HTTP tunneling and servlet sessions

          I am exploring the use of http tunneling to pass serialized java objects between a swing app
          and a weblogic servlet. The basic mechanism works fine but I have been unable to maintain a session
          across requests.
          Does anyone have any ideas or (hopefully) some sample code?
          TIA Bill

Rick,
You may want to look at the Alteon and F5 configuration we have on edocs.
Take a look at the following URLs for a possible solution
http://edocs.bea.com/wls/docs61/cluster/alteon.html#591902
http://edocs.bea.com/wls/docs61/cluster/bigip.html#591902
Chuck Nelson
DRE
BEA Technical Support

Similar Messages

HTTP Tunneling and Load Balancing with Weblogic Server 6.1

We use T3 for Java client to application server communication (Weblogic Server
6.1) and keep the session open for the life of the client. We many customers
using this with load balancers and all works fine. We have just started to use
BEA's HTTP tunneling and I have a question concerning how this will work with
load balancers. Since the single T3 connection has been replaced with a series
of stateless HTTP connections, does the BEA tunneling code put session information
in the HTTP header? If so, what information does it place in the header. If
it does we should be able to use that to make sure that the load balancer always
sends HTTP requests with that session to the same application server.
Thanks!
Rick

Rick,
You may want to look at the Alteon and F5 configuration we have on edocs.
Take a look at the following URLs for a possible solution
http://edocs.bea.com/wls/docs61/cluster/alteon.html#591902
http://edocs.bea.com/wls/docs61/cluster/bigip.html#591902
Chuck Nelson
DRE
BEA Technical Support

HTTP tunneling and reverse proxy server

We're currently using Windows Media Services (WMS) to stream
video on our website. There is an option WMS to use the HTTP
protocol and to specify the port you'd like to use. This has
allowed us to stream video through our external firewall, through
our reverse proxy server, and through our internal firewall to our
media server. I've been trying for two days now to get Flash Media
Server (FMS) to do the same thing. For some reason the HTTP
tunneling (RTMPT) protocol doesn't appear to be acting like the
HTTP protocol that WMS is using. Anyone have some tips on this
configuration. I've scoured web resources and documentation as best
I could. Any help would be greatly appreciated.
Thanks.

To give a better picture, here's a more complete description of set up and goals
Static IP hits external interface of ASA. ASA has a static nat rule to forward it to my DMZ server.
DMZ server is running IIS 8. Here are what some of the sites look like.
jira.xxxxx.com -> 10.1.10.21 (ubuntu server) | port 80
email.xxxxx.com - > 10.1.10.16 (domain joined server 2012) port 80, 443
media.xxxxx.com -> 10.1.10.14 (domain joined server 2012) port 80, 443
other stuff like this -> 10.1.10.x port 80 or others
All of the A records for those domain names point to the static which routes to the ASA and then is NAT'd to the DMZ server.
What do I need to do in IIS to have those sites get directed to the proper internal locations?
Thanks!!

