I am new to proxy servers implementations in micro service architecture. So In micro-service architecture what are forward and reverse proxy? what are the best practices for implementing them in java and what are the advantages of having both in place?
A proxy is a service which forward data between two points.
A forward proxy is a proxy which will initiate a connection to a server on the client demand. It is commonly used in company networks to control employees connections to forbid some sites. If you want more informations about proxy protocols, you can look for SOCKS4, SOCKS5 or HTTP Connect proxies.
A reverse proxy however, will act as the server: you connect to it as if it was the real server, it hides it. It is commonly used to hide the real location of the server or to distribute the network load between multiple servers. A popular one is NGINX.
Related
I would like to know if with RMI a server can remotely invoke a method from any of his clients, or just the clients can do this with their server.
Regardless of any implications of such a design decision, it is possible to use RMI between two JVMs that are accessible through the network. This means that if the server can access its clients through the network, and the clients have a JVM available and can act as RMI servers, then it is possible to make a client or each of the clients an RMI server and have the "server" communicate with each one of them.
Assuming the server is an application server i advise you to use the Java Messaging Service (JMS) to allow the server communicate with the client systems.
Yes, firewalls permitting. The client has to export its callbacks as remote objects and supply them to the server, typically via some registerCallback() API. Then the server just calls the methods.
However firewalls to the Internet typically don't permit callbacks, and if they do there may be issues with port numbers: you will probably need the clients to export their remote objects on a specific port which is opened in the firewall, typically 1099.
Besides the solution provided by melc, it is also possible to achieve a full duplex communication between the client and server by using WebSockets. They are now part of the Java EE 7 specification, you can read something more about them here: http://docs.oracle.com/javaee/7/tutorial/doc/websocket.htm. There are also other solutions, like Comet, or JMS (which is used like webosckets in RichFaces).
Thrift provides several different non-blocking server models, like TNonblockingServer, THsHaServer, and TThreadedSelectorServer. But, I'd like to enable SSL on the server. It seems SSL only works on blocking servers in Thrift.
Anyone has any clues of a non-blocking SSL server in Thrift? Java example would be highly appreciated.
One alternative to worrying about SSL in your Java App is to stand up something like nginx (http://wiki.nginx.org/SSL-Offloader) as a reverse proxy.
This has the upside of your application not needing to care about SSL but does require one more layer in your stack.
Clients will connect to the nginx server instead of directly to your client and nginx will forward those connections to your Thrift server.
You don't necessarily need two different servers for this approach, just configure your Thrift server to only listen on localhost (127.0.0.1 for ipv4) and have nginx listen on your external interfaces and forward to localhost.
Edit: client -> server in last paragraph
I want to communicate to Oracle DB Server which sits outside my network via the proxy server.
I can access the web application hosted on the same machine via Browser with proxy settings.
Can a simple Java program establish JDBC Connection thru the proxy server?
*To provide an example will be better *
Regards.
If the proxy is only a HTTP proxy, then no.
But if the proxy transfers TCP/IP trafic, then you can.
How to do that, look at How do I set the proxy to be used by the JVM or http://docs.oracle.com/javase/6/docs/technotes/guides/net/proxies.html
Oracle JDBC (and any other JDBC connections to that extent) are not HTTP-based protocols, so the proxying has to be done at TCP layer.
For this reason, you can't use Squid Proxy for example (which only does proxying at HTTP layer), but there are many other proxying services that can work at TCP layer:
nginx proxy
haproxy
On the former there is a nice step by step guide how to setup JDBC proxying using NGINX
https://kwjrnl.wordpress.com/2015/07/27/tcp-proxy-with-nginx-for-jdbc-connection/
I am new to java.I need to develop a proxy server for IBC 2011 conference.I have some Questions regrading the Proxy server.
1.I am going to develop the proxy server using java.
Suppose A(sending the information) to B(receive the message) through the proxy server.
Here A is sending the information through HTTP serves(application running in A is a wed application) how can i receive the information send by A in proxy server and how can I forward it to the B which is also a HTTP serves.
2.What r the Things I have to now before I start developing the proxy server.
3.How can i get the information from the HTTP protocol.
4.How can i check frequently for the any message is there in line to forward to B from A or B to A.
Can any one helpme.Thanks in advance.
Use one of these instead http://proxies.xhaus.com/java/. Rolling your own proxy implementation will be much harder than you think once you've taken all the intricacies of HTTP into account.
there are many libraries which can you use.
for the A and B they can running hessian server(for listening) + client(for sending)
and for the proxy server you can use JMS + hessian server + client same as for A and B.
In this way you can send java objects.
But hessian is only on suggestion you can use RMI or spring remoting or maybe web services.
By far which a have working hessian is the fastest and very easy to develop.
from 1 to 4 you ask how to design a application which is out of the scope and you need to do it by you self :).
I did something similar in my course project.
As far as i am concerned, the core knowledge u need to learn about java for this a proxy server is socket programming.
you can setup two sockets: one communicates between your proxy server and the web browser, the other communicates between your proxy server and the target server.
Also, you will need some knowledge about thread in Java, open one thread for each connection will be a efficient way.
And I assume that you already have the knowledge about those computer networking stuffs like http, tcp.etc.
I'm trying to implement a Web Anonymizer (like ktunnel) in java, but I really could not get the idea, I need some information about how a web anonymizer works. I really do not need the source or a sample application, just the idea or a tutorial explaining the anonymizer idea.
Thanks.
A basic anonymizer just acts as an encrypted proxy, creating an encrypted "tunnel" between a proxy server and a client, where all traffic from the client goes through the proxy. This accomplishes 3 things:
The client cannot* be determined by looking at traffic between the proxy and endpoint. Hosts on the other end just see the proxy server.
The content of a client's traffic is hidden from monitoring, because the connection to the proxy is encrypted.
It is impossible* to determine the endpoint for traffic originating from the client, because all of it appears to go to the proxy only.
*In reality, a simple anonymizer doesn't provide full protection, because if you look at the amount of traffic between client and proxy, and the traffic between proxy and various sites, you can associate a specific client with their traffic. This is called traffic analysis.
Fancier anonymizers, such as Tor, provide protection against traffic analysis and a lot of other techniques to break anonymity, BUT that's really beyond the scope of the question.
From your point of view, all that matters is writing the proxy software. Your program should be able to create and manage encrypted connections to clients. This means it needs to be able to (securely) initiate an encrypted connection to a host, pass on connections to external hosts, and then pass traffic back and forth. Basically, it needs to act as a router.
There are protocols in place for how to accomplish this -- I suggest you read up on the SOCKS protocol, or Tor. Your best bet if this is a learning project is to write basic SOCKS proxy software. If this is for actual use, there should be libraries in Java that provide the necessary services.
EdiT:
Ktunnel is a less fancy proxy -- it uses a CGI script to redirect information from a URL back and forth. Basically, you enter an address, it fetches the page for that address, and sends it to you. Fairly simple, actually.
I don't know ktunnel, but for basic information about anonymity networks have a look at Tor at wikipedia.