Saturday, June 26, 2010
What is a Web Proxy Server?
A Web proxy server is a specialized HTTP server. The primary use of a proxy server is to allow internal clients access to the Internet from behind a firewall. Anyone behind a firewall can now have full Web access past the firewall host with minimum effort and without compromising security.
The proxy server listens for requests from clients within the firewall and forwards these requests to remote internet servers outside the firewall. The proxy server reads responses from the external servers and then sends them to internal client clients.
In the usual case, all the clients within a given subnet use the same proxy server. This makes it possible for the proxy to cache documents efficiently that are requested by a number of clients.
People using a proxy server should feel as if they are getting responses directly from remote servers.
Clients without Domain Name Services (DNS) can still use the Web. The proxy IP address is the only information they need. Organizations using private network address spaces such as the class A net 10.*.*.* can still use the Internet as long as the proxy is visible to both the private internal net and the Internet.
Most proxy servers are implemented on a per-access method basis. Proxy servers can allow or deny internet requests according to the protocol of the requests. For instance a proxy server can allow calls to FTP servers while denying calls to HTTP servers.
When Web Proxy Servers are Useful
You can use a proxy server in a number of ways, including:
* Permitting and restricting client access to the Internet based on the client IP address
* Caching documents for internal documents
* Selectively controlling access to the Internet and subnets based on the submitted URL
* Providing Internet access for companies using private networks
* Converting data to HTML format so it is readable by a browser
An Ordinary Web Transaction Via a Server
Many clients have their own IP address and a direct connection to servers on the Internet. When a normal HTTP request is made by the browser, the HTTP server gets only the path and keyword portion of the requested URL. Other parts of the URL, such as the protocol specifier "http:" and the host name, are clear to the remote HTTP server. The remote server knows that it is an HTTP server, and it knows the host machine that on which it is running. The requested path specifies the document or a CGI program on the local file system of the server, or some other resource available from that server.
When a user enters:
http://mycompany.com/information/ProxyDetails.html
The browser converts it to:
GET /information/ProxyDetails.html
Communication Via a Proxy Server
The proxy server acts as both a server system and a client system. It is a server when accepting HTTP requests from browsers, and acts as a client system when its browser software connects to remote servers to retrieve documents.
The proxy server uses the header fields passed to it by the browser without modification when it connects to the remote server. This means the browser does not lose any functionality when going through a proxy.
A complete proxy server should be able to communicate all the Web protocols, the most important ones being HTTP, FTP, Gopher, and WAIS. Proxies that handle only a single Internet protocol, such as HTTP, are possible, but a Web browser would then require access to other proxy servers to handle the remaining protocols.
When a browser sends a request through a proxy server, the browser always uses HTTP for the transactions with the proxy server. This is true even when the user wants to access a remote server that uses another protocol; for example, FTP.
Instead of specifying only the pathname and search keywords to the proxy server, the browser specifies the full URL. This way the proxy server has all the information necessary to make the actual request to the remote server specified in the request URL, using the protocol specified in the URL.
The browser connects to the server running on mycompany.com and issues the command and waits for a response. In this example, the browser makes a request to the HTTP server and specifies the requested resource relative to that server; there is no protocol nor host name specifier in the URL.
Advantages and Disadvantages of Caching Documents
Caching documents means storing documents locally so users do not have to connect to a remote server to get files. When a local browser requests a file, the server checks its cache to see if it has the document. If the file exists in the cache, the server serves the local copy to the browser. If you cache documents you need to decide:
* Which documents are used frequently enough to justify keeping them locally
* How long you can keep the documents in cache before fetching more recent copies.
Proxy Server-to-Proxy Server Linking
Chaining proxy servers lets you run a proxy server as a local cache on behalf of a department within an organization. The individual departments have control over the server and cache. These departmental proxy servers can connect to a proxy server on a firewall between the Internet and the organization.
Any restrictions for access set for the organization proxy server take precedence over access restrictions set for the departmental proxy servers.
