Skip to end of metadata
Go to start of metadata

Introduction

YADE can establish connections that are routed over proxies, also when connections pass through a demilitarized zone.

However the type of authentication allowed and the protocol used for the 'main' connection have to be considered when selecting a proxy.

File Transfer Protocols and Proxy Protocols

The following proxy protocols are available:

Different Proxy protocols can be used for different file transfer protocols. For example:

  • HTTP proxies can be used with the FTP, HTTP, HTTPS and WebDAV protocols.
  • SOCKS4 proxies can be used with FTP, FTPS and SFTP protocols.
  • SOCKS5 proxies can be used with FTP, FTPS and SFTP protocols.
  • See the YADE Parameter Reference - Reusable Elements - Proxy for more detailed information.

Local or remote Proxy Connection and Authentication

A proxy can be installed on any host in the network and is identified by its connection parameters.

Some Proxy protocols - e.g. SOCKS5 - allow authentication credentials to be specified.

Proxies connections are all configured using BasicConnection and BasicAuthentication elements - SSHAuthentication is not possible.

Specifying Proxy Connections

Connections to source hosts, jump hosts or target systems can be routed by a proxy.

  • Proxies are defined for file transfer protocols and connections:
    • In the YADE XML configuration schema proxy elements are children of ProtocolFragments. For example,
      • the ProxyForSFTP element is a child of the SFTPFragment
      • two separate ProtocolFragments would need to be configured if it was required to define a direct connection to a server and a connection over a proxy.
  • A proxy configuration consists of:
    • a connection to the host where the proxy is located, which is specified with a BasicConnection element and
    • credentials for authentication (optional), specified using a BasicAuthentication element

The XML element hierarchy used to specify a proxy for - here - an SFTP connection are:

  • ProtocolFragments
    • SFTPFragment
      • BasicConnection
      • SSHAuthentication
      • ProxyForSFTP (optional)
        • SOCKS4Proxy
          • BasicConnection
            • Hostname
            • Port
        • SOCKS5Proxy
          • BasicConnection
            • Hostname
            • Port (optional)
          • BasicAuthentication
            • Account
            • Password (optional)
      • other optional elements

Specifying Proxy Connections for Jump Hosts / Demilitarized Zones

YADE-286 - Getting issue details... STATUS

HTTP Proxy elements can be specified for JumpFragment elements. 

The XML element hierarchy used to specify a proxy for - here - an SFTP connection for a jump host / demilitarized zone are:

  • ProtocolFragments
    • JumpFragment
      • ProxyForSFTP
        • HTTPProxy
          • BasicConnection
            • Hostname
            • Port (optional)
          • BasicAuthentication
            • Account
            • Password (optional)
        • SOCKS4Proxy
          • BasicConnection
            • Hostname
            • Port
        • SOCKS5Proxy
          • BasicConnection
            • Hostname
            • Port (optional)
          • BasicAuthentication
            • Account
            • Password (optional)

Change Management References

T Key Linked Issues Fix Version/s Status P Summary Updated
Loading...
Refresh

 

  • No labels
Write a comment…