAP Server in the Connection Policy (for HTTP/HTTPS connections, PSM uses this server only to retrieve the group membership of authenticated users, you cannot authenticate the users to LDAP from PSM). For details on configuring these options, see Procedure 7.5, Creating and editing channel policies.

    When setting Target, note the following:

    • If the connection uses DNAT (NAT destination address), the target address of the original client will be compared to the Target parameter of the Channel policy, that is not necessarily equivalent with the server's address.

    • If the connection is redirected to a Fix address, the redirected address will be compared to the Target parameter of the Channel policy.

  • HTTP connections: For details, see Section 8.3, Setting up HTTP connections.

  • HTTP sessions: HTTP settings determine the parameters of the connection on the protocol level, including timeout value, and so on. For details, see Section 8.4, Session-handling in HTTP.

  • HTTP settings: HTTP settings determine the parameters of the connection on the protocol level, including timeout value, and so on. For details, see Procedure 8.5, Creating and editing protocol-level HTTP settings.