HTTPClient for GLASS 3.0.1

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
24 messages Options
12
Reply | Threaded
Open this post in threaded view
|

HTTPClient for GLASS 3.0.1

Sebastia Van Lacke
Hi, I need to send an HTTPPost request to validate a captcha. I was
using Hyper (HyHTTPClient) in previous versions of GLASS.

Is it possible to use Hyper with 3.0.1? I'm having problems trying to load it.

Which is the simplest way to do a post?

Thanks!

Sebastian
Reply | Threaded
Open this post in threaded view
|

Re: HTTPClient for GLASS 3.0.1

Dale Henrichs
Sebastian,

I haven't ported Hyper to 3.0 ... these days I think that Zinc is the better alternative.

Paul DeBruicker did a port a while ago (ConfigurationOfZincHTTPComponents inSqueakSource MetacelloRepository). Most of the tests passed and most of the important functionality was present ... it does end up dirtying some of the GLASS packages (clean at the time of the port), so there is some work pending to make another pass.

I've talked to Sven Van Caekenberghe and he is willing to put Zinc (and Zodiac) up on git hub, where we can mount a collaborative effort to port the latest and greatest code to GemStone ...

With all of that said, it shouldn't be that hard to get Hyper ported to 3.0. Take a quick look at Zinc ... if it looks like you can't easily use it, let me know and I'll take a stab at a Hyper port ...

Dale

----- Original Message -----
| From: "Sebastian Van Lacke" <[hidden email]>
| To: [hidden email]
| Sent: Tuesday, May 8, 2012 7:32:16 AM
| Subject: [GS/SS Beta] HTTPClient for GLASS 3.0.1
|
| Hi, I need to send an HTTPPost request to validate a captcha. I was
| using Hyper (HyHTTPClient) in previous versions of GLASS.
|
| Is it possible to use Hyper with 3.0.1? I'm having problems trying to
| load it.
|
| Which is the simplest way to do a post?
|
| Thanks!
|
| Sebastian
|
Reply | Threaded
Open this post in threaded view
|

Accessing my Seaside/GLASS app through HTTPS

Larry Kellogg
Hello, 
  So, I would like to have my app renew itself on a canvas within Facebook. Unfortunately, they now require HTTPS connections to the app server. What can I do to support SSL through nginx to Seaside/GLASS? Am I out of luck? 

  Larry

Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Dale Henrichs
Larry,

I wonder if you can proxy https connections? I'm not a web-server guru, so I'm not the one to ask ...

GemStone 3.1 will have SSL socket support, so you might consider upgrading to 3.1 when it becomes available, which is very soon ...

Dale

----- Original Message -----
| From: "Lawrence Kellogg" <[hidden email]>
| To: "GemStone Seaside beta discussion" <[hidden email]>
| Sent: Tuesday, May 29, 2012 5:45:15 PM
| Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
|
| Hello,
| So, I would like to have my app renew itself on a canvas within
| Facebook. Unfortunately, they now require HTTPS connections to the
| app server. What can I do to support SSL through nginx to
| Seaside/GLASS? Am I out of luck?
|
|
| Larry
|
|
Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Dale Henrichs
If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ...

Dale

----- Original Message -----
| From: "Dale Henrichs" <[hidden email]>
| To: "GemStone Seaside beta discussion" <[hidden email]>
| Sent: Tuesday, May 29, 2012 6:25:05 PM
| Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
|
| Larry,
|
| I wonder if you can proxy https connections? I'm not a web-server
| guru, so I'm not the one to ask ...
|
| GemStone 3.1 will have SSL socket support, so you might consider
| upgrading to 3.1 when it becomes available, which is very soon ...
|
| Dale
|
| ----- Original Message -----
| | From: "Lawrence Kellogg" <[hidden email]>
| | To: "GemStone Seaside beta discussion" <[hidden email]>
| | Sent: Tuesday, May 29, 2012 5:45:15 PM
| | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
| |
| | Hello,
| | So, I would like to have my app renew itself on a canvas within
| | Facebook. Unfortunately, they now require HTTPS connections to the
| | app server. What can I do to support SSL through nginx to
| | Seaside/GLASS? Am I out of luck?
| |
| |
| | Larry
| |
| |
|
Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Larry Kellogg
That would be great! Thanks, Dale!