HTTPS tunneling and V3 certificates

I modified the source code from http://www.javaworld.com/javaworld/javatips/jw-javatip111.html? to use proxy authentication and it's working fine for some websites but not for others...
When I use it with a website that has a V1 certificate (e.g. www.verisign.com) it works fine but it doesn't works with websites with V3 certificates (e.g. www.thawte.com)
What am I doing wrong? Should I use SSLContext to get a SSLSocketFactory instead of calling SSLSocketFactory.getDefault() (I tried it already...)? Something else?
I turned on the networking debug flag and here's the info provided:
[java] Sending ping
[java] trustStore is: C:\ITERA\PROGRAMAS\JAVA\JDK1.3.0_1\JRE\lib\security\cacerts
[java] trustStore type is : jks
[java] init truststore
[java] adding as trusted cert: [
[java] [
[java] Version: V3
[java] Subject: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
[java] Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@c1dd9
[java] Validity: [From: Sun Dec 31 22:00:00 GMT-02:00 1995,
     [java] To: Thu Dec 31 21:59:59 GMT-02:00 2020]
[java] Issuer: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
[java] SerialNumber: [ 0 ]
[java]
[java] Certificate Extensions: 1
[java] [1]: ObjectId: 2.5.29.19 Criticality=true
[java] BasicConstraints:[
[java] CA:true
[java] PathLen:2147483647
[java] ]
[java]
[java] ]
[java] Algorithm: [MD5withRSA]
[java] Signature:
[java] 0000: C7 EC 92 7E 4E F8 F5 96 A5 67 62 2A A4 F0 4D 11 ....N....gb*..M.
[java] 0010: 60 D0 6F 8D 60 58 61 AC 26 BB 52 35 5C 08 CF 30 `.o.`Xa.&.R5\..0
[java] 0020: FB A8 4A 96 8A 1F 62 42 23 8C 17 0F F4 BA 64 9C ..J...bB#.....d.
[java] 0030: 17 AC 47 29 DF 9D 98 5E D2 6C 60 71 5C A2 AC DC ..G)...^.l`q\...
[java] 0040: 79 E3 E7 6E 00 47 1F B5 0D 28 E8 02 9D E4 9A FD y..n.G...(......
[java] 0050: 13 F4 A6 D9 7C B1 F8 DC 5F 23 26 09 91 80 73 D0 ........_#&...s.
[java] 0060: 14 1B DE 43 A9 83 25 F2 E6 9C 2F 15 CA FE A6 AB ...C..%.../.....
[java] 0070: 8A 07 75 8B 0C DD 51 84 6B E4 F8 D1 CE 77 A2 81 ..u...Q.k....w..
[java]
[java] ]
[java] adding as trusted cert: [
[java] [
[java] Version: V3
[java] Subject: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
[java] Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@5f8b99
[java] Validity: [From: Sun Dec 31 22:00:00 GMT-02:00 1995,
     [java] To: Thu Dec 31 21:59:59 GMT-02:00 2020]
[java] Issuer: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
[java] SerialNumber: [ 0 ]
[java]
[java] Certificate Extensions: 1
[java] [1]: ObjectId: 2.5.29.19 Criticality=true
[java] BasicConstraints:[
[java] CA:true
[java] PathLen:2147483647
[java] ]
[java]
[java] ]
[java] Algorithm: [MD5withRSA]
[java] Signature:
[java] 0000: 2D E2 99 6B B0 3D 7A 89 D7 59 A2 94 01 1F 2B DD -..k.=z..Y....+.
[java] 0010: 12 4B 53 C2 AD 7F AA A7 00 5C 91 40 57 25 4A 38 .KS......\.@W%J8
[java] 0020: AA 84 70 B9 D9 80 0F A5 7B 5C FB 73 C6 BD D7 8A ..p......\.s....
[java] 0030: 61 5C 03 E3 2D 27 A8 17 E0 84 85 42 DC 5E 9B C6 a\..-'.....B.^..
[java] 0040: B7 B2 6D BB 74 AF E4 3F CB A7 B7 B0 E0 5D BE 78 ..m.t..?.....].x
[java] 0050: 83 25 94 D2 DB 81 0F 79 07 6D 4F F4 39 15 5A 52 .%.....y.mO.9.ZR
[java] 0060: 01 7B DE 32 D6 4D 38 F6 12 5C 06 50 DF 05 5B BD ...2.M8..\.P..[.
[java] 0070: 14 4B A1 DF 29 BA 3B 41 8D F7 63 56 A1 DF 22 B1 .K..).;A..cV..".
[java]
[java] ]
[java] adding as trusted cert: [
[java] [
[java] Version: V1
[java] Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
[java] Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@462851
[java] Validity: [From: Sun Jan 28 22:00:00 GMT-02:00 1996,
     [java] To: Wed Jan 07 21:59:59 GMT-02:00 2004]
[java] Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
[java] SerialNumber: [    e49efdf3 3ae80ecf a5113e19 a4240232 ]
[java]
[java] ]
[java] Algorithm: [MD2withRSA]
[java] Signature:
[java] 0000: 61 70 EC 2F 3F 9E FD 2B E6 68 54 21 B0 67 79 08 ap./?..+.hT!.gy.
[java] 0010: 0C 20 96 31 8A 0D 7A BE B6 26 DF 79 2C 22 69 49 . .1..z..&.y,"iI
[java] 0020: 36 E3 97 77 62 61 A2 32 D7 7A 54 21 36 BA 02 C9 6..wba.2.zT!6...
[java] 0030: 34 E7 25 DA 44 35 B0 D2 5C 80 5D B3 94 F8 F9 AC 4.%.D5..\.].....
[java] 0040: EE A4 60 75 2A 1F 95 49 23 B1 4A 7C F4 B3 47 72 ..`u*..I#.J...Gr
[java] 0050: 21 5B 7E 97 AB 54 AC 62 E7 5D EC AE 9B D2 C9 B2 ![...T.b.]......
[java] 0060: 24 FB 82 AD E9 67 15 4B BA AA A6 F0 97 A0 F6 B0 $....g.K........
[java] 0070: 97 57 00 C8 0C 3C 09 A0 82 04 BA 41 DA F7 99 A4 .W...<.....A....
[java]
[java] ]
[java] adding as trusted cert: [
[java] [
[java] Version: V3
[java] Subject: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
[java] Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@10058
[java] Validity: [From: Sun Dec 31 22:00:00 GMT-02:00 1995,
     [java] To: Thu Dec 31 21:59:59 GMT-02:00 2020]
[java] Issuer: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
[java] SerialNumber: [ 0 ]
[java]
[java] Certificate Extensions: 1
[java] [1]: ObjectId: 2.5.29.19 Criticality=true
[java] BasicConstraints:[
[java] CA:true
[java] PathLen:2147483647
[java] ]
[java]
[java] ]
[java] Algorithm: [MD5withRSA]
[java] Signature:
[java] 0000: 69 36 89 F7 34 2A 33 72 2F 6D 3B D4 22 B2 B8 6F i6..4*3r/m;."..o
[java] 0010: 9A C5 36 66 0E 1B 3C A1 B1 75 5A E6 FD 35 D3 F8 ..6f..<..uZ..5..
[java] 0020: A8 F2 07 6F 85 67 8E DE 2B B9 E2 17 B0 3A A0 F0 ...o.g..+....:..
[java] 0030: 0E A2 00 9A DF F3 14 15 6E BB C8 85 5A 98 80 F9 ........n...Z...
[java] 0040: FF BE 74 1D 3D F3 FE 30 25 D1 37 34 67 FA A5 71 ..t.=..0%.74g..q
[java] 0050: 79 30 61 29 72 C0 E0 2C 4C FB 56 E4 3A A8 6F E5 y0a)r..,L.V.:.o.
[java] 0060: 32 59 52 DB 75 28 50 59 0C F8 0B 19 E4 AC D9 AF 2YR.u(PY........
[java] 0070: 96 8D 2F 50 DB 07 C3 EA 1F AB 33 E0 F5 2B 31 89 ../P......3..+1.
[java]
[java] ]
[java] adding as trusted cert: [
[java] [
[java] Version: V3
[java] Subject: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
[java] Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@3dab91
[java] Validity: [From: Wed Jul 31 21:00:00 GMT-03:00 1996,
     [java] To: Thu Dec 31 21:59:59 GMT-02:00 2020]
[java] Issuer: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
[java] SerialNumber: [    01]
[java]
[java] Certificate Extensions: 1
[java] [1]: ObjectId: 2.5.29.19 Criticality=true
[java] BasicConstraints:[
[java] CA:true
[java] PathLen:2147483647
[java] ]
[java]
[java] ]
[java] Algorithm: [MD5withRSA]
[java] Signature:
[java] 0000: 07 FA 4C 69 5C FB 95 CC 46 EE 85 83 4D 21 30 8E ..Li\...F...M!0.
[java] 0010: CA D9 A8 6F 49 1A E6 DA 51 E3 60 70 6C 84 61 11 ...oI...Q.`pl.a.
[java] 0020: A1 1A C8 48 3E 59 43 7D 4F 95 3D A1 8B B7 0B 62 ...H>YC.O.=....b
[java] 0030: 98 7A 75 8A DD 88 4E 4E 9E 40 DB A8 CC 32 74 B9 [email protected].
[java] 0040: 6F 0D C6 E3 B3 44 0B D9 8A 6F 9A 29 9B 99 18 28 o....D...o.)...(
[java] 0050: 3B D1 E3 40 28 9A 5A 3C D5 B5 E7 20 1B 8B CA A4 ;..@(.Z<... ....
[java] 0060: AB 8D E9 51 D9 E2 4C 2C 59 A9 DA B9 B2 75 1B F6 ...Q..L,Y....u..
[java] 0070: 42 F2 EF C7 F2 18 F9 89 BC A3 FF 8A 23 2E 70 47 B...........#.pG
[java]
[java] ]
[java] adding as trusted cert: [
[java] [
[java] Version: V1
[java] Subject: OU=Class 4 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
[java] Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@4ac00c
[java] Validity: [From: Sun Jan 28 22:00:00 GMT-02:00 1996,
     [java] To: Fri Dec 31 21:59:59 GMT-02:00 1999]
[java] Issuer: OU=Class 4 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
[java] SerialNumber: [    02a60000 01]
[java]
[java] ]
[java] Algorithm: [MD2withRSA]
[java] Signature:
[java] 0000: 53 DD D3 F0 9C 24 7E 40 AA E2 FC 00 1A D7 DA 0C S....$.@........
[java] 0010: FC 32 61 B8 15 0D 96 F3 FA 57 1B 7F 33 7C AF E9 .2a......W..3...
[java] 0020: 98 9A 61 C8 7A B3 B7 FF B1 DC 99 83 DC AC 12 FC ..a.z...........
[java] 0030: 70 C9 1F 38 42 ED 44 F6 80 2E 5B 6B 33 69 AC 9C p..8B.D...[k3i..
[java] 0040: D3 5C E7 5F 5A 18 C7 B1 2D 79 04 96 41 91 99 41 .\._Z...-y..A..A
[java] 0050: B1 3C 0D BA 84 39 C6 3B 97 F0 26 C9 8E EE BD CC .<...9.;..&.....
[java] 0060: 42 95 FF 1E C7 02 3F 54 0C 78 F5 BC AA 60 7C 02 B.....?T.x...`..
[java] 0070: 69 E8 DC AC E2 02 76 61 C4 3E 03 EA D2 8A 24 D1 i.....va.>....$.
[java]
[java] ]
[java] adding as trusted cert: [
[java] [
[java] Version: V1
[java] Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
[java] Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@65b28
[java] Validity: [From: Sun Jan 28 22:00:00 GMT-02:00 1996,
     [java] To: Tue Jan 07 21:59:59 GMT-02:00 2020]
[java] Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
[java] SerialNumber: [    325033cf 50d156f3 5c81ad65 5c4fc825 ]
[java]
[java] ]
[java] Algorithm: [MD2withRSA]
[java] Signature:
[java] 0000: 4B 44 66 60 68 64 E4 98 1B F3 B0 72 E6 95 89 7C KDf`hd.....r....
[java] 0010: DD 7B B3 95 C0 1D 2E D8 D8 19 D0 2D 34 3D C6 50 ...........-4=.P
[java] 0020: 9A 10 86 8C AA 3F 3B A8 04 FC 37 52 95 C3 D9 C9 .....?;...7R....
[java] 0030: DB CD F2 86 06 C4 B1 1B F0 82 88 30 42 8E 17 50 ...........0B..P
[java] 0040: 1C 64 7A B8 3E 99 49 74 97 FC AC 02 43 FB 96 0C .dz.>.It....C...
[java] 0050: 56 04 25 0C 7C 7C 87 9D 24 A7 D8 F0 32 29 B5 A4 V.%.....$...2)..
[java] 0060: DF 5D A2 4C C5 16 32 A8 42 F6 45 A6 B6 36 B9 E0 .].L..2.B.E..6..
[java] 0070: BF 65 36 93 C2 D2 D7 6B DC DE 59 D6 A2 35 F8 45 .e6....k..Y..5.E
[java]
[java] ]
[java] adding as trusted cert: [
[java] [
[java] Version: V1
[java] Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
[java] Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@4ac6db
[java] Validity: [From: Tue Nov 08 22:00:00 GMT-02:00 1994,
     [java] To: Thu Jan 07 21:59:59 GMT-02:00 2010]
[java] Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
[java] SerialNumber: [    02ad667e 4e45fe5e 576f3c98 195eddc0 ]
[java]
[java] ]
[java] Algorithm: [MD2withRSA]
[java] Signature:
[java] 0000: 65 DD 7E E1 B2 EC B0 E2 3A E0 EC 71 46 9A 19 11 e.......:..qF...
[java] 0010: B8 D3 C7 A0 B4 03 40 26 02 3E 09 9C E1 12 B3 D1 ......@&.>......
[java] 0020: 5A F6 37 A5 B7 61 03 B6 5B 16 69 3B C6 44 08 0C Z.7..a..[.i;.D..
[java] 0030: 88 53 0C 6B 97 49 C7 3E 35 DC 6C B9 BB AA DF 5C .S.k.I.>5.l....\
[java] 0040: BB 3A 2F 93 60 B6 A9 4B 4D F2 20 F7 CD 5F 7F 64 .:/.`..KM. .._.d
[java] 0050: 7B 8E DC 00 5C D7 FA 77 CA 39 16 59 6F 0E EA D3 ....\..w.9.Yo...
[java] 0060: B5 83 7F 4D 4D 42 56 76 B4 C9 5F 04 F8 38 F8 EB ...MMBVv.._..8..
[java] 0070: D2 5F 75 5F CD 7B FC E5 8E 80 7C FC 50 ._u_........P
[java]
[java] ]
[java] adding as trusted cert: [
[java] [
[java] Version: V3
[java] Subject: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
[java] Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@456c60
[java] Validity: [From: Wed Jul 31 21:00:00 GMT-03:00 1996,
     [java] To: Thu Dec 31 21:59:59 GMT-02:00 2020]
[java] Issuer: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
[java] SerialNumber: [    01]
[java]
[java] Certificate Extensions: 1
[java] [1]: ObjectId: 2.5.29.19 Criticality=true
[java] BasicConstraints:[
[java] CA:true
[java] PathLen:2147483647
[java] ]
[java]
[java] ]
[java] Algorithm: [MD5withRSA]
[java] Signature:
[java] 0000: 26 48 2C 16 C2 58 FA E8 16 74 0C AA AA 5F 54 3F &H,..X...t..._T?
[java] 0010: F2 D7 C9 78 60 5E 5E 6E 37 63 22 77 36 7E B2 17 ...x`^^n7c"w6...
[java] 0020: C4 34 B9 F5 08 85 FC C9 01 38 FF 4D BE F2 16 42 .4.......8.M...B
[java] 0030: 43 E7 BB 5A 46 FB C1 C6 11 1F F1 4A B0 28 46 C9 C..ZF......J.(F.
[java] 0040: C3 C4 42 7D BC FA AB 59 6E D5 B7 51 88 11 E3 A4 ..B....Yn..Q....
[java] 0050: 85 19 6B 82 4C A4 0C 12 AD E9 A4 AE 3F F1 C3 49 ..k.L.......?..I
[java] 0060: 65 9A 8C C5 C8 3E 25 B7 94 99 BB 92 32 71 07 F0 e....>%.....2q..
[java] 0070: 86 5E ED 50 27 A6 0D A6 23 F9 BB CB A6 07 14 42 .^.P'...#......B
[java]
[java] ]
[java] adding as trusted cert: [
[java] [
[java] Version: V1
[java] Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
[java] Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@4e280c
[java] Validity: [From: Sun Jan 28 22:00:00 GMT-02:00 1996,
     [java] To: Wed Jan 07 21:59:59 GMT-02:00 2004]
