Proxy-Server
The Lobster Integration Server (and thus also Lobster_data) can establish outgoing network connections via proxy servers. The criterion is the direction of the TCP connection establishment, not the data direction. The Java Virtual Machine supports three proxy types.
HTTP proxy. Can mediate HTTP connections.
FTP proxy. Can mediate FTP connections.
SOCKS proxy. For mediating all TCP connections.
Once a SOCKS proxy is configured, all TCP connections go through it, including HTTP(S) and FTP connections.
If additional authentication is required at the proxy, the Integration Server (and thus Lobster_data) has an authenticator that logs on to the proxy. The authenticator accepts passwords in plaintext or obfuscated.
Otherwise, the proxy must allow unauthenticated connections.
Since we were unable to verify all the features of the standard implementation as described by Oracle, a proxy selector was developed in addition to the authenticator to configure proxy exceptions for SOCKS. This special Lobster implementation can be deactivated via the following system property (see chapter above).
-Dhub.disableProxyHandling=trueThen the behaviour falls back to the standard implementation described in the following (and elsewhere).
http://docs.oracle.com/javase/6/docs/technotes/guides/net/proxies.html
http://docs.oracle.com/javase/6/docs/technotes/guides/net/properties.html
The use of proxies is controlled at the startup of the Integration Server via system properties. Following is a list of properties for the three proxy types.
HTTP Proxy
|
System Property |
Description |
|
-Dhttp.proxyHost |
IP address or DNS name of the HTTP proxy. Default: <none>. |
|
-Dhttp.proxyPort |
Port number of the HTTP proxy. Default: 80 if -Dhttp.proxyHost is set. |
|
-Dhttp.nonProxyHosts |
List of hostnames/addresses that should not be connected via HTTP proxy, but directly. Multiple entries are separated by |. Each entry can contain a wildcard *. Default: <none>. |
|
-Djava.net.http.username |
User for the authentication at the HTTP proxy. Default: <none>. |
|
-Djava.net.http.password |
Password for the authentication at the HTTP proxy in plaintext or obfuscated. Default: <none>. |
FTP Proxy
|
System Property |
Description |
|
-Dftp.proxyHost |
IP address or DNS name of the FTP proxy. Default: <none>. |
|
-Dftp.proxyPort |
Port number of the FTP proxy. Default: 21 if -Dftp.proxyHost is set. |
|
-Dftp.nonProxyHosts |
List of hostnames/addresses that should not be connected via FTP proxy, but directly. Multiple entries are separated by |. Each entry can contain a wildcard *. Default: <none>. |
|
-Djava.net.ftp.username |
User for the authentication at the FTP proxy. Default: <none>. |
|
-Djava.net.ftp.password |
Password for the authentication at the FTP proxy in plaintext or obfuscated. Default: <none>. |
SOCKS Proxy
|
System Property |
Description |
|
-DsocksProxyHost |
IP address or DNS name of the SOCKS proxy. Default: <none>. |
|
-DsocksProxyPort |
Port number of the SOCKS proxy. Default: 1080 if -DsocksProxyHost is set. |
|
-Djava.net.socks.username |
User for the authentication at the SOCKS proxy. Default: <none>. |
|
-Djava.net.socks.password |
Password for the authentication at the SOCKS proxy in plaintext or obfuscated. Default: <none>. |
Unfortunately, the standard implementation in the Java Virtual Machine does not allow exceptions for SOCKS proxies. We have, therefore, through the Lobster implementation of Authenticator and ProxySelector, created a way to define such exceptions for all three types of proxies in the configuration file ./etc/exclude_proxy.properties. Here, the IP address or DNS hostname is expected for computers to which the connection is to be made directly, that is, without a proxy. One exception is expected per line. The wildcard * is allowed.
If the entire file does not exist, the addresses 127.0.0.1 (loopback address) and 0.0.0.0 (all local addresses of this machine) and the name localhost (loopback name) are assumed by default.