Sent from my iPhone

On May 29, 2012, at 9:27 PM, Dale Henrichs <[hidden email]> wrote:

> If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ...
>
> Dale
>
> ----- Original Message -----
> | From: "Dale Henrichs" <[hidden email]>
> | To: "GemStone Seaside beta discussion" <[hidden email]>
> | Sent: Tuesday, May 29, 2012 6:25:05 PM
> | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
> |
> | Larry,
> |
> | I wonder if you can proxy https connections? I'm not a web-server
> | guru, so I'm not the one to ask ...
> |
> | GemStone 3.1 will have SSL socket support, so you might consider
> | upgrading to 3.1 when it becomes available, which is very soon ...
> |
> | Dale
> |
> | ----- Original Message -----
> | | From: "Lawrence Kellogg" <[hidden email]>
> | | To: "GemStone Seaside beta discussion" <[hidden email]>
> | | Sent: Tuesday, May 29, 2012 5:45:15 PM
> | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
> | |
> | | Hello,
> | | So, I would like to have my app renew itself on a canvas within
> | | Facebook. Unfortunately, they now require HTTPS connections to the
> | | app server. What can I do to support SSL through nginx to
> | | Seaside/GLASS? Am I out of luck?
> | |
> | |
> | | Larry
> | |
> | |
> |
Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Scott Sproule
you can of course use stunnel with your existing application on gemstone to achieve what you want.

eg: set a stunnel configruation file similar to:
client = yes
foreground = yes
debug = 7
[amazonses]
accept = 20011
connect = email.us-east-1.amazonaws.com:443


And then connect to port 20011 on your local host via http to connect to amazon.

(just remember that you may need to set the HOST paramater in the http call to the correct hostname- this is true for amazon).

I think this is the simplest way to get things going and I am using it in production now.

S.
On May 30, 2012, at 9:33 AM, Lawrence Kellogg wrote:

> That would be great! Thanks, Dale!
>
> Sent from my iPhone
>
> On May 29, 2012, at 9:27 PM, Dale Henrichs <[hidden email]> wrote:
>
>> If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ...
>>
>> Dale
>>
>> ----- Original Message -----
>> | From: "Dale Henrichs" <[hidden email]>
>> | To: "GemStone Seaside beta discussion" <[hidden email]>
>> | Sent: Tuesday, May 29, 2012 6:25:05 PM
>> | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
>> |
>> | Larry,
>> |
>> | I wonder if you can proxy https connections? I'm not a web-server
>> | guru, so I'm not the one to ask ...
>> |
>> | GemStone 3.1 will have SSL socket support, so you might consider
>> | upgrading to 3.1 when it becomes available, which is very soon ...
>> |
>> | Dale
>> |
>> | ----- Original Message -----
>> | | From: "Lawrence Kellogg" <[hidden email]>
>> | | To: "GemStone Seaside beta discussion" <[hidden email]>
>> | | Sent: Tuesday, May 29, 2012 5:45:15 PM
>> | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
>> | |
>> | | Hello,
>> | | So, I would like to have my app renew itself on a canvas within
>> | | Facebook. Unfortunately, they now require HTTPS connections to the
>> | | app server. What can I do to support SSL through nginx to
>> | | Seaside/GLASS? Am I out of luck?
>> | |
>> | |
>> | | Larry
>> | |
>> | |
>> |

Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Larry Kellogg
Hello,
  Thanks for the response. I've never used stunnel before so I'm a little confused.


On May 29, 2012, at 10:59 PM, mail list wrote:

> you can of course use stunnel with your existing application on gemstone to achieve what you want.
>
> eg: set a stunnel configruation file similar to:
> client = yes
> foreground = yes
> debug = 7
> [amazonses]
> accept = 20011
> connect = email.us-east-1.amazonaws.com:443
>
>

  As far as I know, currently, nginx is listening on port 80, and then it forwards to FastCGI servers on 9001, 9002, 9003.
Now, I have installed stunnel and opened up port 443 in the security group.

  Do I need to monitor/forward another port in nginx?


> And then connect to port 20011 on your local host via http to connect to amazon.
>

I don't know what this means, sorry.


> (just remember that you may need to set the HOST paramater in the http call to the correct hostname- this is true for amazon).
>

  Where do I set the HOST parameter in the http call?

  Larry



> I think this is the simplest way to get things going and I am using it in production now.
>
> S.





> On May 30, 2012, at 9:33 AM, Lawrence Kellogg wrote:
>
>> That would be great! Thanks, Dale!
>>
>> Sent from my iPhone
>>
>> On May 29, 2012, at 9:27 PM, Dale Henrichs <[hidden email]> wrote:
>>
>>> If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ...
>>>
>>> Dale
>>>
>>> ----- Original Message -----
>>> | From: "Dale Henrichs" <[hidden email]>
>>> | To: "GemStone Seaside beta discussion" <[hidden email]>
>>> | Sent: Tuesday, May 29, 2012 6:25:05 PM
>>> | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
>>> |
>>> | Larry,
>>> |
>>> | I wonder if you can proxy https connections? I'm not a web-server
>>> | guru, so I'm not the one to ask ...
>>> |
>>> | GemStone 3.1 will have SSL socket support, so you might consider
>>> | upgrading to 3.1 when it becomes available, which is very soon ...
>>> |
>>> | Dale
>>> |
>>> | ----- Original Message -----
>>> | | From: "Lawrence Kellogg" <[hidden email]>
>>> | | To: "GemStone Seaside beta discussion" <[hidden email]>
>>> | | Sent: Tuesday, May 29, 2012 5:45:15 PM
>>> | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
>>> | |
>>> | | Hello,
>>> | | So, I would like to have my app renew itself on a canvas within
>>> | | Facebook. Unfortunately, they now require HTTPS connections to the
>>> | | app server. What can I do to support SSL through nginx to
>>> | | Seaside/GLASS? Am I out of luck?
>>> | |
>>> | |
>>> | | Larry
>>> | |
>>> | |
>>> |
>

Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Paul DeBruicker
http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html

On 05/30/2012 07:31 AM, Lawrence Kellogg wrote:

> Hello,
>    Thanks for the response. I've never used stunnel before so I'm a little confused.
>
>
> On May 29, 2012, at 10:59 PM, mail list wrote:
>
>> you can of course use stunnel with your existing application on gemstone to achieve what you want.
>>
>> eg: set a stunnel configruation file similar to:
>> client = yes
>> foreground = yes
>> debug = 7
>> [amazonses]
>> accept = 20011
>> connect = email.us-east-1.amazonaws.com:443
>>
>>
>
>    As far as I know, currently, nginx is listening on port 80, and then it forwards to FastCGI servers on 9001, 9002, 9003.
> Now, I have installed stunnel and opened up port 443 in the security group.
>
>    Do I need to monitor/forward another port in nginx?
>
>
>> And then connect to port 20011 on your local host via http to connect to amazon.
>>
>
> I don't know what this means, sorry.
>
>
>> (just remember that you may need to set the HOST paramater in the http call to the correct hostname- this is true for amazon).
>>
>
>    Where do I set the HOST parameter in the http call?
>
>    Larry
>
>
>
>> I think this is the simplest way to get things going and I am using it in production now.
>>
>> S.
>
>
>
>
>
>> On May 30, 2012, at 9:33 AM, Lawrence Kellogg wrote:
>>
>>> That would be great! Thanks, Dale!
>>>
>>> Sent from my iPhone
>>>
>>> On May 29, 2012, at 9:27 PM, Dale Henrichs<[hidden email]>  wrote:
>>>
>>>> If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ...
>>>>
>>>> Dale
>>>>
>>>> ----- Original Message -----
>>>> | From: "Dale Henrichs"<[hidden email]>
>>>> | To: "GemStone Seaside beta discussion"<[hidden email]>
>>>> | Sent: Tuesday, May 29, 2012 6:25:05 PM
>>>> | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
>>>> |
>>>> | Larry,
>>>> |
>>>> | I wonder if you can proxy https connections? I'm not a web-server
>>>> | guru, so I'm not the one to ask ...
>>>> |
>>>> | GemStone 3.1 will have SSL socket support, so you might consider
>>>> | upgrading to 3.1 when it becomes available, which is very soon ...
>>>> |
>>>> | Dale
>>>> |
>>>> | ----- Original Message -----
>>>> | | From: "Lawrence Kellogg"<[hidden email]>
>>>> | | To: "GemStone Seaside beta discussion"<[hidden email]>
>>>> | | Sent: Tuesday, May 29, 2012 5:45:15 PM
>>>> | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
>>>> | |
>>>> | | Hello,
>>>> | | So, I would like to have my app renew itself on a canvas within
>>>> | | Facebook. Unfortunately, they now require HTTPS connections to the
>>>> | | app server. What can I do to support SSL through nginx to
>>>> | | Seaside/GLASS? Am I out of luck?
>>>> | |
>>>> | |
>>>> | | Larry
>>>> | |
>>>> | |
>>>> |
>>
>

Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Dale Henrichs
Larry,

FWIW, I assume that in addition to basic SSL support, we'd need to port something like Zodiac[1] to GemStone 3.1 first ... so stunnel will probably be your best near term solution.

Dale

[1] https://github.com/svenvc/zodiac
----- Original Message -----
| From: "Paul DeBruicker" <[hidden email]>
| To: "GemStone Seaside beta discussion" <[hidden email]>
| Sent: Wednesday, May 30, 2012 8:07:59 AM
| Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
|
| http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html
|
| On 05/30/2012 07:31 AM, Lawrence Kellogg wrote:
| > Hello,
| >    Thanks for the response. I've never used stunnel before so I'm a
| >    little confused.
| >
| >
| > On May 29, 2012, at 10:59 PM, mail list wrote:
| >
| >> you can of course use stunnel with your existing application on
| >> gemstone to achieve what you want.
| >>
| >> eg: set a stunnel configruation file similar to:
| >> client = yes
| >> foreground = yes
| >> debug = 7
| >> [amazonses]
| >> accept = 20011
| >> connect = email.us-east-1.amazonaws.com:443
| >>
| >>
| >
| >    As far as I know, currently, nginx is listening on port 80, and
| >    then it forwards to FastCGI servers on 9001, 9002, 9003.
| > Now, I have installed stunnel and opened up port 443 in the
| > security group.
| >
| >    Do I need to monitor/forward another port in nginx?
| >
| >
| >> And then connect to port 20011 on your local host via http to
| >> connect to amazon.
| >>
| >
| > I don't know what this means, sorry.
| >
| >
| >> (just remember that you may need to set the HOST paramater in the
| >> http call to the correct hostname- this is true for amazon).
| >>
| >
| >    Where do I set the HOST parameter in the http call?
| >
| >    Larry
| >
| >
| >
| >> I think this is the simplest way to get things going and I am
| >> using it in production now.
| >>
| >> S.
| >
| >
| >
| >
| >
| >> On May 30, 2012, at 9:33 AM, Lawrence Kellogg wrote:
| >>
| >>> That would be great! Thanks, Dale!
| >>>
| >>> Sent from my iPhone
| >>>
| >>> On May 29, 2012, at 9:27 PM, Dale Henrichs<[hidden email]>
| >>>  wrote:
| >>>
| >>>> If you want to start playing with SSL and 3.1 I can make a
| >>>> pre-release engineering build available ...
| >>>>
| >>>> Dale
| >>>>
| >>>> ----- Original Message -----
| >>>> | From: "Dale Henrichs"<[hidden email]>
| >>>> | To: "GemStone Seaside beta
| >>>> | discussion"<[hidden email]>
| >>>> | Sent: Tuesday, May 29, 2012 6:25:05 PM
| >>>> | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app
| >>>> | through HTTPS
| >>>> |
| >>>> | Larry,
| >>>> |
| >>>> | I wonder if you can proxy https connections? I'm not a
| >>>> | web-server
| >>>> | guru, so I'm not the one to ask ...
| >>>> |
| >>>> | GemStone 3.1 will have SSL socket support, so you might
| >>>> | consider
| >>>> | upgrading to 3.1 when it becomes available, which is very soon
| >>>> | ...
| >>>> |
| >>>> | Dale
| >>>> |
| >>>> | ----- Original Message -----
| >>>> | | From: "Lawrence Kellogg"<[hidden email]>
| >>>> | | To: "GemStone Seaside beta
| >>>> | | discussion"<[hidden email]>
| >>>> | | Sent: Tuesday, May 29, 2012 5:45:15 PM
| >>>> | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through
| >>>> | | HTTPS
| >>>> | |
| >>>> | | Hello,
| >>>> | | So, I would like to have my app renew itself on a canvas
| >>>> | | within
| >>>> | | Facebook. Unfortunately, they now require HTTPS connections
| >>>> | | to the
| >>>> | | app server. What can I do to support SSL through nginx to
| >>>> | | Seaside/GLASS? Am I out of luck?
| >>>> | |
| >>>> | |
| >>>> | | Larry
| >>>> | |
| >>>> | |
| >>>> |
| >>
| >
|
|
Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Larry Kellogg
In reply to this post by Paul DeBruicker

On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote:


Paul,
Thanks for this link! I'm trying to understand what I have to do. 

So, as I read it, I won't use stunnel, but will instead use my fastcgi server and proxy to that. 

I added this line to my /etc/hosts file: 
127.0.0.1   secure_service
and I added a new server section to my nginx.conf file

server
{
server_name secure_service;

location /
{
}
}


I am trying to restart nginx with sudo -HUP nginx master pid, not sure if it is working. 

I opened up port 443 in my Amazon EC2 instance. 

So, should I be able to reach my server with https://servername, as before, right?

That doesn't seem to work so I must not have something set up right….

Larry

 



On 05/30/2012 07:31 AM, Lawrence Kellogg wrote:
Hello,
  Thanks for the response. I've never used stunnel before so I'm a little confused.


On May 29, 2012, at 10:59 PM, mail list wrote:

you can of course use stunnel with your existing application on gemstone to achieve what you want.

eg: set a stunnel configruation file similar to:
client = yes
foreground = yes
debug = 7
[amazonses]
accept = 20011
connect = email.us-east-1.amazonaws.com:443



  As far as I know, currently, nginx is listening on port 80, and then it forwards to FastCGI servers on 9001, 9002, 9003.
Now, I have installed stunnel and opened up port 443 in the security group.

  Do I need to monitor/forward another port in nginx?


And then connect to port 20011 on your local host via http to connect to amazon.


I don't know what this means, sorry.


(just remember that you may need to set the HOST paramater in the http call to the correct hostname- this is true for amazon).


  Where do I set the HOST parameter in the http call?

  Larry



I think this is the simplest way to get things going and I am using it in production now.

S.





On May 30, 2012, at 9:33 AM, Lawrence Kellogg wrote:

That would be great! Thanks, Dale!

