Hi Sam, Thanks a lot for the complete details on each option. I had Option 3 in mind and learnt about option 1 after interacting with a few people. Option 2 is a new suggestion from you. In my case, I have to add the backend servers to proxy in my reverse proxy in a dynamic manner. So, going by option 1 might not be feasible, as deployment sites might not allow making changes to their DNS servers. Is there anyway option 1 could be carried out without taking help from DNS servers or local hosts files? I think not. Please let me know what you feel.
Since all my backend servers are small network appliances with firmwares running web servers, so I don't think I would be able to get them running under custom context-roots of my choice. Option 3 is suitable for me, as I would have control over access to a particular backend server through the proxy from any browser client. In fact I would present a page with links to all the backend servers where the user has to click to bring up the web-gui from any backend server through the proxy. So whenever a user would select a new backend server link on this page, I can reset the session cookie value with its corresponding id thereby allowing browsing multiple backend servers in the same browser session. But still as you said, the best option is the option 1 though I wish I could get it working without depending on DNS servers or local hosts files. But I don't think it would be possible that way. Thanks, Brijesh -----Original Message----- From: Sam Crawford [mailto:[email protected]] Sent: Thursday, April 09, 2009 1:48 AM To: HttpClient User Discussion Subject: Re: How to proxy multiple web servers? Hi Brijesh, Just so I'm clear, your challenge is working out which backend host to send the requests to based upon the incoming client request? The way I see it you've got a few options: 1. Use name based virtual hosting.So you'd have loads of sub-domains like device001.company.com, device002.company.com, that all point to your reverse proxy server (how you do it in DNS is up to you - maybe a wildcard A record, or specific CNAMES, who knows). Then when your web browser visits device006.company.com it'll send a "Host: device006.company.com" HTTP header to your reverse proxy, and you can use this to decide which backend to send it to (Granted this will only work for HTTP/1.1 clients, so if you need to support HTTP/1.0 - and I can't see why - then you might have to use something else). 2. If you can't or do not want to use name based virtual hosting then how much configuration can you do on the backend devices? Can you run their webservers all under a different context-root? e.g. device001 would run under http://10.0.0.1/device001/ and device002 would run under http://10.0.0.2/device002/ etc. If you could modify the context-roots of your backend servers then you could use the first part of the URI in the incoming request to determine the backend. 3. Failing the above, you could use some kind of query string check along with cookie setting. I'd be very very wary of doing this personally, as it essentially limits you to working on one backend host per browser session. But anyway, the process would be something like: (a) Client requests /index.html?id=device001 from reverse proxy host (b) Reverse proxy looks up device001 in table, finds that it's valid (c) Reverse proxy notes that you haven't passed in a session cookie and builds you a new session with "id=device001" as a attribute/value pair (d) Reverse proxy sends your request to the backend (device001) (e) Reverse proxy returns the response to you, along with the "Set-Cookie" header so that your browser gets a cookie (f) Client requests /device_stats.html, but this time passes in the session cookie. Reverse proxy looks this up in memory and proceeds from step (d) I'd stick with #1 or #2 personally. Hope this helps, Sam 2009/4/8 Brijesh Deo <[email protected]> > Hi, > > > > I am implementing a Reverse proxy application modeled on the sample code > 'ElementalReverseProxy' > (http://svn.apache.org/repos/asf/httpcomponents/httpcore/trunk/httpcore/ > src/examples/org/apache/http/examples/ElementalReverseProxy.java<http:// svn.apache.org/repos/asf/httpcomponents/httpcore/trunk/httpcore/%0Asrc/e xamples/org/apache/http/examples/ElementalReverseProxy.java>) > with a > little modification. > > > > My Reverse Proxy application has an HttpService running on a port for > handling incoming HttpRequests. For, passing on these Requests to the > Target web servers (for outgoing connections), I am using HttpClient > 4.0. This is what I have done differently from the > ElementalReverseProxy.java. The HttpResponse thus obtained from the > Target webservers is passed into the Response to the initial Request > that was received by the HttpService. So, this works great as a reverse > proxy. > > > > My Reverse proxy application needs to proxy multiple web servers and > such web servers can be dynamically added or deleted from the proxy. The > above approach works great when I dedicate a HttpService on a specific > port to proxy a particular web server only. So, going by the above > approach, I would need to run multiple HttpServices on different ports > to proxy each web server. And that many ports have to be left open on > the system on which I deploy this application. So, this poses a security > risk and also can be a scalability issue when I need to proxy hundreds > of web servers. Actually, all my webservers are small network appliances > that run a web server with the management web GUI which I want to proxy > through a centralized system. > > > > The ideal solution I believe would be to run a single HttpService on a > port and then send the Requests to different target hosts using the > Httpclient, but the challenge is how to find out by seeing the > HttpRequest that to which target it needs to be sent. Is it good to set > a Cookie in the Response to the first request that comes in with an > identifier for a particular web server? I could have the first request > in the form : > http://my-reverseproxy-host:8888/index.html?id=some_identifier. In the > response to this request, I could add the Set-Cookie header with the > identifier value which should help me identify subsequent request for > that browser session. > > > > What are the other ways to keep track of the Requests and responses? Has > anyone come across this kind of situation? > > > > Please let me know. > > > > Thanks, > > Brijesh > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
