Introduction to Ajax Proxy

To prevent cross siste scripting browsers introduced the so called same-origin policy. This policy prevents client side scripts in particular JavaScript, from loading content from an origin that has a different protocol, domain name or port. What that means is if you try to send Ajax request to any server other than the document.location, browser would throw access denied exception.


The solutation that WebSphere portal server (WAS server also includes Ajax PRoxy in Web 2.0 feature pack) offers is a server side HTTP proxy. The Ajax Proxy HTTP proxy is a web application that is deployed in same WAS server as that of the portal server. The way it works is if you want to make Ajax request to remote web application say www.google.com, instead of sending request directly to www.google.com you send it to Ajax Proxy, the Ajax Proxy in turn will make request to www.google.com and return the response to you.

As adminster you can configure Ajax Proxy to either allow or deny access to particular remote web application i.e. you can say that portlets are allowed to make GET and POST request to www.google.com but not to www.yahoo.com. Similarly you can configure what all headers, cookies AJax Proxy can copy from incoming AJax request to the outgoing remote web application request.

Important Note: The AJAX Proxy can be used for developing themes, skins, static pages, or portlets.

No comments: