quarta-feira, fevereiro 02, 2005

amessage: Using Jabber behind firewalls

amessage: Using Jabber behind firewalls

Artigo bom pra colocar um messenger no ar, sem mtas parafernalhas e estando dentro de uma jaula.

Using Jabber over an HTTP proxyThe more common case in which you might be interested in this document should be, that you have no administrative access to your firewall and you want to use your Jabber client behind and existing firewall. In this case this section is the best bet for you.

In this case most of the time you only have access to the world wide web and your local mail and file servers. Often users call this in my network only port 80 is open to the internet but most of the cases not even that is true because: I bet port 80 is closed as well and the users cannot connect directly to the web at all, they have to use a proxy, that relays the connections to the web. Using the proxy might be transparent and it might not be necessary to configure the proxy in your web browser, the network will then transparently route all connections on port 80 to the proxy.

There is Jabber Server jabber80.com, that allows you to connect to it using port 80. So if your network really allows you outgoing connections to this port, you might want to test this server as well. But in the case, that you have either explicitly or transparently use a transport, it won't help you that the server is listening at port 80. Proxies do not just relay your request connection to the outside web server, but will read your request, get the requested document by the outside server and forward it to you. Therefore if you send a Request to a web proxy, it has to be a valid HTTP request - and the Jabber protocol is no valid HTTP request.

The above rule that the proxy will not relay the connection but process the request itself has one important exception: HTTPS requests. The HTTPS protocol is designed to authenticate the server against the client. This is done because for some web applications (e.g. financial transactions) the user has to be sure that he is speaking to the bank and noone is able to modify the data inbetween). Therefore it cannot be accepted that the proxy is able to see or modify the request and it has only the possibility to pass the HTTPS request as it is to the server. This can be used to pass Jabber connections through the proxy very well. The only restriction a web proxy normally takes on https connections is that they have to go to the standard port for https requests which is port 443. Cause of this some Jabber servers (including all amessage servers, jabber.org.uk, jabberes.org, chrome.pl, jabber.wp.pl, jabber.elektron.com.pl and others) allow you to use port 443 to connect to them as well.

Servers urls


Nenhum comentário: