[JDEV] Firewall jumping

Thomas Charron tcharron at ductape.net
Thu Jan 20 12:37:40 CST 2000 

Quoting "Michael D. Johnson" <mike_johnson at credence.com>:
> Thomas;
> Passing on some thoughts about the HTTP service, and asking for return
> comments. I am use the symbols <<>> to indicate variable identites and
> || to indicate a choice. This should leave the <> symbol that HTML/HTTP
> requires.

  Works for me..

> My understanding after searching through documentation of the HTTP 1.2
> (1.1 pre 7?) protocol seems to be fairly simplistic.  

  Yes, it really is..

> We have the XML jabber server on the local machine -- A and the HTTP
> server on the firewall machine -- B.  It seems to me that the service we
> want is a server to server protocol. Then wouldn't we have to open an
> socket connection on port 80 between A & B? 

  server to server would require some sort of routing system as exists in email.
  My thoughts are just client<=>server at the moment.  Let me explain more 
below..

> We could restrict the HTTP types to GET || HEAD || PUT || DELETE ||
> OPTIONS || TRACE || POST  to keep the variations down. 

  I'd only support post, personally.  Makes things a whole lot easier.

> Then we have a single type of message body being passed between the
> servers:
> <<HTTP TYPE>> <<Jabber Target HOST URL>>:<<Port #>> HTTP/1.1
> FROM     :     <<enduserid email tag>>
> CONTENT-TYPE    :     text/XML
> TRANSFER-ENCODING    : chunked
> CONNECTION     :     open-persist || close
> SERVER     :     Jabber/1.0-dev
> {Required blank line}
> <BODY>
> <<XML information if any>>
> <BODY>
> {Required blank line}

  Actually, HTTP can transfer native XML data without the need for the body 
tags, as it's content type is text/XML
and not text/html

  Here is what I would propose for HTTP firewall jumping for client<=>server 
connections..

  The first thing required would be an http service for jserver.  All listening 
sockets, etc, are provided
by services in jserver.  This would be simple enough to add.

  This server would then listen on a preconfigured port.  Lets say 5280 for 
now, buit it could just as well
be port 80.

  Client A would initiate a client connection to the http service.  If going 
thru a firewall or strait http isn't
an issue here.  It's first connection would merely be an initial connection 
request.  The server would thgen generate
a randomly generated 'sessionID' that would be returned to the client.  All 
connections made would now also pass this
sessionID in the request, hence, establishing a logical session with a given ID 
over a non persistent connection.

  This logical connection could be managed by the server by pooling all of the 
XML stream data outgoing to the client
in a buffer.  The client would then occasionally reconnect, pass the sessionID, 
which the server would link to
a given logged in user connection.  The client could pass via a HTTP PUT any 
outgoing XML data that it needs to send, 
and the server would then pass all data back thru the HTTP connection that it 
has in it's buffer for the client.

  The server would be configured to require a client connection ever X seconds, 
X being a configurable parameter
dependant on the server.  If a client had not reconnected within X timeframe, 
the user would be marked offline, all
pooled output stored offline, and the sessionID expired.  When the client 
reconnects AFTER the timeout, either a message
stating the connection has expired, with an immediate disconnection, or a 
reauthentication process of some sort could
take place to reactivate the sessionID.

  An example of the HTTP conversation is below:
************************************
* INITIAL CONNECTION CONVERSATION: *
************************************
--------------------------------------------------
Client:

GET /auth HTTP/1.0
-------------------------
Server:

HTTP/1.0 200 OK
Date: Wednesday, 02-Feb-95 23:04:12 GMT
Server: Jabber/1.0-dev
Last-modified: Monday, 31-Jan-2000 23:33:16 GMT
Content-type: text/XML
Content-length: 2345
     * a blank line *
sessionID=hgGFG798ghj65HUgf
--------------------------------------------------

****************************************
* SUBSEQUENT CONNECTION CONVERSATIONS: *
****************************************
--------------------------------------------------
Client:

POST /converse HTTP/1.0
User-Agent:  libwww/2.14
From:  Stars at WDVL.com
Content-type: application/x-www-form-urlencoded
Content-length: 150
     * a blank line *
sessionID=hgGFG798ghj65HUgf
&XML=<message ID="789367124"/>
-----------------------
Server:

HTTP/1.0 200 OK
Date: Wednesday, 02-Feb-95 23:04:12 GMT
Server: Jabber/1.0-dev
Last-modified: Monday, 31-Jan-2000 23:33:16 GMT
Content-type: text/XML
Content-length: 2345
     * a blank line *
<something type="some xml packets for the client"/>
--------------------------------------------------

  What's everyone think about this framework?

--- 
Thomas Charron
<< Wanted: One decent sig >>
<< Preferably litle used  >>
<< and stored in garage.  ?>>

More information about the JDev mailing list