Jump to: navigation, search

Difference between revisions of "ProxySupport"

Line 30: Line 30:
 
<blockquote>
 
<blockquote>
 
[MV]Could you describe how the authenticator handles the situation where the remote credentials have changed on the server (i.e. a password has been changed on the server)? I didn't see anything in the Authenticator API that would allow the implementor to distinguish between a first-try and a retry. Also, in the patch, the cache table is written to but never read from.  
 
[MV]Could you describe how the authenticator handles the situation where the remote credentials have changed on the server (i.e. a password has been changed on the server)? I didn't see anything in the Authenticator API that would allow the implementor to distinguish between a first-try and a retry. Also, in the patch, the cache table is written to but never read from.  
 +
</blockquote>
 +
 +
<blockquote>
 +
[MV] I have a real issue with setting the system properties without any explicit indication from clients that they need to be set. The problem is that, once we do it in the Platform as part of an API, we can never stop doing it. If you feel this needs to be done on startup for WTP, one option would be for WTP to keep their early startup hook and invoke the explicit request o set the System properties.
 
</blockquote>
 
</blockquote>
  

Revision as of 16:58, 9 February 2007

CVS Requirements

The CVS/Core and CVS/SSH2 use the proxies provided by the Jsch plug-in to make proxy connections. Currently, there is support for two types of proxies: HTTP and SOCKS5. We would require API that allowed us to do something like this:

ProxyInfo[] infos = ProxyInfo.getProxiesFor(String hostName);
ProxyInfo info = getSupportProxy(infos); // method would look for the HTTP or SOCKS5 proxy
if (info == null) {
    // Attempt a direct connection.
    // If the connection failed and there were proxies specified, let the user know that
    // we only support HTTP and SOCKS4
} else if (info.getType() == ProxyInfo.HTTP) {
   // Use host, port, username and password to create an HTTP proxy using Jsch
} else if (info.getType() == Proxy.SOCKS5) {
   // Use host, port, username and password to create a SOCKS5 proxy using Jsch
}

The API we would require is that ability to retrieve the set of proxies that are available for a particular host. This doesn't imply that we need to support the specification of different proxies for each hist but I think it is good to leave room in the API to support this later.

Update Requirements

Update allows the user to enable an HTTP proxy and specify an address and port that is to be used as the proxy. When set, this information is places in the 'http.proxySet', 'http.proxyHost' and 'http.proxyPort' system properties. Update also sets the default authenticator (Athenticator.setDefault(...)) in order to support interactive authentication (i.e the user is prompted if the update server or proxy require authentication).

WTP Requirements

The WTP proxy preference page currently only sets JVM system properties for http, https, and socks. It does not provide any api to access this information. It assumes that clients will use Java IO( which uses these properties) to create connections. Since, a number of components in WTP use Java IO to open connections, these JVM system properties need to set when the Eclipse UI starts up. This preference page also sets the default authenticator at UI startup time so that the user is prompted for userid and password information. The authenticator also caches user id and password information so that if the same host is accessed again the user does not need to enter this information again.


[MV]Could you describe how the authenticator handles the situation where the remote credentials have changed on the server (i.e. a password has been changed on the server)? I didn't see anything in the Authenticator API that would allow the implementor to distinguish between a first-try and a retry. Also, in the patch, the cache table is written to but never read from.

[MV] I have a real issue with setting the system properties without any explicit indication from clients that they need to be set. The problem is that, once we do it in the Platform as part of an API, we can never stop doing it. If you feel this needs to be done on startup for WTP, one option would be for WTP to keep their early startup hook and invoke the explicit request o set the System properties.

Proposed Solution

From a core level standpoint, I think we need API that looks something like this:

  1. a proxy info (or data) object that contains the type, hist, port, username (if available) and password (if available).
  2. a method to retrieve the proxy info (or infos) for a particular target host. Clients will need to pick an appropriate proxy to use.
  3. some means of indicating that the client requires the Java system properties and authenticator to be set. I think it is dangerous to have clients do this themselves (since multiple clients may do it). On the other hand, I would like to avoid doing it if possible. Initially, we will need to for update but hopefully this will not be necessary in future releases.

To support this, we need a preference page that allows the specification of multiple proxy types. Ideally, we would be able to specify authentication information for each proxy type.