Beyond the fact that I don't think you can keep the connection open (you might be able to do some creative things with HTTP 1.1, I don't know), this is not the right thing to do.
Warning: rant follows!
Firewalls are here for a reason: to isolate the internal network from the Wild Wild Internet. Firewalls allow certain types of communication to the outside world. Network administrators are paid to ensure that those communications are reasonably safe. They usually do this by allowing certain ports to be open, based on the services these ports provide. If you start using port 80 for an XML socket server (not to mention SOAP or XML-RPC) then you completely break this security model. The admin does not know that you are using port 80 for a non-standard purpose, hence she can't do her job and keep the system secure.
If I was a network administrator and discovered that people are using that kind of trick on my network, be sure there would be consequences!
The right thing to do is to setup your server on a defined port and to ask the network admin to open it. You might have to justify the need and to demonstrate that this new service is secure. THIS IS A GOOD THING!
You might find Paul Prescod's Some thoughts about SOAP versus REST on Security an interesting read.
In reply to Re: XML socket server HTTP tunneling
by mirod
in thread XML socket server HTTP tunneling
by JamieD
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |