We hare setting us IBM CLM 6.05 application with websphere liberty. But our environment have webseal and we should need to install the application behind this. we are aware that we wont get support from IBM for clm applications with Webseal as reverse proxy. But we have to deploy our clm applications on an environment where webseal is already using as a reverse proxy.
So we came into a decision that, we will configure clm applications with IHS as reverse proxy and then will make this to run behind webseal.
So our architecture plan is like
Webseal --> IHS ---> CLM appications with Liberty
Now we have setup the IHS and installed CLM applications, Infra team created a junction in webseal to make communication between Webseal and IHS,
Now when we are registering our application with the webseal url, we are geetting the error as
"The identity of remote server could not be fetched from https://vv-xxxxx.wam-sso.xxxx.com/jts/serverId because the server responded with an error code 302. Check the error log for the remote server to diagnose the cause of the failure.ID CRJAZ2177E
whats the root cause and how we can rectift this ?
Also when we put a dummy host entry in jts server ( as ip address of IHs with Webseal DNS entry) its getting fine. But its not the proper way as we are not giving the correct host entry .
So do we have any alternate way to pass this through webseal itself through IHS
Webseal -> IHS -> JTS -> RM ->.
We dont want to skip the communication through webseal or IHS and needed the traffic in the same way above.
Any suggestions highly appreciated.
Running Liberty behind Webseal is a very common scenario. One of popular options is to propagate JWT issued by webseal to Liberty. See https://www.ibm.com/blogs/sweeden/isam-9-0-2-the-jwt-sts-module-and-junction-sso-to-websphere-liberty/.