[java] Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
[java] SerialNumber: [    ba5ac94c 053b92d6 a7b6df4e d053920d ]
[java]
[java] ]
[java] Algorithm: [MD2withRSA]
[java] Signature:
[java] 0000: B6 00 1F 93 57 A4 07 A7 40 CE 65 40 3F 55 5E ED [email protected]@?U^.
[java] 0010: EF FA 54 49 A5 30 D6 21 7C 61 87 EE 83 93 0B BF ..TI.0.!.a......
[java] 0020: B4 33 F2 98 AC 9F 06 BF 4E A8 CE 14 81 4C CB 04 .3......N....L..
[java] 0030: 4E 58 C3 CF 5F EE 7C D7 9A 6F CB 41 8A B7 7F 81 NX.._....o.A....
[java] 0040: B8 FF 84 61 C6 27 43 65 1D 0C EC B1 00 0A DD 1B ...a.'Ce........
[java] 0050: A4 BB C7 78 20 28 B2 A2 DD 36 95 2E E1 54 4F BF ...x (...6...TO.
[java] 0060: 60 B9 77 68 11 99 23 E8 EA 52 E8 AA 00 4E 67 4E `.wh..#..R...NgN
[java] 0070: BB 90 B5 45 9B 46 EB 8E 16 EF C4 33 5B 33 3D D5 ...E.F.....3[3=.
[java]
[java] ]
[java] trigger seeding of SecureRandom
[java] done seeding SecureRandom
[java] %% No cached client session
[java] *** ClientHello, v3.1
[java] RandomCookie: GMT: 983561886 bytes = { 76, 56, 156, 168, 117, 241, 69, 144, 101, 187, 144, 236, 198, 74, 236, 43, 149, 255, 23, 119, 121, 201, 132, 208, 134, 190, 178, 253 }
[java] Session ID: {}
[java] Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
[java] Compression Methods: { 0 }
[java] ***
[java] [write] MD5 and SHA1 hashes: len = 59
[java] 0000: 01 00 00 37 03 01 3B A0 F7 9E 4C 38 9C A8 75 F1 ...7..;...L8..u.
[java] 0010: 45 90 65 BB 90 EC C6 4A EC 2B 95 FF 17 77 79 C9 E.e....J.+...wy.
[java] 0020: 84 D0 86 BE B2 FD 00 00 10 00 05 00 04 00 09 00 ................
[java] 0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
[java] AWT-EventQueue-0, WRITE: SSL v3.1 Handshake, length = 59
[java] [write] MD5 and SHA1 hashes: len = 77
[java] 0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
[java] 0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
[java] 0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 3B A0 F7 .............;..
[java] 0030: 9E 4C 38 9C A8 75 F1 45 90 65 BB 90 EC C6 4A EC .L8..u.E.e....J.
[java] 0040: 2B 95 FF 17 77 79 C9 84 D0 86 BE B2 FD +...wy.......
[java] AWT-EventQueue-0, WRITE: SSL v2, contentType = 22, translated length = 16310
[java] AWT-EventQueue-0, READ: SSL v3.1 Handshake, length = 1111
[java] *** ServerHello, v3.1
[java] RandomCookie: GMT: 2074550556 bytes = { 27, 152, 37, 22, 151, 47, 160, 182, 226, 124, 83, 52, 90, 58, 184, 102, 211, 192, 216, 255, 208, 187, 208, 29, 25, 27, 49, 218 }
[java] Session ID: {93, 0, 0, 0, 133, 6, 96, 154, 231, 185, 3, 242, 135, 21, 142, 12, 3, 69, 102, 233, 130, 127, 90, 61, 249, 162, 68, 19, 62, 71, 145, 47}
[java] Cipher Suite: { 0, 4 }
[java] Compression Method: 0
[java] ***
[java] %% Created: [Session-2, SSL_RSA_WITH_RC4_128_MD5]
[java] ** SSL_RSA_WITH_RC4_128_MD5
[java] [read] MD5 and SHA1 hashes: len = 74
[java] 0000: 02 00 00 46 03 01 7C A7 21 1C 1B 98 25 16 97 2F ...F....!...%../
[java] 0010: A0 B6 E2 7C 53 34 5A 3A B8 66 D3 C0 D8 FF D0 BB ....S4Z:.f......
[java] 0020: D0 1D 19 1B 31 DA 20 5D 00 00 00 85 06 60 9A E7 ....1. ].....`..
[java] 0030: B9 03 F2 87 15 8E 0C 03 45 66 E9 82 7F 5A 3D F9 ........Ef...Z=.
[java] 0040: A2 44 13 3E 47 91 2F 00 04 00 .D.>G./...
[java] *** Certificate chain
[java] chain [0] = [
[java] [
[java] Version: V3
[java] Subject: CN=dcu.fi1.net, OU=Terms of use at www.verisign.com/rpa (c)00, OU=Virtual Financial Services Inc., O=Virtual Financial Services Inc., L=Indianapolis, ST=Indiana, C=US
[java] Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@5ac3c9
[java] Validity: [From: Thu Apr 12 21:00:00 GMT-03:00 2001,
     [java] To: Wed May 01 20:59:59 GMT-03:00 2002]
[java] Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
[java] SerialNumber: [    41a437fa 30a52d78 f3bf85df a1b4d720 ]
[java]
[java] Certificate Extensions: 6
[java] [1]: ObjectId: 2.16.840.1.113733.1.6.15 Criticality=false
[java] Extension unknown: DER encoded OCTET string =
[java] 0000: 04 0B 16 09 31 35 30 33 31 38 35 33 33 ....150318533
[java]
[java]
[java] [2]: ObjectId: 2.5.29.32 Criticality=false
[java] Extension unknown: DER encoded OCTET string =
[java] 0000: 04 81 A4 30 81 A1 30 81 9E 06 0B 60 86 48 01 86 ...0..0....`.H..
[java] 0010: F8 45 01 07 01 01 30 81 8E 30 28 06 08 2B 06 01 .E....0..0(..+..
[java] 0020: 05 05 07 02 01 16 1C 68 74 74 70 73 3A 2F 2F 77 .......https://w
[java] 0030: 77 77 2E 76 65 72 69 73 69 67 6E 2E 63 6F 6D 2F ww.verisign.com/
[java] 0040: 43 50 53 30 62 06 08 2B 06 01 05 05 07 02 02 30 CPS0b..+.......0
[java] 0050: 56 30 15 16 0E 56 65 72 69 53 69 67 6E 2C 20 49 V0...VeriSign, I
[java] 0060: 6E 63 2E 30 03 02 01 01 1A 3D 56 65 72 69 53 69 nc.0.....=VeriSi
[java] 0070: 67 6E 27 73 20 43 50 53 20 69 6E 63 6F 72 70 2E gn's CPS incorp.
[java] 0080: 20 62 79 20 72 65 66 65 72 65 6E 63 65 20 6C 69 by reference li
[java] 0090: 61 62 2E 20 6C 74 64 2E 20 28 63 29 39 37 20 56 ab. ltd. (c)97 V
[java] 00A0: 65 72 69 53 69 67 6E eriSign
[java]
[java]
[java] [3]: ObjectId: 2.5.29.31 Criticality=false
[java] Extension unknown: DER encoded OCTET string =
[java] 0000: 04 35 30 33 30 31 A0 2F A0 2D 86 2B 68 74 74 70 .50301./.-.+http
[java] 0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
[java] 0020: 63 6F 6D 2F 52 53 41 53 65 63 75 72 65 53 65 72 com/RSASecureSer
[java] 0030: 76 65 72 2E 63 72 6C ver.crl
[java]
[java]
[java] [4]: ObjectId: 2.5.29.15 Criticality=false
[java] KeyUsage [
[java] DigitalSignature
[java] Key_Encipherment
[java] ]
[java]
[java] [5]: ObjectId: 2.5.29.37 Criticality=false
[java] Extension unknown: DER encoded OCTET string =
[java] 0000: 04 16 30 14 06 08 2B 06 01 05 05 07 03 01 06 08 ..0...+.........
[java] 0010: 2B 06 01 05 05 07 03 02 +.......
[java]
[java]
[java] [6]: ObjectId: 2.5.29.19 Criticality=false
[java] BasicConstraints:[
[java] CA:false
[java] PathLen: undefined
[java] ]
[java]
[java] ]
[java] Algorithm: [SHA1withRSA]
[java] Signature:
[java] 0000: 65 2C B7 98 FC 5D FB D9 B6 8E 65 AC FE 8B 94 12 e,...]....e.....
[java] 0010: 97 3E C6 07 4E 80 47 2C E6 A3 FE 32 84 8F 77 5E .>..N.G,...2..w^
[java] 0020: D3 2E 18 56 31 D1 3F 7F D3 1E E0 12 7D 0B 10 92 ...V1.?.........
[java] 0030: E0 25 FA 05 67 1E 60 A7 3A 61 84 AB 69 50 27 DB .%..g.`.:a..iP'.
[java] 0040: 32 14 D3 5E 60 45 4D 5D C1 D6 4F 42 30 7F B5 1D 2..^`EM]..OB0...
[java] 0050: B6 DD 8D 1F B7 6F 37 71 7C B1 E2 F4 39 B6 A6 30 .....o7q....9..0
[java] 0060: A8 21 97 7F 55 AC EB 9B F2 0A 53 FF 7E 69 8E 19 .!..U.....S..i..
[java] 0070: 5C 98 51 DE 60 F2 A2 A2 78 01 6B 1F 51 \.Q.`...x.k.Q
[java]
[java] ]
[java] ***
[java] add missing root cert: [
[java] [
[java] Version: V1
[java] Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
[java] Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@4ac6db
[java] Validity: [From: Tue Nov 08 22:00:00 GMT-02:00 1994,
     [java] To: Thu Jan 07 21:59:59 GMT-02:00 2010]
[java] Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
[java] SerialNumber: [    02ad667e 4e45fe5e 576f3c98 195eddc0 ]
[java]
[java] ]
[java] Algorithm: [MD2withRSA]
[java] Signature:
[java] 0000: 65 DD 7E E1 B2 EC B0 E2 3A E0 EC 71 46 9A 19 11 e.......:..qF...
[java] 0010: B8 D3 C7 A0 B4 03 40 26 02 3E 09 9C E1 12 B3 D1 ......@&.>......
[java] 0020: 5A F6 37 A5 B7 61 03 B6 5B 16 69 3B C6 44 08 0C Z.7..a..[.i;.D..
[java] 0030: 88 53 0C 6B 97 49 C7 3E 35 DC 6C B9 BB AA DF 5C .S.k.I.>5.l....\
[java] 0040: BB 3A 2F 93 60 B6 A9 4B 4D F2 20 F7 CD 5F 7F 64 .:/.`..KM. .._.d
[java] 0050: 7B 8E DC 00 5C D7 FA 77 CA 39 16 59 6F 0E EA D3 ....\..w.9.Yo...
[java] 0060: B5 83 7F 4D 4D 42 56 76 B4 C9 5F 04 F8 38 F8 EB ...MMBVv.._..8..
[java] 0070: D2 5F 75 5F CD 7B FC E5 8E 80 7C FC 50 ._u_........P
[java]
[java] ]
[java] stop on trusted cert: [
[java] [
[java] Version: V1
[java] Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
[java] Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
[java]
[java] Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@4ac6db
[java] Validity: [From: Tue Nov 08 22:00:00 GMT-02:00 1994,
     [java] To: Thu Jan 07 21:59:59 GMT-02:00 2010]
[java] Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
[java] SerialNumber: [    02ad667e 4e45fe5e 576f3c98 195eddc0 ]
[java]
[java] ]
[java] Algorithm: [MD2withRSA]
[java] Signature:
[java] 0000: 65 DD 7E E1 B2 EC B0 E2 3A E0 EC 71 46 9A 19 11 e.......:..qF...
[java] 0010: B8 D3 C7 A0 B4 03 40 26 02 3E 09 9C E1 12 B3 D1 ......@&.>......
[java] 0020: 5A F6 37 A5 B7 61 03 B6 5B 16 69 3B C6 44 08 0C Z.7..a..[.i;.D..
[java] 0030: 88 53 0C 6B 97 49 C7 3E 35 DC 6C B9 BB AA DF 5C .S.k.I.>5.l....\
[java] 0040: BB 3A 2F 93 60 B6 A9 4B 4D F2 20 F7 CD 5F 7F 64 .:/.`..KM. .._.d
[java] 0050: 7B 8E DC 00 5C D7 FA 77 CA 39 16 59 6F 0E EA D3 ....\..w.9.Yo...
[java] 0060: B5 83 7F 4D 4D 42 56 76 B4 C9 5F 04 F8 38 F8 EB ...MMBVv.._..8..
[java] 0070: D2 5F 75 5F CD 7B FC E5 8E 80 7C FC 50 ._u_........P
[java]
[java] ]
[java] [read] MD5 and SHA1 hashes: len = 1033
[java] 0000: 0B 00 04 05 00 04 02 00 03 FF 30 82 03 FB 30 82 ..........0...0.
[java] 0010: 03 68 A0 03 02 01 02 02 10 41 A4 37 FA 30 A5 2D .h.......A.7.0.-
[java] 0020: 78 F3 BF 85 DF A1 B4 D7 20 30 0D 06 09 2A 86 48 x....... 0...*.H
[java] 0030: 86 F7 0D 01 01 05 05 00 30 5F 31 0B 30 09 06 03 ........0_1.0...
[java] 0040: 55 04 06 13 02 55 53 31 20 30 1E 06 03 55 04 0A U....US1 0...U..
[java] 0050: 13 17 52 53 41 20 44 61 74 61 20 53 65 63 75 72 ..RSA Data Secur
[java] 0060: 69 74 79 2C 20 49 6E 63 2E 31 2E 30 2C 06 03 55 ity, Inc.1.0,..U
[java] 0070: 04 0B 13 25 53 65 63 75 72 65 20 53 65 72 76 65 ...%Secure Serve
[java] 0080: 72 20 43 65 72 74 69 66 69 63 61 74 69 6F 6E 20 r Certification
[java] 0090: 41 75 74 68 6F 72 69 74 79 30 1E 17 0D 30 31 30 Authority0...010
[java] 00A0: 34 31 33 30 30 30 30 30 30 5A 17 0D 30 32 30 35 413000000Z..0205
[java] 00B0: 30 31 32 33 35 39 35 39 5A 30 81 D5 31 0B 30 09 01235959Z0..1.0.
[java] 00C0: 06 03 55 04 06 13 02 55 53 31 10 30 0E 06 03 55 ..U....US1.0...U
[java] 00D0: 04 08 13 07 49 6E 64 69 61 6E 61 31 15 30 13 06 ....Indiana1.0..
[java] 00E0: 03 55 04 07 14 0C 49 6E 64 69 61 6E 61 70 6F 6C .U....Indianapol
[java] 00F0: 69 73 31 28 30 26 06 03 55 04 0A 14 1F 56 69 72 is1(0&..U....Vir
[java] 0100: 74 75 61 6C 20 46 69 6E 61 6E 63 69 61 6C 20 53 tual Financial S
[java] 0110: 65 72 76 69 63 65 73 20 49 6E 63 2E 31 28 30 26 ervices Inc.1(0&
[java] 0120: 06 03 55 04 0B 14 1F 56 69 72 74 75 61 6C 20 46 ..U....Virtual F
[java] 0130: 69 6E 61 6E 63 69 61 6C 20 53 65 72 76 69 63 65 inancial Service
[java] 0140: 73 20 49 6E 63 2E 31 33 30 31 06 03 55 04 0B 14 s Inc.1301..U...
[java] 0150: 2A 54 65 72 6D 73 20 6F 66 20 75 73 65 20 61 74 *Terms of use at
[java] 0160: 20 77 77 77 2E 76 65 72 69 73 69 67 6E 2E 63 6F www.verisign.co
[java] 0170: 6D 2F 72 70 61 20 28 63 29 30 30 31 14 30 12 06 m/rpa (c)001.0..
[java] 0180: 03 55 04 03 14 0B 64 63 75 2E 66 69 31 2E 6E 65 .U....dcu.fi1.ne
[java] 0190: 74 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 t0..0...*.H.....
[java] 01A0: 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 B1 54 .......0.......T
[java] 01B0: 3C CD 98 A7 E6 69 F7 1E 3A 3C 22 0B 12 34 A1 1B <....i..:<"..4..
[java] 01C0: FA E3 DC 54 B6 C1 80 DA 27 09 2E FD F4 61 A5 82 ...T....'....a..
[java] 01D0: 34 CA DE 8A 78 DA 20 71 BE 33 6A 56 12 E2 43 8E 4...x. q.3jV..C.
[java] 01E0: C2 3E 41 D8 28 AA 81 04 B8 F7 6F 09 D5 DA 9D B3 .>A.(.....o.....
[java] 01F0: 9A 31 FB AC ED 13 72 BE 8C 72 E7 17 53 AD 26 23 .1....r..r..S.&#
[java] 0200: 5A CB AC AE 28 62 98 9B 39 52 CC 50 38 13 FA F3 Z...(b..9R.P8...
[java] 0210: BF BE 5D E8 A1 B9 89 29 FE 50 91 29 F0 7B 32 0A ..]....).P.)..2.
[java] 0220: 90 48 E6 7A B6 F7 35 EC 65 76 D1 44 EC 83 02 03 .H.z..5.ev.D....
[java] 0230: 01 00 01 A3 82 01 43 30 82 01 3F 30 09 06 03 55 ......C0..?0...U
[java] 0240: 1D 13 04 02 30 00 30 0B 06 03 55 1D 0F 04 04 03 ....0.0...U.....
[java] 0250: 02 05 A0 30 3C 06 03 55 1D 1F 04 35 30 33 30 31 ...0<..U...50301
[java] 0260: A0 2F A0 2D 86 2B 68 74 74 70 3A 2F 2F 63 72 6C ./.-.+http://crl
[java] 0270: 2E 76 65 72 69 73 69 67 6E 2E 63 6F 6D 2F 52 53 .verisign.com/RS
[java] 0280: 41 53 65 63 75 72 65 53 65 72 76 65 72

