Search This Blog

Tuesday, July 2, 2013

SSL Tunneling support in WSO2 ESB 4.7.0 with Passthrough HTTP transport


With this configurations HTTPS requests sent by ESB will be tunneled through the http port of the backend proxy.

The backend proxy used here is Squid proxy server.

Steps to install Squid in Ubuntu 12.04:

1. Installation
  • sudo apt-get install squid

2. Configuration
  • Navigate to /etc/squid3 (u need sudo access)
  • Backup the squid.conf 
  • Do the following changes to the squid.conf
  • Change the port to whichever the port you want
http_port 8888
  • Change the host name
visible_hostname localhost
  • You can restrict the access of the proxy with a set of hostnames or within a configured time frame using the following properties 

acl allowed_network src 10.100.3.0/100
acl allowed_hours time M T W T F 9:00-17:00
http_access allow allowed_network allowed_hours


3. After the changes you can restart the server 
sudo /etc/init.d/squid restart

4. Let's configure the ESB

Backup the axis2.xml in {ESB_HOME}/repository/conf/axis2 directory. Copy the axis2_pt.xml as axis2.xml

Add the following configurations to the transportSender configurations;
1. PassThroughHttpSender, PassThroughHttpSSLSender if you are using passthrough transport or
2. HttpCoreNIOSender and HttpCoreNIOSSLSender if you are using nio transport

<parameter name="http.proxyHost" locked="false">localhost</parameter> //IP of the backend proxy
<parameter name="http.proxyPort" locked="false">8888</parameter> //http port of the backend proxy

<parameter name="HostnameVerifier">AllowAll</parameter>

Deploy SimpleStockQuoteService in the axis2Server in the {ESB_HOME}/samples

Create a proxy in ESB

<proxy xmlns="http://ws.apache.org/ns/synapse" name="StockQuoteProxy" transports="https,http" statistics="disable" trace="disable" startOnLoad="true">
   <target>
      <outSequence>
         <send/>
      </outSequence>
      <endpoint>
         <address uri="http://localhost:9000/services/SimpleStockQuoteService"/>
      </endpoint>
   </target>
   <publishWSDL uri="file:repository/samples/resources/proxy/sample_proxy_1.wsdl"/>
   <description></description>
</proxy>


Now invoke the ESB proxy service with soap-ui

You may watch the logs of the squid server with

sudo tail -f /var/log/squid3/access.log




Posted by at

1 comment:

  1. NMAAugust 20, 2013 at 11:53 PM

    Hello,

    First of all, thanks for this information. I need to pass http proxy information to WSO2ESB because all connections should go through a proxy in our server. However, I am not sure how to supply this information (proxy host and port) in WSO2 ESB 4.7.0 for Windows. Do you have a walkthrough for that?

    Thanks in advance.

    ReplyDelete

Subscribe to: Post Comments (Atom)