Features

Features

Muse® Proxy has many features and facades from being a powerful URL rewriting server, dynamically changing URLs in the web pages of database providers to reflect the Muse Proxy directing the end users to the Muse Proxy as they visit links on those web pages, to managing multiple IP(s) authentication and replicating remote sessions to local domains or standard Proxy. Muse Proxy’s main features and advantages are briefly presented below and in more detail in its manuals available with Muse Proxy packages.

Intelligent Rewriting Proxy

Muse Proxy, through its rewriting component, Muse Navigation Manager, helps users rewriting URLs of and within target web pages and navigating them, similar to accessing the target web site via a proxy with the advantage of no explicit standard proxy configuration in the browser.

Muse Navigation Manager, which is a proxy referral, uses proprietary strategies to do intelligent JavaScript, HTML, CSS and XML URL rewriting without the need of developing parsing rules for each web page. Most HTTP web pages can be rewritten out of the box. For the remaining un-rewritten bits and for the cases where special JavaScript needs to be inserted inline, filters can be configured starting from simple find and replace statements to full-power configurations involving conditions (such as APPLY_IF_FIRST) and variables.

The HTTP Cookies returned by the target server in the Set-Cookie HTTP header are managed by the Muse Navigation Manager in an automatic manner with no user intervention, configuration. The cookies managed in pages using client side document.cookie JavaScript structure are rewritten too, and sent from the client browser to the Muse Navigation Manager in order to be stored and managed at server side. Muse Navigation Manager can be used for session replication, inter-domain connectivity or accessing authenticated resources.

Muse Navigation Manager is able to use two rewriting mechanisms: Rewrite by Path (Proxy by Path) and Rewrite by Host (Proxy by Host). Using the default Rewrite by Path the remote source host and other markers are stored by altering the path. By configuring a source with Rewrite by Host the remote source host and other necessary information are stored in the host name.

After rewriting a resource Muse Navigation Manager is replying with a gzip Content Encoded version so that the network traffic is kept low.

Multiple step navigation and selection can be achieved server side, protecting remote resource credentials, via Extract and Navigate scenarios configured in a Muse Proxy source profile.

Muse Proxy is able to separate the front-end HTTP/HTTPS protocol from the back-end HTTP/HTTPS protocol and several combinations can be obtained by using configuration elements to control the logic of deciding the resulting URL protocol.

Muse Proxy supports relaying and filtering (rewriting) of HTML/JSON/text/STOMP traffic on WebSocket for modern websites that involve WebSockets for full duplex information.

Authentication

Muse Proxy is used by libraries, universities and other organizations to allow access from outside their computer network to restricted-access web sites that authorize users by IP address, by HTTP cookies, by Referrer address, by HTTP authorization or by any other authentication implemented using CGI parameters.

Muse Proxy can easily integrate with content vendors via APIs because it provides means to write custom JavaScript functions in the source profiles driving the rewriting process.

Muse Proxy is doing the needed authentication handshake with the content vendors on behalf of the end-user and then replicate the session in the end-user browser. This allows home and off-campus usage for patrons, students, professors, R&D specialists to otherwise physically bounded resources without any configuration overhead for them.

End User Authentication

On its turn, access to Muse Proxy is also restricted by single sign-on techniques. Muse Proxy controls end-users’ access to resources using either User/Password files, client IP addresses, client referer URL, standard or custom authentication methods (LDAP, IMAP, SQL, FTP, HMAC, External HTTP, Barcode), SIP, SAML 2.0, OAuth, OAuth2, OpenID Connect and CAS based SSO authentication. Users are thus granted access to the application area containing the authorized resources with just a single point of access.

Muse Proxy Applications

Muse Proxy Applications are web interfaces providing end-users grouped access to various free or authenticated resources from Internet or Intranet. The authentication to the Muse Proxy Applications is made via configurable authentication login modules, allowing various authentication types from simple User/ Password, IP, LDAP, IMAP, etc., or any combination.

Muse Proxy Applications are fully configurable interfaces, which support single point access control where users are authenticated to a list of subscribed services.

Multiple Authentication Groups can be defined in order to allow end-users to authenticate differently based on their location. For example they can authenticate by IP while being on campus using a specific Authentication Group and they can authenticate by User/Password from off campus using another Authentication Group. The authentication groups can be linked to different sources groups, containing different sets of resources.

