I want to turn OS/2 programmers eyes to a HTTP server's programming interfaces. Many things made through you-know-this-hole, could be realised via HTTP server's programming languages interface. It makes me anger, when I see on www.altavista.com searching engine made with CGI. Think, millions people at the same time, brace this poor UNIX server with shell, perl and other stuff running. May be they are very rich (altavista owners) to have clusters. But if it needs create something more complex than poll form, programmers perform miracles with a lot of overheads. Than, I was very interested with IBM sites, how did they create them ? I know, some of them works with Lotus Notes Domino, but what is WebSphere ? It is not a WebSphere description. I was interested in - "How did it made inside ?". Grateful to OS/2 society, I dowloaded WebSphere 3.02 for OS/2 and looked at the server's part. Oh, the well-known things - GoServe and ICAPI (in combination with Java Servlets). I think this is right way ;-).
What is actually the matter ? We'd got a problem, restrict a Web-access by users, i.e. somebody can see one site, somebody another, somebody can see only Intranet. Moreover, authentification could be done seamlessly. I.e. after registration on the corporate network user wouldn't enter name and password again (it is strange, indeed this is the main problem in the commercial programs). I made a little survey, it's terrible, but commercial proxy servers with authentification modules based on NDS or Windows NT domain cost tens thousand bucks. It is very pricey. And what is more, there are a very big programs, have a lot of unnecessary for me functions. But we received from Novell one of them - Novell BorderManager 2.X. Let us install - didn't work. Waited for version 3.X. Installed - didn't work. I exhausted all novell.bordermanager.x forums. It didn't matter. Got version 3.5, after series of patches it started work. But we'd got another problem. User's workstations crashed with IPX/IP Gateway (we couldn't make IP/IP Gateway work properly). Users complained on Windows (it is already not a gift). Here is the exit - remove BorderManager and IPX/IP Gateway. But what does replace with ? Have to do ourselves. As a result it makes a program named Rproxy (not finished yet). This is a plugin for IBM WebTraffic (ICS, LotusGo) server. This plugin authenticates users and authorises Web access. I didn't want use defined operation system users database. All working tables are filling via commands. Plugin has its own commands set, for example this :
Command calls in http protocol, on URL http://server_name/RPROXY_CONTROL_ENTRY?command[=arguments]ADDUSER=username,[group1,...groupN,] IP-address ADDUSERQUIET=username,[group1,...groupN,] IP-address DELETEUSER=username VIEWUSERS DELETETRUSTEDHOST=IP-mask VIEWTRUSTEDHOSTS VIEWACL ADDTRUSTEDHOST=IP-mask VERSION ADDACLRULE=IP-address,http rule mask,0/1 (deny/permit) CLEARACL CLEARTRUSTEDHOSTS
Users database and ACL are dynamically loading into plugin through any third-party utility, got them from any operation system or text file (or Ldap for example) . That program can be an Java-applet in a browser and the plugin can be controlled from it (moreover, there is a Java API for NDS). Access to the plugins commands restricted through standard http server commands.
This text is not a program or design advertisement, this is an argument - "Think, instead of this commands might be any Your commands, for Your Internet utilisation."
Here are all source codes: rproxy_src.zip, 20k.
[08.11.00]
Source code and binaries: rproxy.zip, 229k.
After my first publication about Rproxy there were some changes in
this project. The main of them:
The changes are presented in the source codes.
Warning: this is not a finished program, there is only some tools for interested in people.
Write me if you would like to use Rproxy.
Andy Porro