Tag Archives: HTTP

Install Squid as HTTP and HTTPS Proxy Server

While creating the vSearch 3.0, we needed a HTTP/HTTPS proxy server to test the new features like public cloud support. With a little search, I found the Squid server. It turned out to be pretty easy to install a new one and use it based on default settings.

Like most of the software package on CentOS, Squid can be installed using the yum command line. Here is what’s needed to install and configure it.

Posted in Applications & Tools | Also tagged , , | 2 Responses

How to Print out Http Request Headers in Java Servlet

While developing a new project, I need to check a request header from client side AJAX call in Javascript. This is not a difficult problem at all, but I found it’s pretty helpful with the headers printed in the log file, especially while debugging. The following code snippet iterates through all the headers and add their values into the string buffer, and further into logger of the Servlet. Notice that the value of a header is not a primitive value, therefore the inner loop is needed to go over each element.

Posted in Software Development | Also tagged , | 1 Response

OAuth For HTTP and REST API Authentication

Authentication is to verify users are really whom they claim they are. Since its inception, HTTP(s) has used different approaches like BASIC authentication, Form based authentication. Both require passing the user name and password from the client to the server. It’s definitely not good idea to use HTTP because the password is passed as it is or with very limited encoding like BASE64 – very easy to intercept the IP packets and extract out the password. When HTTPs is used, it’s much harder to get the password as all the traffic are encrypted. Still it’s subject to attacks like man-in-the-middle.

Posted in Software Development | Also tagged , , | Leave a comment

Nginx: How to Find out Real Source of HTTP Request

In a recent project using Nginx as reversed proxy server, I got into an interesting problem: how can the server behind the Nginx tell whether a HTTP request comes from remote host or local host? If I just look at the IP header of the request, they are all local because the reversed-proxied packets from remote seems to be sent from local as well. So I cannot really tell the source of a HTTP request.

Posted in Software Development | Also tagged , | 2 Responses

Configuring Nginx as Reversed Proxy Server for HTTPS

Nginx (pronounced as ‘engine x’) is a light-weight HTTP/reverse proxy/mail proxy server written by Igor Sysoe. It is flexible, lightweight compared, and high-performant with Apache. The official nginx site is here. The beginner guide is a very good starting point. The following is based on my hands-on experience with Nginx. If you have similar requirement, you can copy over the scripts and configuration for your environment.

Installing and running Nginx

Posted in Applications & Tools | Also tagged , | 2 Responses

How to Use HTTP with vSphere Client?

If you have viewed the video about Onyx by Carter Shanklin (@cshanklin), you may have noticed a little trick with the vSphere Client.

Normally on the login dialog box, you enter a hostname or IP address. By default, the vSphere Client use HTTPS to communicate with the server. That means you cannot easily see what’s passed back and forth on the wire. As shown in the Onyx video, Carter showed how to use HTTP instead of the default HTTPS with the following in the IP Address / Name field:


So the vSphere Client does support HTTP. In Onyx case, it points to localhost on which the Onyx is installed. You can actually point to a real vCenter or ESX/ESXi server directly – just change the localhost to the IP address of the server and the port to the default port 80 or remove the port part.

Before connecting the server, you need to change the server a bit for it to support HTTP. 

Posted in vSphere API | Also tagged , | Leave a comment

The Mythical Sessions in vSphere and VI

In my previous blogs, I talked about session management for scalability and best practices (#9). In this one, I am going to drill down to the bottom.

To your surprises, there are two types of sessions involved in vSphere SDK:

  • HTTP Session. It’s used to identify a client and tracked by the cookie in HTTP header. Once you login the server, all the successive requests have to carry the cookie header similar as follows


  • User Session. It’s used to identify a login session of a particular user. You can use SessionManager to find out more the details of the current user and other login users from the UserSession data object. The key in the UserSession is in the same format as the HTTP session, but you should never confuse them, or use them interchangeably.
Posted in vSphere API | Also tagged , , , , , , , , | 8 Responses

    My company has created products like vSearch ("Super vCenter"), vijavaNG APIs, EAM APIs, ICE tool. We also help clients with virtualization and cloud computing on customized development, training. Should you, or someone you know, need these products and services, please feel free to contact me: steve __AT__ doublecloud.org.

    Me: Steve Jin, VMware vExpert who authored the VMware VI and vSphere SDK by Prentice Hall, and created the de factor open source vSphere Java API while working at VMware engineering. Companies like Cisco, EMC, NetApp, HP, Dell, VMware, are among the users of the API and other tools I developed for their products, internal IT orchestration, and test automation.