I've tried commenting result.starthandshake but still
unexpected end of file from server problem persists.
I tested the sample code with verisign and sun works
fine and here ciphersuite is CipherSuite:SSL_RSA_WITH_RC4_128_MD5
whereas it doesnt work with thawte and my server
for which ciphersuite is
CipherSuite:SSL_RSA_WITH_RC4_128_SHA
and the system.out lines in case of sun or verisign are as follows,
Handshake finished!
     CipherSuite:SSL_RSA_WITH_RC4_128_MD5
     SessionId [Session-1, SSL_RSA_WITH_RC4_128_MD5]
     PeerHost 192.18.97.241
Handshake finished!
     CipherSuite:SSL_RSA_WITH_RC4_128_MD5
     SessionId [Session-1, SSL_RSA_WITH_RC4_128_MD5]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
     PeerHost 192.18.97.241
.......followed by html content in tag form.
but
in case of my server which is openssl or thawte site ,it is
Handshake finished!
     CipherSuite:SSL_RSA_WITH_RC4_128_SHA
     SessionId [Session-1, SSL_RSA_WITH_RC4_128_SHA]
     PeerHost 204.198.134.88
Handshake finished!
     CipherSuite:SSL_RSA_WITH_RC4_128_SHA
     SessionId [Session-1, SSL_RSA_WITH_RC4_128_SHA]
     PeerHost 204.198.134.88
Handshake finished!
     CipherSuite:SSL_RSA_WITH_RC4_128_SHA
     SessionId [Session-2, SSL_RSA_WITH_RC4_128_SHA]
     PeerHost 204.198.134.88
Handshake finished!
     CipherSuite:SSL_RSA_WITH_RC4_128_SHA
     SessionId [Session-2, SSL_RSA_WITH_RC4_128_SHA]
     PeerHost 204.198.134.88
java.net.SocketException: Unexpected end of file from server
     at com.sun.net.ssl.internal.www.protocol.https.HttpClient.b([DashoPro-V1.2-120198])
     at com.sun.net.ssl.internal.www.protocol.https.HttpClient.a([DashoPro-V1.2-120198])
     at com.sun.net.ssl.internal.www.protocol.https.HttpClient.b([DashoPro-V1.2-120198])
     at com.sun.net.ssl.internal.www.protocol.https.HttpClient.a([DashoPro-V1.2-120198])
     at com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([DashoPro-V1.2-120198])
     at com.phoenixnet.security.zurich.utils.URLTunnelReader.main(URLTunnelReader.java, Compiled Code)
Exception in thread "main"
any ideas ??
pannaga

