Click here to Skip to main content
Click here to Skip to main content
Search within:



 
Comments & Discussions (82)

Simple HTTP Reverse Proxy with ASP.NET and IIS

By , 22 May 2004
 

Introduction

Sample Image - reverse-proxy.png

A reverse proxy is the same as a proxy except instead of delivering pages for internal users, it delivers them for external users. It can be used to take some load off web servers and provide an additional layer of protection. If you have a content server that has sensitive information that must remain secure, you can set up a proxy outside the firewall as a stand-in for your content server. When outside clients try to access the content server, they are sent to the proxy server instead. The real content resides on your content server, safely inside the firewall. The proxy server resides outside the firewall, and appears to the client to be the content server.

Where to use?

If you have an intranet with IP filtered security, you can offer the functionality of external consultation. You must just add the authentication system of your choice.

Functionality

This reverse proxy can run in two modes:

  • Mode 0: all web sites can be requested by clients with an URL like http://RevrseProxyURL/http//www.site.com/
  • Mode 1: only one web site can be requested. When the user requests the web application address, the proxy returns the content of this web site.

You can setup this mode in the web configuration file of you web application:

<appSettings>
    <!-- PROXY Mode
  0 : all web site can be requested by a client with 
      an url like <A href="http://reverseproxyurl/http//www.site.com/">http://ReverseProxyURL/http//www.site.com/</A>
  1 : Only on web site can be resuested by clients, \
      In this case Web Application uses RemoteWebSite variable 
      to deliver the content of the web site.
    -->
   <add key="ProxyMode" value="1" />
   <add key="RemoteWebSite" value="<A href="http://www.codeproject.com/">http://www.codeproject.com/</A>" />
</appSettings>

The code

Create an HttpHandler to intercept all requests:

using System;
using System.Configuration;
using System.Web;
using System.Net;
using System.Text;
using System.IO; 
namespace ReverseProxy
{
  /// <summary>
  /// Handler that intercept Client's request and deliver the web site
  /// </summary>

  public class ReverseProxy: IHttpHandler
  {
    /// <summary>
    /// Method calls when client request the server
    /// </summary>
    /// &;lt;param name="context">HTTP context for client</param>

    public void ProcessRequest(HttpContext context)
    {
      //read values from configuration 
      fileint proxyMode = 
        Convert.ToInt32(ConfigurationSettings.AppSettings["ProxyMode"]);
      string remoteWebSite = 
        ConfigurationSettings.AppSettings["RemoteWebSite"];
      string remoteUrl;
      if (proxyMode==0)
        remoteUrl= ParseURL(context.Request.Url.AbsoluteUri);
      //all site 
      acceptedelseremoteUrl= 
        context.Request.Url.AbsoluteUri.Replace("http://"+
        context.Request.Url.Host+
        context.Request.ApplicationPath,remoteWebSite);
      //only one site accepted
      //create the web request to get the remote stream
      HttpWebRequest request = 
        (HttpWebRequest)WebRequest.Create(remoteUrl);
      //TODO : you can add your own credentials system
      //request.Credentials = CredentialCache.DefaultCredentials;
      HttpWebResponse response;
      try
      {
        response = (HttpWebResponse)request.GetResponse ();
      }
      catch(System.Net.WebException we)
      {
        //remote url not found, send 404 to client 
        context.Response.StatusCode = 404;
        context.Response.StatusDescription = "Not Found";
        context.Response.Write("<h2>Page not found</h2>");
        context.Response.End();
        return;
      }
      Stream receiveStream = response.GetResponseStream();

      if ((response.ContentType.ToLower().IndexOf("html")>=0) 
        ||(response.ContentType.ToLower().IndexOf("javascript")>=0))
      {
        //this response is HTML Content, so we must parse it
        StreamReader readStream = 
          new StreamReader (receiveStream, Encoding.Default);
        Uri test = new Uri(remoteUrl);
        string content;
        if (proxyMode==0)
          content= ParseHtmlResponse(readStream.ReadToEnd(), 
            context.Request.ApplicationPath+"/http//"+test.Host);
        else
          content= ParseHtmlResponse(readStream.ReadToEnd(),
            context.Request.ApplicationPath);
        //write the updated HTML to the client
        context.Response.Write(content);
        //close streamsreadStream.Close();
        response.Close();
        context.Response.End();
      }
      else
      {
        //the response is not HTML 
        Contentbyte[] buff = new byte[1024];
        int bytes = 0;
        while( ( bytes = receiveStream.Read( buff, 0, 1024 ) ) > 0 )
        {
          //Write the stream directly to the client 
          context.Response.OutputStream.Write (buff, 0, bytes );
        }
        //close streams
        response.Close();
        context.Response.End();
      }
    }

