I have to write (read: have written) a proxy server which searches for a variable in the request, and based on that variable, add 2 different variable. It's a cheap Single-SignOn solution, which probably stinks security-wise. But at the moment, security is not a requirement (the proxy will be on a separate network blabla).
now, everything works fine when I use it as a proxy (i mean: if I add the proxy IP in firefox, it proxies like it should). the thing we want to achieve is, when a request is made to http://proxy_host/ it should be redirected to another host, something like http://forwarded_host/ (but it should also do the HTTP::Proxy::HeaderFilter i created).
The problem is: when a request is being made to http://proxy_host/, the request is "GET /", and then HTTP::Proxy doesn't use the HTTP::Proxy::HeaderFilter i created.
code is the readmore..
here's the code:
#!/usr/bin/perl -w
use strict;
use HTTP::Proxy qw/:log/;
use HTTP::Headers ;
use HTTP::Proxy::HeaderFilter;
# Variable init
my $host = undef;
my $port = 80;
my $log_file = "/tmp/proxy.log";
my $localhost = "proxy_host"; # the host where proxy is running
my $remotehost = "forwarded_host";
my $agent_timeout = 10;
sub search_credentials {
my($iv_user,$iv_group) = @_;
my($ht_user,$ht_passwd);
# do some userid mapping funk
# test example
$ht_user = 'username';
$ht_passwd = 'password';
return ($ht_user,$ht_passwd);
}
open(LOG,">>", $log_file);
my $proxy = HTTP::Proxy->new;
$proxy->port($port);
$proxy->host($host);
$proxy->logfh(*LOG);
#$proxy->logmask(STATUS | PROCESS ); # Normal logging
$proxy->logmask(STATUS | PROCESS | HEADERS | FILTER); # Debug logging
my $filter = HTTP::Proxy::HeaderFilter->new(
sub {
my ( $self, $headers, $message ) = @_;
my $get_uri = $message->$headers->uri();
print "Unaltered URI: $get_uri\n";
my $iv_user = $message->$headers->header('iv-user');
my $iv_group = $message->$headers->header('iv-group');
my($ht_user,$ht_passwd) = search_credentials($iv_user,
+$iv_group);
$message->$headers->authorization_basic($ht_user,$ht_p
+asswd);
$get_uri =~ s/$localhost/$remotehost/ if $get_uri =~ m
+/$localhost/ ;
$get_uri =~ s?^/?http://$remotehost/? if $get_uri =~ m
+%^/% ;
print "Altered URI: $get_uri\n";
$message->$headers->uri($get_uri);
}
);
$proxy->push_filter(request => $filter);
# this is the mainloop
$proxy->start;
UPDATE:
some of the logging...
the next part is logged when we use it as a proxy within our webbrowser:
[Wed Dec 15 13:51:39 2004] (10600) Request: GET http://192.168.252.209
+/index.html
[Wed Dec 15 13:51:39 2004] (10600) Request: Via: 0.9 amano (HTTP::Prox
+y/0.13)
[Wed Dec 15 13:51:39 2004] (10600) Request: Authorization: Basic YWRta
+W46bmFsaWIxNTk=
The Authorization was added by the filter.
the following logging was when we disabled the proxy setting in firefox, and went directly to http://proxy_host/ (this is what we want to achieve):
[Wed Dec 15 15:39:56 2004] (11209) Request: GET /
[Wed Dec 15 15:39:57 2004] (11209) Response: 501 Not Implemented