If you want to expose K2 smartforms to the Internet, the biggest problem you will face will be how to put the K2 smartforms Server in the DMZ zone and still get it to function correctly. You can solve the technical issues like access to port 5252, 5555 by opening the firewall ports, resolve the K2 blackpearl Server name by hard-coding the IP into the host file, but what about AD connection? Your security is not going to allow the AD to be accessible from the DMZ zone and risk compromising it. K2 smartforms is not going to function since IIS cannot verify your login without AD.

So, the general solution is to use a Reverse Proxy Server. This will place your K2 smartforms Server within the Intranet environment (to keep your security folks happy) and your Internet users will access the content via the Reverse Proxy Server in the DMZ zone.

Let’s go right in to setup Reverse Proxy K2 smartforms now.

Setup Reverse Proxy for K2 smartforms

How it will look like

This is a graphical representation of the network environment and we will be configuring the Reverse Proxy server below.

Prepare the Reverse Proxy Server

1. Your Proxy Server will reside in the DMZ zone and should have 2 network link, one for the Internet, the other to the Intranet. So make sure your Proxy Server can resolve the K2 smarforms URL.
2. Make sure IIS is installed in the server.
3. Install the URL Rewrite module from http://www.iis.net/downloads/microsoft/url-rewrite.
4. Install Application request Routing (ARR) module from http://www.iis.net/expand/ApplicationRequestRouting.

Setup Reverse Proxy in IIS

1. Create a new Website in IIS (I’ll name it RewriteURL for my demo). This will be website Internet users will be accessing. I’ll not touch on how to setup a simple website with the bindings.
2. Go to the new Website and double-click on the URL Rewrite module.

   

3. On the Actions menu on the right, click on View Server Variables.. 

   

4. Add two variables – HTTP_ACCEPT_ENCODING and HTTP_X_ORIGINAL_ACCEPT_ENCODING.

   

5. Now, return to the URL Rewrite module’s home page by clicking Back to Rules.
6. On the Actions menu on the right again, click on Add Rules(s)…

   

7. In the Add Rule(s) dialog, select Reverse Proxy and click on OK.

   

8. You will see a prompt regarding the Application Request Routing (ARR) module if this is the first time you created a Reverse Proxy. Click OK to close the prompt.

   

9. In the Add Reverse Proxy Rules dialog,
   1. Fill in the URL of the K2 smartforms website. Make sure the Reverse Proxy server can resolve this URL.
   2. Check on Enable SSL Offloading, if your Internet website is running HTTPS and your K2 smartforms website is running on HTTP.
   3. Check on the option Rewrite the domain names of the links in HTTP responses. This will ensure the URL generated by K2 smartforms will be rewritten to the Internet website’s URL.
   4. Under the Outbound Rules section, fill in the K2 smartforms URL in the From field and the Internet website’s URL in the To field.

      

10. Click OK when you are done.
11. You will see a new inbound rule entry. Edit it.

    

12. Under the Server Variables section, add (Order of the variables is important here):
    1. HTTP_X_ORIGINAL_ACCEPT_ENCODING and set the value to {HTTP_ACCEPT_ENCODING}.
    2. HTTP_ACCEPT_ENCODING and give it a temporary value first. We will be removing the value in the web.config later.
13. Under the Action section, ensure the scheme (http/https) in the Rewrite URL field is correct. Leave the rest of the selection as is.

    

14. Click Apply in the Actions menu.
15. Back in the URL Rewrite module home page, edit the outbound rule.

    

16. Under the Actions section, make sure the scheme (http/https) of the URL is correct.

    

17. Click Apply in the Actions menu to save the changes, if any.
18. Back on URL Rewrite module home page, click on Add Rule(s)… in the Action menu.
19. Select Blank rule under the Outbound rules section and click OK.

    

20. Set the rule’s Name to RestoreAcceptEncoding.
21. In the Precondition dropdown list, select <Create New Precondition…>.
22. In the Add Precondition dialog, set the Name to NeedsRestoringAcceptEncoding.
23. Select Regular Express under Using dropdown list.
24. Select Match All under Logical grouping dropdown list.
25. Click on the Add button.
26. In the Add Condition dialog, fill in the following and click OK:
    1. Condition input: {HTTP_X_ORIGINAL_ACCEPT_ENCODING}
    2. Check if input string: Matches the Pattern
    3. Pattern: .+
    4. Ignore case: checked 

       

27. The Add Precondition dialog should look like the following. Click OK to complete it.

    

28. Back in the Edit outbound Rule page, set the following values in the Match section:
    1. Matching scope: Server Variable
    2. Variable name: HTTP_ACCEPT_ENCODING
    3. Variable value: Matches the Pattern
    4. Using: Regular Expressions
    5. Pattern: ^(.*)
    6. Ignore case: checked

       

29. Under the Action section, set the following values:
    1. Action type: Rewrite
    2. Action Properties – Value: {HTTP_X_ORIGINAL_ACCEPT_ENCODING}
    3. Replace existing server variable value: checked
    4. Stop Processing of subsequent rules: not checked

       

30. Click Apply under the Actions menu and return to the URL Rewrite home page.
31. Click on the new outbound rule and ensure RestoreAcceptEncoding is before ReverseProxyOutboundRule1. The order is important here.

    

32. Next, leave the IIS Manager app and edit the web.config file for this website.
33. If you recall, I mentioned that the server variable value for HTTP_ACCEPT_ENCODING will be updated later and this is where we will set the value to empty.

    

34. And that’s all for the configuration

Testing

Now, to test that your Reverse Proxy for K2 smartforms works, carry out an IIS reset and hit the proxy server’s website (e.g. http://rewritetest.local/designer).

Web.config for reference

Well, if your proxy setup did not work, you might have missed some settings. I’ve attached my sample web.config file for your reference =)

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <outboundRules>
                <clear />
                <rule name="RestoreAcceptEncoding" preCondition="NeedsRestoringAcceptEncoding">
                    <match serverVariable="HTTP_ACCEPT_ENCODING" pattern="^(.*)" />
                    <conditions logicalGrouping="MatchAll" trackAllCaptures="true" />
                    <action type="Rewrite" value="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" />
                </rule>
                <rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
                    <match filterByTags="A, Form, Img" pattern="^http(s)?://k2.denallix.com/(.*)" />
                    <conditions logicalGrouping="MatchAll" trackAllCaptures="true" />
                    <action type="Rewrite" value="http://rewritetest.local/{R:2}" />
                </rule>
                <preConditions>
                    <preCondition name="ResponseIsHtml1">
                        <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
                    </preCondition>
                    <preCondition name="NeedsRestoringAcceptEncoding">
                        <add input="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" pattern=".+" />
                    </preCondition>
                </preConditions>
            </outboundRules>
            <rules>
                <rule name="ReverseProxyInboundRule1" stopProcessing="true">
                    <match url="(.*)" />
                    <serverVariables>
                        <set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
                        <set name="HTTP_ACCEPT_ENCODING" value="" />
                    </serverVariables>
                    <action type="Rewrite" url="https://k2.intranet/{R:1}" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>

Have fun setting up your Reverse Proxy for K2 smartforms!

• Author
• Recent Posts

Ji Kai

Director / Principal Consultant at Alrighty Labs Pte. Ltd.

Ji Kai is the Director and Principal Consultant of Alrighty Labs Pte. Ltd. He has over 10 years of experience in solution designing, consulting and management of software development projects in both private and public sectors. His primary responsibility is to take lead in customer engagements and use his expertise in K2 technologies to assist customers to design successful business process applications. In addition, he has proven past records of leading the successful delivery of complex business process applications on K2 and Microsoft technologies.

Linkedin

Latest posts by Ji Kai (see all)

• Multiple records inserted with RuntimeListViewRowCount option - 30 May 2017
• Friendly Error Message on K2 smartforms - 04 May 2017
• Add company logo and change K2 login form descriptions - 02 Aug 2016