geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sangjin Lee (JIRA)" <>
Subject [jira] Commented: (GERONIMO-3706) support for proxy
Date Tue, 18 Dec 2007 19:31:43 GMT


Sangjin Lee commented on GERONIMO-3706:

More on the SSL tunneling.  The sequence of events that needs to happen is

- open a socket and connect to the proxy
- send a HTTP CONNECT request to the proxy
- receive an OK response from the proxy
- layer the socket with the SSL socket

then the socket is ready to use, and will act just like an ordinary SSL socket from the client

In pseudo-code (in a blocking form), this might be what needs to happen.  If your intended
target is,

Socket socket = new Socket(proxyHost, proxyPort);

// using the socket, send the following request
(one may add headers like Via, Host, and User-Agent, but I think they're not critical in making
the request...)
(Proxy-Authorization header needs to be added if the proxy requires authentication)

// receive the response from the socket; if successful, one should see a response of the form
HTTP/1.0 200 Connection established
Proxy-agent: some proxy server

// once that request-response has been established, wrap it as an SSL socket
SSLSocket sslSock = (SSLSocket)sslSocketFactory.createSocket(socket, "",
"443", true);

> support for proxy
> -----------------
>                 Key: GERONIMO-3706
>                 URL:
>             Project: Geronimo
>          Issue Type: New Feature
>      Security Level: public(Regular issues) 
>          Components: AsyncHttpClient
>    Affects Versions: 1.x
>            Reporter: Sangjin Lee
> Proxy support is a critical feature for HTTP clients.  I'd like to have AsyncHttpClient
support proxy.  The following would be considered as the basic features:
> - Enabling connecting through proxies for http and https targets
> - Exclusion (domains that should not go through proxies)
> - Allowing proxy related configuration on AsyncHttpClient
> - Support for proxy authentication, at least for Basic authentication (and perhaps Digest
> There are things like SOCKS support, etc., but the above will be a good start.  Thoughts?

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message