Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.programmer > #23127 > unrolled thread

POST to secure server

Back to article view | Back to comp.lang.java.programmer

Contents

  POST to secure server RVic <rvince99@hotmail.com> - 2013-03-26 04:46 -0700
    Re: POST to secure server lipska the kat <"nospam at neversurrender dot co dot uk"> - 2013-03-26 13:43 +0000
    Re: POST to secure server markspace <markspace@nospam.nospam> - 2013-03-26 09:51 -0700
    Re: POST to secure server Roedy Green <see_website@mindprod.com.invalid> - 2013-03-26 19:00 -0700
    Re: POST to secure server RVic <rvince99@hotmail.com> - 2013-03-27 05:34 -0700
      Re: POST to secure server lipska the kat <"nospam at neversurrender dot co dot uk"> - 2013-03-27 13:07 +0000
      Re: POST to secure server Arved Sandstrom <asandstrom2@eastlink.ca> - 2013-03-27 20:11 -0300
        Re: POST to secure server markspace <markspace@nospam.nospam> - 2013-03-27 19:38 -0700
        Re: POST to secure server lipska the kat <"nospam at neversurrender dot co dot uk"> - 2013-03-28 08:49 +0000
          Re: POST to secure server Silvio <silvio@internet.com> - 2013-03-28 10:17 +0100
          Re: POST to secure server Arved Sandstrom <asandstrom2@eastlink.ca> - 2013-03-28 06:19 -0300
            Re: POST to secure server lipska the kat <"nospam at neversurrender dot co dot uk"> - 2013-03-28 09:54 +0000
              Re: POST to secure server Arved Sandstrom <asandstrom2@eastlink.ca> - 2013-03-28 20:51 -0300
    Re: POST to secure server RVic <rvince99@hotmail.com> - 2013-03-27 06:24 -0700
    Re: POST to secure server Silvio <silvio@internet.com> - 2013-03-27 14:37 +0100
    Re: POST to secure server RVic <rvince99@hotmail.com> - 2013-03-27 06:45 -0700
      Re: POST to secure server Silvio <silvio@internet.com> - 2013-03-27 15:08 +0100
    Re: POST to secure server RVic <rvince99@hotmail.com> - 2013-03-27 08:39 -0700
      Re: POST to secure server lipska the kat <"nospam at neversurrender dot co dot uk"> - 2013-03-27 17:30 +0000
    Re: POST to secure server RVic <rvince99@hotmail.com> - 2013-03-27 13:26 -0700
      Re: POST to secure server Silvio <silvio@internet.com> - 2013-03-28 10:05 +0100
      Re: POST to secure server lipska the kat <"nospam at neversurrender dot co dot uk"> - 2013-03-28 10:34 +0000
    Re: POST to secure server RVic <rvince99@hotmail.com> - 2013-03-28 05:02 -0700
      Re: POST to secure server lipska the kat <"nospam at neversurrender dot co dot uk"> - 2013-03-28 12:22 +0000
    Re: POST to secure server RVic <rvince99@hotmail.com> - 2013-04-02 07:07 -0700
      Re: POST to secure server Silvio <silvio@internet.com> - 2013-04-02 22:39 +0200
      Re: POST to secure server lipska the kat <"nospam at neversurrender dot co dot uk"> - 2013-04-03 10:39 +0100
        Re: POST to secure server Joerg Meier <joergmmeier@arcor.de> - 2013-04-03 15:32 +0200
          Re: POST to secure server lipska the kat <"nospam at neversurrender dot co dot uk"> - 2013-04-03 15:34 +0100

Page 1 of 2  [1] 2  Next page →

#23127 — POST to secure server

I have an application that must run in windows which must post to a servlet running on a secure server. I can WinSCP into that server, and I can use PuTTY to ssh into that server. But I am quite clueless how I can post to a servlet there? Is there something I can pass in posting, or something I do with my URLConnection or URL variable to allow me access as I get with WinSCP or PuTTY? Thank you.

URL postURL = new URL(servletURL);
HttpURLConnection conn = (HttpURLConnection) postURL.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setUseCaches(false);
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); 
conn.connect();
StringBuilder sb = new StringBuilder();					
sb.append(vtkey+"="+ paramval);			
out.write(sb.toString());
out.flush();

[toc] | [next] | [standalone]

#23128

On 26/03/13 11:46, RVic wrote:
I have an application that must run in windows which must post to a 
servlet running on a secure server.
I can WinSCP into that server, and I can use PuTTY to ssh into that server.
But I am quite clueless how I can post to a servlet there? Is there 
something I can pass in posting,
or something I do with my URLConnection or URL variable to allow me 
access as I get with WinSCP or PuTTY? Thank you.

Well fist of all your code sample doesn't show where you are calling
getOutputStream on your HttpURLConnection, however given that this is a 
simple omission on your part ...

ssh (secure shell) and scp (secure copy) are protocols, just like http 
is a protocol. Your 'secure server' is (probably) only secure because it 
(probably) doesn't allow insecure protocols like telnet and ftp.

So far so good

http is not a secure protocol so if you can run a servlet container
on port 80 (or any other available port for that matter) you can access 
your servlet in the normal way by making a request.

http://foobar.com/servlets/fooservlet?param1=x&param1=y

If you can't access your servlet in this way it's probably because.
Your servlet container is listening on a non standard port, or it could 
be that there is something in the remote network architecture that is 
stopping your request getting through.

Are you running Tomcat, by default it listens on port 8080 so your 
request would be

http://foobar.com:8080/servlets/fooservlet?param1=x&param2=y

what platform is your servlet container running on?

lipska

-- 
Lipska the Kat©: Troll hunter, sandbox destroyer
and farscape dreamer of Aeryn Sun

[toc] | [prev] | [next] | [standalone]

#23130

On 3/26/2013 4:46 AM, RVic wrote:
> I have an application that must run in windows which must post to a
> servlet running on a secure server. I can WinSCP into that server,
> and I can use PuTTY to ssh into that server. But I am quite clueless
> how I can post to a servlet there?
...
 > out.write(sb.toString());
 > out.flush();

   out.close();

Generally speaking, you must close the TCP connection or the server 
won't "recognize" that you are done sending data.

I seem to recall that Java's built-in HttpConnection is kind of 
primitive and doesn't really implement everything you'd expect for a 
real HTTP connection.  In particular, I think you have to handle cookies 
yourself, which might be causing the server code to break if it doesn't 
see the cookies it's expecting.

I think the Apache Commons library has an HTTP class that handles things 
more automagically.  Try their HttpClient if you can't figure out what 
the built-in version needs:

<http://hc.apache.org/>

[toc] | [prev] | [next] | [standalone]

#23133

On Tue, 26 Mar 2013 04:46:07 -0700 (PDT), RVic <rvince99@hotmail.com>
wrote, quoted or indirectly quoted someone who said :

>I have an application that must run in windows which must post to a servlet=
> running on a secure server. I can WinSCP into that server, and I can use P=
>uTTY to ssh into that server. But I am quite clueless how I can post to a s=
>ervlet there? Is there something I can pass in posting, or something I do w=
>ith my URLConnection or URL variable to allow me access as I get with WinSC=
>P or PuTTY? Thank you.

for sample code see http://mindprod.com/jgloss/http.html
-- 
Roedy Green Canadian Mind Products http://mindprod.com
Motors make noise, and that tells you about the feelings and attitudes 
that went into it. Something was more important than sensory pleasure -- 
nobody would invent a chair or dish that smelled bad or that made horrible 
noises -- why were motors invented noisy? How could they possibly be 
considered complete or successful inventions with this glaring defect?
Unless, of course, the aggressive, hostile, assaultive sound actually served
to express some impulse of the owner. 
~ Philip Slater (born: 1927 age: 85)
The Wayward Gate: Science and the Supernatural

[toc] | [prev] | [next] | [standalone]

#23135

Thanks for all your responses. I'm finding out from the client that they have no exposed URLs that my servlet call can come in on, and they need to somehow provide that on their end.

