Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.0.0-M4
    • Component/s: Transport
    • Labels:
      None

      Description

      There has been enourmous demand for supporting proxy such as simple port forwarding and SOCKS. We need to investigate what the best way is to provide an extension point for proxies.

      IoFilters are not adequate for proxies because proxies needs changes in the socket addresses (both local and remote) of IoSession.

      1. mina-connector-proxy-1.1.0.zip
        24 kB
        James Furness
      2. mina-connector-proxy-1.1.0-mina2.zip
        24 kB
        James Furness
      3. minaproxy-2.0.0-M2.zip
        93 kB
        Edouard De Oliveira
      4. minaproxy-r2-2.0.0-M1.zip
        90 kB
        Edouard De Oliveira

        Activity

        Hide
        Edouard De Oliveira added a comment -

        No other api changes will be made for the moment
        Javadoc finalisation should be ok for RC1

        so i'm marking this as resolved

        Show
        Edouard De Oliveira added a comment - No other api changes will be made for the moment Javadoc finalisation should be ok for RC1 so i'm marking this as resolved
        Hide
        Edouard De Oliveira added a comment -

        Source code updated to comply with MINA 2.0.0-M2 version.
        Some minor refactorings were made

        Added a telnet test client : tested it by communicating with a SMTP server through a http & socks proxy.

        Show
        Edouard De Oliveira added a comment - Source code updated to comply with MINA 2.0.0-M2 version. Some minor refactorings were made Added a telnet test client : tested it by communicating with a SMTP server through a http & socks proxy.
        Hide
        Edouard De Oliveira added a comment -

        Updates :
        Mina coding conventions applied & log4j.isDebugEnabled() calls removed when unnecessary (99 % in fact ^^)
        Thx to Julien for his comments

        Show
        Edouard De Oliveira added a comment - Updates : Mina coding conventions applied & log4j.isDebugEnabled() calls removed when unnecessary (99 % in fact ^^) Thx to Julien for his comments
        Hide
        Julien Vermillard added a comment -

        First comments : formatting is wrong you can get our formatting rules for eclipse here :
        http://mina.apache.org/developer-guide.data/ImprovedJavaConventions.xml
        No tabs, 4 whitespaces in place.

        you don't need to add
        if (logger.isDebugEnabled()) {
        Because slf4j will do string concatenation only when the log level is suffisant.

        Anyway, nice contribution !! I'll try to say more as soon I can run it.

        Show
        Julien Vermillard added a comment - First comments : formatting is wrong you can get our formatting rules for eclipse here : http://mina.apache.org/developer-guide.data/ImprovedJavaConventions.xml No tabs, 4 whitespaces in place. you don't need to add if (logger.isDebugEnabled()) { Because slf4j will do string concatenation only when the log level is suffisant. Anyway, nice contribution !! I'll try to say more as soon I can run it.
        Hide
        Emmanuel Lecharny added a comment -

        A MINA-2.0.0-M2 is currently under work, so I see those proposals as perfect candidate for a 2.0.0-M3.

        Show
        Emmanuel Lecharny added a comment - A MINA-2.0.0-M2 is currently under work, so I see those proposals as perfect candidate for a 2.0.0-M3.
        Hide
        James Furness added a comment -

        Excellent - I look forward to seeing this included in a future release of MINA! In particular the NTLM and Socks support you have added will be invaluable.

        Thanks,
        James

        Show
        James Furness added a comment - Excellent - I look forward to seeing this included in a future release of MINA! In particular the NTLM and Socks support you have added will be invaluable. Thanks, James
        Hide
        Emmanuel Lecharny added a comment -

        Great !!!

        This seems to be a tremendous piece of work ! I wish RATP have as much commitment to do their job as you do

        Show
        Emmanuel Lecharny added a comment - Great !!! This seems to be a tremendous piece of work ! I wish RATP have as much commitment to do their job as you do
        Hide
        Edouard De Oliveira added a comment -

        Hi community,

        This is a great day (althought i spent 3 hours in the strike this morning ...)
        as i'm proud to announce after 4 months of work that
        i'm releasing a proxy support connector for MINA 2.0-M1.