    /// <summary>
    /// Get the remote URL to call
    /// </summary>
    /// <param name="url">URL get by client</param>
    /// <returns>Remote URL to return to the client</returns>

    public string ParseURL(string url)
    {
      if (url.IndexOf("http/")>=0)
      {
        string externalUrl=url.Substring(url.IndexOf("http/"));
        return externalUrl.Replace("http/","http://") ;
      }
      else
        return url;
    }

    /// <summary>
    /// Parse HTML response for update links and images sources
    /// </summary>
    /// <param name="html">HTML response</param>
    /// <param name="appPath">Path of application for replacement</param>
    /// <returns>HTML updated</returns>
    public string ParseHtmlResponse(string html,string appPath)
    {
      html=html.Replace("\"/","\""+appPath+"/");
      html=html.Replace("'/","'"+appPath+"/");
      html=html.Replace("=/","="+appPath+"/");
      return html;
    }
    ///
    /// Specifies whether this instance is reusable by other Http requests
    ///
    public bool IsReusable
    {
      get
      {
        return true;
      }
    }
  }
}

Configure the handler in web.config

You must add these lines in web.config file to redirect all user queries to the HTTPHandler:

<httpHandlers>
   <add verb="*" path="*" type="ReverseProxy.ReverseProxy, ReverseProxy" />
</httpHandlers>

Configure IIS

If you want to process a request with any file extension, then you need to change IIS to pass all requests through to the ASP.NET ISAPI extension. Add the HEAD, GET and POST verbs to all files with .* file extension and map those to the ASP.NET ISAPI extension - aspnet_isapi.dll (in your .NET framework directory). The complete range of mappings, includes the new .* mapping.

TODO's

Now, you can develop your own security system, based on form, Windows or passport authentication.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

About the Author

 Vincent Brossier
Web Developer
France France
Member
Vincent Brossier is a software engineer from Paris, FRANCE, specializing in .Net.
Vincent is in charge of development of the Parisian university's Intranet, I take part in a nationnal project of numerical campus.
His role is to seek best technicals solutions to satisfy the 35000 users of this Intranet. Specialized in the development of distributed applications, vincent work primarily with technologies microsoft .NET (C#, ASP.NET, Webservices, SQLServer) even if he have also work with java technologies (Peer-to-peer sharing documents tool).
Vincent have also set up Open-Source solutions such as SPIP in nursery schools.
When he's not programming, he enjoys playing Guitar.

Article Top
 
Sign Up to vote   Poor Excellent
Add a reason or comment to your vote: x
Votes of 3 or less require a comment

Comments and Discussions

 
You must Sign In to use this message board.
Search this forum  
    Spacing  Noise  Layout  Per page   
First PrevNext
QuestionNot Work in internetmemberDothanhhai2 Nov '12 - 9:57 
i run in clocal it run good, when i upload to host it error iis
Sign In·View Thread·Permalink
QuestionWhen size of page to display too big, hangs briefly, renders incomplete pagememberJim Cross23 Nov '11 - 8:53 
Works fine until the size of the page to be rendered is too big (e.g. many records returned). The page will render partialy and then hang for a while (130 seconds; IE8 progress bar at 30%) and then finish rendering the page but the page is incomplete.
Sign In·View Thread·Permalink
QuestionSpurious null character added to end of stream?memberSteven Hirschorn25 Aug '11 - 1:46 
Thanks for the code.
 
I've stripped out a lot of the code I don't need for my implementation but there is a problem with the output of the receiveStream output. The resources I am proxying are XML documents. The proxy returns them identically to the source server, but somehow appends a null character (0x00) to the end of the stream. I've run it through the debugger and it is not present in receiveStream so it is either by the context.Response.OutputStream.Write(buff, 0, bytes); line or the context.Response.End(); line.
 
I wouldn't worry about it if it didn't cause browsers to consider the XML doc malformed!
 
Does anyone know what introduces the stray character?
 
Thanks!
Steven
Sign In·View Thread·Permalink
Questionreverse proxy and WCF-Servicememberwalter.anna24 Jan '10 - 1:56 
Hello,
 
i would like make reverse proxy with WCF-Service.
Can everybody help me?
 
Thanks.
 
