just to complete this thread: opened issue https://issues.apache.org/jira/browse/HTTPCLIENT-1132 on porting of ProxyClient to 4.x API already resolved by Oleg Kalnichevski thank you Oleg
________________________________ From: Oleg Kalnichevski <[email protected]> To: simone pacilli <[email protected]> Cc: "[email protected]" <[email protected]> Sent: Monday, October 3, 2011 12:35 PM Subject: Re: how to execute CONNECT through an authenticated proxy to gain a plain socket On Sun, 2011-10-02 at 05:36 -0700, simone pacilli wrote: > I am writing a program (with a server side and a client side) to establish a > transport layer for existing remote control programs like ssh, remote > desktop, vnc etc. to connect between client and server also if they are > behind a proxy and or a firewall. > To work with proxy, since i need to transport generic underling protocols, i > need to establish a http tunnel through proxy between the client side and the > server side of my system. So I need to gain a plain socket after establishing > the tunnel, then construct over it an SSLSocket and transmit data as simple > bytes. > First I used commons-httpclient 3.0 because i used the example > http://svn.apache.org/repos/asf/httpcomponents/oac.hc3x/branches/COOKIE_2_BRANCH/src/examples/ProxyTunnelDemo.java > and it worked with squid and basic authentication in a test environment > > Then, because in my production system there is a proxy with kerberos and > ntlmv2 authentication, and httpclient version 3 dosn't support this kind of > authentication, I decided to use version http-components 4.1.2. > I started by the class OperatorConnectProxy in the exemples directory because > it uses an OperatedClientConnection that has a method getSocket() that works > well for me and that the ManagedConnections does not have it. I report the > class OperatorConnectProxy here after. > ... > Starting from this class I also need to perform authentication over the > firewall. I tried reading other examples and javadoc to suceed performing > authentication, the following is the actual code where I tried to have the > tunnel with authentication out of the box but it does not work. > > ... > > Can you suggest me how do such a tunneling to the server through firewall > with authentication ? Simone, HTTP authentication is a fairly complex subject. You can see how proxy authentication is done by looking at the source of DefaultRequestDirector http://hc.apache.org/httpcomponents-client-ga/httpclient/xref/org/apache/http/impl/client/DefaultRequestDirector.html#808 It is non-trivial, but doable. Alternatively you can open a request in JIRA to have ProxyClient ported from 3.1 to 4.x API in the next feature release. Oleg