        This release features :

        HTTP proxy :

        • Support for NTLM authentication
        • Support for Digest authentication
        • Transparent support for reconnection to a http proxy that does not support connection keep alive
        • Support for HTTP/1.1 requests
        • Support for multi valued headers
        • Configuration of prefered authentication mechanism
        • Smart proxy authentication system that dynamically and automatically selects the mechanism to use

        SOCKS :

        • Support for SOCKS4 and SOCKS4a
        • Support for SOCKS5 with support for GSSAPI authentication via Kerberos V

        Moreover i added some test classes and junit testcases to test internals and
        cover most of the revelant functionnalities.

        I hope this work will be usefull for the community as i put great efforts on it
        I'm really excited by looking forward for your questions, comments, etc...

        Regards,

        Show
        Edouard De Oliveira added a comment - Hi community, This is a great day (althought i spent 3 hours in the strike this morning ...) as i'm proud to announce after 4 months of work that i'm releasing a proxy support connector for MINA 2.0-M1. This release features : HTTP proxy : Support for NTLM authentication Support for Digest authentication Transparent support for reconnection to a http proxy that does not support connection keep alive Support for HTTP/1.1 requests Support for multi valued headers Configuration of prefered authentication mechanism Smart proxy authentication system that dynamically and automatically selects the mechanism to use SOCKS : Support for SOCKS4 and SOCKS4a Support for SOCKS5 with support for GSSAPI authentication via Kerberos V Moreover i added some test classes and junit testcases to test internals and cover most of the revelant functionnalities. I hope this work will be usefull for the community as i put great efforts on it I'm really excited by looking forward for your questions, comments, etc... Regards, Edouard De Oliveira - http://tedorg.free.fr/en/projects.php
        Hide
        Edouard De Oliveira added a comment -

        Due to personal events i've made less progress than expected.
        But Socks5 support is now added and digest auth is currently in progress.
        Code still needs lot of work

        The problem is that it is hard to test the code as i have no dedicated network to test it. For example, i've been unable to find a free proxy supporting Socks5 with GSSAPI auth.
        Generally speaking i've been forced to use many different proxies because each of them has a unique combination of auth methods.
        So i may need help on this, if some of you could test the proxy program within their network it would help debbuging.

        Regarding a previous comment on IOC containers, i've no idea on how to make code IoC friendly : i'll accept any clue on this ;p

        Another important point is that the code contains some basic objects (HttpHeader, HttpResponse etc...) that i think should be refactored to use AsyncWeb (not sure this is the official MINA http project ?) code
        WDYT ?

        That's all for the moment
        Any comments or help is appreciated.

        Show
        Edouard De Oliveira added a comment - Due to personal events i've made less progress than expected. But Socks5 support is now added and digest auth is currently in progress. Code still needs lot of work The problem is that it is hard to test the code as i have no dedicated network to test it. For example, i've been unable to find a free proxy supporting Socks5 with GSSAPI auth. Generally speaking i've been forced to use many different proxies because each of them has a unique combination of auth methods. So i may need help on this, if some of you could test the proxy program within their network it would help debbuging. Regarding a previous comment on IOC containers, i've no idea on how to make code IoC friendly : i'll accept any clue on this ;p Another important point is that the code contains some basic objects (HttpHeader, HttpResponse etc...) that i think should be refactored to use AsyncWeb (not sure this is the official MINA http project ?) code WDYT ? That's all for the moment Any comments or help is appreciated.
        Hide
        Trustin Lee added a comment -

        Wow, that's a great news! Please let us get updated!