Walter
Sign In·View Thread·Permalink
Questionhow can i bypass the processrequest method?membervitiris4 Jan '10 - 18:11 
I'm using this proxy by the following:
 
google.mydomain.com will get the google.com website
yahoo.mydomain.com will get the yahoo.com website
and so on like that.
 
if i want to go to mydomain.com/login/default.aspx or some other page, how can I bypass the request and go directly to this page ignoring all of the reverseproxy code?
thanks
Sign In·View Thread·Permalink
QuestionHow to set it up?membermaria_mir7 Jul '09 - 20:48 
I cannot figure out how to set up the demo project at my side. There are no installation instructions, only the global and web.config and a dll. How to start with it now?
Sign In·View Thread·Permalink
AnswerRe: How to set it up?membermaria_mir12 Jul '09 - 22:18 
Following are its deployment instructions;
 
1. Create a new directory named Handler under the C:\Inetpub\Wwwroot directory.
2. Copy the bin directory with the dll (ReverseProxy dll) and the web.config in the Handler directory.
3. Follow these steps to mark the new Handler directory as a Web application:
4. Open Internet Services Manager.
o Right-click the Handler directory, and then click Properties.
o On the Directory tab, click Create.
o Follow these steps to create an application mapping for the handler. For this handler, create a mapping to the Aspnet_isapi.dll file for the .* extension.
o Right-click on the Handler Web application, and then click Properties.
o On the Directory tab, click Configuration.
o Click Add to add a new mapping.
o In the Executable text box, type the following path: Microsoft Windows 2000:
 C:\WINNT\Microsoft.NET\Framework\<version#>\Aspnet_isapi.dll
o Microsoft Windows XP:
 C:\WINDOWS\Microsoft.NET\Framework\<version#>\Aspnet_isapi.dll
o In the Extension text box, type .*
o Make sure that the Check that file exists check box is cleared
o Double click the path textbox if OK button is not enabled; and then click OK to close the Add/Edit Application Extension Mapping dialog box.
o Click OK to close the Application Configuration and the Handler Properties dialog boxes.
o Close Internet Services Manager.
 
Now browse to http://localhost/Handler/http//www.google.com – for mode 0
And http://localhost/Handler/ - for mode 1
Sign In·View Thread·Permalink
AnswerRe: How to set it up?membereric_ruck4 Aug '11 - 5:44 
You can also copy the ReverseProxy.cs into a folder called App_Code within your web application. In your web.config file, when you add the httpHandler, set the type to "ReverseProxy.ReverseProxy" (leave out the text past the comma).
Sign In·View Thread·Permalink
GeneralSome changesmemberrickleb21 Mar '09 - 6:16 
I used this code to set up another IIS 6 website in parallel with my public site. This is a secure (SSL) site. So I wanted to use https externally to access internal http servers (Nagios running on Apache on Linux). Here is a summary of the changes that I made. First, note that I did not test the "all sites" proxy mode, just the individual site mode.
 
So my IIS 6 setup looks like this:
 
Default site (my primary HTTPS site)
nagios1 (my first nagios server)
nagios2 (my second nagios server)
 
nagios1 and nagios2 each have the ReverseProxy application installed in the root. On IIS 5 & 6, if you want to map all mime types to the ihttphandler, you must do it for the entire site. That is why I didn't just use a virtual directory. IIS 7 removes this restraint.
 
The first change was to this section:
 
 string remoteUrl;
 if (proxyMode==0)
    remoteUrl= ParseURL(context.Request.Url.AbsoluteUri); //all site accepted
 else
   remoteUrl= context.Request.Url.AbsoluteUri.Replace("http://"+
         context.Request.Url.Host+context.Request.ApplicationPath,remoteWebSite);
 

There were 2 issues. The first was that "http://" was hard coded. Wouldn't work for https. In my case, the external site was https and internally it was http. After the following changes, this wasn't an issue. The second issue was that sometimes "proxy.aspx" was in the URL, sometimes not. I put some code in to check for this as well:
 
 string remoteUrl;
 
 string sProtocol = context.Request.Url.Scheme + "://" + 
           context.Request.Url.Host +  context.Request.ApplicationPath;
 remoteUrl = context.Request.Url.AbsoluteUri.Replace(sProtocol, remoteWebSite); //only one site accepted
 int iLength = remoteUrl.LastIndexOf("proxy.aspx");
 if (iLength > 0)
    remoteUrl = remoteUrl.Substring(0, iLength);
 
A second issue was that on any error, "404" was returned, which made it very hard to determine what the real back end error was. I changed the exception block to pass along the backend error with a description:
 
Original code:
 
 catch(System.Net.WebException we)
 {
 //remote url not found, send 404 to client 
	context.Response.StatusCode = 404;
	context.Response.StatusDescription = "Not Found";
	context.Response.Write("<h2>Page not found</h2>");
	context.Response.End();
	return;
 }
 
New code:
 catch(System.Net.WebException we)
 {
	int		iStatus;
	string	sStatus;
	//remote url not found, send status to client 
	sStatus = we.ToString();
	int iIndex = we.ToString().IndexOf('(');
	iStatus = 491; // Our own error code if theirs is invalid - unlikely
	if (iIndex != -1)
            iStatus = Convert.ToInt32(we.ToString().Substring(++iIndex, 3));
	context.Response.StatusCode = iStatus;
	context.Response.StatusDescription = we.Message;
	context.Response.Write("<h2>From ReverseProxy - " + we.Message + 
            "</h2><br><center><h3><br>" + we.Data + "<br>URL: " +
                   we.Response.ResponseUri + "</br></br></h3></center>");
	context.Response.End();
	return;
 }</br>
 

Lastly, the remapping of the links didn't work if the application was in the web site's root directory. This was because the replacement string was basically a single '/'. In this case, the browser would not have the correct relative path or the absolute path.
 