Hi,what is servlet and http tunneling .

hi,what is servlet and http tunneling .and at which scenario those two are implemented by us .i am expecting good answer from u is at which scenario those we use.please help me in this.

HttpTunnelling is simply acting as a proxy. You will receive a web request at your Servlet, use either HttpClient or the standard java.net classes to initiate a new connection to the target web server. Then you will pipe all request bytes through your server to the target server and reverse the process, piping all response bytes from the target server to the client. You are in effect acting as a tunnel between the browser and the target server. This is also known as proxying.
- Saish

HTTP tunneling / number of TCP connections

Environment WLS 7.0 Sp2
We are experimenting with http tunneling and we noticed the following behavior,
when performing a lookup to get a handle to a few session beans that our UI is
using, Weblogic opens an additional TCP connection for every lookup however when
using t3 Weblogic opens a single connection for all of them. Our guess is that
Weblogic's T3 is optimized to pipeline and multiplex everything asynchronously
over one TCP connection.
Is there a way to configure Weblogic to use a single TCP connection when tunneling?

I believe it would just be an OS-level limit, on the number of socket handles that can be opened.

Question about HTTP Server and 9iAS

I am kind of new to Oracles 9is products. I installed Oracle 9i Rel. 2 recently and it installed HTTP Server and other stuff as part of that install. I am trying to write a small web application. Is this install good enough to do basic servlet's, jsp's and may be EJB's etc ... or do I need to install 9iAS. I am confused on the fact that I know 9iAS will give me j2ee container, web container, clustering, etc ..., what functionality is included in the 9i databases web server piece.
Also, can anyone point me to a good documentation that explains directory structure of 9i Rel. 2. I am familiar with the database part fairly well(oracle 7 release). However, I am confused as to new web related stuff (Apache, bc4j, etc..) in 9i Rel. 2.
Thanks.

Hi,
No, you cannot run EJB's in the Apache installation. For that you might want to download OC4J.
Basic Http pages and Servlets can run but I dont think it is advisable to use it for that. For any kind of development, I would suggest you to use OC4J.
Oracle9i Database is web enabled and you can access the table, etc.. from a browser too. This is the reason Apache is provided with the basic installation. Oracle9i Rel 2 has XML DB in it which again can be accessed from the Web.
For more help on any of these check http://otn.oracle.com/documentation/oracle9i.html
You will be able to get all the related Developer's Guide here.
Hope this helps,
Rajat

Is forcing Http tunneling mode possible ?

