[prev in list] [next in list] [prev in thread] [next in thread]
List: xmlrpc-user
Subject: Re: REPOST: https
From: Martin Redington <m.redington () ucl ! ac ! uk>
Date: 2002-11-11 12:59:15
[Download RAW message or body]
Thanks Mauro. I'm just taking a look at it now, to see if I can get
some tips to get my secure test case working ...
cheers,
Martin
On Monday, November 11, 2002, at 09:47 AM, Mauro Canal wrote:
> Hi
>
> I recently implemented an easy to use start up functionality
> (including SSL)
> for the Apache XML-RPC package.
>
> Configuration of the build in servers (WebServer and SecureWebServer)
> and
> assosciated handlers is done in a XML file (conf/server.xml).
>
> I put all together on http://canalsystems.net/xml-rpc/index.html
>
> Mauro Canal
> mcanal@canalsystems.net
> ----------------------------------------------------------------------
> canal systems GmbH http://canalsystems.net
> Kreuzlingerstrasse 132
> CH-8587 Oberaach Tel. +41-71 411 10 80
>
>
>
>> -----Original Message-----
>> From: Ryan Hoegg [mailto:rhoegg@isisnetworks.net]
>> Sent: Sunday, November 10, 2002 7:18 PM
>> To: rpc-user@xml.apache.org
>> Subject: Re: https
>>
>>
>> Martin Redington wrote:
>>
>>> On Saturday, November 9, 2002, at 08:08 PM, Devon E Bowen wrote:
>>>
>>>> I need to run a simple XML-RPC server and I like the Apache XML-RPC
>>>> approach since it lets me write in Java. The fact that it includes
>>>> a lightweight HTTP server is also nice since I have no need for any
>>>> other web services on this machine. However, I need SSL and I don't
>>>> see a way to easily make HTTPS work.
>>>
>>> The SecureWebServer class should support ssl, but I haven't found any
>>> useful documentation, and I can't get it to work. See my previous
>>> posts in the archives
>>> (http://archives.apache.org/eyebrowse/SummarizeList?listId=70) for
>>> more details. If you look further back in the archives, someone
>>> posted
>>> a code snippet how to get some secure functionality working, but it
>>> looks far fiddlier than it should be.
>>
>> Martin is right, the SSL documentation is scanty on the client and the
>> server side. We are currently working on a branch to separate the
>> transport layer stuff (HTTP, HTTPS, authentication, who knows what
>> else)
>> so I don't think I want to take the time to document this version. As
>> we don't have a release date for the new version, any documentation
>> for
>> SSL in 1.1 would be appreciated! Please reference Martin's bug at
>> http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14272 if you decide
>> to
>> take this on.
>>
>> I will make sure that documentation is a deliverable for the 2.x
>> transport layer code we are working on now.
>>
>>> Personally, I would scrap apache (not that I'm not a huge fan), and
>>> go
>>> with standalone tomcat, with a servlet to handle the xmlrpc requests.
>>>
>>> I've got a neat generic little servlet that can register a list of
>>> handlers whose names and classes are specified in a properties file,
>>> and that uses Echo as a handler by default. I took the ProxyServlet
>>> class from apache-xml as a starting point, and it took about 10
>>> minutes from there (I might be able to release this back to the
>>> project, if you're interested).
>>>
>>> Let tomcat handle the ssl for you (I haven't got round to that bit
>>> yet, but I would hope that its fairly simple, robust, and
>>> well-documented in tomcat) ...
>>
>> This is an excellent suggestion.
>>
>> --
>> Ryan Hoegg
>> ISIS Networks
>> http://www.isisnetworks.net
>>
>>
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic