'Re: how to execute CONNECT through an authenticated proxy to gain a plain socket'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       httpclient-users
Subject:    Re: how to execute CONNECT through an authenticated proxy to gain a plain socket
From:       simone pacilli <dindondero0 () yahoo ! com>
Date:       2011-10-07 11:43:29
Message-ID: 1317987809.94172.YahooMailNeo () web45103 ! mail ! sp1 ! yahoo ! com
[Download RAW message or body]


just to complete this thread:

opened issue
https://issues.apache.org/jira/browse/HTTPCLIENT-1132
on porting of ProxyClient to 4.x API
already resolved by Oleg Kalnichevski
thank you Oleg



________________________________
From: Oleg Kalnichevski <olegk@apache.org>
To: simone pacilli <dindondero0@yahoo.com>
Cc: "httpclient-users@hc.apache.org" <httpclient-users@hc.apache.org>
Sent: Monday, October 3, 2011 12:35 PM
Subject: Re: how to execute CONNECT through an authenticated proxy to gain a plain \
socket

On Sun, 2011-10-02 at 05:36 -0700, simone pacilli wrote:
> I am writing a program (with a server side and a client side) to establish a \
> transport layer for existing remote control programs like ssh, remote desktop, vnc \
> etc. to connect between client and server also if they are behind a proxy and or a \
> firewall. To work with proxy, since i need to transport generic underling \
> protocols, i need to establish a http tunnel through proxy between the client side \
> and the server side of my system. So I need to gain a plain socket after \
> establishing the tunnel, then construct over it an SSLSocket and transmit data as \
> simple bytes. First I used commons-httpclient 3.0 because i used the example \
> http://svn.apache.org/repos/asf/httpcomponents/oac.hc3x/branches/COOKIE_2_BRANCH/src/examples/ProxyTunnelDemo.java \
> and it worked with squid and basic authentication in a test environment 
> Then, because in my production system there is a proxy with kerberos and ntlmv2 \
> authentication, and httpclient version 3 dosn't support this kind of \
> authentication, I decided to use version http-components 4.1.2. I started by the \
> class OperatorConnectProxy in the exemples directory because it uses an \
> OperatedClientConnection that has a method getSocket() that works well for me and \
> that the ManagedConnections does not have it. I report the class \
> OperatorConnectProxy here after. 

...

> Starting from this class I also need to perform authentication over the firewall. I \
> tried reading other examples and javadoc to suceed performing authentication, the \
> following is the actual code where I tried to have the tunnel with authentication \
> out of the box but it does not work. 
> 

...

> 
> Can you suggest me how do such a tunneling to the server through firewall with \
> authentication ?

Simone,

HTTP authentication is a fairly complex subject. You can see how proxy
authentication is done by looking at the source of
DefaultRequestDirector 

http://hc.apache.org/httpcomponents-client-ga/httpclient/xref/org/apache/http/impl/client/DefaultRequestDirector.html#808


It is non-trivial, but doable.

Alternatively you can open a request in JIRA to have ProxyClient ported
from 3.1 to 4.x API in the next feature release.

Oleg



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic