ch08: Integration Points
Gateways, Tunnels, and Relays
1. Gateways
Three Types of Gateway:
Gateways are described by their client- and server-side protocols, separated by a slash:
Server-side gateways speak HTTP with clients and a foreign protocol with servers (HTTP/*).
Client-side gateways speak foreign protocols with clients and HTTP with servers (*/HTTP).
2. Protocol Gateways
2.1 HTTP/*: Server-Side Web Gateways
Convert client-side HTTP requests into a foreign protocol, as the requests travel inbound to the origin server.
2.2 HTTP/HTTPS: Server-Side Security Gateways
2.3 HTTPS/HTTP: Client-Side Security Accelerator Gateways
HTTPS/HTTP gateways sit in front of the web server, usually as an invisible intercepting gateway or a reverse proxy.
They receive secure HTTPS traffic, decrypt the secure traffic, and make normal HTTP requests to the web server.
These gateways often include special decryption hardware to decrypt secure traffic much more efficiently than the origin server.
3. Resource Gateways
An application server:
3.1 Common Gateway Interface (CGI)
4. Tunnels
Web tunnels, enable access to applications that speak non-HTTP protocols through HTTP applications.
4.1 Establishing HTTP Tunnels with CONNECT
Web tunnels are established using HTTP's CONNECT method.
CONNECT requests:
CONNECT responses:
4.2 SSL Tunneling
Web tunnels were first developed to carry encrypted SSL traffic through firewalls.
To allow SSL traffic to flow through existing proxy firewalls, a tunneling feature was added to HTTP, in which raw, encrypted data is placed inside HTTP messages and sent through normal HTTP channels.
4.3 Tunnel Authentication
5. Relays
HTTP relays are simple HTTP proxies that do not fully adhere to the HTTP specifications.
Relays process enough HTTP to establish connections, then blindly forward bytes.
Last updated
