TCP tunneling through authenticating HTTP proxy

Fri Oct 26 06:51:36 PDT 2012

Hi Damjan,

Thank you for the pointer.

-- Vasiliy

On 25.10.2012 22:23, Damjan Jovanovic wrote:
> Hi Vasiliy
>
> It's not included in the JDK, you have to either patch and compile
> OpenJDK on your side, or if that's not an option, use that hack with
> sun.net.* classes that I posted before
> (http://mail.openjdk.java.net/pipermail/net-dev/2010-February/001569.html).
>
> Regards
> Damjan
>
> On Thu, Oct 25, 2012 at 5:14 PM, Vasiliy Baranov
> <vasiliy.baranov at oracle.com>  wrote:
>> Hi Damjan,
>>
>> This looks like exactly what I need. Thank you for sharing!
>>
>> Now perhaps the question is whether this feature can be or already is
>> included in the JDK or I am on my own to hack something together based on
>> this patch.
>>
>> Thank you,
>> -- Vasiliy
>>
>>
>> On 25.10.2012 18:29, Damjan Jovanovic wrote:
>>>
>>> Guys, there was a patch for this feature (use of HTTP proxies with
>>> CONNECT request in java.net.Socket) floating around in February/March
>>> 2010, the latest version of which is at
>>> http://mail.openjdk.java.net/pipermail/net-dev/2010-March/001642.html
>>>
>>> I helped write it so let me know if you need any help.
>>>
>>> Regards
>>> Damjan
>>>
>>> On Thu, Oct 25, 2012 at 3:53 PM, Michael McMahon
>>> <michael.x.mcmahon at oracle.com>   wrote:
>>>>
>>>> There is a JSR for websockets, and they are doing a reference
>>>> implementation
>>>> based on JDK 7 I believe.
>>>>
>>>> As regards TCP sockets via Http proxies, JDK doesn't support that.
>>>> The closest thing is probably SOCKS. Can you use that?
>>>>
>>>> - Michael
>>>>
>>>>
>>>> On 25/10/12 14:32, Vasiliy Baranov wrote:
>>>>>
>>>>>
>>>>> Greetings,
>>>>>
>>>>> And apologies if I am sending this to the wrong list...
>>>>>
>>>>> Suppose I want my code to talk to a TCP server via an HTTP proxy, by
>>>>> setting up a proxy tunnel using the CONNECT method. By any chance, is
>>>>> there
>>>>> a mechanism in the Java SE networking stack that would allow me to do
>>>>> so? A
>>>>> mechanism that would handle proxy selection, tunneling, and, most
>>>>> importantly, authentication identically to HttpURLconnection?
>>>>>
>>>>> If there is no such mechanism in JDK 7, could such a mechanism be added
>>>>> in
>>>>> JDK 8?
>>>>>
>>>>> FWIW, proxy selection and tunneling through non-authenticating proxy is
>>>>> not too difficult to implement with ProxySelector and plain Sockets,
>>>>> using
>>>>> sun.net.www.protocol.http.HttpURLConnection.plainConnect as a reference.
>>>>> My
>>>>> code does so already.
>>>>>
>>>>> Proxy authentication, however, is a totally different story. If I parse
>>>>> JDK code correctly, client code that does not use HttpURLConnection is
>>>>> unlikely to be able to integrate nicely with the AuthCacheValue cache or
>>>>> handle complex authentication schemes, unless it chooses to depend on
>>>>> some
>>>>> JDK-internal APIs and duplicate great amount of JDK code. My code
>>>>> probably
>>>>> cannot afford the latter two, that is why I am asking for help here on
>>>>> this
>>>>> list. Since I have proxy selection and non-authenticated tunneling
>>>>> already
>>>>> implemented, in my case it would actually be sufficient to only have
>>>>> some
>>>>> JDK support for proper integration with the AuthCacheValue cache and the
>>>>> standard authentication schemes. However, I gather a more universal HTTP
>>>>> tunneling facility, something that works like HttpURLConnection but
>>>>> skips
>>>>> the final HTTP handshake with the end server, is likely to be a cleaner
>>>>> solution.
>>>>>
>>>>> If it matters, I am asking this in the context of adding support for
>>>>> WebSockets to JavaFX WebView:
>>>>> http://javafx-jira.kenai.com/browse/RT-14947
>>>>>
>>>>> Thank you in advance,
>>>>> -- Vasiliy
>>>>
>>>>
>>>>
>>