RE: Developing Proxy Server with Restlet - Authentication and Encryption
Hi Christian, Even though, the Restlet API was not initially designed to develop true HTTP proxies, it should be easy to extent it to support this use case. There is an existing RFE that provides more information: Support HTTP proxies and gateways http://restlet.tigris.org/issues/show_bug.cgi?id=207 To get you started, I've just added support for parsing/formatting the proxy authentication headers: - Added proxyChallengeResponse property to Request - Added proxyChallengeRequests to Response. - Added support in the connectors HTTP parsing and formatting layers. Now, the default Guard doesn't leverage (yet) those new properties. This could be achieved by adding a proxy boolean property to Guard to indicate in which mode it should operate. Would that work for you? Regarding SSL tunneling, we need to implement the CONNECT method, see details here: http://tools.ietf.org/id/draft-luotonen-ssl-tunneling-03.txt This will require special handling in the Restlet engine. We need to think more about it... Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com -Message d'origine- De : Christian Haintz [mailto:christian.hai...@gmail.com] Envoyé : vendredi 27 février 2009 00:00 À : discuss@restlet.tigris.org Objet : Developing Proxy Server with Restlet - Authentication and Encryption Hi, I am writing on a Proxy Server for a University Project with Restlet. I want to use Proxy Authentication (the Username Password Fields which you can use in the Browser Proxy Settings) because i want the connection from Browser to Proxy (which should stay public) authenticated and encrypted. First I wanna look at the Authentication: How can i achieve this? I tried the Guard Filter, but i am not sure which Authentication Protocol is used for Proxy Connections. Any ideas how to implement Proxy Authentication on the Restlet Server Side? Second: Is there a standard for - i don't know - SSL Tunneling from Browser to Proxy? Thanks, Christian -- Christian Haintz Student of the Technical University Graz Software-Engineering and Business -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=12353 15 -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1282362
Re: Developing Proxy Server with Restlet - Authentication and Encryption
Hi Jerome, On Mar 7, 2009, at 12:45 PM, Jerome Louvel wrote: Now, the default Guard doesn't leverage (yet) those new properties. This could be achieved by adding a proxy boolean property to Guard to indicate in which mode it should operate. Would that work for you? Wow, that's great. After studying the RFC's and get more comfortable with the Problem, this helps a lot! Regarding SSL tunneling, we need to implement the CONNECT method, see details here: http://tools.ietf.org/id/draft-luotonen-ssl-tunneling-03.txt This will require special handling in the Restlet engine. We need to think more about it... That's not a big restriction for me at the moment, because after doing further research i found out, that the very special case i wanted to achieve is not supported by the current browsers as well. Big thanks for your answer! Best regards, Christian Haintz -- Christian Haintz Student of Software Development and Business Management Graz, University of Technology -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1282626