By default, Muse Proxy comes with two pre-configured applications: MKPF(MuseKnowledge Proxy Foundation) and Anonymous.

MKPF is the default Muse Proxy Application. It has one Authentication Group mapped to a Sources Group which contains a list of Sources. All the Sources access free sites, not requiring any authentication and are configured for demo purposes only. It has by default enabled Alphabetical View, Subject View and Type View of the available resources. Subject View and Type View are groupings of the sources by their subject and type.

Anonymous is a simple and easy to understand Muse Proxy Application. It has two Authentication Groups. Each Authentication Group is mapped to a different Sources Group. Each Sources Group contains a list with Sources. All the Sources access free sites, not requiring any authentication and are configured for demo purposes only. The first Authentication Group provides access to a set of Sources using IP authentication. The second Authentication Group provides access to another set of Sources using User/Password authentication.

Easy Resource Identification

Once logged in, a user has many tools to identify the needed resource by its descriptive texts from the Muse Proxy Application interface. The resources can be ordered alphabetically by name or even searched to quickly find the desired one(s). The administrator can organize the resources in groups by various criteria, from content type (Video, Images, etc.) to subject (Medical, Engineering, etc.).

Search Widgets, Form and API Integration

Search Widgets and other HTML Forms can be proxified via Muse Proxy by using extended source type links which are application source links enhanced with a jump start URL of the native source. At the same time this entry point can also collect POST parameters and send them to the target source in a configurable manner. In other words these links are configurable source links which can be used in HTML forms external to the Muse Proxy Application interface, including Search Widgets, either manually or via Widget Builders available at Content Providers (i.e. at the native source targets to use Muse terminology).

Normally all the parameters from a proxified form’s inputs (those specified in the form body) are sent to the native source either via POST or GET, but the administrator can have a finer control to decide which parameters from the form’s body are meant for Muse Proxy and which are meant for the remote source by using specific prefixes.

Muse Proxy system can be certified as being LTI Compliant as an external service tool consumer by IMS Global Learning Consortium. Muse Proxy can pass all necessary certification tests for LTI 1.0 standard.

A Muse Proxy source can be integrated with OLSA API to create the user dynamically and perform the signon. This is based on SOAP requests which are made transparently when the configured source with this integration is accessed by a Muse Proxy user.

A Muse Proxy application can be integrated as Rich Content Editor in a Canvas LMS.

Administration, Multiple Administrators

The Muse Proxy Administrator Console offers complete administration of every aspect, from core features to applications and their resources. Tools are also available to help administrators to complete configurations or to troubleshoot rewriting issues.

Multiple administrator users can be created.

IP(s) Selectivity, Reduced Hardware Costs

Muse Proxy allows running on a machine that has multiple IPs and selectively using them for resource authentication. Thus, instead of having many physical or virtual machines running with many proxy instances, it is enough to have just one. This means saving money for both hardware acquisition and for power consumption.

Dedicated tools to help networks administrators manage multiple IPs on various operating systems are distributed together with Muse Proxy. Our scripts permit a good management of physical IP(s) of the machine. On the other hand, Muse Proxy Administrator Console allows the management of the IP(s) Muse Proxy will use, IP(s) that can be any subset of the ones on the physical machine by specifying patterns of IP addresses with the help of regular expression, or using Classless Inter-Domain Routing (CIDR) notation.

Proxy Chaining

Muse Proxy can chain with another proxy defined through its host and port or through a Proxy Auto-Configuration (PAC) URL. When configured to chain with another proxy, Muse Proxy does not access the target sites directly, but through this extra proxy. This scenario usually appears when Muse Proxy has no direct Internet access or its traffic must be forced to another proxy such as an organization proxy.

On the other hand users are still able to access Muse Proxy if they are forced through a transparent network proxy, because Muse Proxy acts as a standard web server not as a traditional proxy.

Load Balancer Ready, Large Companies Can Use It

If your company or institution demands higher resources Muse Proxy can be clustered under a load balancing equipment or software by configuring sticky sessions based on cookies.