Sent from my iPhone

On May 29, 2012, at 9:27 PM, Dale Henrichs<[hidden email]>  wrote:

If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ...

Dale

----- Original Message -----
| From: "Dale Henrichs"<[hidden email]>
| To: "GemStone Seaside beta discussion"<[hidden email]>
| Sent: Tuesday, May 29, 2012 6:25:05 PM
| Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
|
| Larry,
|
| I wonder if you can proxy https connections? I'm not a web-server
| guru, so I'm not the one to ask ...
|
| GemStone 3.1 will have SSL socket support, so you might consider
| upgrading to 3.1 when it becomes available, which is very soon ...
|
| Dale
|
| ----- Original Message -----
| | From: "Lawrence Kellogg"<[hidden email]>
| | To: "GemStone Seaside beta discussion"<[hidden email]>
| | Sent: Tuesday, May 29, 2012 5:45:15 PM
| | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
| |
| | Hello,
| | So, I would like to have my app renew itself on a canvas within
| | Facebook. Unfortunately, they now require HTTPS connections to the
| | app server. What can I do to support SSL through nginx to
| | Seaside/GLASS? Am I out of luck?
| |
| |
| | Larry
| |
| |
|




Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Larry Kellogg

On May 30, 2012, at 12:48 PM, Lawrence Kellogg wrote:


On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote:


Paul,
Thanks for this link! I'm trying to understand what I have to do. 

So, as I read it, I won't use stunnel, but will instead use my fastcgi server and proxy to that. 

I added this line to my /etc/hosts file: 
127.0.0.1   secure_service
Is it ok to have this in the hosts file? 

127.0.0.1   localhost localhost.localdomain
127.0.0.1   secure_service



and I added a new server section to my nginx.conf file

server
{
server_name secure_service;

location /
{
}
}



Is the proxy_pass the name of my amazon server, like this: 


?

Boy, I am confused as to what is going on. Safari says that it can't reach my non-http server from the https server. 

Larry




I am trying to restart nginx with sudo -HUP nginx master pid, not sure if it is working. 

I opened up port 443 in my Amazon EC2 instance. 

So, should I be able to reach my server with https://servername, as before, right?

That doesn't seem to work so I must not have something set up right….

Larry

 



On 05/30/2012 07:31 AM, Lawrence Kellogg wrote:
Hello,
  Thanks for the response. I've never used stunnel before so I'm a little confused.


On May 29, 2012, at 10:59 PM, mail list wrote:

you can of course use stunnel with your existing application on gemstone to achieve what you want.

eg: set a stunnel configruation file similar to:
client = yes
foreground = yes
debug = 7
[amazonses]
accept = 20011
connect = email.us-east-1.amazonaws.com:443



  As far as I know, currently, nginx is listening on port 80, and then it forwards to FastCGI servers on 9001, 9002, 9003.
Now, I have installed stunnel and opened up port 443 in the security group.

  Do I need to monitor/forward another port in nginx?


And then connect to port 20011 on your local host via http to connect to amazon.


I don't know what this means, sorry.


(just remember that you may need to set the HOST paramater in the http call to the correct hostname- this is true for amazon).


  Where do I set the HOST parameter in the http call?

  Larry



I think this is the simplest way to get things going and I am using it in production now.

S.





On May 30, 2012, at 9:33 AM, Lawrence Kellogg wrote:

That would be great! Thanks, Dale!

Sent from my iPhone

On May 29, 2012, at 9:27 PM, Dale Henrichs<[hidden email]>  wrote:

If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ...