Hello,
in order to make some tests between 2 PC on the same intranet, I would like to know if it's possible to force RMI to use http tunneling, and to choose the mode : http-to-port or http-to-cgi ?
If possible, please tell me how.
Many thanks in advance.
C. BREZAK

RMI depends on custom socket factories (sun.rmi.transport.proxy.RMIHttpToPortSocketFactory, sun.rmi.transport.proxy.RMIHttpToCGISocketFactory) for carrying out the HTTP tunneling of RMI request if normal way of establishing a connection with the remote object fails. If no particular RMI socket factory is set in RMI application, RMI runtime chooses the RMIMasterSocketFactory() for creating client and server sockets. This socket factory maintains a list of socket factories which should be tried in order in establishing a successful connection with the remote object. This list includes RMIDirectSocketFacotry and HTTP tunneling socket factories mentioned above if http.proxyHost proerty is set.
You can force HTTP tunneling by explicitly setting default socket factory (RMISocketFactory.setSocketFactory(...)) to sun.rmi.transport.proxy.RMIHttpToPortSocketFactory in the client application. If this fails you can try setting default socket factory to RMIHttpToCGISocketFactory. It may not be possible trying these two options in the same instance of the program, because setSocketFactory() does not allow you to change the already defined default factory to the new one. This may not be elegant solution.
-- Srinath Mandalapu

Implement http tunnel in java

Hi,
I am developing a remote access application which allows to access remote machines terminal behind firewall and and NAT. I have looked at some technologies and scaled down to http tunneling and JXTA. I was hoping if some one could guide me to choose the best available one and any resource that implements it in java.
Thanks in advance

To get a packet from computer 1 to computer 2 with the following configuration,
Computer1 <-> NAT/Firewall 1 <-> Internet <-> NAT/Firewall 2 <-> Computer 2
192.168.1.1 72.1.15.6 72.1.15.7 192.168.1.1
You end up with a problem. Computer one has a local IP address, as does Computer 2. Neither of them are directly globally accessible. The NAT/Firewall, however, is connected to a Global IP address, and so Computer 1 can send messages to NAT 2, and vice versa.
If you set up a static route on the NAT, it will forward all incoming traffic on a port to a computer behind the NAT. So, if you configured port 5000 on each NAT to forward traffic to the target computers, anytime you addressed a packet for NAT<N>:5000, it would go to computer<N>.
You can play a similar game with a rendezvous server. When a computer send out a packet, it goes to the NAT. The NAT then forwards that to the internet, and makes a note "Okay, if a response comes back from the place I'm sending this on the port I'm sending from, I'll forward that response back to the local computer that sent the packet in the first place. If you have a rendezvous server, you can do the following trick
Computer 1 sends a message to server
Computer 2 sends a message to server
Server sends computer 1 the IP/PORT to use to talk to c2
Server sends computer 2 the IP/PORT to use to talk to c1
Computer 1 sends a message to the IP/PORT it was told to use
NAT2 rejects the message because no message was sent to computer 1
Computer 2 sends a message to the IP/PORT it was told to use
NAT1 allows the message because Computer1 sent a message to computer 2
Computer 1 sends a message to the IP/PORT it was told to use
NAT2 allows the message because Computer2 sent a message to computer 1
At that point, messages can flow between computer 1 and computer 2 across the internet.
For more information, check out Section 3 of:
http://www.brynosaurus.com/pub/net/p2pnat/

Use of servlet http tunneling for client server communication

Hello I am having a problem connecting a simple client applet to a server application. I can connect the two directly using sockets. However, when I try to connect the two via a servlet the input stream cannot be accessed. The application is purely for demonstration. Here is some of the source code
A servlet for http tunneling
import java.io.*;
import java.net.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class SocketServlet extends HttpServlet
     ServletInputStream servletinput;
     ServletOutputStream servletoutput;
     Socket socket;
     DataOutputStream dataoutput;
     DataInputStream datainput;
     public SocketServlet()
public void init(ServletConfig servletconfig) throws ServletException
super.init(servletconfig);
log("Socket servlet initialized.");
     public void doPost( HttpServletRequest request, HttpServletResponse response ) throws ServletException, IOException
try
servletinput = request.getInputStream();
socket = new Socket( InetAddress.getByName( "127.0.0.1" ), 5000 );
dataoutput = new DataOutputStream( socket.getOutputStream() );
try
                    byte[] inbytes = new byte[1024];
                    servletinput.read( inbytes );
                    String inmessage = new String( inbytes );
                    dataoutput.writeBytes( inmessage );
catch(IOException ioex)
dataoutput.flush();
datainput = new DataInputStream( socket.getInputStream() );
servletoutput = response.getOutputStream();
try
byte[] outbytes = new byte[1024];
datainput.read( outbytes );
servletoutput.write( outbytes );
catch(IOException ioex)
servletoutput.flush();
servletoutput.close();
catch(Exception ex)
// Server.java
import java.io.*;
import java.net.*;
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
public class Server extends JFrame {
private JTextField enter;
private JTextArea display;
DataOutputStream output;
DataInputStream input;
public Server()
super( "Server" );
Container c = getContentPane();
     enter = new JTextField();
     enter.setEnabled( false );
     c.add( enter, BorderLayout.SOUTH );
display = new JTextArea();
c.add( new JScrollPane( display ),
BorderLayout.CENTER );
setSize( 300, 150 );
show();
public void runServer()
ServerSocket server;
Socket connection;
int counter = 1;
try {
// Step 1: Create a ServerSocket.
server = new ServerSocket( 5000, 100 );
while ( true ) {
// Step 2: Wait for a connection.
display.setText( "Waiting for connection\n" );
connection = server.accept();
display.append( "Connection " + counter +
" received from: " +
connection.getInetAddress().getHostName() );
// Step 3: Get input and output streams.
output = new DataOutputStream(
connection.getOutputStream() );
input = new DataInputStream(
connection.getInputStream() );
display.append( "\nGot I/O streams\n" );
// Step 4: Process connection.
String message =
"SERVER>>> Connection successful";
output.writeBytes( message );
enter.setEnabled( true );
               display.append( "\nConnected\n" );
do {
try {
                    byte[] mess = new byte[1024];
input.read( mess );
display.append( "\n" + message );
display.setCaretPosition(
display.getText().length() );
               catch (IOException ioex )
} while ( !message.equals( "CLIENT>>> TERMINATE" ) );
// Step 5: Close connection.
display.append( "\nUser terminated connection" );
enter.setEnabled( false );
output.close();
input.close();
connection.close();
++counter;
catch ( EOFException eof ) {
System.out.println( "Client terminated connection" );
catch ( IOException io ) {
io.printStackTrace();
private void sendData( String s )
try {
output.writeBytes( "SERVER>>> " + s );
display.append( "\nSERVER>>>" + s );
catch ( IOException cnfex ) {
display.append(
"\nError writing object" );
public static void main( String args[] )
Server app = new Server();
app.addWindowListener(
new WindowAdapter() {
public void windowClosing( WindowEvent e )
System.exit( 0 );
app.runServer();
// Fig. 21.4: Client.java
// Set up a Client that will read information sent
// from a Server and display the information.
import java.io.*;
import java.net.*;
import java.awt.*;
import java.awt.event.*;
import java.applet.*;
import java.util.zip.*;
public class Client extends Applet implements ActionListener {
private TextField enter;
private TextArea display;
DataOutputStream output;
DataInputStream input;
private Button button, button2;
URLConnection connection;
private byte[] bytes1, bytes2;
private String message, message2;
public void init()
setLayout( new BorderLayout() );
enter = new TextField( " Enter text here " );
enter.setEnabled( false );
enter.addActionListener( this );
add( enter, BorderLayout.NORTH );
display = new TextArea( 4, 30 );
     display.setEditable( false );
add( display, BorderLayout.CENTER );
     button = new Button( "Connect" );
     button.addActionListener( this );
     add( button, BorderLayout.SOUTH );
public void runClient()
Socket client;
try {
// Step 1: Create a Socket to make connection.
display.setText( "Attempting connection\n" );
          URL currentpage = getCodeBase();
          String protocol = currentpage.getProtocol();
          String host = currentpage.getHost();
          int port = 8100;
          String urlsuffix = "/servlet/SocketServlet";
          URL dataurl = new URL( "http://localhost:8100/servlet/SocketServlet" );
          connection = dataurl.openConnection();
connection.setDoOutput(true);
connection.setDoInput(true);
connection.setRequestProperty("Content-type", "application/octet-stream");
          connection.setUseCaches( false );
          display.append( "\nConnected to: " + host );
// Step 2: Get the output streams.
output = new DataOutputStream(
connection.getOutputStream() );
          display.append( "\n got output stream\n" );
          // Step 3 get input connection
          try
          display.append( "\nAttempting to connect to input stream\n" );
               input = new DataInputStream( connection.getInputStream() );
               bytes1 = new byte[1024];
               input.readFully( bytes1 );
               display.append( "\nGot input stream\n" );
               message = new String( bytes1 );
               display.append( "\n" + message + "\n" );
          catch ( IOException ioex )
          // Step 3: Process connection.
          enter.setEnabled( true );
          do {
          try {
bytes2 = new byte[1024];
          input.readFully( bytes2 );
          message2 = new String( bytes2 );
          display.append( "\n" + message2 );
          display.setCaretPosition(
          display.getText().length() );
          catch ( IOException ioex ) {
          display.append(
          "\nUnknown object type received" );
          } while ( !message.equals( "SERVER>>> TERMINATE" ) );
// Step 4: Close connection.
display.append( "Closing connection.\n" );
output.close();
input.close();
     catch (MalformedURLException mfe )
catch ( EOFException eof ) {
System.out.println( "Server terminated connection" );
catch ( IOException e ) {
e.printStackTrace();
private void sendData( String s )
try {
message = s;
output.writeBytes( "CLIENT>>> " + s );
display.append( "\nCLIENT>>>" + s );
catch ( IOException cnfex ) {
display.append(
"\nError writing object" );
public void actionPerformed( ActionEvent e )
     if ( e.getActionCommand() == "Connect" )
          runClient();
     else
          sendData( e.getActionCommand() );
public static void main(String args[])
Frame f = new Frame("Chat Client");
     Client c = new Client();
     c.init();
     f.add("Center", c);
     f.setSize(300, 150);
     f.show();
the connection appears to fail at client step 3, any help is super, thanks
Aidan

