TCP tunneling through authenticating HTTP proxy
Damjan Jovanovic
damjan.jov at gmail.com
Thu Oct 25 07:29:29 PDT 2012
Guys, there was a patch for this feature (use of HTTP proxies with
CONNECT request in java.net.Socket) floating around in February/March
2010, the latest version of which is at
http://mail.openjdk.java.net/pipermail/net-dev/2010-March/001642.html
I helped write it so let me know if you need any help.
Regards
Damjan
On Thu, Oct 25, 2012 at 3:53 PM, Michael McMahon
<michael.x.mcmahon at oracle.com> wrote:
> There is a JSR for websockets, and they are doing a reference implementation
> based on JDK 7 I believe.
>
> As regards TCP sockets via Http proxies, JDK doesn't support that.
> The closest thing is probably SOCKS. Can you use that?
>
> - Michael
>
>
> On 25/10/12 14:32, Vasiliy Baranov wrote:
>>
>> Greetings,
>>
>> And apologies if I am sending this to the wrong list...
>>
>> Suppose I want my code to talk to a TCP server via an HTTP proxy, by
>> setting up a proxy tunnel using the CONNECT method. By any chance, is there
>> a mechanism in the Java SE networking stack that would allow me to do so? A
>> mechanism that would handle proxy selection, tunneling, and, most
>> importantly, authentication identically to HttpURLconnection?
>>
>> If there is no such mechanism in JDK 7, could such a mechanism be added in
>> JDK 8?
>>
>> FWIW, proxy selection and tunneling through non-authenticating proxy is
>> not too difficult to implement with ProxySelector and plain Sockets, using
>> sun.net.www.protocol.http.HttpURLConnection.plainConnect as a reference. My
>> code does so already.
>>
>> Proxy authentication, however, is a totally different story. If I parse
>> JDK code correctly, client code that does not use HttpURLConnection is
>> unlikely to be able to integrate nicely with the AuthCacheValue cache or
>> handle complex authentication schemes, unless it chooses to depend on some
>> JDK-internal APIs and duplicate great amount of JDK code. My code probably
>> cannot afford the latter two, that is why I am asking for help here on this
>> list. Since I have proxy selection and non-authenticated tunneling already
>> implemented, in my case it would actually be sufficient to only have some
>> JDK support for proper integration with the AuthCacheValue cache and the
>> standard authentication schemes. However, I gather a more universal HTTP
>> tunneling facility, something that works like HttpURLConnection but skips
>> the final HTTP handshake with the end server, is likely to be a cleaner
>> solution.
>>
>> If it matters, I am asking this in the context of adding support for
>> WebSockets to JavaFX WebView: http://javafx-jira.kenai.com/browse/RT-14947
>>
>> Thank you in advance,
>> -- Vasiliy
>
>
More information about the net-dev
mailing list