Wednesday, May 25, 2005

What is HTTP tunneling?

In most cases, network administrators will configure a firewall to only allow HTTP traffic on the default Web server port, 80. Traffic sent across an HTTP connection is considered relatively safe and, thus, HTTP has become the standard entry protocol to an internal network. Technologies such as SOAP have been designed to provide safe access through a firewall by using HTTP as the transport protocol.

HTTP tunneling is designed mainly for firewall aversion. HTTP tunneling performs protocol encapsulation, by enclosing data packets of one protocol (SOAP, JRMP, etc.) within HTTP Packets. The HTTP packets are then sent across the firewall as normal internet traffic.

SOAP is an excellent example of HTTP-Tunneling in the modern era of distributed computing.

The HTTP tunneling can be thought as a way to use an existing road of communication (HTTP) and create a subprotocol within it to perform specific tasks.
The subprotocol will contain all the information necessary to create an object on the Web Server, invoke the method on that object and return results back to the client.