I’m looking to explore a new feature of HostedQA, but I’m far from a networking expert. I just posted this message on the jetty-discuss mailing list, but perhaps someone reading this will know the answer. My message:
I have a weird requirement, but I need to be able to allow a web browser to access hosts behind a firewall. I think that the ProxyHandler can help here, but I wanted to get feedback from the list (and Greg!) before forging ahead.
Let me start with defining a few network-related items:
- Client: this is a java program that would be run from behind a corporate firewall.
- Server: this is a java program that would accept a connection from the Client and would sit on a public internet site (acme.com). It is important that the Client connect to the Server, because the Server cannot initiate any conversations to the Client due to the firewall restrictions.
- Browser: the browser will sit on a machine on the local network of the Server and will be configured to use some proxy.
Each browser needs to be able to connect to hosts behind a firewall (local to the Client), but each one needs to do so in a private, secure manner. I imagine that when the Client connects to the Server, it would provide a password (“securetoken”), and then the browser would be configured to use a proxy host of “securetoken.proxy.acme.com”. Because that host contains the secure token, it would be mapped to forward HTTP requests through to the Client that connected with that same token.
So – does something like this seem possible? I imagine I’d have to hack the ProxyHandler quite a bit, but my gut says it is possible. The main thing that gets me is how the hop from the Server to the Client will happen.