Another option for getting the Java version of Shindig working with an HTTP proxy is to configure the proxy settings as system variables in the JVM running Shindig. I needed to get Java Shindig working with my proxy as well, so I went digging in the code and found that the BasicHttpFetcher uses an HttpURLConnection to do the fetches, and the HttpURLConnection can be configured to use a proxy by setting these two system properties in the JVM:
http.proxyHost and http.proxyPort There is a reference for doing this here: http://www.developer.com/java/other/article.php/1551421 If you are running Shindig on Tomcat, you can set the JAVA_OPTS environmental variable which catalina.bat/catalina.sh will use when launching tomcat: JAVA_OPTS --> -Dhttp.proxyHost=yourproxy.your.domain -Dhttp.proxyPort=80 -----Original Message----- From: Chris Chabot [mailto:[EMAIL PROTECTED] Sent: Saturday, October 25, 2008 7:50 AM To: [email protected] Cc: [EMAIL PROTECTED] Subject: Re: Security questions In the php version of shindig you can configure the http fetcher to use a proxy server by setting: 'proxy' => 'proxy.host.com:port' in your configuration file (shindig/php/config/container.php or shindig/php/config/local.php), so no need for any custom coding there. On Fri, Oct 24, 2008 at 11:44 PM, Brian Eaton <[EMAIL PROTECTED]> wrote: > On Fri, Oct 24, 2008 at 3:13 AM, Tim Wintle <[EMAIL PROTECTED]> > wrote: > > (2) is the proxy prevented from hitting local addresses like localhost > > or should I configure rewrite conditions against such an address (to > > prevent access to server status pages etc) - haven't really got anything > > to test against on this box. > > No. The proxy shipped with java shindig is completely insecure. > Don't use it for anything except testing and prototyping. > > To make it secure you need to > 1) set up an HTTP proxy with access to the internet, not your internal > network. Squid would work for this. > 2) write an HttpFetcher subclass that uses the proxy. > > We should have some sample code for this in Java shindig, but we > don't. I think the PHP shindig has it already. >
