Outbound Enabler

The Outbound Enabler runs on the same computer as the back-end server. Its purpose is to:

Open an outbound connection from the computer running in the corporate LAN to the Relay Server farm running in the DMZ.
Forward client requests received from the Relay Server to the back-end server and forward back-end server responses back to the client via the Relay Server.

When the Outbound Enabler starts, it makes an HTTP request to retrieve the list of Relay Servers running in the farm. This is done using the server URL that maps to the web server extension component of the Relay Server. The server URL can map directly to a Relay Server or it can map to a load balancer. If the server URL maps to a load balancer, the load balancer forwards the request to one of the Relay Servers running in the farm. The Relay Server that receives the request from the Outbound Enabler returns the connection information for all Relay Servers in the farm. The Outbound Enabler then creates two outbound connections, called channels, to each Relay Server returned. One channel, called the up channel, is created using an HTTP request with an essentially infinite response. The response is a continuous stream of client requests from the Relay Server to the Outbound Enabler. The second channel, called the down channel, is created using an HTTP request with an essentially infinite content length. The request is formed by a continuous stream of server responses to client requests.

When the Outbound Enabler receives a client request on the up channel from one of the Relay Servers it has connected to, it forwards it to the back-end server that the Outbound Enabler is servicing. Once a response is received from the back-end server, it gets forwarded to the Relay Server from which it received the corresponding request using the down channel.

Outbound Enabler syntax

rsoe [option]+

rsoe @{ filename | environment-variable } ...

Parameters

Options The following options can be used with the Outbound Enabler. They are all optional.

rsoe options	Description
@data	Reads options from the specified environment variable or configuration file. If you want to protect passwords or other information in the configuration file, you can use the File Hiding utility to obfuscate the contents of the configuration file. See File Hiding utility (dbfhide).
-f farm	The name of the farm that the back-end server belongs to.
-id id	The name assigned to the back-end server.
-cs "connection-string"	The host and port used to connect to the back-end server. The default is `"host=localhost;port=80".`
-cr "connection-string"	The Relay Server connection string. The format of the Relay Server connection string is a semicolon separated list of name-value pairs. The name-value pairs consist of the following: host IP address or hostname of the Relay Server. The default is localhost. port The port the Relay Server is listening on. This is required. url_suffix URL path to the server extension of the Relay Server. The default for Windows is /ias_relay_server/server/rs_server.dll. The default for Linux is /srv/iarelayserver. https 0 - HTTP (default) 1 - HTTPS For https=1, the following options can also be specified: tls_type RSA certificate_name Common name field of the certificate. certificate_company Organization name field of the certificate. certificate_unit Organization unit field of the certificate. trusted_certificates File containing a list of trusted root certificates.
-t token	The security token to be passed to the Relay Server.
-v level	Set the verbosity level to use for logging. The level can be 0, 1, or 2: 0 Log errors only. Use this logging level for deployment. 1 Session level logging. This is a higher level view of a synchronization session. 2 Request level logging. Provides a more detailed view of HTTP requests within a synchronization session.
-d seconds	The Relay Server connection retry interval. The default is 5 seconds.
-s	Stop the Outbound Enabler.

File Hiding utility (dbfhide)

The File Hiding utility (dbfhide) uses simple encryption to obfuscate the contents of configuration files and initialization files.

Syntax

dbfhide original-configuration-file encrypted-configuration-file

Option	Description
original-configuration-file	Specifies the name of the original file.
encrypted-configuration-file	Specifies a name for the new obfuscated file.

The Relay Server and Outbound Enabler detect that a configuration file has been obfuscated using dbfhide and process it accordingly.

This utility does not accept the @data parameter to read in options from a configuration file.

Deployment considerations

The following considerations should be noted when using the Outbound Enabler:

Outbound Enabler as a Windows service The Outbound Enabler may also be set up and maintained as a Windows service using the Service Utility. See Relay Server State Manager.
Authentication You cannot use simple or digest authentication. The rsoe.exe does not support simple or digest authentication with web servers, regardless of the web server type or operating system.

Discuss this page in DocCommentXchange.
Send feedback about this page using email.