|
Oleg
Thank you for response. I am using HttpClient code to access http(s) resources. For example http(s)://www.verisign.com. My code is deployed under an application server which is located below three firewalls and that needs to connect through 3 proxies to reach the final target. For example I have following 3 proxies and target proxy1:9999 proxy2:7777 proxy3:5555 http(s)://www.verisign.com First I need to open a socket and connect to proxy1:9999 and then connect proxy2:7777 and then connect to proxy3:5555 to reach the target resource. Currently HttpClient supports one proxy and i need to goes through more than one proxies. So i had to modify HttpMethodDirector class to tunnel the socket through the proxies. regards Murty,
I think this kind of functionality is usually referred to as proxy chaining. Presently HttpClient does not support it and see no easy and elegant way of adding it to the HttpClient 3.x code line. HttpClient is currently undergoing a complete redesign and we certainly could add support for proxy chaining to HttpClient 4.0. Oleg And here I thought this was a far-out use case we would not have to consider. HttpRoute is designed for a single proxy.
Re-thinking the approach will take time. I believe that alpha1 is a rather optimistic target for this requirement. cheers, Roland Ronald
Thanks for reply. I think this use case is real use case. Most of the comanies and people are using java on middle tier that locates behind firewalls. We can plugging through more than one proxies but that is really not secured. Other solution is to write custom protocol handler to support multiple proxiesc but HttpClient does not support it since it does not use URLStreamHandler internally. I think there is no other solution with HttpClient to support multiple proxies at this time. I have customized HttpClient and HttpMethodDirector classes to tunnel through configured number of proxies and working fine. Please consider it for next major release. regards Murty Hello Murty,
I made a note on the Wiki page for HttpConn design, http://wiki.apache.org/jakarta-httpclient/ConnectionManagementDesign This has tought me a lesson: the one time I try to avoid overdesigning, it comes back to bite me within 4 months. Now I wait for someone with the requirement to layer tunnels, and my happiness will be complete. It's going to be a tough nut to crack, since each proxy in a chain may also need a different proxy authentication. I'll keep pondering it (with low priority though). cheers, Roland Roland,
We do not necessarily have to provide this feature in the stock version of HttpClient if this will increase the complexity of connection management code dramatically. As long as the users are able to plug in their own custom connection operator this should be sufficient. Oleg The pieces are in place: HttpRoute represents proxy chains, ThreadSafeClientConnManager uses HttpRoute.
The last step is to add the missing ManagedClientConnection.tunnelProxy(...). Thank you very much for all you for adding new feature.
The feature has been requested in the past:
http://issues.apache.org/jira/browse/HTTPCLIENT-136 http://issues.apache.org/jira/browse/HTTPCLIENT-35 especially for 4.0 here: http://marc.info/?l=httpclient-commons-dev&m=110552030923369&w=2 but somehow the discussion ended up revolving around cookie storage. I've added proxy chain support to HttpConn::ManagedClientConnection and a plugin point to HttpClient, see DefaultClientRequestDirector.createTunnelToProxy(...).
Due to the complexity of proxy authentication, we cannot provide full support for proxy chains in HttpClient at this time. I just don't have the cycles available to refactor the proxy authentication logic. Everybody is invited to submit patches towards that goal. cheers, Roland |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
|
New Feature
Closed
Major
Support multiple proxies
I am not sure I understand what exactly you want to say by "we may need to connect more than one proxies before connects to target resource". Please clarify.
Oleg