[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-ssl] iSaSiLkLight & client side firewalls

Andreas Sterbenz wrote:
>Another solution for SSL from behind a firewall would be to use the
>user's standard SSL proxy and connect through it just like the browser
>does. In that case the applet would need to obtain the proxy settings
>somehow, acquire the connect privilege for it from the SecurityManager,
>and connect through it.

I am working on a proof of concept and a connection established in this manner would be acceptable.

In the past I have implemented this type of tunnelling with standard sockets:

Socket MySocket = New Socket (proxyServerName, proxyPortNumber);
dos = new DataOutputStream (socket.getOutputStream());
dos.writeBytes("CONNECT " + serverName + ":" + portNumber + " HTTP/1.0\r\n");
dos.writeBytes("Proxy-Authorization: Basic ");
Base64Encoder b = new Base64Encoder(proxyUser+":"+proxyPW);

I am not sure how to go about this with SSL sockets using iSaSiLkLight.
Does anyone know where I can find an example of this documented somewhere?
How much SSL knowledge do I need to be able to do this? Currently I have none.

What I would like to be able to do is to connect to an SSL protected site which is not under my direct control.
(e.g. My applet will act like a Browser does by establishing an SSL connection and then interacting with standard HTTP)
Anyone know of any gotchya's in that scenario?

Andrew Roughan
FICS Australia

Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl