Comments on: The Issue of Proxy Support
REBOL Technologies

Comments on: The Issue of Proxy Support

Carl Sassenrath, CTO
REBOL Technologies
6-Jan-2010 17:33 GMT

Article #0452
Main page || Index || Prior Article [0451] || Next Article [0453] || 14 Comments || Send feedback

Some business and organizational environments still use proxy servers, even though firewalls can provide many of the same services.

The problem with proxy servers is that they're not transparent to TCP/IP interfaces, so we are forced to handle them at the network layer of REBOL.

We can divide the issues into these main areas:

  • R2 vs R3 proxy support: R2 supports various proxy methods, R3 still needs to add support in its networking device.
  • What proxy methods to support? R3 supports two basic methods: generic and socks. Should any others be supported?
  • Auto-detection of proxy: Most non-technical users don't want to deal with proxy settings, so the question becomes how to manage that. Earlier versions of REBOL on Win32 would scan registry settings, but such methods are a moving target and need to be maintained. Also, what should be done on OS X, Linux, and other OSes?
  • How to handle user settings? Proxy servers often require a username and password. What's the best way to handle those? It can get downright unfriendly if every reblet needs to request that information from the user. An automated approach is better.

So, there you go. I am posting this to the REBOL Community at large. If you want to see this happen for R2 and R3, you're going to need to help make it happen.

14 Comments

Comments:

tmoe
6-Jan-2010 10:42:09
Hi,

it seems that we are one of the few companies who are behind an Windows ISA Server (NTLM-Protocol). It has always been very annoying that this was not supported, because using Altme or connecting to the internet was not posiible for me at work.

Would like to see native support for this in R3.

-pekr-
6-Jan-2010 13:23:15
Carl, that is even one worse case - some companies use dynamic script to configure proxy settings on client. It is often called proxy.pac. It is javascript code, and we can's solve this case, or we would have to include JS "interpreter" in REBOL ....
Giuseppe Chillemi
7-Jan-2010 5:11:08
I have problem connecting behind an ISA Server with Proxy 4 and 5. As it is common for companies such configuration I would recomend their implementation.
Giuseppe Chillemi
7-Jan-2010 5:20:22
Update: I remember the name of the (free) python software used to connect Windows Proxies which require NTLM Authentication. It worked for me and solved all the problems. Hope it gets implemented in REBOL2 and 3.

The software is: NTLM Authorization Proxy Server and you can find it here http://ntlmaps.sourceforge.net/

Giuseppe Chillemi

Giuseppe Chillemi
7-Jan-2010 17:03:35
Another update:

At the bottom of the previous page you will find the links to:
NTLM Authentication scheme documentation - http://www.innovation.ch/java/ntlm.html

A C program similar to the previous one, open sourced too. http://cntlm.sourceforge.net/ it supports NTLMv2.0

Giuseppe Chillemi

Ashley
7-Jan-2010 21:22:31
"Some business and organizational environments still use proxy servers". Can we quantify this? Is it closer to 5% or 50%? And is this a growing issue or a shrinking issue as hardware and software is upgraded. I'd hate to see a lot of effort put into solving a problem that doesn't exist in a few years time.
Brian Hawley
7-Jan-2010 21:41:39
Ashley while proxies might not be needed in networks rolled out in 5 years time, there are many networks that have been in place for many years and will continue to be in place as long as they still work. The problem will likely persist for a long time.
Greg
8-Jan-2010 5:48:52
to discover proxy settings, must parse results from: read http://wpad/wpad.dat
Greg
8-Jan-2010 5:50:55
(at)pekr: yes, we need to parse javascript, not sure we need a javascript interpreter though...

(at)Giuseppe: for NTLM, did you check: http://softinnov.org/rebol/ntlm.shtml

onetom
8-Jan-2010 9:27:55
I presented a REBOL intro at RMIT International University Vietnam last December ( http://barcampsaigon.org/?page_id=389 ).

There were hundreds of participants starving for wifi access while bandwidth was not measured in gigabits.. They hacked up a separate network with a proxy for the event, so they could limit access to certain sites and kind of traffic to ensure a socialistic distribution of the bits ;)

I was fried because the proxy required authentication... and I couldn't find in the Core docs how to specify user name and password :/

I had to fall back to half offline presentation :( However these guys here in South Easy Asia could benefit the most from the X-Internet approach...

I felt a little bit shamed even though a few month back I used REBOL through a local http-to-https proxy when I was exploring how to login via the Google Client API to get Google Sites backups.

I regularly use the Socks5 proxy feature in OpenSSHd as a kind of VPN solution (without the certificate crap/nightmare).

So I won't think proxies will/should die.

Just think about how MySQL proxies are used for load balancing.

So a caching proxy server could speed up things many times for example. (I live in Singapore & Thailand. They are not wealthy in bandwidth, especially in the jungle areas...)

Carl Sassenrath
8-Jan-2010 9:46:56
Some quick replies:

  • Q: Are proxies still used? A: It varies between industries/countries. Yes, in many cases, smarter firewalls and NATs have removed the need for proxies. However, in larger organizations, proxies are still used. (Wikipedia provides a useful feature list.)

  • Support for proxies (of any/all kinds) must come from REBOL community contributions. Sure, I can specify the design/method within the device code since that's architectural. Perhaps... it's possible to quickly add the existing R2 proxies to help get you started.

  • I posted the original message to help determine the "demand" for this feature.
  • Giuseppe Chillemi
    8-Jan-2010 10:46:30
    To Greg: I didn't know that library exists.

    However, the company I have worked for a couple of years which installed commercial ERP always builds network infrastructures with microsoft proxies... I know of other companies doing the same.

    inetw3
    9-Jan-2010 12:06:39
    Rebol is outstanding.

    Yet because many don't know of it, its hard for it to be found standing out. I personaly believe finding a place in the browser RIA's through its plug-ins, back end servers or fastcgi is one answere to this call.

    It would be nice to see a HTML5 web-sockets API as dialect in rebol. People would use it in every non-standar browser out there.

    If www.Kaazing.org can do it, Rebol can do it faster, easier, and better.

    Oldes
    10-Jan-2010 5:28:18
    to inetw3: there is already support for the web-sockets in the Cheyenne server:

    http://code.google.com/p/cheyenne-server/source/browse/trunk/Cheyenne/www/ws-apps/

    Post a Comment:

    You can post a comment here. Keep it on-topic.

    Name:

    Blog id:

    CS-0452


    Comment:


     Note: HTML tags allowed for: b i u li ol ul font p br pre tt blockquote
     
     

    This is a technical blog related to the above topic. We reserve the right to remove comments that are off-topic, irrelevant links, advertisements, spams, personal attacks, politics, religion, etc.

    Updated 14-Dec-2017   -   Copyright Carl Sassenrath   -   WWW.REBOL.COM   -   Edit   -   Blogger Source Code