3.9 Reverse proxies and load balancing

If you have a reverse proxy in front of the MyID web services servers, for example for load balancing, you may have to carry out additional configuration.

If, in MyID Desktop, you can access some workflows (for example, Collect Card or Erase Card) but not others (for example, Edit Person) this can be caused by the reverse proxy. By default, the MyID web services use the requesting path to generate various other paths that are passed back to the client; as the reverse proxy has changed this path, the generated paths returned to the client are not correct.

To address this, you can provide fixed URLs for the paths in the web service configuration file:

  1. Back up the myid.config configuration file.

    On the web services server, this is located in the following folder by default:

    C:\Program Files\Intercede\MyID\SSP\MyIDProcessDriver\

  2. Open the myid.config file in a text editor.

  3. Locate the following lines:

    <add key="MyIDSessionUrl" value="{0}/myid/default.asp?dest=/timeout.asp?action=ping&amp;lang=[lang]"/>

    <add key="AuthenticationUrl" value="{0}/myid/default.asp?dest=/hyperoptionInFrame.asp?passthroughauthentication=true&amp;lang=[lang]"/>

    <add key="WebProcessUrl" value="{0}/myid/default.asp?dest=/hyperoptionInFrame.asp?option={2}&amp;hideMenuBar=true&amp;backLink=desktopDone.asp&amp;lang=[lang]"/>

    <add key="AbortUrl" value="{0}/myid/default.asp?dest=/CompleteTask.asp?Status=Abort&amp;lang=[lang]"/>

    <add key="EndWorkflowUrl" value="{0}/myid/default.asp?dest=/blank.html&amp;lang=[lang]"/>

  4. Replace the {0} substitution token in each of the above lines with the protocol and server address; for example:

    https://myserver.domain.com

    The edited lines will now be similar to the following:

    <add key="MyIDSessionUrl" value="https://myserver.domain.com/myid/default.asp?dest=/timeout.asp?action=ping&amp;lang=[lang]"/>

    <add key="AuthenticationUrl" value="https://myserver.domain.com/myid/default.asp?dest=/hyperoptionInFrame.asp?passthroughauthentication=true&amp;lang=[lang]"/>

    <add key="WebProcessUrl" value="https://myserver.domain.com/myid/default.asp?dest=/hyperoptionInFrame.asp?option={2}&amp;hideMenuBar=true&amp;backLink=desktopDone.asp&amp;lang=[lang]"/>

    <add key="AbortUrl" value="https://myserver.domain.com/myid/default.asp?dest=/CompleteTask.asp?Status=Abort&amp;lang=[lang]"/>

    <add key="EndWorkflowUrl" value="https://myserver.domain.com/myid/default.asp?dest=/blank.html&amp;lang=[lang]"/>

    Note: Do not do a global search and replace in the configuration file. The {0} substitution token is used in other configuration options for other purposes.

  5. Save the myid.config file.

  6. Recycle the web service app pool:

    1. On the MyID web server, in Internet Information Services (IIS) Manager, select Application Pools.
    2. Right-click the MyIDWebService application pool, then from the pop-up menu click Recycle.

    This ensures that the web service has picked up the changes to the configuration file.