Dale

----- Original Message -----
| From: "Dale Henrichs"<[hidden email]>
| To: "GemStone Seaside beta discussion"<[hidden email]>
| Sent: Tuesday, May 29, 2012 6:25:05 PM
| Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
|
| Larry,
|
| I wonder if you can proxy https connections? I'm not a web-server
| guru, so I'm not the one to ask ...
|
| GemStone 3.1 will have SSL socket support, so you might consider
| upgrading to 3.1 when it becomes available, which is very soon ...
|
| Dale
|
| ----- Original Message -----
| | From: "Lawrence Kellogg"<[hidden email]>
| | To: "GemStone Seaside beta discussion"<[hidden email]>
| | Sent: Tuesday, May 29, 2012 5:45:15 PM
| | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS
| |
| | Hello,
| | So, I would like to have my app renew itself on a canvas within
| | Facebook. Unfortunately, they now require HTTPS connections to the
| | app server. What can I do to support SSL through nginx to
| | Seaside/GLASS? Am I out of luck?
| |
| |
| | Larry
| |
| |
|





Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Paul DeBruicker
I'm sorry.  I don't understand what you're trying to achieve.  Do you
want to use smalltalk to access an https-only service? OR do you want
other clients (your users/facebook) to be able to access your Seaside
app using HTTPS from their browsers?



If you want the first then the link I sent has the info you need.



If its the second just set Nginx up as an https reverse proxy.

Try these links:

http://nginx.org/en/docs/http/configuring_https_servers.html
http://wiki.nginx.org/HttpSslModule

You'll of course need to get an SSL cert and get it set up properly on
your server and google has lots of articles about that.




On 05/30/2012 11:01 AM, Lawrence Kellogg wrote:

>
> On May 30, 2012, at 12:48 PM, Lawrence Kellogg wrote:
>
>>
>> On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote:
>>
>>> http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html
>>>
>>
>> Paul,
>> Thanks for this link! I'm trying to understand what I have to do.
>>
>> So, as I read it, I won't use stunnel, but will instead use my fastcgi
>> server and proxy to that.
>>
>> I added this line to my /etc/hosts file:
>> |127.0.0.1   secure_service|
> Is it ok to have this in the hosts file?
>
> 127.0.0.1 localhost localhost.localdomain
> 127.0.0.1 secure_service
>
>
>
>> and I added a new server section to my nginx.conf file
>>
>> server
>> {
>> server_name secure_service;
>>
>> location /
>> {
>> proxy_pass https://api.secure_service.com;
>> }
>> }
>>
>
>
> Is the proxy_pass the name of my amazon server, like this:
>
> https://ec2-nnn-nn-n-nnn.compute-1.amazonaws.com
>
> ?
>
> Boy, I am confused as to what is going on. Safari says that it can't
> reach my non-http server from the https server.
>
> Larry
>
>
>
>>
>> I am trying to restart nginx with sudo -HUP nginx master pid, not sure
>> if it is working.
>>
>> I opened up port 443 in my Amazon EC2 instance.
>>
>> So, should I be able to reach my server with https://servername
>> <https://servername/>, as before, right?
>>
>> That doesn't seem to work so I must not have something set up right….
>>
>> Larry
>>
Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Larry Kellogg

On May 30, 2012, at 2:18 PM, Paul DeBruicker wrote:

> I'm sorry.  I don't understand what you're trying to achieve.  Do you want to use smalltalk to access an https-only service? OR do you want other clients (your users/facebook) to be able to access your Seaside app using HTTPS from their browsers?
>

  Ah, it's the second one, not the first one, that's the trouble. I need Facebook and other users to access my Seaside app through HTTPS because Facebook now requires communication to all apps through HTTPS.

>
>
> If you want the first then the link I sent has the info you need.
>
>
>
> If its the second just set Nginx up as an https reverse proxy.
>
> Try these links:
>
> http://nginx.org/en/docs/http/configuring_https_servers.html
> http://wiki.nginx.org/HttpSslModule
>

 Thanks for the links.

> You'll of course need to get an SSL cert and get it set up properly on your server and google has lots of articles about that.
>
>

   I was wondering when certificates would come into the picture. I'll give it a try….