Hi,
In your client you are trying to open OutputStream even though you are not using it.
So there are two solutions here.
1. If you dont need OutputStream your code shoud look like this
try {
// Step 1: Create a Socket to make connection.
display.setText( "Attempting connection\n" );
URL currentpage = getCodeBase();
String protocol = currentpage.getProtocol();
String host = currentpage.getHost();
int port = 8100;
String urlsuffix = "/servlet/SocketServlet";
URL dataurl = new URL( "http://localhost:8100/servlet/SocketServlet" );
connection = dataurl.openConnection();
//connection.setDoOutput(true);
connection.setDoInput(true);
connection.setRequestProperty("Content-type", "application/octet-stream");
connection.setUseCaches( false );
display.append( "\nConnected to: " + host );
// Step 2: Get the output streams.
//output = new DataOutputStream(
//connection.getOutputStream() );
//display.append( "\n got output stream\n" );
display.append( "\n Not interested in output stream\n" );
//Step 3 Inpustream related
// Step 4: Close connection.
display.append( "Closing connection.\n" );
//output.close();
input.close();
1. If you need OutputStream, close your OutputStream before even trying to get InputStream, your code should like this
try {
// Step 1: Create a Socket to make connection.
display.setText( "Attempting connection\n" );
URL currentpage = getCodeBase();
String protocol = currentpage.getProtocol();
String host = currentpage.getHost();
int port = 8100;
String urlsuffix = "/servlet/SocketServlet";
URL dataurl = new URL( "http://localhost:8100/servlet/SocketServlet" );
connection = dataurl.openConnection();
//connection.setDoOutput(true);
connection.setDoInput(true);
connection.setRequestProperty("Content-type", "application/octet-stream");
connection.setUseCaches( false );
display.append( "\nConnected to: " + host );
// Step 2: Get the output streams.
output = new DataOutputStream(
connection.getOutputStream() );
display.append( "\n got output stream\n" );
//I'll do whateve I've to do with outputstream
//done with output stream closing
output.close();
//Step 3 Inpustream related
// Step 4: Close connection.
display.append( "Closing connection.\n" );
//output.close();
input.close();
hope this works
all the best,
Raj

How to track the same session using both jsp and servlets

Hello, guys:
"how to use jsp and servlet to track the same session",
it seems to me my logoff.jsp never realize the session I established in my servlets.
Here is how I set my session in my servlets:
" HttpSession session = req.getSession(true);
session.setAttribute("userid",suserid);"
Here is how I invalidate my session in my logoff.jsp
" <%@ page language= "java" %>
<%@ page import="javax.servlet.http.HttpSession" %>
<%@ page session="false"%>
Our Session id is : <%= session.getId() %>
<% session.removeAttribute("userid");
session.invalidate();
%>
Our Session id is : <%= session.getId() %>"
but when I try to logoff using the logoff.jsp
I always get following error message.
"/home/jiao/jsp_webserver/tomcat/work/Standalone/localhost/syllabus/htmls/logoff_jsp.java:50: cannot resolve symbol
symbol : variable session
location: class org.apache.jsp.logoff_jsp
out.print( session.getId() );"
T.I.A.
[Edited by: jiveadmin on Jun 18, 2003 10:32 AM]
[Edited by: jiveadmin on Jun 18, 2003 10:33 AM]

So,
<%@ page session="false"%>
That means the jsp never instantiates the build in session object.
<%@ page session="true"%>
means jsp will instantiates a session object if there are no existing ones
how about I just delete the line,
does that mean the jsp will find the existing session object for me?
So I can do something like
Our Session id is : <%= session.getId() %>
<% session.removeAttribute("userid");
session.invalidate();
%>
directly.
T.I.A.

ASA 5505 site-to-site VPN tunnel and client VPN sessions

Hello all
I have several years of general networking experience, but I have not yet had to set up an ASA from the ground up, so please bear with me.
I have a client who needs to establish a VPN tunnel from his satellite office (Site A) to his corporate office (Site Z). His satellite office will have a single PC sitting behind the ASA. In addition, he needs to be able to VPN from his home (Site H) to Site A to access his PC.
The first question I have is about the ASA 5505 and the various licensing options. I want to ensure that an ASA5505-BUN-K9 will be able to establish the site-to-site tunnel as well as allow him to use either the IPsec or SSL VPN client to connect from Site H to Site A. Would someone please confirm or deny that for me?
Secondly, I would like to verify that no special routing or configuration would need to take place in order to allow traffic not destined for Site Z (i.e., general web browsing or other traffic to any resource that is not part of the Site Z network) to go out his outside interface without specifically traversing the VPN tunnel (split tunneling?)
Finally, if the client were to establish a VPN session from Site H to Site A, would that allow for him to connect directly into resources at Site Z without any special firewall security rules? Since the VPN session would come in on the outside interface, and the tunnel back to Site Z goes out on the same interface, would this constitute a split horizon scenario that would call for a more complex config, or will the ASA handle that automatically without issue?
I don't yet have the equipment in-hand, so I can't provide any sample configs for you to look over, but I will certainly do so once I've got it.
Thanks in advance for any assistance provided!

First question:
Yes, 5505 will be able to establish site-to-site tunnel, and he can use IPSec vpn client, and SSL VPN (it comes with 2 default SSL VPN license).
Second question:
Yes, you are right. No special routing is required. All you need to configure is site-to-site VPN between Site A and Site Z LAN, and the internet traffic will be routed via Site A internet. Assuming you have all the NAT statement configured for that.
Last question:
This needs to be configured, it wouldn't automatically allow access to Site Z when he VPNs in to Site A.
Here is what needs to be configured:
1) Split tunnel ACL for VPN Client should include both Site Z and Site A LAN subnets.
2) On site A configures: same-security-traffic permit intra-interface
3) Crypto ACL for the site-to-site tunnel between Site Z and Site A needs to include the VPN Client pool subnet as follows:
On Site Z:
access-list permit ip
On Site A:
access-list permit ip
4) NAT exemption on site Z needs to include vpn client pool subnet as well.
Hope that helps.
Message was edited by: Jennifer Halim

Need help in JSP and Servlets

Hi friends,
[please forgive me if i am posting this in the wrong forum, all seems same to a fresher]
Now, to my problem..i need a suggestion, a way or a method to implement the following!
I am supposed to create a servlet that reads data from oracle database. Once i retrive the data (for example: 6 rows of a table having 4 attributes), i am supposed to pass this data to a JSP page where the data has to be formatted and displayed properly. If i call the same servlet from a different JSP, i should be able to access the data in that JSP and format it in a different way. How do i pass the data to JSP? what method i can use to achieve this task?
Note: I already know about PrintWriter pw = response.getWriter(); and then printing the formated HTML page..but i want to keep the formatting to JSP part and send only the data part that i can access in JSP
Thanks in adavance

arun_ramachandran wrote:
[please forgive me if i am posting this in the wrong forum, all seems same to a fresher]Then you should learn to be more observant - after all, we have JSP and Servlet fora, further down the list. :)
I am supposed to create a servlet that reads data from oracle database. Once i retrive the data (for example: 6 rows of a table having 4 attributes), i am supposed to pass this data to a JSP page where the data has to be formatted and displayed properly. If i call the same servlet from a different JSP, i should be able to access the data in that JSP and format it in a different way. How do i pass the data to JSP? what method i can use to achieve this task? You can store the data in your session object. You can even use JavaBeans and the jsp:usebean tag.
[http://java.sun.com/products/jsp/tags/11/syntaxref11.fm14.html]
Note: I already know about PrintWriter pw = response.getWriter(); and then printing the formated HTML page..but i want to keep the formatting to JSP part and send only the data part that i can access in JSPA wise approach - I wish more prople woiuld be as thoughtful.

