I want to set up an FTP connection using a proxy server with Apache's commons-net.
But looking at this Does FTPClient support FTP connections through an FTP proxy server? has me worried.
I have to meddle with the system properties and the Sun docs state that "If socksProxyHost is specified then all TCP sockets will use the SOCKS proxy server to establish a connection or accept one."
WTH? All TCP sockets? What about my database connections? Or other FTP connections i might want to open at the same time not using a proxy? Will they all be affected?
Is there some other way to do it that doesn't mess with the rest of my application?
You have several ways of using proxies in Java, especially from version 1.5.
Using System Properties: quick & powerfull but limited flexibility
You can use use a SOCKS proxy for all TCP connections.
You can also set a proxy per protocol, doable for HTTP, FTP and HTTPS
For both methods, you can specify a list of hosts that will not use proxy
Using the java.net.Proxy class (Java 1.5+) to set (or not) a Proxy per Connection
Impleting a java.net.ProxySelector (idem) which will determine a Proxy for each Connection according to your criteria
See the detailled Sun technote on networking & proxies.
Related
I use JavaMail to receive mails and JavaMail is only support Socks5. Receiving mail is just a feature that will be integrated into a big system. If I use socks5 proxy for JavaMail, I do not want other functions to use socks. Is there a way to limit the socks proxy only on POP3/IMAP protocol or let others can bypass the socks5 proxy?
Set (e.g.) the mail.imap.socks.host property.
Thrift provides several different non-blocking server models, like TNonblockingServer, THsHaServer, and TThreadedSelectorServer. But, I'd like to enable SSL on the server. It seems SSL only works on blocking servers in Thrift.
Anyone has any clues of a non-blocking SSL server in Thrift? Java example would be highly appreciated.
One alternative to worrying about SSL in your Java App is to stand up something like nginx (http://wiki.nginx.org/SSL-Offloader) as a reverse proxy.
This has the upside of your application not needing to care about SSL but does require one more layer in your stack.
Clients will connect to the nginx server instead of directly to your client and nginx will forward those connections to your Thrift server.
You don't necessarily need two different servers for this approach, just configure your Thrift server to only listen on localhost (127.0.0.1 for ipv4) and have nginx listen on your external interfaces and forward to localhost.
Edit: client -> server in last paragraph
I want to communicate to Oracle DB Server which sits outside my network via the proxy server.
I can access the web application hosted on the same machine via Browser with proxy settings.
Can a simple Java program establish JDBC Connection thru the proxy server?
*To provide an example will be better *
Regards.
If the proxy is only a HTTP proxy, then no.
But if the proxy transfers TCP/IP trafic, then you can.
How to do that, look at How do I set the proxy to be used by the JVM or http://docs.oracle.com/javase/6/docs/technotes/guides/net/proxies.html
Oracle JDBC (and any other JDBC connections to that extent) are not HTTP-based protocols, so the proxying has to be done at TCP layer.
For this reason, you can't use Squid Proxy for example (which only does proxying at HTTP layer), but there are many other proxying services that can work at TCP layer:
nginx proxy
haproxy
On the former there is a nice step by step guide how to setup JDBC proxying using NGINX
https://kwjrnl.wordpress.com/2015/07/27/tcp-proxy-with-nginx-for-jdbc-connection/
It may be that I'm not understanding the UDP protocol...
I'm trying to receive data from a server using the UDP protocol, but I'm sitting behind a firewall. The URLConnection constructor can take an instance of Proxy (as well as a way to set up user name and password of such a proxy server).
How do I connect through a proxy server using the UDP protocol (DatagramSocket)?
Best regards,
TX
Most Proxy servers support the HTTP protocol which is TCP based, so you don't have to do anything with the proxy server to do this.
To pass UDP over a proxy server, you need a proxy which supports UDP. I don't know of any proxy server which supports this so you may have to write one yourself. It is worth noting that UDP is a connectionless protocol which means you have have to authenticate every packet.
SOCKS5, which is an extension of SOCKS4, includes support for UDP in addition to authentication. One implementation of a SOCKS5 Server written in Java is JSOCKS. You can check this project out at http://jsocks.sourceforge.net/.
Refer to RFC 1928 (https://www.rfc-editor.org/rfc/rfc1928) for more information on SOCKS5.
how do i add SOCKS support to my application? and where can i get the libs?
From http://java.sun.com/javase/6/docs/technotes/guides/net/proxies.html
The SOCKS protocol, as defined in RFC 1928, provides a framework for client server applications to safely traverse a firewall both at the TCP and UDP level. In that sense it is a lot more generic than higher level proxies (like HTTP or FTP specific proxies). J2SE 5.0 provides SOCKS support for client TCP sockets.
There are 2 system properties related to SOCKS:
socksProxyHost for the host name of the SOCKS proxy server
socksProxyPort for the port number, the default value being 1080
Note that there is no dot ('.') after the prefix this time. This is for historical reasons and to ensure backward compatibility. Once a SOCKS proxy is specified in this manner, all TCP connections will be attempted through the proxy.
Example:
$ java -DsocksProxyHost=socks.mydomain.com GetURL
Here, during the execution of the code, every outgoing TCP socket will go through the SOCKS proxy server at socks.mydomain.com:1080.
Now, what happens when both a SOCKS proxy and a HTTP proxy are defined? Well the rule is that settings for higher level protocols, like HTTP or FTP, take precedence over SOCKS settings. So, in that particular case, when establishing a HTTP connection, the SOCKS proxy settings will be ignored and the HTTP proxy will be contacted. Let's look at an example:
$ java -Dhttp.proxyHost=webcache.mydomain.com -Dhttp.proxyPort=8080 -DsocksProxyHost=socks.mydomain.com GetURL
Here, an http URL will go through webcache.mydomain.com:8080 because the http settings take precedence. But what about an ftp URL? Since no specific proxy settings were assigned for FTP, and since FTP is on top of TCP, then FTP connections will be attempted through the SOCKS proxy server at socks.mydomsain.com:1080. If an FTP proxy had been specified, then that proxy would have been used instead.
Since jkd 1.5, you can also configure proxies by Socket programmatically :
For instance :
SocketAddress sa = InetSocketAddress.createUnresolved("mysocksproxy.com", 1080);
Proxy proxy = new Proxy(Proxy.Type.SOCKS, sa);
Socket s = new Socket(proxy);
You might also want to put this code in a SocketFactory.