How to use web portal proxy in ezeelogin ?
How to enable the web portal with the " use proxy " feature in Ezeelogin?
This feature enables the users to use the Ezeelogin gateway server itself as the proxy server while accessing the web portal.
Note: Ensure that the node version is 19 and above. Also, make sure the kernel version is 4 and above in the gateway server. You can check the kernel version using the below command.
root@gateway ~]# uname -r
--> Install node js using npm and n module
On Centos 7
root@localhost:~ yum install epel-release
root@localhost:~ yum install npm
On Ubuntu 16/18 and Debian 10
root@localhost:~ apt install npm
On Ubuntu 20
--> Install n, Node’s version manager:
If you are not using SSL, you need to set the repo to HTTP by running :
root@localhost:~ npm config set registry http://registry.npmjs.org/
root@localhost:~ npm install -g n
--> Install node by running :
To install the latest version:
root@locallhost:~ n latest
root@localhost:~ n version.number
root@localhost:~ n 21
root@localhost:~ n --insecure latest
root@localhost:~ n
1. Install the following dependency modules in the gateway server
[root@centos /]# yum -y install pango.x86_64 libXcomposite.x86_64 libXcursor.x86_64 libXdamage.x86_64 libXext.x86_64 libXi.x86_64 libXtst.x86_64 cups-libs.x86_64 libXScrnSaver.x86_64 libXrandr.x86_64 GConf2.x86_64 alsa-lib.x86_64 atk.x86_64 gtk3.x86_64 ipa-gothic-fonts xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic xorg-x11-fonts-Type1 xorg-x11-fonts-misc
root@ubuntu:/# sudo apt-get install gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils libgbm-dev wget
Make sure to install SSL (self-signed or a valid cert )even if you have installed an SSL certificate on the Load balancer (ELB/ALB). Also, make sure to add a listener and routing for the port Web Proxy Port 52666
To ensure SSL for the browser tab that opens up the web portal, generate a self-signed cert with the following command on the jump server/gateway server.
root@jumpserver:~# openssl req -new -days 365 -x509 -nodes -newkey rsa:2048 -out /usr/local/etc/ezlogin/tls_cert.pem -keyout /usr/local/etc/ezlogin/tls_key.pem
3. Install the NodeJS modules dependencies for the Web Proxy.
1. php /usr/local/ezlogin/eztool.php -- -install_node_modules -node_component ezproxy
or
2. cd $(awk '/^system_folder/ {print $2}' /usr/local/etc/ezlogin/ez.conf)/application/external/ezproxy/&& npm install
- Ensure that Node version is above 19, Kernal >= 4 and NPM Version is >=6
root@jump-host:~# pkill node
Note: Append DEBUG=* at the beginning of the command which you've got from the application logs.
root@jump-host:~# DEBUG=* PORT=52666 XFWD=1 WS=1 SESSION_TIMEOUT=300000 REQUEST_TIMEOUT=120000 DBP='94Y6[@MhW]@Qb' node /var/www/ezlogin/application/external/ezproxy/index.js
Web portal proxy may not work in all cases such as when the login is javascript-based or when it uses certain dynamic security tokens.
The screenshot below shows an example of JSON based web portal
Related Articles: