RE: Re: Transparent reverse proxying using org.restlet.routing.Redirector
Hi Ramesh, Please take a look at the example I've attached. After running it (mvn clean install exec:java) server will be started on port 8080 and reverse proxy on port . You will be able to access the server on 8080 but you will have to provide credentials (test/test) when accessing trough reverse proxy. Hope this is what you're looking for. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=3080062 RestletReverseProxyAuth.rar Description: Binary data
RE: Re: Re: Transparent reverse proxying using org.restlet.routing.Redirector
Hi again,
My next try was to remove all original headers (like default implementation do)
and then preserver only Authentication header.
So I replaced this line:
https://github.com/restlet/restlet-framework-java/blob/2.2/modules/org.restlet/src/org/restlet/routing/Redirector.java#L407
with call to this method:
private void preserveHeaders(Request request)
{
SeriesHeader headers = (SeriesHeader)
request.getAttributes().get(HeaderConstants.ATTRIBUTE_HEADERS);
SeriesHeader newHeaders = new SeriesHeader(Header.class);
for (String headerName : headersToPreserve) {
Header headerToPreserve = headers.getFirst(headerName);
if (headerToPreserve != null) {
newHeaders.add(headerToPreserve);
}
}
request.getAttributes().put(HeaderConstants.ATTRIBUTE_HEADERS,
newHeaders);
}
where
headersToPreserve = Arrays.asList(HeaderConstants.HEADER_AUTHORIZATION)
After this change, the response from proxy is always:
HTTP/1.1 1002 Internal Connector Error
Date: Fri, 18 Apr 2014 08:01:10 GMT
Accept-Ranges: bytes
Server: Restlet-Framework/2.1.4
Content-Length: 484
Content-Type: text/html; charset=UTF-8
I am somehow abandoning the idea of using Restlet as a transparent reverse
proxy, but anyway, I've attached a small example of test implementation if
someone will have time and willpower to look at it.
Tim, thank you for your support!
Any advices on how could I achieve Digest/Basic authentication to work on
backend server when in front of it is a proxy are still welcome.
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=3076691
RestletReverseProxyTest.rar
Description: Binary data
Re: Re: Re: Transparent reverse proxying using org.restlet.routing.Redirector
I don't have time to look at this, unfortunately.
I have Basic auth working with outbound redirection. I *don't *change the
way the headers are removed, but I do remove the challenge response.
// From my Redirector subclass:
@Override
protected void outboundServerRedirect(
Reference targetRef, Request request, Response response) {
// Unset challenge response that authentication puts in.
request.setChallengeResponse(null);
super.outboundServerRedirect(targetRef, request, response);
}
Before I did this, I believe I had internal connector errors similar to
what you describe.
--tim
On Fri, Apr 18, 2014 at 4:14 AM, Primož Kokol primoz.ko...@gmail.comwrote:
Hi again,
My next try was to remove all original headers (like default
implementation do) and then preserver only Authentication header.
So I replaced this line:
https://github.com/restlet/restlet-framework-java/blob/2.2/modules/org.restlet/src/org/restlet/routing/Redirector.java#L407
with call to this method:
private void preserveHeaders(Request request)
{
SeriesHeader headers = (SeriesHeader)
request.getAttributes().get(HeaderConstants.ATTRIBUTE_HEADERS);
SeriesHeader newHeaders = new
SeriesHeader(Header.class);
for (String headerName : headersToPreserve) {
Header headerToPreserve =
headers.getFirst(headerName);
if (headerToPreserve != null) {
newHeaders.add(headerToPreserve);
}
}
request.getAttributes().put(HeaderConstants.ATTRIBUTE_HEADERS, newHeaders);
}
where
headersToPreserve =
Arrays.asList(HeaderConstants.HEADER_AUTHORIZATION)
After this change, the response from proxy is always:
HTTP/1.1 1002 Internal Connector Error
Date: Fri, 18 Apr 2014 08:01:10 GMT
Accept-Ranges: bytes
Server: Restlet-Framework/2.1.4
Content-Length: 484
Content-Type: text/html; charset=UTF-8
I am somehow abandoning the idea of using Restlet as a transparent reverse
proxy, but anyway, I've attached a small example of test implementation if
someone will have time and willpower to look at it.
Tim, thank you for your support!
Any advices on how could I achieve Digest/Basic authentication to work on
backend server when in front of it is a proxy are still welcome.
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=3076691
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=3076698
RE: Re: Transparent reverse proxying using org.restlet.routing.Redirector
Tim, thanks for advice. That is actually one of the first things I've tried. After extending Redirector and overriding serverRedirect method so that line which clears the headers was removed 1002 Internal Connector Error was always returned as response (from proxy) so I thought this was not the right approach. Any idea what could be cause of 1002 Internal Connector Error in this case? -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=3076674
Re: Re: Transparent reverse proxying using org.restlet.routing.Redirector
I'm guessing you have to very selective about which headers you allow to remain. On Thu, Apr 17, 2014 at 3:08 PM, Primož Kokol primoz.ko...@gmail.comwrote: Tim, thanks for advice. That is actually one of the first things I've tried. After extending Redirector and overriding serverRedirect method so that line which clears the headers was removed 1002 Internal Connector Error was always returned as response (from proxy) so I thought this was not the right approach. Any idea what could be cause of 1002 Internal Connector Error in this case? -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=3076674 -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=3076675