Help needed in HTTP Tunneling - urgent

Hi all,
I urgently need a working code sample of a client which sends requests to a server that redirects the request to an RMI server via RMI servlet.
Does any of you familiar of such a code sample?
Thanks

I'm sorry, but HTTP Tunneling is not working for me. I must have done something wrong.
Let me describe my configuration:
I have a server behind NAT router which connected to apache2 and tomcat 4.1 web servers. The apache2 and tomcat are not connected between them.
I deployed war file on tomcat which contains the servlet for the HTTP Tunneling which its code is:
public class RmiHttpTunnelerServlet extends HttpServlet
    public void init(ServletConfig config) throws ServletException
        super.init(config);
        System.out.println("Simplified RMI Servlet Handler loaded successfully.");
    public void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException
        try
            String queryString = req.getQueryString();
            String command, param;
            int delim = queryString.indexOf("=");
            if (delim == -1)
                command = queryString;
                param = "";
            else
                command = queryString.substring(0, delim);
                param = queryString.substring(delim + 1);
            if (command.equalsIgnoreCase("forward"))
                try
                    ServletForwardCommand.execute(req, res, param);
                catch (ServletClientException e)
                    returnClientError(res, "client error : " + e.getMessage( ));
                    e.printStackTrace();
                catch (ServletServerException e)
                    returnServerError(res, "internal server error : " + e.getMessage());
                    e.printStackTrace();
            else
                returnClientError(res, "invalid command: " + command);
        catch (Exception e)
            returnServerError(res, "internal error: " + e.getMessage());
            e.printStackTrace();
    public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException
        returnClientError(res, "GET Operation not supported: Can only forward POST requests.");
    public void doPut(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException
        returnClientError(res, "PUT Operation not supported: Can only forward POST requests.");
    public String getServletInfo()
        return "Simplified RMI Call Forwarding Servlet Servlet.<br>\n ";
    private static void returnClientError(HttpServletResponse res, String message) throws IOException
        res.sendError(HttpServletResponse.SC_BAD_REQUEST,
                      "<HTML><HEAD><TITLE>Java RMI Client Error < / TITLE > < / HEAD > < BODY > " +
                      "<H1>Java RMI Client Error</H1>" + message + "</BODY></HTML>");
        System.err.println(HttpServletResponse.SC_BAD_REQUEST + "Java RMI Client Error" + message);
    private static void returnServerError(HttpServletResponse res,
                                          String message) throws IOException
        res.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
                      "<HTML><HEAD>< TITLE > Java RMI Server Error < / TITLE > < / HEAD > < BODY > " +
                      "<H1>Java RMI Server Error < / H1 > " + message + " < / BODY > < / HTML > ");
        System.err.println(HttpServletResponse.SC_INTERNAL_SERVER_ERROR + "Java RMI Server Error : " + message);
    }There is also a utility class:
public class ServletForwardCommand {
    public static void execute(HttpServletRequest request, HttpServletResponse response, String stringifiedPort)
        throws ServletClientException, ServletServerException, IOException {
        int port = convertStringToPort(stringifiedPort);
        Socket connectionToLocalServer = null;
        try {
            connectionToLocalServer = connectToLocalServer(port);
            forwardRequest(request, connectionToLocalServer);
            forwardResponse(response, connectionToLocalServer);
        } finally {
            if (null != connectionToLocalServer) {
                connectionToLocalServer.close();
    private static int convertStringToPort(String stringfiedPort) throws ServletClientException {
        int returnValue;
        try {
            returnValue = Integer.parseInt(stringfiedPort);
        } catch (NumberFormatException e) {
            throw new ServletClientException("invalid port number: " + stringfiedPort);
        if (returnValue <= 0 || returnValue > 0xFFFF) {
            throw new ServletClientException("invalid port: " + returnValue);
        if (returnValue < 1024) {
            throw new ServletClientException("permission denied for port: " + returnValue);
        return returnValue;
    private static Socket connectToLocalServer(int port) throws ServletServerException {
        Socket returnValue;
        try {
            returnValue = new Socket(InetAddress.getLocalHost(), port);
        } catch (IOException e) {
            throw new ServletServerException("could not connect to " + "local port");
        return returnValue;
    private static void forwardRequest(HttpServletRequest request, Socket connectionToLocalServer)
        throws IOException, ServletClientException, ServletServerException {
        byte buffer[];
        DataInputStream clientIn = new DataInputStream(request.getInputStream());
        buffer = new byte[request.getContentLength()];
        try {
            clientIn.readFully(buffer);
        } catch (EOFException e) {
            throw new ServletClientException("unexpected EOF " + "reading request body");
        } catch (IOException e) {
            throw new ServletClientException("error reading request" + " body");
        DataOutputStream socketOut = null;
        // send to local server in HTTP
        try {
            socketOut = new DataOutputStream(connectionToLocalServer.getOutputStream());
            socketOut.writeBytes("POST / HTTP/1.0\r\n");
            socketOut.writeBytes("Content-length: " + request.getContentLength() + "\r\n\r\n");
            socketOut.write(buffer);
            socketOut.flush();
        } catch (IOException e) {
            throw new ServletServerException("error writing to server");
    private static void forwardResponse(HttpServletResponse response, Socket connectionToLocalServer)
        throws IOException, ServletClientException, ServletServerException {
        byte[] buffer;
        DataInputStream socketIn;
        try {
            socketIn = new DataInputStream(connectionToLocalServer.getInputStream());
        } catch (IOException e) {
            throw new ServletServerException("error reading from " + "server");
        String key = "Content-length:".toLowerCase();
        boolean contentLengthFound = false;
        String line;
        int responseContentLength = -1;
        do {
            try {
                line = socketIn.readLine();
            } catch (IOException e) {
                throw new ServletServerException("error reading from server");
            if (line == null) {
                throw new ServletServerException("unexpected EOF reading server response");
            if (line.toLowerCase().startsWith(key)) {
                responseContentLength = Integer.parseInt(line.substring(key.length()).trim());
                contentLengthFound = true;
        while ((line.length() != 0) &&
            (line.charAt(0) != '\r') && (line.charAt(0) != '\n'));
        if (!contentLengthFound || responseContentLength < 0)
            throw new ServletServerException("missing or invalid content length in server response");
        buffer = new byte[responseContentLength];
        try {
            socketIn.readFully(buffer);
        } catch (EOFException e) {
            throw new ServletServerException("unexpected EOF reading server response");
        } catch (IOException e) {
            throw new ServletServerException("error reading from server");
        response.setStatus(HttpServletResponse.SC_OK);
        response.setContentType("application/octet-stream");
        response.setContentLength(buffer.length);
        try {
            OutputStream out = response.getOutputStream();
            out.write(buffer);
            out.flush();
        } catch (IOException e) {
            throw new ServletServerException("error writing response");
}I checked also with packets monitoring tool, I couldn't see any http transportation.
Any help will be appreciated.

Dont think RMi is HTTP tunneling through proxy firewall

Hi Guys,
Does anyone know how to monitor if RMI is using the option toHTTP tunnel through a proxy ???
Many of clients sit behind firewalls/proxies that enable HTTP only. I thought RMI would, as a default, use HTTP tunneling POST, RESPONSe methods to get through, but it does not.
Would that case be insted of using Naming.lokup("RMIServer"); that i should use
Registry reg = LocateRegistry.getResgistry(serverAddress, serverPort);
reg.lookup("RMIServer");
Any help would be greatly appreciated.

RMI doesn't have an option like that. Sockets do, and you get it for any socket including RMI by setting socksProxyHost and socksProxyPort.
The RMI HTTP tunnelling thing happens when there is an HTTP server at the server side. which redirects the request to an RMI server via rmi-cgi.cgi or the RMI servlet. It's automatic, as a fallback, and you can enforce its use via a system property which you can find in the Javadoc Guide to Features/Remote Method Invocation/Useful java.rmi system properties.

HTTP tunneling and servlet sessions

Similar Messages

Maybe you are looking for