imDocShare On-Premises Proxy Service Install Guide

This document outlines the steps to complete installation for the On-Premises Proxy service required to use imDocShare with an On-Premises iManage Server. This is required due to the security requirements of an on-premises server.

Our application typically uses an online app service in order to query and authenticate with the iManage API server. For on-Premises implementations, this type of server is only accessible in the same intranet network and therefore will not respond to a public app service. Our solution is to install a proxy service which re-directs to our public service without exposing the iManage server to the internet at large.

The first step is to create a basic web app service using Azure. Please see the documentation below to proceed:
https://azure.microsoft.com/en-us/services/app-service/

Once the service is live, we will provide a package to deploy our app to the service. It is important that this service is set up in the same network as your iManage 10.x Work Server as this is required to query the server. Please also ensure that your app service has a public IP so that outside services can connect to it.

We will provide a package containing a .NET web app project to deploy to the service. Simply, unzip the file and use Azure’s built in KUDU advanced tool to deploy the contents to the service.

Once you have entered the debug console from the above screenshots, simply drag & drop the contents of the zip file into the root of the server directory. Once this is successful, your deployment is complete!

Once installation is complete, you will need to provide the URL property where the service can be reached. This needs to be saved in our records in order to process authentication and API access smoothly. This property can be found on the overview page of your service:

You can test your new service by visiting the URL above in an intranet environment. This URL should be reachable by machines in the same network. If the deployment was successful, you should see an imDocShare logo.

Pre-requisites

  1. Windows Server 2016 or above.
  2. IIS Server 10 or above.
  3. Valid HTTPS (SSL) configured for the Web Service.
  4. The web server should have access to on-premises iManage service

Configure IIS features for Windows Server 2016

(It is similar for Windows Server 2019)

Follow the steps below to install Internet Information Services (IIS) on a web server computer running Windows Server 2016.

The minimum Internet Information Services (IIS) version is 10.0.

1) Click Start > Server Manager.
2) On the Server Manager > Dashboard, select  Add roles and features.

The Add Roles and Features Wizard opens.

3) Click Next on the Before you begin window.
4) On the Select installation type window, select Role-based or feature-based installation, and then click Next.

5) On the Select destination server page, select the server to configure in the Server Pool list.
6) Click Next.
7) On the Select server roles window, select the Web Server (IIS).

8) Expand the Application Development node, and verify that ASP.NET 4.6 is installed.

9) Click Next.
10) No additional features are needed, so click Next on the Select features window.
11) Click Next on the Web Server Role (IIS) window after reading the information provided.
12) Click Next on the subsequent page to install the defaults.
13) On the Confirm installation selections, review the items to be installed. Click Next when you are ready to proceed with installing the IIS web server.
14) After installation has succeeded, click Close.

At this point IIS should be running on port 80 by default with the firewall rule “World Wide Web Services (HTTP Traffic-In)” enabled in Windows firewall automatically. We can perform a simple test by opening a web browser and browsing to the server that we have installed IIS on. You should see the default IIS page. You can use http://localhost to connect within server.

Install imDocShare Proxy app

After installing IIS, run IIS Managerto make sure that the .NET Framework version 4 is assigned to the default application pool. 

1) Press WINDOWS+R to open the Run dialog box.
2) Enter “inetmgr” and select OK.
3) In the Connections pane, expand the server node and select  Application Pools. In the Application Pools pane if DefaultAppPool is assigned to the .NET framework version 4 as in the following illustration, skip to the next section.

4) In the Application Pools pane, select DefaultAppPool. In the Actions pane, select Basic Settings.

5) In the Edit Application Pool dialog box, change the .NET CLR version to .NET CLR v4.0.30319. Select  OK.

6) In the connections panel select the Default Web Site (or the web site created for this service)

7) Double click the Configuration Editor and make sure the System.webserver/handlers handler is enabled

8) This will open the Site physical location on Windows Server the default one will be C:\inetpub\wwwroot
9) Now extract the contents of imds-proxy-v1.x.zip into inetpub/wwwroot

10) Go back to the Default Web Site right click and select Explore

11) Now open the localhost in any browser and you should see the animated imDocShare logo.

Potential/Known issues

Unable to load imDocShare Proxy on-premises

  • After IIS is added you need to check Application Pools in IIS and see if .Net v4.5 and .Net v4.5 Classic are there.
  • If not, you need to add a role from server manager, then under application development add asp.net 4.7 and install it.
  • After you should be able to see the imDocshare proxy service loading by visiting either localhost or the server URL which will also be used as the proxyBaseUrl

Receiving Cors issue when attempting to connect to imDocShare proxy on premises

Client needs to have a valid SSL certificate for https to communicate with the proxy service, or errors will occur with the service communicating with http from https.

  • To resolve any CORS issue with the proxy, load the IIS Manager and find the computer you are connected to under connections.
  • In the options under IIS, find HTTP Response Headers and double click it.
  • Ensure the name “Access-Control-Allow-Origin” and value “*” is present, and if it is not, add it to the HTTP Response Headers.
  • After doing so visit the default website or wherever the imDocShare proxy is deployed and check the HTTP Response Headers to see if this value was inherited. In addition to having this header present, you should also add “Access-Control-Allow-Headers” with value “*”, and “Access-Control-Allow-Methods” with value “GET, POST, PUT, DELETE, OPTIONS” if they are not already present.