How do I configure LittleProxy so that it sends its requests to another proxy?
2,729 views
Skip to first unread message
ne...@halloleo.hailmail.net
Jan 13, 2014, 1:47:51 AM1/13/14
to littl...@googlegroups.com
I want to use LittleProxy in a way that it forwards all requests to another proxy server (given via IP address and port)
Where do I configure LittleProxy for this? In "littleproxy.properties"? But where do I find documentation about this?
Many thanks, Leo
Where do I configure LittleProxy for this? In "littleproxy.properties"? But where do I find documentation about this?
Many thanks, Leo
Ox Cart
Jan 13, 2014, 7:35:56 AM1/13/14
to littl...@googlegroups.com
You'll need to embed LittleProxy and set up a chained proxy. There are various unit tests that test different configurations of chained proxies, for example:
ne...@halloleo.hailmail.net
Jan 15, 2014, 12:10:52 AM1/15/14
to littl...@googlegroups.com
Mmmh, I had a look at EncryptedTCPChainedProxyTest.java, but couldn't find a point where I can plug in the host & port info for the target proxy I want to direct all traffic to.
Additionally I have tried to set just the System properties http.proxyHost and http.proxyPort in LittleProxy Launcher to the values of the target proxy. (Setting the system properties works for Java programs going out to the net via HttpURLConnection, beacuse all our traffic has to go through the target proxy.) But no success in LittleProxy: In the log I always get the debug messages AWAITING_INITIAL and then DISCONNECTED. And the end-user I tell to use LittleProxy gets the error message "Unexpected end of file from server"
Additionally I have tried to set just the System properties http.proxyHost and http.proxyPort in LittleProxy Launcher to the values of the target proxy. (Setting the system properties works for Java programs going out to the net via HttpURLConnection, beacuse all our traffic has to go through the target proxy.) But no success in LittleProxy: In the log I always get the debug messages AWAITING_INITIAL and then DISCONNECTED. And the end-user I tell to use LittleProxy gets the error message "Unexpected end of file from server"
Ox Cart
Jan 15, 2014, 6:20:30 AM1/15/14
to littl...@googlegroups.com
Those system properties won't have an effect, because LittleProxy doesn't use HttpURLConnection.
What you need to do is configure LittleProxy to use a ChainedProxyManager as shown here.
Cheers,
Ox
-----------------------------------------------------------------------------------------
"I love people who harness themselves, an ox to a heavy cart,
who pull like water buffalo, with massive patience,
who strain in the mud and the muck to move things forward,
who do what has to be done, again and again."
- Marge Piercy
--
You received this message because you are subscribed to a topic in the Google Groups "LittleProxy" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/littleproxy/6qGX0hUUom8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to littleproxy...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
ne...@halloleo.hailmail.net
Jan 16, 2014, 12:12:01 AM1/16/14
to littl...@googlegroups.com
Hi Ox,
Getting closer! :-) Many thanks!
I created an UpstreamProxy class which extends ChainedProxyAdapter and provides address and port of the upstream proxy server. Then I added this via .withChainProxyManager to the Launcher.
I now get for the first time something back from the upstream proxy, but it is a 407 error. So I need to authenticate that upstream proxy (I have its credentials). I did find the ProxyAuthenticator interface, but I'm not sure how to add it in the extended ChainedProxyAdapter class and I'm not sure if ChainedProxyAdapter autheticates against LittleProxy (which I don't want) or against the upstream proxy (which I do want).
Cheers, Leo
Getting closer! :-) Many thanks!
I created an UpstreamProxy class which extends ChainedProxyAdapter and provides address and port of the upstream proxy server. Then I added this via .withChainProxyManager to the Launcher.
I now get for the first time something back from the upstream proxy, but it is a 407 error. So I need to authenticate that upstream proxy (I have its credentials). I did find the ProxyAuthenticator interface, but I'm not sure how to add it in the extended ChainedProxyAdapter class and I'm not sure if ChainedProxyAdapter autheticates against LittleProxy (which I don't want) or against the upstream proxy (which I do want).
Cheers, Leo
Ox Cart
Jan 16, 2014, 8:48:22 AM1/16/14
to littl...@googlegroups.com
ProxyAuthenticator is used by LittleProxy to authenticate incoming requests. ChainedProxyAdapter has a method called filterRequest that you can override to modify the request that's sent downstream. I think you just need to add a proxy authorization header there, like this:
But instead of "Authorization" you want to use "Proxy-Authorization".
Cheers,
Ox
-----------------------------------------------------------------------------------------
"I love people who harness themselves, an ox to a heavy cart,
who pull like water buffalo, with massive patience,
who strain in the mud and the muck to move things forward,
who do what has to be done, again and again."
- Marge Piercy
ne...@halloleo.hailmail.net
Jan 21, 2014, 2:03:26 AM1/21/14
to littl...@googlegroups.com
Hi Ox
I had a look at filterRequest. It has the parameter HttpObject, which I would need to modify, but I cannot figure out how to add an authentication header: The (netty) interface HttpObject has only the two methods getDecoderResult and setDecoderResult. Are there any netty examples for proxy authentication on the net or do you have an idea what to do?
Sorry to ask this!
Leo
I had a look at filterRequest. It has the parameter HttpObject, which I would need to modify, but I cannot figure out how to add an authentication header: The (netty) interface HttpObject has only the two methods getDecoderResult and setDecoderResult. Are there any netty examples for proxy authentication on the net or do you have an idea what to do?
Sorry to ask this!
Leo
Ox Cart
Jan 21, 2014, 6:09:36 AM1/21/14
to littl...@googlegroups.com
You need to cast HttpObject to HttpRequest. Be aware that filterRequest is called for every chunk of the request and that only the first chunk will be an HttpRequest. So, you need to do something like this:
if (httpObject instanceof HttpRequest) {
HttpRequest req = (HttpRequest) httpObject;
req.headers().add("Proxy-Authorization", ...);
}
Cheers,
Ox
-----------------------------------------------------------------------------------------
"I love people who harness themselves, an ox to a heavy cart,
who pull like water buffalo, with massive patience,
who strain in the mud and the muck to move things forward,
who do what has to be done, again and again."
- Marge Piercy
ne...@halloleo.hailmail.net
Jan 22, 2014, 1:10:23 AM1/22/14
to littl...@googlegroups.com
Thanks a lot, Ox
You are really going the extra mile!
Doesn't work, though:
When I get from the upstream proxy
I send:
I assume that the upstream proxy does not allow for Basic Authentication. - Is there a way to configure LittleProxy to use upstream NTLM authentication?
Many thanks, Leo
You are really going the extra mile!
Doesn't work, though:
When I get from the upstream proxy
HTTP/1.1 407 Proxy Access Denied
Expires: 0
Server: WebMarshal Proxy
Cache-Control: no-cache
Connection: close
Proxy-Connection: close
Via: 1.1 WEBMARSHAL
Content-Length: 2379
Content-Type: text/html; charset=utf-8
Proxy-Authenticate: Negotiate
Proxy-Authenticate: NTLM
Proxy-Authenticate: Basic realm="WebMarshal Proxy Server"
X-WebMarshal-RequestID: XXXXXXXXXXXXXX
Expires: 0
Server: WebMarshal Proxy
Cache-Control: no-cache
Connection: close
Proxy-Connection: close
Via: 1.1 WEBMARSHAL
Content-Length: 2379
Content-Type: text/html; charset=utf-8
Proxy-Authenticate: Negotiate
Proxy-Authenticate: NTLM
Proxy-Authenticate: Basic realm="WebMarshal Proxy Server"
X-WebMarshal-RequestID: XXXXXXXXXXXXXX
I send:
GET http://www.w3.org HTTP/1.1
User-Agent: Java/1.6.0_37
Host: www.w3.org
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Via: 1.1.127.0.0.1
Proxy-Authorization: Basic XXXXXXXXXXXXXXXXX
But I get again a:User-Agent: Java/1.6.0_37
Host: www.w3.org
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Via: 1.1.127.0.0.1
Proxy-Authorization: Basic XXXXXXXXXXXXXXXXX
HTTP/1.1 407 Proxy Access Denied
Expires: 0
Server: WebMarshal Proxy
Cache-Control: no-cache
Connection: close
Proxy-Connection: close
Via: 1.1 WEBMARSHAL
Content-Length: 2379
Content-Type: text/html; charset=utf-8
Proxy-Authenticate: Negotiate
Proxy-Authenticate: NTLM
Proxy-Authenticate: Basic realm="WebMarshal Proxy Server"
X-WebMarshal-RequestID: xxxxxxxxxxxxxxxxxxxxxx
Expires: 0
Server: WebMarshal Proxy
Cache-Control: no-cache
Connection: close
Proxy-Connection: close
Via: 1.1 WEBMARSHAL
Content-Length: 2379
Content-Type: text/html; charset=utf-8
Proxy-Authenticate: Negotiate
Proxy-Authenticate: NTLM
Proxy-Authenticate: Basic realm="WebMarshal Proxy Server"
X-WebMarshal-RequestID: xxxxxxxxxxxxxxxxxxxxxx
I assume that the upstream proxy does not allow for Basic Authentication. - Is there a way to configure LittleProxy to use upstream NTLM authentication?
Many thanks, Leo
Ox Cart
Jan 29, 2014, 11:21:58 AM1/29/14
to littl...@googlegroups.com
LittleProxy does not support NTLM authentication. This would be somewhat difficult to add because it's a challenge-response scheme that's connection-oriented (rather than request oriented like Basic authentication).
Cheers,
Ox
ne...@halloleo.hailmail.net
Jan 29, 2014, 7:54:48 PM1/29/14
to littl...@googlegroups.com
Thanks Ox.
I will try another way...
I will try another way...
Reply all
Reply to author
Forward
0 new messages