Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

Difference between revisions of "ProxySupport"

(WTP Requirements)
m
Line 1: Line 1:
 +
This page is being used to capture the requirements for Platform level proxy support (bug [https://bugs.eclipse.org/bugs/show_bug.cgi?id=154100 154100])
 +
 
== CVS Requirements ==
 
== CVS Requirements ==
  

Revision as of 20:28, 9 February 2007

This page is being used to capture the requirements for Platform level proxy support (bug 154100)

CVS Requirements

The CVS/Core and CVS/SSH2 use the proxies provided by the Jsch plug-in to make proxy connections. Currently, there is support for two types of proxies: HTTP and SOCKS5. We would require API that allowed us to do something like this:

ProxyInfo[] infos = ProxyInfo.getProxiesFor(String hostName);
ProxyInfo info = getSupportProxy(infos); // method would look for the HTTP or SOCKS5 proxy
if (info == null) {
    // Attempt a direct connection.
    // If the connection failed and there were proxies specified, let the user know that
    // we only support HTTP and SOCKS4
} else if (info.getType() == ProxyInfo.HTTP) {
   // Use host, port, username and password to create an HTTP proxy using Jsch
} else if (info.getType() == Proxy.SOCKS5) {
   // Use host, port, username and password to create a SOCKS5 proxy using Jsch
}

The API we would require is that ability to retrieve the set of proxies that are available for a particular host. This doesn't imply that we need to support the specification of different proxies for each hist but I think it is good to leave room in the API to support this later.

Update Requirements

Update allows the user to enable an HTTP proxy and specify an address and port that is to be used as the proxy. When set, this information is places in the 'http.proxySet', 'http.proxyHost' and 'http.proxyPort' system properties. Update also sets the default authenticator (Athenticator.setDefault(...)) in order to support interactive authentication (i.e the user is prompted if the update server or proxy require authentication).

WTP Requirements

The WTP proxy preference page currently only sets JVM system properties for http, https, and socks. It does not provide any api to access this information. It assumes that clients will use Java IO( which uses these properties) to create connections. Since, a number of components in WTP use Java IO to open connections, these JVM system properties need to set when the Eclipse UI starts up. This preference page also sets the default authenticator at UI startup time so that the user is prompted for userid and password information. The authenticator also caches user id and password information so that if the same host is accessed again the user does not need to enter this information again.


[MV]Could you describe how the authenticator handles the situation where the remote credentials have changed on the server (i.e. a password has been changed on the server)? I didn't see anything in the Authenticator API that would allow the implementor to distinguish between a first-try and a retry. Also, in the patch, the cache table is written to but never read from.

[PM]In the situation where the credentials have changed or the user enter incorrect credential information Eclipse would need to be restarted to flush this cached data. You are correct that the patch does not read from the cache. This is a bug. The code should have have prefilled the authentication dialog with the cached hostname and password.

[MV] I have a concern with setting the system properties without any explicit indication from clients that they need to be set. The problem is that, once we do it in the Platform as part of an API, we can never stop doing it. If you feel this needs to be done on startup for WTP, one option would be for WTP to keep their early startup hook and invoke the explicit request o set the System properties.

[PM] Any client that uses Java io to make a connection could potentially want to go through a proxy server. It seems a bit wierd to force every client the uses Java io to have to also make call to our Eclipse api to enable JVM properties. I'm not sure what the harm with setting variables would be. However, if this is a major concern I can go with the option that you suggest which is to enable the System properties when WTP starts up.

Proposed Solution

From a core level standpoint, I think we need API that looks something like this:

  1. a proxy info (or data) object that contains the type, hist, port, username (if available) and password (if available).
  2. a method to retrieve the proxy info (or infos) for a particular target host. Clients will need to pick an appropriate proxy to use.
  3. some means of indicating that the client requires the Java system properties and authenticator to be set. I think it is dangerous to have clients do this themselves (since multiple clients may do it). On the other hand, I would like to avoid doing it if possible. Initially, we will need to for update but hopefully this will not be necessary in future releases.

To support this, we need a preference page that allows the specification of multiple proxy types. Ideally, we would be able to specify authentication information for each proxy type.

Copyright © Eclipse Foundation, Inc. All Rights Reserved.