Load Balancing HTTPS traffic is also possible via SSL termination, so that the load balancer takes care of the SSL traffic, while the connection between the Load Balancer and the Muse Proxies is done in plain text, assuming a secure network, thus avoiding unnecessary encryption times. This is achieved by Muse Proxy understanding XForwarded-Proto header field or the RFC 7239's Forwarded header field containing "proto=https" or "proto=http".

API Ready

Software can interact with Muse Proxy by using session authorization elements to migrate web sessions from servers to clients. Federated Search Engines, Discovery services, Crawling, Harvest or ETL processes are usual examples.

Need to use small URL(s) instead of long and unwrappable ones?

Long URLs which have more than 2047 characters cannot be navigated by some browsers as they are truncated. Using Tiny URL feature, such a long URL can be transformed dynamically to a shorter one. More than this, Muse Proxy expands this concept and allows the encapsulation of HTTP POST data and even cookies in such a Tiny URL. This is especially useful when integrating Muse Proxy with other pieces of software.

Multi-Platform

Being a Java server it can virtually run on any platform the Java Virtual Machine can. The Muse Proxy Setup is also multi-platform.

Monitor and Management

Management of the Muse Proxy can be done using the Muse Proxy Administrator Console which is a web interface through which administrators can configure Muse Proxy, monitor client connections, monitor and management of the cache status and maintenance of various Muse Proxy settings.

Muse Proxy administrators can access the exposed Java Management Extensions (JMX) beans to change Muse Proxy settings on the fly and to monitor, in real time, resources and traffic done through a certain IP on which Muse Proxy listens.

Statistics

Muse Proxy reports various types of statistical information through JMX and log files.

Muse Proxy exports through JMX a series of counter statistics both globally (per all IP(s) on which Muse Proxy listens) and also individually per each individual IP on which Muse Proxy listens. The statistics exported through JMX can be read periodically using a JMX client program and they can be used for creating sheets or graphics of the Muse Proxy run-time activity.

Standard HTTP access log entries and specific statistics are written in Muse Proxy log files for future needs.

Third party log analysis software can be used to analyse the Muse Proxy access log files and generate usage statistics. The Muse Proxy access log files are created in the same configurable format as those created by standard web servers such as Apache HTTP Server, format which can be set via a % style pattern (an extension of the Common Logging format).

Rich graphics and usage analysis for Muse Proxy are available in the MuseKnowledge Statistics Platform, MuseGlobal's centralized statistics service. The following type of statistics are available:

  • General Usage Statistics: Application Logins. It shows statistical information on the user logins into Muse Proxy Applications per various critearia (by date, by user identifier, by application identifier, by user country and by server), in the selected period of time. The statistics information is based on the content of the MuseProxyStatistics.log files.
  • General Usage Statistics: Client Sessions. It shows the user active sessions in the selected period of time as maximum, miminum and average values. The statistics information is based on the content of the MuseProxyStatistics.log files.
  • General Usage Statistics: Source Accesses. It shows the number of accesses per each Target (Muse Proxy Source Profile). A Muse Proxy Source Profile is a configuration file which stores the necessary code and credentials to access the Target Data Source. The statistics information is based on the content of the MuseProxyStatistics.log files.
  • Publisher Content Access Statistics. It shows how users make use of the subscribed electronic resources. The information presented contains details on the accessed resources, from the name of the platform to type and format of the resource accessed and user details such as the country. Where a publisher knowledge base is available, the information is enriched with additional metadata such as the publisher name, publication title, print and online indentifiers and DOI. The statistics information is based on the analysis of the Muse Proxy access.log files.

Convenient Access and Management

With all these features Muse Proxy offers transparent and convenient access to resources. Users only access a URL in a browser, no matter where they are: at home, in the campus or everywhere in the world. Using a single set of credentials they may access hundreds of resources. No VPN, Remote Access Services or conventional proxy setup is needed.

On the other hand the access details of the resources are easily managed by the Administrator from a single place, hidden from the end-users, thus a user will never touch the particular access details. In fact users will never see the authentication page of a resource. These details (user name, password, IP(s), Referrers) are kept in protected files which are only available to administrators.

 

The availability of some of these features in your installed product are controlled by the category of your license (check the Features Matrix).

If you want to get the best understanding out of our product, you can download a fully functional copy of the product and try a Free 30 Day Trial License.

Features Matrix