OTOH, because I need to get this project done ad get it done beyond the crawl of academic beureaucracy, couldn't I simply read and write to a socket (in lie of a servlet), forget about the post, just wrap and unwrap the parameters I would otherwise post, that I could access somehow with ssh through java? 

Thanks in advance.

[toc] | [prev] | [next] | [standalone]

#23136

On 27/03/13 12:34, RVic wrote:
> Thanks for all your responses. I'm finding out from the client that they have no exposed URLs that my servlet call can come in on, and they need to somehow provide that on their end.
> OTOH, because I need to get this project done ad get it done beyond the crawl of academic beureaucracy, couldn't I simply read and write to a socket (in lie of a servlet), forget about the post, just wrap and unwrap the parameters I would otherwise post, that I could access somehow with ssh through java?
>
> Thanks in advance.

I don't think Java provides an interface (API) to secure shell OOTB

What you need is a Java ssh client, there are a number available 
although I've never used one.

lmgtfy.com/?q=java+ssh

lipska

-- 
Lipska the Kat©: Troll hunter, sandbox destroyer
and farscape dreamer of Aeryn Sun

[toc] | [prev] | [next] | [standalone]

#23144

On 03/27/2013 09:34 AM, RVic wrote:
> Thanks for all your responses. I'm finding out from the client that they have no exposed URLs that my servlet call can come in on, and they need to somehow provide that on their end.
[ SNIP ]

Errr, to me that means that someone set up the servlet engine (Tomcat or 
whatever) with HTTP/HTTPS ports that are blocked by a firewall. And they 
are simply saying that they need to open up those ports.

I'd let the client do just that.

AHS

[toc] | [prev] | [next] | [standalone]

#23145

On 3/27/2013 4:11 PM, Arved Sandstrom wrote:
> On 03/27/2013 09:34 AM, RVic wrote:
>> Thanks for all your responses. I'm finding out from the client that
>> they have no exposed URLs that my servlet call can come in on, and
>> they need to somehow provide that on their end.
> [ SNIP ]
>
> Errr, to me that means that someone set up the servlet engine (Tomcat or
> whatever) with HTTP/HTTPS ports that are blocked by a firewall. And they
> are simply saying that they need to open up those ports.
>
> I'd let the client do just that.


Well, firewall or DMZ plus gateway, or whatever else they might be using 
to protect their systems from teh hax.  But yes, the general idea is 
that the client should do something about it (and probably only the 
client can).

[toc] | [prev] | [next] | [standalone]

#23146

On 27/03/13 23:11, Arved Sandstrom wrote:
> On 03/27/2013 09:34 AM, RVic wrote:
>> Thanks for all your responses. I'm finding out from the client that
>> they have no exposed URLs that my servlet call can come in on, and
>> they need to somehow provide that on their end.
> [ SNIP ]
>
> Errr, to me that means that someone set up the servlet engine (Tomcat or
> whatever) with HTTP/HTTPS ports that are blocked by a firewall. And they
> are simply saying that they need to open up those ports.
>
> I'd let the client do just that.

The OP has already said that due to 'academic bureaucracy that is not an 
option although I agree it's the ideal solution.

I thought the port forwarding solution was quite neat although I haven't 
tried it so I don't know if it would actually work.

lipska

-- 
Lipska the Kat©: Troll hunter, sandbox destroyer
and farscape dreamer of Aeryn Sun

[toc] | [prev] | [next] | [standalone]

#23148

On 03/28/2013 09:49 AM, lipska the kat wrote:
> On 27/03/13 23:11, Arved Sandstrom wrote:
>> On 03/27/2013 09:34 AM, RVic wrote:
>>> Thanks for all your responses. I'm finding out from the client that
>>> they have no exposed URLs that my servlet call can come in on, and
>>> they need to somehow provide that on their end.
>> [ SNIP ]
>>
>> Errr, to me that means that someone set up the servlet engine (Tomcat or
>> whatever) with HTTP/HTTPS ports that are blocked by a firewall. And they
>> are simply saying that they need to open up those ports.
>>
>> I'd let the client do just that.
>
> The OP has already said that due to 'academic bureaucracy that is not an
> option although I agree it's the ideal solution.
>
> I thought the port forwarding solution was quite neat although I haven't
> tried it so I don't know if it would actually work.
>
> lipska
>


Hello Lipska,

Yes, it works. And to boot it performs quite well.

I run a load-balancing clustered (custom scripting) system off a small 
but constantly varying VPS park. The system communicates with lots of 
external servers that only accept SSH from one specific IP address I 
own. Behind the firewalls they have stuff like SQL-Server instances, 
FTP/HTTP servers etc. running that I need to access.

Setting up a VPN would be an option but due to the volatile nature of my 
server park this is very inconvenient. Using SSH to tunnel through my 
steady factor IP works just as well and is just as safe.

You gotta love SSH. (And thank god for SSHFS).

Silvio

[toc] | [prev] | [next] | [standalone]

#23149

On 03/28/2013 05:49 AM, lipska the kat wrote:
> On 27/03/13 23:11, Arved Sandstrom wrote:
>> On 03/27/2013 09:34 AM, RVic wrote:
>>> Thanks for all your responses. I'm finding out from the client that
>>> they have no exposed URLs that my servlet call can come in on, and
>>> they need to somehow provide that on their end.
>> [ SNIP ]
>>
>> Errr, to me that means that someone set up the servlet engine (Tomcat or
>> whatever) with HTTP/HTTPS ports that are blocked by a firewall. And they
>> are simply saying that they need to open up those ports.
>>
>> I'd let the client do just that.
>
> The OP has already said that due to 'academic bureaucracy that is not an
> option although I agree it's the ideal solution.

He also used the term "client". If that's actually the relationship, to 
me that changes the entire equation here. The OP is clearly talking to 
these folks, based on his wording above, so it does sound like there is 
a work relationship.

Given that, the client opening up a port or two in a firewall is 
absolutely an option. What's totally an option is for him to get 
educated a bit more on networking, and talk a bit more to the client, 
before tackling an unfamiliar (to him) technique that may be no 
timesaver at all.

> I thought the port forwarding solution was quite neat although I haven't
> tried it so I don't know if it would actually work.
>
> lipska
>
It would work, in all its various permutations (forward ports for a 
single request, open a tunnel for lengthier work etc etc). I do this 
often for things like exposing a DB on a protected box so that a client 
program on a different box sees it as being on localhost maybe with a 
different port.

AHS

[toc] | [prev] | [next] | [standalone]

#23150

On 28/03/13 09:19, Arved Sandstrom wrote:
> On 03/28/2013 05:49 AM, lipska the kat wrote:
>> On 27/03/13 23:11, Arved Sandstrom wrote:
>>> On 03/27/2013 09:34 AM, RVic wrote:
>>>> Thanks for all your responses. I'm finding out from the client that
>>>> they have no exposed URLs that my servlet call can come in on, and
>>>> they need to somehow provide that on their end.
>>> [ SNIP ]
>>>
>>> Errr, to me that means that someone set up the servlet engine (Tomcat or
>>> whatever) with HTTP/HTTPS ports that are blocked by a firewall. And they
>>> are simply saying that they need to open up those ports.
>>>
>>> I'd let the client do just that.
>>
>> The OP has already said that due to 'academic bureaucracy that is not an
>> option although I agree it's the ideal solution.
>
> He also used the term "client". If that's actually the relationship, to
> me that changes the entire equation here. The OP is clearly talking to
> these folks, based on his wording above, so it does sound like there is
> a work relationship.
>
> Given that, the client opening up a port or two in a firewall is
> absolutely an option.

Well possibly, I remember trying to get root access to a Solaris box 
back in the day when I was a drunken bum, er I mean student, it was 
something akin to asking for access to the deans personal bank account. 
There were meetings and meetings and meetings to plan meetings ... it 
took three weeks just to get the cave dwelling troglodyte who managed 
these things to set up a single Solaris box, and I was writing software 
*for* the University.