        Show
        Trustin Lee added a comment - Wow, that's a great news! Please let us get updated!
        Hide
        Edouard De Oliveira added a comment -

        Based on James work i hacked around and achieved working NTLM & socks 4 & 4a proxy support
        But it still needs a lot of work : code cleaning, API reworking, socks 5 & digest support
        i'll keep sending infos on progress made

        Show
        Edouard De Oliveira added a comment - Based on James work i hacked around and achieved working NTLM & socks 4 & 4a proxy support But it still needs a lot of work : code cleaning, API reworking, socks 5 & digest support i'll keep sending infos on progress made
        Hide
        James Furness added a comment -

        Ported to MINA 2.0 - tested with MINA 2.0.0 M1

        NTLM/Digest/Socks still unimplemented, may not have time to do this for a while

        Show
        James Furness added a comment - Ported to MINA 2.0 - tested with MINA 2.0.0 M1 NTLM/Digest/Socks still unimplemented, may not have time to do this for a while
        Hide
        Edouard De Oliveira added a comment -

        I'm currently working on the NTLM auth as it can be usefull for me to use on other protocols.
        I'll mail you James for some questions and maybe api improvements.

        Show
        Edouard De Oliveira added a comment - I'm currently working on the NTLM auth as it can be usefull for me to use on other protocols. I'll mail you James for some questions and maybe api improvements.
        Hide
        James Furness added a comment -

        Updated to better support IoC containers. Fixed some issues with the Basic auth.

        Now just need to look at NTLM/Digest auth and possibly SOCKS. Also port to MINA 2.0...

        Show
        James Furness added a comment - Updated to better support IoC containers. Fixed some issues with the Basic auth. Now just need to look at NTLM/Digest auth and possibly SOCKS. Also port to MINA 2.0...
        Hide
        Trustin Lee added a comment -

        This is a great news, James. Please let us keep updated with your contribution.

        Show
        Trustin Lee added a comment - This is a great news, James. Please let us keep updated with your contribution.
        Hide
        James Furness added a comment -

        First cut of proxy connector. Supports unauthenticated proxies and proxies with Basic authentication.

        Still quite messy - needs some refactoring to work with IoC containers properly.

        Tested with MINA 1.1.

        Show
        James Furness added a comment - First cut of proxy connector. Supports unauthenticated proxies and proxies with Basic authentication. Still quite messy - needs some refactoring to work with IoC containers properly. Tested with MINA 1.1.
        Hide
        Trustin Lee added a comment -

        From the recent discussion, we concluded we don't need any core API modification. Therefore, we can implement this feature later, but at least before 2.0.0-RC1.

        Show
        Trustin Lee added a comment - From the recent discussion, we concluded we don't need any core API modification. Therefore, we can implement this feature later, but at least before 2.0.0-RC1.
        Hide
        Trustin Lee added a comment -

        Related mailing list thread: http://tinyurl.com/2lu7z3

        Show
        Trustin Lee added a comment - Related mailing list thread: http://tinyurl.com/2lu7z3
        Hide
        Trustin Lee added a comment -

        Niklas wrote:

        Now, one thing we should consider is whether we want to support
        specifying proxyHost, proxyPort via system properties, just like Socket
        does. In that case I don't think it will be as simple as wrapping like
        suggested above. Maybe we could support this by having some kind of
        factory which looks at the system properties?

        Lóránt Pintér wrote:

        However, I'd vote for supporting proxyHost and such, because there are a
        lot of legacy systems out there moving to MINA. When they finally
        migrate to MINA, their users don't really want to know about the change,
        and don't expect changes in the configuration of the system.

        I think all of these systems will then create something like
        LegacyProxyConnector inherited from ProxyingConnector, and set the proxy
        parameters from proxyHost etc. As I think a lot of people would
        implement this redundantly, MINA could have it out of the box as well.

        Show
        Trustin Lee added a comment - Niklas wrote: Now, one thing we should consider is whether we want to support specifying proxyHost, proxyPort via system properties, just like Socket does. In that case I don't think it will be as simple as wrapping like suggested above. Maybe we could support this by having some kind of factory which looks at the system properties? Lóránt Pintér wrote: However, I'd vote for supporting proxyHost and such, because there are a lot of legacy systems out there moving to MINA. When they finally migrate to MINA, their users don't really want to know about the change, and don't expect changes in the configuration of the system. I think all of these systems will then create something like LegacyProxyConnector inherited from ProxyingConnector, and set the proxy parameters from proxyHost etc. As I think a lot of people would implement this redundantly, MINA could have it out of the box as well.

          People

          • Assignee:
            Edouard De Oliveira
            Reporter:
            Trustin Lee
          • Votes:
            2 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development