Hi,
I am implementing a Reverse proxy application modeled on the sample code 'ElementalReverseProxy' (http://svn.apache.org/repos/asf/httpcomponents/httpcore/trunk/httpcore/ src/examples/org/apache/http/examples/ElementalReverseProxy.java) with a little modification. My Reverse Proxy application has an HttpService running on a port for handling incoming HttpRequests. For, passing on these Requests to the Target web servers (for outgoing connections), I am using HttpClient 4.0. This is what I have done differently from the ElementalReverseProxy.java. The HttpResponse thus obtained from the Target webservers is passed into the Response to the initial Request that was received by the HttpService. So, this works great as a reverse proxy. My Reverse proxy application needs to proxy multiple web servers and such web servers can be dynamically added or deleted from the proxy. The above approach works great when I dedicate a HttpService on a specific port to proxy a particular web server only. So, going by the above approach, I would need to run multiple HttpServices on different ports to proxy each web server. And that many ports have to be left open on the system on which I deploy this application. So, this poses a security risk and also can be a scalability issue when I need to proxy hundreds of web servers. Actually, all my webservers are small network appliances that run a web server with the management web GUI which I want to proxy through a centralized system. The ideal solution I believe would be to run a single HttpService on a port and then send the Requests to different target hosts using the Httpclient, but the challenge is how to find out by seeing the HttpRequest that to which target it needs to be sent. Is it good to set a Cookie in the Response to the first request that comes in with an identifier for a particular web server? I could have the first request in the form : http://my-reverseproxy-host:8888/index.html?id=some_identifier. In the response to this request, I could add the Set-Cookie header with the identifier value which should help me identify subsequent request for that browser session. What are the other ways to keep track of the Requests and responses? Has anyone come across this kind of situation? Please let me know. Thanks, Brijesh
