Skip to content

mitre/HTTP-Proxy-Servlet

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Smiley's HTTP Proxy Servlet

This is an HTTP Proxy (aka gateway) in the form of a Java servlet. An HTTP proxy is useful for AJAX applications to communicate with web accessible services on hosts other than where the web application is hosted. It's a reverse proxy, and not really a forwarding proxy albeit the template form of the servlet may blur that line.

This is hardly the first proxy, so why did I write it and thus why might you use it?

  • It's simple -- a single source file implementation
  • It's tested -- have confidence it works Build Status
  • It's securable -- via Java EE web.xml or via a servlet filter such as Spring-Security
  • It's extendable -- via simple class extension
  • It's embeddable -- into your Java web application making testing your app easier

I have seen many quick'n'dirty proxies posted in source form on the web such as in a blog. I've found such proxies to support a limited HTTP subset, such as only a GET request, or to suffer other implementation problems such as performance issues or URL escaping bugs. Disappointed at the situation, I set out to create a simple one that works well and that is well tested so I know it works. I suggest you use a well tested proxy instead of something non-tested that is perhaps better described as a proof-of-concept.

If you need something more sophisticated than there are some alternatives listed at the bottom of this page.

This proxy depends on Apache HttpClient, which offers another point of extension for this proxy. At some point I may write an alternative that uses the JDK and thus doesn't have any dependencies, which is desirable. In the meantime, you'll have to add the jar files for this and its dependencies:

 +- org.apache.httpcomponents:httpclient:jar:4.5.13:compile
    +- org.apache.httpcomponents:httpcore:jar:4.4.13:compile
    |  +- commons-logging:commons-logging:jar:1.2:compile
    |  \- commons-codec:commons-codec:jar:1.11:compile

This proxy supports HttpClient 4.5, and newer version too. If you need to support older HttpClient versions:

  • use 1.8 version of this proxy for HttpClient versions 4.1 and 4.2
  • use 1.12 version of this proxy for HttpClient versions 4.3 and 4.4

As of version 2.0 of the proxy, the proxy switched to the jakarta servlet-api, while nonetheless retaining support for the javax servlet-api version for those that need it. To use that, specify the javax classifier on the dependency declaration as follows:

<dependency>
    <groupId>org.mitre.dsmiley.httpproxy</groupId>
    <artifactId>smiley-http-proxy-servlet</artifactId>
    <version>${smiley-http-proxy-servlet.version}</version>
    <classifier>javax</classifier>
</dependency>

As of version 1.5 of the proxy, there is the ability to parameterize your proxy URL, allowing you to use the same web.xml servlet specification for multiple target servers. It follows the URI Template RFC, Level 1. Special query parameters (see the examples below) sent from the client to the ProxyServlet will map to the matching URL template, replacing arguments in the proxy's targetUri as specified in the web.xml. To use this, you must use a subclass of the base servlet. IMPORTANT! The template substitutions must be placed in the query string, even when using HTTP POST. Other application parameters can be in your POSTed url-encoded-form string; just not proxyArgs.

See CHANGES.md for a history of changes.

Build & Installation

Simply build the jar using "mvn package" at the command line. The jar is built to "target/smiley-http-proxy-servlet-VERSION.jar". You don't have to build the jar if you aren't modifying the code, since released versions are deployed to maven-central. If you are using maven then you can add this to your dependencies in your pom like so: (Note: the version below is not necessarily the latest.)

<dependency>
    <groupId>org.mitre.dsmiley.httpproxy</groupId>
    <artifactId>smiley-http-proxy-servlet</artifactId>
    <version>1.12.1</version>
</dependency>

Ivy and other dependency managers can be used as well.

Configuration

Parameters

The following is a list of parameters that can be configured

  • log: A boolean parameter name to enable logging of input and target URLs to the servlet log.
  • forwardip: A boolean parameter name to enable forwarding of the client IP
  • preserveHost: A boolean parameter name to keep HOST parameter as-is
  • preserveCookies: A boolean parameter name to keep COOKIES as-is
  • preserveCookiePath: A boolean parameter name to keep cookie path unchanged in Set-Cookie server response header
  • http.protocol.handle-redirects: A boolean parameter name to have auto-handle redirects
  • http.socket.timeout: A integer parameter name to set the socket connection timeout (millis)
  • http.read.timeout: A integer parameter name to set the socket read timeout (millis)
  • http.connectionrequest.timeout: A integer parameter name to set the connection request timeout (millis)
  • http.maxConnections: A integer parameter name to set max connection number
  • useSystemProperties: A boolean parameter whether to use JVM-defined system properties to configure various networking aspects.
  • targetUri: The parameter name for the target (destination) URI to proxy to.