The solution was easy. Pass the absolute path. So
 
content= ParseHtmlResponse(readStream.ReadToEnd(),context.Request.ApplicationPath);
 
becomes
 
content = ParseHtmlResponse(readStream.ReadToEnd(), sProtocol);
 
Note that "sProtocol" was calculated above.
 
And finally, change ParseHtmlResponse from
 
 public string ParseHtmlResponse(string html,string appPath)
 {
	html=html.Replace("\"/","\""+appPath+"/");
	html=html.Replace("'/","'"+appPath+"/");
	html=html.Replace("=/","="+appPath+"/"); 
	return html;
 }
 
to
 
 public string ParseHtmlResponse(string html,string appPath)
 {
	html = html.Replace("\"/", "\"" + appPath);
	html = html.Replace("'/", "'" + appPath);
	html = html.Replace("=/", "=" + appPath); 
	return html;
 }
 
Since the trailing backslash is already included in sProtocol.
 
These changes did not break the way the code worked originally, but they do make it more robust and work in more environments.
 
Finally, to save others a lot of heartache, here is a link to an article on how to create a server certificate that can be shared by different sites on the same machine using SSL host headers. This is non-obvious, and you can't have multiple SSL sites without it.
 
http://thelazyadmin.com/blogs/thelazyadmin/archive/2006/06/16/IIS-6.0-and-SSL-Host-Headers.aspx[^]
 
Also, remember that the "common name" for each site must be in DNS so IIS knows which site to direct the request to.
 
Now you can host multiple servers from a single IIS servers, using https externally and http internally ig you desire.
 
Hope this helps others.
Rick Bross
 
Hope this helps others.
Sign In·View Thread·Permalink
GeneralRe: Some changesmemberMunirS30 Aug '09 - 2:04 
In regards to remapping fo URLS in ParseHTML routine, why would you change all paths to absolutepaths?
 
Aren't you supposed to leave everything relative to the address on the browser (ie context URL)?
 
If you point the links to an absolute value, you risk changing the address on the address bar.
 
Isn't reverse proxy supposed to act as if it supplying the content from the address that the user types in, ie on the browser??
 
Those who try and those who fry!
Sign In·View Thread·Permalink
Last Visit: 31 Dec '99 - 18:00     Last Update: 24 May '13 - 9:15Refresh123456789 Next »

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

About Article
Learn how easy it is to create HTTP Reverse Proxy in .NET using IIS.
Type Article
Licence 
First Posted 22 May 2004
Views 366,269
Bookmarked 86 times

, +
Top News

Old Japanese Man Creates Amazing Art Using Excel (Wait, Excel?)

Get the Insider News free each morning.
Related Videos
Video #3 - Virtual Machines in Hyper - V
Introduction To Razor View Engine (ASP.Net MVC Part - 8)
Reverse Proxy in C# .NET v2.0
Simple Reverse Proxy in C# 2.0 (description and deployment)
Protect non-.NET Assets Using a .NET Reverse Proxy with Forms Authentication and ISAPI
Making WCF RIA Services work in a DMZ/Multitier architecture using Application Request Routing
Ten things to do with IIS
SOAP Web Services: Create Once, Consume Everywhere
Fast, Scalable, Streaming AJAX Proxy - continuously deliver data from across domains
Exploring Caching in ASP.NET
COMET (or Reverse AJAX) based Grid Control for ASP.NET Web Applications - Scalable, High Performance and Low Latency Grid Control
.NET Remoting under IIS - ASP.NET Application as Client
A first look at the Windows Web Services API
Package that speeds up loading of JavaScript, CSS and image files
A Beginner's Tutorial on How to Host a WCF Service (IIS Hosting and Self Hosting)
Caching WCF javascript proxy on browser
Secure Web Services via Message oriented Middleware
Beginner's Guide: Exploring IIS 6.0 With ASP.NET
Windows Communication Foundation FAQ quick starter Part 1
Using the Web Service Callbacks in the .NET Application
Caching Images in ASP.NET
URL Rewriting using ASP.NET for SEO
Permalink | Advertise | Privacy | Mobile
Web04 | 2.6.130523.1 | Last Updated 23 May 2004
Article Copyright 2004 by Vincent Brossier
Everything else Copyright © CodeProject, 1999-2013
Terms of Use
Layout: fixed | fluid