I am reading chapter 4.3.4. Local transport for communication within a JVM of the Netty in Action book. There I find:
Netty provides a local transport for asynchronous communication
between clients and servers running in the same JVM.
However, no example is given. Does anyone have more knowledge about this topic and can give an example?
What I am interested in is implementing a reverse proxy using Netty.
In this case we would have a web server receiving requests and using that local transport to forward them to a client, that finally sends them to other host. Then receiving back response from the client and using again the local transport to return the response to the web server which sends it to the user. So the JVM that runs Netty would be just a reverse proxy between the web clients and local machines.
Related
I have 2 components, A and B, on different LANs with a Linux server between which acts as gateway for both LANs.
A sends TCP traffic to B using a gateway deployed on the public Internet. Therefore, no SYN is sent from A to B via the Linux server. However, C sends TCP traffic back to A using a local TCP connection (the gateway is not involved). By sniffing the traffic, I can see that C is not establishing a regular TCP connection (SYN) but starts by sending (SYN+ACK).
I'm using iptables on the Linux server to redirect locally the TCP traffic sent by C to A. Traffic is redirected to local port 9000.
However, I would also like to intercept this traffic, therefore I've built a simple Netty proxy which listens on port 9000. For some reason, Netty doesn't receive or ignore this traffic.
I wonder if Netty is able to manage the case of a SYN-ACK without SYN.
Any idea?
The question is whether the TCP protcool implementation stack in the kernel will manage it.
Netty won't even see it, whether managed by TCP/IP or not.
Netty isn't an implementation of TCP/IP. It is an API layered over the Java API, which is layered over the BSD Sockets API, and none of those is an implementation of TCP/IP either. It can't see any further into the network than calling listen() and accept() in this case.
I have server application which runs on local host and the client also runs on local host.
As of now I am using java.net.serversocket and any application which has the ip and port detail of server can listen to the port.
My requirement is to secure the ports or secure the communication between the server and client application such that only my application client (authorised) one can listen to the ports or connect to server application. The data sent to and from client and server also has to be secured.
Apologies if naming conventions are not correct. I have been searching for solution and couldn't get anything for this, all I got is how to connect and make application communicate using socket programming , but no where I got the answer as how to secure the communication.
What you need here is some sort of authentication method to authorise only your client to communicate with the server. If you are using an existing communication protocol then it might have a specification for authentication already. If you are using your own protocol then you'll have come up with your own design for authentication.
It could be as simple as the server issuing some sort of request for authentication to the client. The client would then have to provide a satisfactory response (eg a user/password) otherwise the server would close the connection.
I would recommend taking a look at how some other protocols (eg HTTP) handle authentication to get some insight and also understand potential pitfalls.
I'm going to create an authentication server which itself interacts with
a set of different Oauth2.0 servers.
Netty seems to be a good candidate to implement network part here.
But before start I need to clear some details about netty as I'm new to it.
The routine will be as follows:
The server accepts an HTTPS connection from a client.
Then, not closing this first connection, it makes another connection
via HTTPS to a remote Oauth2.0 server and gets data
After all, the server sends the result back to the client which is supposed to keep the connection alive.
How to implement this scenario with Netty?
Do I have to create a new netty client and/or reconnect it each time I need to connect to a remote Oauth2.0 server?
If so, I'll have to create a separate thread for every
outgoing connection which will drastically reduce performance.
Another scenario is to create a sufficient number of Netty clients
within a server at the beginning (when server starts)
and keep them constantly connected to the Oauth2.0 servers via HTTPS.
That's easily done with Netty. First you set up your Netty server using the ServerBootstrap and then in a ChannelHandler that handles your connection from the client you can use e.g. the client Bootstrap to connect to the OAuth server and fetch the data. You don't need to worry about creating threads or similar. You can do it all in a non-blocking fashion. Take a look at and try to understand how this example works:
https://github.com/netty/netty/blob/master/example/src/main/java/io/netty/example/proxy/HexDumpProxyFrontendHandler.java#L44.
I have a complete implementation of a protocol where four messages are exchanged between the client (a native Android application) and the server (a standalone Java server) in the following way using a persistent connection through Java sockets:
(client->server): message1
(server->client); message2
(client->server): message3
(server->client): message4
Between sending each message, both client and server have to do heavy mathematical (cryptographic) operations (pairing-based computations over elliptic curves).
This project works properly in my local development machine using sockets and mantaining opened this socket from message1 to the message4 between the Android app and the Java server. Now, I need to do the same with Google AppEngine, but since it does not allow opening sockets, I do not know how can I do it. I already checked the Channel and XMPP APIs, but I do not know whether my use-case applies to that APIs. Is it the right method using Channel and XMPP APIs from AppEngine? Is it possible to emulate the functionality implemented in my local machine through sockets on AppEngine?
Thank you for your response.
Google App Engine doesn't support persistent connections.
You will need to significantly re-design your protocol to run over HTTP.
As an example, message1 can be sent over an HTTP request, message2 can be returned with the matching HTTP response. At that point, your socket connection ends.
You'll have to issue a second HTTP request to open a new socket with message3, and you can return message4 with the second HTTP response.
You can "connect" the first and second HTTP request by using an HTTP session. A session is basically an id with extra data stored on the server side. You'd create the session in the first HTTP request, and pass it as a parameter to the second HTTP request. The server can look up the session id and the associated data when processing the second request.
You can find more info about sessions on SO: How to use session on Google app engine
The XMPP API will not help you, it's for communicating between the GAE server-side code and other XMPP clients that use HTTP as a communcation protocol.
The Channel API can be used to send data from the server->client, but it's actually implemented as an HTTP long poll. Multiple long HTTP requests are used, and you are not guaranteed to have a single socket that stays open; multiple sockets are opened and closed in the process. It will be more complicated that what I described above, and more expensive.
I had set up a system that had a Java program running on a server and a Java applet embedded in a page on a client's browser and the two communicating via Java sockets. I'm wondering if I can switch over from a Java applet to just HTML5 and javascript, using a WebSocket on the client side for communication with the Java socket on the server.
Is there a simple way to make a WebSocket communicate with a Java Socket?
Is there a simple way to make a WebSocket communicate with a Java Socket?
From what I understand, WebSocket works by the client side opening a port 80 connect to the server side, and sending a variant HTTP 1.1 request to the server to negotiate a WebSocket connection. If the server recognizes this, it will send a suitable response, and then allow the still open TCP connection to be used for full-duplex client-server interactions.
It looks like it would be possible to quickly put together a server-side that just understood WebSocket negotation and not full HTTP. However, I think you are better off looking at existing WebSocket implementations, including those embedded in HTTP servers / protocol stacks.
This Wikipedia page compares a number of WebSocket implementations, and should help you in deciding which server-side implementation to use.
But to directly answer your literal question, a WebSocket client can only connect to a WebSocket-aware server; i.e. that one that can perform the initial negotiation. (On the client side, you could implement starting from a bare Socket, but you would need to implement all of the "HTTP stuff" on top of that ... for the setup phase.)
Nope, you cannot communicate using regular sockets with client WebSockets.
WebSockets are special HTTP requests, with an upgrade in the HTTP Header, and a standard protocol to establish a connection (see the official RFC doc).