As I see it, if the target server has ssh up and the developer can use 
ssh to implement a solution then that means he can do so without waiting 
an eternity for some doofus to open up a port then that sounds like a 
solution to me, in fact, it's such a neat solution that I'm tempted to 
get a tunnel set up to one of my remote servers and give it a go.

Incidentally, Zenmap reports three open ports on moonprod.com one of 
which may be an httpd on 80 so it looks like they have it fairly tightly 
locked down.

lipska

Lipska the Kat©: Troll hunter, sandbox destroyer
and farscape dreamer of Aeryn Sun

[toc] | [prev] | [next] | [standalone]

#23154

On 03/28/2013 06:54 AM, lipska the kat wrote:
> On 28/03/13 09:19, Arved Sandstrom wrote:
>> On 03/28/2013 05:49 AM, lipska the kat wrote:
>>> On 27/03/13 23:11, Arved Sandstrom wrote:
>>>> On 03/27/2013 09:34 AM, RVic wrote:
>>>>> Thanks for all your responses. I'm finding out from the client that
>>>>> they have no exposed URLs that my servlet call can come in on, and
>>>>> they need to somehow provide that on their end.
>>>> [ SNIP ]
>>>>
>>>> Errr, to me that means that someone set up the servlet engine
>>>> (Tomcat or
>>>> whatever) with HTTP/HTTPS ports that are blocked by a firewall. And
>>>> they
>>>> are simply saying that they need to open up those ports.
>>>>
>>>> I'd let the client do just that.
>>>
>>> The OP has already said that due to 'academic bureaucracy that is not an
>>> option although I agree it's the ideal solution.
>>
>> He also used the term "client". If that's actually the relationship, to
>> me that changes the entire equation here. The OP is clearly talking to
>> these folks, based on his wording above, so it does sound like there is
>> a work relationship.
>>
>> Given that, the client opening up a port or two in a firewall is
>> absolutely an option.
>
> Well possibly, I remember trying to get root access to a Solaris box
> back in the day when I was a drunken bum, er I mean student, it was
> something akin to asking for access to the deans personal bank account.
> There were meetings and meetings and meetings to plan meetings ... it
> took three weeks just to get the cave dwelling troglodyte who managed
> these things to set up a single Solaris box, and I was writing software
> *for* the University.
>
> As I see it, if the target server has ssh up and the developer can use
> ssh to implement a solution then that means he can do so without waiting
> an eternity for some doofus to open up a port then that sounds like a
> solution to me, in fact, it's such a neat solution that I'm tempted to
> get a tunnel set up to one of my remote servers and give it a go.
>
> Incidentally, Zenmap reports three open ports on moonprod.com one of
> which may be an httpd on 80 so it looks like they have it fairly tightly
> locked down.
>
> lipska
>
> Lipska the Kat©: Troll hunter, sandbox destroyer
> and farscape dreamer of Aeryn Sun

I think everyone's been in situations where infrastructure requests are 
handled glacially, or are rejected, or are modified.

I'm thinking I (we) don't know enough about what's going on here. We 
know next to nothing about the client's network setup; we have no idea 
who exactly the OP talked to (a networking type, or a barely technical 
customer?).

Like I said, I use exactly this SSH approach now, and have used it in 
the past. I can tell you this, I've never used it for a webserver. That 
is unusual enough that to me it signals lack of information that the OP 
would do well to acquire.

AHS

[toc] | [prev] | [next] | [standalone]

#23137

If I ssh in.....trying to think this through, how might I replicate a post to a servlet? Not sure on this last step, wouldn't I need a socket listener running on the target where I otherwise would have had a servlet running? Thanks for your thoughts and ideas here.

[toc] | [prev] | [next] | [standalone]

#23138

On 03/26/2013 12:46 PM, RVic wrote:
> I have an application that must run in windows which must post to a servlet running on a secure server. I can WinSCP into that server, and I can use PuTTY to ssh into that server. But I am quite clueless how I can post to a servlet there? Is there something I can pass in posting, or something I do with my URLConnection or URL variable to allow me access as I get with WinSCP or PuTTY? Thank you.
>
> URL postURL = new URL(servletURL);
> HttpURLConnection conn = (HttpURLConnection) postURL.openConnection();
> conn.setRequestMethod("POST");
> conn.setDoOutput(true);
> conn.setUseCaches(false);
> conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
> conn.connect();
> StringBuilder sb = new StringBuilder();					
> sb.append(vtkey+"="+ paramval);			
> out.write(sb.toString());
> out.flush();
>

There are two options: you either post via HTTP or HTTPS directly to the 
servlet (possibly passing through reverse proxies or NAT at the server 
side) or you need to create an SSH tunnel first and use the tunnel to 
reach the servlet.

The former will only work if the servlet is accessible from the outer 
world. The latter will require you to create the tunnel from the client 
side using the SSH connection for transport. Putty can create the tunnel 
for you but this requires setting up the tunnel manually. If you want to 
create the tunnel from inside the application you would need an SSH 
library. JSCH would be a good candidate since it is open source and it 
supports tunnelling. Having set up the tunnel you can simply post to 
localhost.

Silvio

[toc] | [prev] | [next] | [standalone]

#23139

Thank you. I was thinking I would have to create a socket listener on the server side once I had an ssh connection set up with Jsch. I am looking through the Jsch examples (I am enclosing one in particular caled ViaHTTP) but I cannot, for the life of me, see how I would then perform my Post within that framework? Can you please explain further? Thank you!


    String proxy_host;
    int proxy_port;

    try{
      JSch jsch=new JSch();

      String host=null;
      if(arg.length>0){
        host=arg[0];
      }
      else{
        host=JOptionPane.showInputDialog("Enter username@hostname",
                                         System.getProperty("user.name")+
                                         "@localhost"); 
      }
      String user=host.substring(0, host.indexOf('@'));
      host=host.substring(host.indexOf('@')+1);

      Session session=jsch.getSession(user, host, 22);

      String proxy=JOptionPane.showInputDialog("Enter proxy server",
                                                 "hostname:port");
      proxy_host=proxy.substring(0, proxy.indexOf(':'));
      proxy_port=Integer.parseInt(proxy.substring(proxy.indexOf(':')+1));

      session.setProxy(new ProxyHTTP(proxy_host, proxy_port));

      // username and password will be given via UserInfo interface.
      UserInfo ui=new MyUserInfo();
      session.setUserInfo(ui);

      session.connect();

      Channel channel=session.openChannel("shell");

      channel.setInputStream(System.in);
      channel.setOutputStream(System.out);

      channel.connect();
    }
    catch(Exception e){
      System.out.println(e);
    }

[toc] | [prev] | [next] | [standalone]

#23140

On 03/27/2013 02:45 PM, RVic wrote:
> Thank you. I was thinking I would have to create a socket listener on the server side once I had an ssh connection set up with Jsch. I am looking through the Jsch examples (I am enclosing one in particular caled ViaHTTP) but I cannot, for the life of me, see how I would then perform my Post within that framework? Can you please explain further? Thank you!
>
>
>      String proxy_host;
>      int proxy_port;
>
>      try{
>        JSch jsch=new JSch();
>
>        String host=null;
>        if(arg.length>0){
>          host=arg[0];
>        }
>        else{
>          host=JOptionPane.showInputDialog("Enter username@hostname",
>                                           System.getProperty("user.name")+
>                                           "@localhost");
>        }
>        String user=host.substring(0, host.indexOf('@'));
>        host=host.substring(host.indexOf('@')+1);
>
>        Session session=jsch.getSession(user, host, 22);
>
>        String proxy=JOptionPane.showInputDialog("Enter proxy server",
>                                                   "hostname:port");
>        proxy_host=proxy.substring(0, proxy.indexOf(':'));
>        proxy_port=Integer.parseInt(proxy.substring(proxy.indexOf(':')+1));
>
>        session.setProxy(new ProxyHTTP(proxy_host, proxy_port));
>
>        // username and password will be given via UserInfo interface.
>        UserInfo ui=new MyUserInfo();
>        session.setUserInfo(ui);
>
>        session.connect();
>
>        Channel channel=session.openChannel("shell");
>
>        channel.setInputStream(System.in);
>        channel.setOutputStream(System.out);
>
>        channel.connect();
>      }
>      catch(Exception e){
>        System.out.println(e);
>      }
>


I am guessing you meant this as a reply to my post...