Servlet

Here's an example excerpt of a web.xml file to communicate to a Solr server:

<servlet>
  <servlet-name>solr</servlet-name>
  <servlet-class>org.mitre.dsmiley.httpproxy.ProxyServlet</servlet-class>
  <init-param>
    <param-name>targetUri</param-name>
    <param-value>http://solrserver:8983/solr</param-value>
  </init-param>
  <init-param>
    <param-name>log</param-name>
    <param-value>true</param-value>
  </init-param>
</servlet>
<servlet-mapping>
  <servlet-name>solr</servlet-name>
  <url-pattern>/solr/*</url-pattern>
</servlet-mapping>

Here's an example with a parameterized proxy URL matching query parameters _subHost, _port, and _path such as "http://mywebapp/cluster/subpath?_subHost=namenode&_port=8080&_path=monitor". Note the different proxy servlet class. The leading underscore is not mandatory but it's good to differentiate them from the normal query parameters in case of a conflict.:

<servlet>
  <servlet-name>clusterProxy</servlet-name>
  <servlet-class>org.mitre.dsmiley.httpproxy.URITemplateProxyServlet</servlet-class>
  <init-param>
    <param-name>targetUri</param-name>
    <param-value>http://{_subHost}.behindfirewall.mycompany.com:{_port}/{_path}</param-value>
  </init-param>
  <init-param>
    <param-name>log</param-name>
    <param-value>true</param-value>
  </init-param>
</servlet>

<servlet-mapping>
  <servlet-name>clusterProxy</servlet-name>
  <url-pattern>/mywebapp/cluster/*</url-pattern>
</servlet-mapping>

SpringMVC

If you are using SpringMVC, then an alternative is to use its ServletWrappingController so that you can configure this servlet via Spring, which is supremely flexible, instead of having to modify your web.xml. However, note that some customization may be needed to divide the URL at the proxied portion; see Issue #15.

Spring Boot

If you are using Spring Boot, then consider this basic configuration:

@Configuration
public class SolrProxyServletConfiguration implements EnvironmentAware {

  @Bean
  public ServletRegistrationBean servletRegistrationBean() {
    ServletRegistrationBean servletRegistrationBean = new ServletRegistrationBean(new ProxyServlet(), propertyResolver.getProperty("servlet_url"));
    servletRegistrationBean.addInitParameter(ProxyServlet.P_TARGET_URI, propertyResolver.getProperty("target_url"));
    servletRegistrationBean.addInitParameter(ProxyServlet.P_LOG, propertyResolver.getProperty("logging_enabled", "false"));
    return servletRegistrationBean;
  }

  private RelaxedPropertyResolver propertyResolver;

  @Override
  public void setEnvironment(Environment environment) {
    this.propertyResolver = new RelaxedPropertyResolver(environment, "proxy.solr.");
  }
}

if you use Spring Boot 2.x,you can try this:

@Configuration
public class SolrProxyServletConfiguration implements EnvironmentAware {

    @Bean
    public ServletRegistrationBean servletRegistrationBean() {
        Properties properties= (Properties) bindResult.get();
        ServletRegistrationBean servletRegistrationBean = new ServletRegistrationBean(new ProxyServlet(), properties.getProperty("servlet_url"));
        servletRegistrationBean.addInitParameter(ProxyServlet.P_TARGET_URI, properties.getProperty("target_url"));
        servletRegistrationBean.addInitParameter(ProxyServlet.P_LOG, properties.getProperty("logging_enabled", "false"));
        return servletRegistrationBean;
    }

    private BindResult bindResult;

    @Override
    public void setEnvironment(Environment environment) {
        Iterable sources = ConfigurationPropertySources.get(environment);
        Binder binder = new Binder(sources);
        BindResult bindResult = binder.bind("proxy.solr", Properties.class);
        this.bindResult = bindResult;
    }
}

and properties in application.yml:

proxy:
    solr:
        servlet_url: /solr/*
        target_url: http://solrserver:8983/solr

It may be the case that Spring Boot (or Spring MVC) is consuming the servlet input stream before the servlet gets it, which is a problem.
See Issue #83 RE disabling FilterRegistrationBean.

Dropwizard

Addition of Smiley's proxy to Dropwizard is very straightforward.

Add a new property in the Dropwizard app .yml file

targetUri: http://foo.com/api  

Create a new configuration property

    @NotEmpty
    private String targetUri = "";

    @JsonProperty("targetUri")
    public String getTargetUri() {
        return targetUri;
    }  

Then register Smiley's proxy servlet with Jetty through the Dropwizard service's App run() method.

@Override
    public void run(final ShepherdServiceConfiguration configuration,
        final Environment environment) {

        environment.getApplicationContext()
            .addServlet("org.mitre.dsmiley.httpproxy.ProxyServlet", "foo/*")
            .setInitParameter("targetUri", configuration.getTargetUri());  

Alternatives

This servlet is intentionally simple and limited in scope. As such it may not meet your needs, so consider looking at these alternatives: