Muse® Proxy has many features and facades from being a powerful URL rewriting server, dynamically changing URLs in the web pages of database providers to reflect the Muse Proxy directing the end users to the Muse Proxy as they visit links on those web pages, to managing multiple IP(s) authentication and replicating remote sessions to local domains or standard Proxy. Muse Proxy’s main features and advantages are briefly presented below and in more detail in its manuals available with Muse Proxy packages.
- Intelligent Rewriting Proxy
Muse Proxy, through its rewriting component, Muse Navigation Manager, helps users rewriting URLs of and within target web pages and navigating them, similar to accessing the target web site via a proxy with the advantage of no explicit standard proxy configuration in the browser.
APPLY_IF_FIRST) and variables.
Muse Navigation Manager is able to use two rewriting mechanisms: Rewrite by Path (Proxy by Path) and Rewrite by Host (Proxy by Host). Using the default Rewrite by Path the remote source host and other markers are stored by altering the path. By configuring a source with Rewrite by Host the remote source host and other necessary information are stored in the host name.
After rewriting a resource Muse Navigation Manager is replying with a gzip Content Encoded version so that the network traffic is kept low.
Multiple step navigation and selection can be achieved server side, protecting remote resource credentials, via Extract and Navigate scenarios configured in a Muse Proxy source profile.
Muse Proxy is able to separate the front-end HTTP/HTTPS protocol from the back-end HTTP/HTTPS protocol and several combinations can be obtained by using configuration elements to control the logic of deciding the resulting URL protocol.
Muse Proxy is used by libraries, universities and other organizations to allow access from outside their computer network to restricted-access web sites that authorize users by IP address, by HTTP cookies, by Referrer address, by HTTP authorization or by any other authentication implemented using CGI parameters.
Muse Proxy is doing the needed authentication handshake with the content vendors on behalf of the end-user and then replicate the session in the end-user browser. This allows home and off-campus usage for patrons, students, professors, R&D specialists to otherwise physically bounded resources without any configuration overhead for them.
- End User Authentication
On its turn, access to Muse Proxy is also restricted by single sign-on techniques. Muse Proxy controls end-users’ access to resources using either User/Password files, client IP addresses, client referer URL, standard or custom authentication methods (LDAP, IMAP, SQL, FTP), SAML 2.0. Users are thus granted access to the application area containing the authorized resources with just a single point of access.
- Muse Proxy Applications
Muse Proxy Applications are web interfaces providing end-users grouped access to various free or authenticated resources from Internet or Intranet. The authentication to the Muse Proxy Applications is made via configurable authentication login modules, allowing various authentication types: User/ Password, IP or any combination.
Multiple Authentication Groups can be defined in order to allow end-users to authenticate differently based on their location. For example they can authenticate by IP while being on campus using a specific Authentication Group and they can authenticate by User/Password from off campus using another Authentication Group. Muse Proxy Applications are fully configurable interfaces, which support single point access control where users are authenticated to a list of subscribed services.
By default, Muse Proxy comes with two pre-configured applications:
MuseProxyFoundationis the default Muse Proxy Application. It has one Authentication Group mapped to a Sources Group which contains a list of Sources. All the Sources access free sites, not requiring any authentication and are configured for demo purposes only.
Anonymousis a simple and easy to understand Muse Proxy Application. It has two Authentication Groups. Each Authentication Group is mapped to a different Sources Group. Each Sources Group contains a list with Sources. All the Sources access free sites, not requiring any authentication and are configured for demo purposes only. The first Authentication Group provides access to a set of Sources using IP authentication. The second Authentication Group provides access to another set of Sources using User/Password authentication.
- Easy Resource Identification
Once logged in, a user has a lot of tools to identify the needed resource by its descriptive texts from the Muse Proxy Application interface. The resources can be ordered alphabetically by name or even searched to quickly find the desired one(s).
- Search Widgets and Form Integration
Search Widgets and other HTML Forms can be proxified via Muse Proxy by using extended source type links which are application source links enhanced with a jump start URL of the native source. At the same time this entry point can also collect POST parameters and send them to the target source in a configurable manner. In other words these links are configurable source links which can be used in HTML forms external to the Muse Proxy Application interface, including Search Widgets, either manually or via Widget Builders available at Content Providers (i.e. at the native source targets to use Muse terminology).
Normally all the parameters from a proxified form’s inputs (those specified in the form body) are sent to the native source either via POST or GET, but the administrator can have a finer control to decide which parameters from the form’s body are meant for Muse Proxy and which are meant for the remote source by using specific prefixes.
- IP(s) Selectivity, Reduced Hardware Costs
Muse Proxy allows running on a machine that has multiple IPs and selectively using them for resource authentication. Thus, instead of having many physical or virtual machines running with many proxy instances, it is enough to have just one. This means saving money for both hardware acquisition and for power consumption.
Dedicated tools to help networks administrators manage multiple IPs on various operating systems are distributed together with Muse Proxy. Our scripts permit a good management of physical IP(s) of the machine. On the other hand, Muse Proxy Administrator Console allows the management of the IP(s) Muse Proxy will use, IP(s) that can be any subset of the ones on the physical machine by specifying patterns of IP addresses with the help of regular expression, or using Classless Inter-Domain Routing (CIDR) notation.
- Proxy Chaining
Muse Proxy can chain with another proxy defined through its host and port or through a Proxy Auto-Configuration (PAC) URL. When configured to chain with another proxy, Muse Proxy does not access the target sites directly, but through this extra proxy. This scenario usually appears when Muse Proxy has no direct Internet access or its traffic must be forced to another proxy such as an organization proxy.
On the other hand users are still able to access Muse Proxy if they are forced through a transparent network proxy, because Muse Proxy acts as a standard web server not as a traditional proxy.
- Load Balancer Ready, Large Companies Can Use It
If your company or institution demands higher resources Muse Proxy can be clustered under a load balancing equipment or software by configuring sticky sessions based on cookies.
Load Balancing HTTPS traffic is also possible via SSL termination, so that the load balancer takes care of the SSL traffic, while the connection between the Load Balancer and the Muse Proxies is done in plain text, assuming a secure network, thus avoiding unnecessary encryption times.
- API Ready
Software can interact with Muse Proxy by using session authorization elements to migrate web sessions from servers to clients. Federated Search Engines, Discovery services, Crawling, Harvesting or ETL processes are usual examples.
- Need to use small URL(s) instead of long and unwrappable ones?
Long URLs which have more than 2047 characters cannot be navigated by some browsers as they are truncated. Using Tiny URL feature, such a long URL can be transformed dynamically to a shorter one. More than this, Muse Proxy expands this concept and allows the encapsulation of HTTP POST data and even cookies in such a Tiny URL. This is especially useful when integrating Muse Proxy with other pieces of software.
Being a Java server it can virtually run on any platform the Oracle Java Virtual Machine can. The Muse Proxy Setup is also multi-platform.
- Monitor and Management
Management of the Muse Proxy can be done using the Muse Proxy Administrator Console which is a web interface through which administrators can configure Muse Proxy, monitor client connections, monitor and management of the cache status and maintenance of various Muse Proxy settings.
Muse Proxy administrators can access the exposed Java Management Extensions (JMX) beans to change Muse Proxy settings on the fly and to monitor, in real time, resources and traffic done through a certain IP on which Muse Proxy listens.
Muse Proxy reports various types of statistical information through JMX and log files.
Muse Proxy exports through JMX a series of counter statistics both globally (per all IP(s) on which Muse Proxy listens) and also individually per each individual IP on which Muse Proxy listens. The statistics exported through JMX can be read periodically using a JMX client program and they can be used for creating sheets or graphics of the Muse Proxy run-time activity.
Standard HTTP access log entries and specific statistics are written in Muse Proxy log files for future needs.
- Convenient Access and Management
With all these features Muse Proxy offers transparent and convenient access to resources. Users only access a URL in a browser, no matter where they are: at home, in the campus or everywhere in the world. Using a single set of credentials they may access hundreds of resources. No VPN, Remote Access Services or conventional proxy setup is needed.
On the other hand the access details of the resources are easily managed by the Administrator from a single place, hidden from the end-users, thus a user will never touch the particular access details. In fact users will never see the authentication page of a resource. These details (user name, password, IP(s), Referrers) are kept in protected files which are only available to administrators.
The availability of some of these features in your installed product are controlled by the category of your license (check the Features Matrix).