If you setup a tunnel using JSCH (which requires adding an addition 
connection property string to the connection that specifies the server 
destination host:port and the local port on the client side then any 
communication going through localhost:port on the client will be 
tunnelled via SSH and reach the destination host:port on the server side.
So assuming that there is an existing servlet on the server side that is 
listening for HTTP requests on port 80 on the same box you make the SSH 
connection to you server host:port would be localhost:80 and you could 
use any desired port on the client side, lets say 8080. After that you 
can use new URL("http://localhost:8080/path/to/the/servlet/") and do a 
normal post from the client. The tunnel will automagically make your 
request reach the servlet.

Despite what others have said the standard HTTP client in Java works 
fine and will probably give you what you need. If the servlet might barf 
on the URL because of the localhost:8080 you could even use any 
imaginable URL like new URL("http://www.whatever.com/path/to/servlet/") 
and use the proxy option of URL#openConnection to get traffic through 
localhost:8080.

Good luck,

Silvio

[toc] | [prev] | [next] | [standalone]

#23141

Silvio, Thank you -- but  I am a little confused by what you say. Right now, using JSCH I can connect with:

JSch jsch = new JSch();	
Session session = jsch.getSession("me"/*user*/, "moonprod"/*serverURL*/);		
session.setPort(22);
session.setPassword(password);
session.connect();

And the servlet I must reach is on Tomcat on the server on port 28080 which would be hit as http://moonprod:28080/servlets/myservlet
What are you saying, below, that I should change? Thank you!



<<If you setup a tunnel using JSCH (which requires adding an addition
connection property string to the connection that specifies the server
destination host:port and the local port on the client side then any
communication going through localhost:port on the client will be
tunnelled via SSH and reach the destination host:port on the server side.
So assuming that there is an existing servlet on the server side that is
listening for HTTP requests on port 80 on the same box you make the SSH
connection to you server host:port would be localhost:80 and you could
use any desired port on the client side, lets say 8080. After that you
can use new URL("http://localhost:8080/path/to/the/servlet/") and do a
normal post from the client. The tunnel will automagically make your
request reach the servlet. >>

[toc] | [prev] | [next] | [standalone]

#23142

On 27/03/13 15:39, RVic wrote:
> Silvio, Thank you -- but  I am a little confused by what you say. Right now, using JSCH I can connect with:
>
> JSch jsch = new JSch();	
> Session session = jsch.getSession("me"/*user*/, "moonprod"/*serverURL*/);		
> session.setPort(22);
> session.setPassword(password);
> session.connect();
>
> And the servlet I must reach is on Tomcat on the server on port 28080 which would be hit as http://moonprod:28080/servlets/myservlet
> What are you saying, below, that I should change? Thank you!

It is a bit confusing isn't it.
I think what he is talking about is port forwarding

I just downloaded the code for jsch and found an example
when you have your session you can set up port forwarding by calling

session.setPortForwardingL(lport, rhost, rport);
so your example would be

session.setPortForwardingL(8888, moonprod.com, 28080);

Now, if this works you should be able to make a request on your local 
machine to localhost:8888 and the request would get forwarded to
moonprod.com:28080.

At least I think this is what he means, it would be nice to get some 
clarification.

there is some API documentation here
http://epaul.github.com/jsch-documentation/javadoc/

lipska

-- 
Lipska the Kat©: Troll hunter, sandbox destroyer
and farscape dreamer of Aeryn Sun

[toc] | [prev] | [next] | [standalone]

#23143

lipsa, Yes I do not know what silvio means -- not even sure why I would need to port forward it? Thank you.

[toc] | [prev] | [next] | [standalone]

Page 1 of 2  [1] 2  Next page →

Back to top | Article view | comp.lang.java.programmer

csiph-web