For example, departmental proxy server 1 might be set to allow all URL requests. The organizational proxy server, as corporate policy, might be set to deny all URL requests for certain online publications. A request for one of these publications coming into proxy server 1 would be forwarded to the organizational proxy server. The organizational proxy server would then deny the request.
The proxy server listens for requests from clients within the firewall and forwards these requests to remote internet servers outside the firewall. The proxy server reads responses from the external servers and then sends them to internal client clients.
In the usual case, all the clients within a given subnet use the same proxy server. This makes it possible for the proxy to cache documents efficiently that are requested by a number of clients.
People using a proxy server should feel as if they are getting responses directly from remote servers.
Clients without Domain Name Services (DNS) can still use the Web. The proxy IP address is the only information they need. Organizations using private network address spaces such as the class A net 10.*.*.* can still use the Internet as long as the proxy is visible to both the private internal net and the Internet.
Most proxy servers are implemented on a per-access method basis. Proxy servers can allow or deny internet requests according to the protocol of the requests. For instance a proxy server can allow calls to FTP servers while denying calls to HTTP servers.
When Web Proxy Servers are UsefulYou can use a proxy server in a number of ways, including:
* Permitting and restricting client access to the Internet based on the client IP address
* Caching documents for internal documents
* Selectively controlling access to the Internet and subnets based on the submitted URL
* Providing Internet access for companies using private networks
* Converting data to HTML format so it is readable by a browser
An Ordinary Web Transaction Via a Server
Many clients have their own IP address and a direct connection to servers on the Internet. When a normal HTTP request is made by the browser, the HTTP server gets only the path and keyword portion of the requested URL. Other parts of the URL, such as the protocol specifier "http:" and the host name, are clear to the remote HTTP server. The remote server knows that it is an HTTP server, and it knows the host machine that on which it is running. The requested path specifies the document or a CGI program on the local file system of the server, or some other resource available from that server.
When a user enters:
http://mycompany.com/information/ProxyDetails.html
The browser converts it to:
GET /information/ProxyDetails.html
Communication Via a Proxy Server
The proxy server acts as both a server system and a client system. It is a server when accepting HTTP requests from browsers, and acts as a client system when its browser software connects to remote servers to retrieve documents.
The proxy server uses the header fields passed to it by the browser without modification when it connects to the remote server. This means the browser does not lose any functionality when going through a proxy.
A complete proxy server should be able to communicate all the Web protocols, the most important ones being HTTP, FTP, Gopher, and WAIS. Proxies that handle only a single Internet protocol, such as HTTP, are possible, but a Web browser would then require access to other proxy servers to handle the remaining protocols.
When a browser sends a request through a proxy server, the browser always uses HTTP for the transactions with the proxy server. This is true even when the user wants to access a remote server that uses another protocol; for example, FTP.
Instead of specifying only the pathname and search keywords to the proxy server, the browser specifies the full URL. This way the proxy server has all the information necessary to make the actual request to the remote server specified in the request URL, using the protocol specified in the URL.
The browser connects to the server running on mycompany.com and issues the command and waits for a response. In this example, the browser makes a request to the HTTP server and specifies the requested resource relative to that server; there is no protocol nor host name specifier in the URL.
Advantages and Disadvantages of Caching Documents
Caching documents means storing documents locally so users do not have to connect to a remote server to get files. When a local browser requests a file, the server checks its cache to see if it has the document. If the file exists in the cache, the server serves the local copy to the browser. If you cache documents you need to decide:
* Which documents are used frequently enough to justify keeping them locally
* How long you can keep the documents in cache before fetching more recent copies.
Proxy Server-to-Proxy Server Linking
Chaining proxy servers lets you run a proxy server as a local cache on behalf of a department within an organization. The individual departments have control over the server and cache. These departmental proxy servers can connect to a proxy server on a firewall between the Internet and the organization.
Any restrictions for access set for the organization proxy server take precedence over access restrictions set for the departmental proxy servers.
For example, departmental proxy server 1 might be set to allow all URL requests. The organizational proxy server, as corporate policy, might be set to deny all URL requests for certain online publications. A request for one of these publications coming into proxy server 1 would be forwarded to the organizational proxy server. The organizational proxy server would then deny the request.
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment