Integration Points: Gateways, Tunnels, and Relays

quicksandwalleyeInternet και Εφαρμογές Web

31 Οκτ 2013 (πριν από 3 χρόνια και 9 μήνες)

88 εμφανίσεις

1

Integration Points: Gateways,

Tunnels, and Relays

Herng
-
Yow Chen

2

Outline


How
gateways

interface HTTP with other
protocols and applications


How
application interfaces

allow different types
of web applications to communicate with one
another


How
tunnels

let you send non
-
HTTP traffic over
HTTP connections


How
relays
, a type of simplified HTTP proxy, are
used to forward data one hop at a time

3

Why Gateways?

client

www.joes
-
hardware.com

Gateway

Database

HTTP/1.0 200 OK

NEW product list:



Response message

GET /query
-
db.cgi?newproducts HTTP/1.1

Host: WWW.joes
-
hardware.com

Accept: *

Request message

Client is requesting:

http://www.joes
-
hardware.com/query
-
db.cgi?newproducts

4

Different types of Gateways

Gateway

Gateway

HTTPS client

HTTP client

HTTP client

Server

Server

HTTP

FTP

HTTP

SSL

HTTP

CGI(or other API)

App server

Program

(c) HTTP/CGI server
-
side application gateway

(b) HTTPS/ HTTP client
-
side security gateway

(A) HTTP/FTP server
-
side FTP gateway

Application server gateway

5

Protocol Gateways

(a)MSIE manual proxy settings

(b)Navigator manual proxy settings

6

HTTP/*: Server
-
Side Web Gateways

Web server

FTP server

HTTP client

FTP

8080

HTTP/FTP gateway

(gw1.joes
-
hardware.com)

GET ftp://ftp.irs.gov/pub/00
-
index.txt HTTP/1.0

Host: ftp.irs.gov

User
-
agent: SuperBrowser 4.2

HTTP

GET http://www.cnn.com/ HTTP/1.0

Host: www.cnn.com

User
-
agent: SuperBrowser 4.2

HTTP

(www.cnn.com)

(ftp.irs.gov)

7

HTTP/*: Server
-
Side Web Gateways

HTTP client

HTTP

FTP server

Port 21

GET ftp://ftp.irs.gov/pub/00
-
index.txt HTTP/1.0

Host: ftp.irs.gov

User
-
agent: SuperBrowser 4.2

USER anonymous

PASS joe

CWD /pub

TYPE A

MDTM 00
-
index.txt

PASV

PETR 00
-
index.txt

HTTP/FTP inbound
conversion gateway

FTP control connection

FTP data connection


data


Inbound

8

HTTP/HTTPS:server
-
Side Security
Gateways

HTTP client

HTTP

secure web

server

HTTP/HTTPS inbound
security gateway

Port 443

HTTP over
SSL(HTTPS)

GET http://www.cnn.com/ HTTP/1.0

Host: www.cnn.com

User
-
agent: SuperBrowser 4.2

Mdsnrt734tngfd/pofgdaoij.l
od8skd90827/;lksdjs#@#(
@#
……

9

HTTP/HTTPS:Client
-
Side Security
Accelerator Gateways

Browser

HTTP/HTTPS security
accelerator gateway

Mdsnrt734tngfd/pofgdaoij.l
od8skd90827/;lksdjs#@#(
@#
……

HTTP over
SSL(HTTPS)

GET http://www.cnn.com/ HTTP/1.0

Host: www.cnn.com

User
-
agent: SuperBrowser 4.2

HTTP

www.cnn.com

Protected internal LAN

10

Resource Gateways

Web camera API

E
-
commerce API

Client A

Client B

$
10110
$

Camera device and software

E
-
commerce application

Application server

HTTP

HTTP

11

Common Gateway Interface


The first popular API for application gateways
was the
Common Gateway Interface

(CGI).


It is a standardized set of interfaces that web
servers use to


launch programs

in response to HTTP requests for
special URLs,


collect the program output
,


and
send the output back

in HTTP response.


Over the past years, commercial web servers
have provided more sophisticated, efficient
interface for the same purpose.

12

CGI


Was the first and probably still is the most
widely used server extension.


Applications


Dynamic HTML output,


Credit card processing,


Query database


Can be implemented in almost any language,
including Perl, Tcl, C, and various shell
languages.


Because of its simplicity, almost all HTTP servers
support CGI.


13

Server gateway application
mechanics

Spawned gateway process#1

Spawned gateway process#2

Spawned gateway process#N

Request 1

Request 2

Request N

Server system

Response 1

Response 2

Response N

Server process

Request Data

Response Data

Server internal view

14

CGI is wonderful?


Yes!


It provides a simple, functional form of glue between
servers and much type of resource.


The interface also is elegant in protecting the server
from buggy extensions.



NO!


This separation incurs a cost in performance.


The overhead to spawn a new process for every CGI
request is high, limiting the performance of server.


New form of CGI
-

Fast CGI (run as a persistent
daemon)

15

Server Extension APIs


Allow programmer to graft their own code onto
the server,


Or completely swap out a component of the
server and replace it with their own.


Most popular servers provide one or more
extension APIs for developers.


Most of them are specific to server type, because of
its functions tied to server architecture.


For example, Microsoft

s Frontpage Server Extension
(FPSE), which interpret RPC command sent by
FrontPage client. Those commands are piggybacked
on HTTP (specifically, on POST method).

16

Tunnels


Enable access to applications that speak
non
-
HTTP protocols through HTTP
applications.


Web tunnels

are established using HTTP

s
CONNECT method, which is not part of
the core HTTP/1.1, but it is a widely
implemented extension.

17

Using CONNECT to establish an SSL
tunnel

18

Tunnels let non
-
HTTP traffic flow
through HTTP connections

19

SSL Tunneling

20

Tunnel Authentication

21

Relays

client

server

Blind relay

(a)Connection:keep
-
Alive

(b) Server won

t close connection when done because

It thinks it has been asked to speak keep
-
alive

(c) Connection:Keep Alive

(b) Connection:Keep Alive

(d) Connection:Keep Alive

(c) Relay waits for connection to close
ignoring any new requests on the
connection

(e) Next request

(f)Client

s second request on the
keep
-
alive connection just hangs
because the relay never processes it

22

For More Information


http://www.w3.org/Protocols/rfc2616/rfc2616.txt


RFC 2626


Hypertext Transfer Protocol


by R. Fielding , J.
Gettys , J. Mogul,H. Frystyk , L. Masinter , P. Leach , T. Berners
-
Lee


Web Proxy Servers


Ari Luotonen,Prentice Hall Computer Books.


http://www.alternic.org/drafts/drafts
-
l
-
m/draft
-
luotonen
-
web
-
proxy
-
tunneling
-
01.txt



Tunneling TCP based protocols through Web proxy servers



http://cgi
-
spec.golux.com


The Common Gateway Interface
-
RFC Project Page


23

For More Information


http://www.w3.org/TR/2001/WD
-
soap12
-
part0
-
20011217/


W3C
-
SOAP Version 1.2 Working Draft


Programming Web Services with SOAP


James Snell,Doug Tidwell,and Pavel Kulchenko,O

Reilly & Associates,Inc


http://www.w3.org/TR/2002/WD
-
wsa
-
reqs
-
20020429


W3C
-
Web Services Architecture Requirements


Web Services Essentials


Ethan Cermai,O

Reilly & associates,Inc.