  Larry



>
>
> On 05/30/2012 11:01 AM, Lawrence Kellogg wrote:
>>
>> On May 30, 2012, at 12:48 PM, Lawrence Kellogg wrote:
>>
>>>
>>> On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote:
>>>
>>>> http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html
>>>>
>>>
>>> Paul,
>>> Thanks for this link! I'm trying to understand what I have to do.
>>>
>>> So, as I read it, I won't use stunnel, but will instead use my fastcgi
>>> server and proxy to that.
>>>
>>> I added this line to my /etc/hosts file:
>>> |127.0.0.1   secure_service|
>> Is it ok to have this in the hosts file?
>>
>> 127.0.0.1 localhost localhost.localdomain
>> 127.0.0.1 secure_service
>>
>>
>>
>>> and I added a new server section to my nginx.conf file
>>>
>>> server
>>> {
>>> server_name secure_service;
>>>
>>> location /
>>> {
>>> proxy_pass https://api.secure_service.com;
>>> }
>>> }
>>>
>>
>>
>> Is the proxy_pass the name of my amazon server, like this:
>>
>> https://ec2-nnn-nn-n-nnn.compute-1.amazonaws.com
>>
>> ?
>>
>> Boy, I am confused as to what is going on. Safari says that it can't
>> reach my non-http server from the https server.
>>
>> Larry
>>
>>
>>
>>>
>>> I am trying to restart nginx with sudo -HUP nginx master pid, not sure
>>> if it is working.
>>>
>>> I opened up port 443 in my Amazon EC2 instance.
>>>
>>> So, should I be able to reach my server with https://servername
>>> <https://servername/>, as before, right?
>>>
>>> That doesn't seem to work so I must not have something set up right….
>>>
>>> Larry
>>>

Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

SeanTAllen
In reply to this post by Larry Kellogg
Hi, I wrote the article being referenced.

Can you post the contents of your nginx.conf and hosts file?

-Sean-
Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Paul DeBruicker
In reply to this post by Larry Kellogg

And since its the second option you don't need to worry about Zodiac or
SSL from within smalltalk/seaside.  You can just use HTTP/FastCGI
between nginx and gemstone and have nginx speak HTTP/HTTPS to the
outside world.


https://www.startssl.com has free certs that work fine.


On 05/30/2012 11:53 AM, Lawrence Kellogg wrote:

>
> On May 30, 2012, at 2:18 PM, Paul DeBruicker wrote:
>
>> I'm sorry.  I don't understand what you're trying to achieve.  Do you want to use smalltalk to access an https-only service? OR do you want other clients (your users/facebook) to be able to access your Seaside app using HTTPS from their browsers?
>>
>
>    Ah, it's the second one, not the first one, that's the trouble. I need Facebook and other users to access my Seaside app through HTTPS because Facebook now requires communication to all apps through HTTPS.
>
>>
>>
>> If you want the first then the link I sent has the info you need.
>>
>>
>>
>> If its the second just set Nginx up as an https reverse proxy.
>>
>> Try these links:
>>
>> http://nginx.org/en/docs/http/configuring_https_servers.html
>> http://wiki.nginx.org/HttpSslModule
>>
>
>   Thanks for the links.
>
>> You'll of course need to get an SSL cert and get it set up properly on your server and google has lots of articles about that.
>>
>>
>
>     I was wondering when certificates would come into the picture. I'll give it a try….
>
>    Larry
>
>
>
>>
>>
>> On 05/30/2012 11:01 AM, Lawrence Kellogg wrote:
>>>
>>> On May 30, 2012, at 12:48 PM, Lawrence Kellogg wrote:
>>>
>>>>
>>>> On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote:
>>>>
>>>>> http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html
>>>>>
>>>>
>>>> Paul,
>>>> Thanks for this link! I'm trying to understand what I have to do.
>>>>
>>>> So, as I read it, I won't use stunnel, but will instead use my fastcgi
>>>> server and proxy to that.
>>>>
>>>> I added this line to my /etc/hosts file:
>>>> |127.0.0.1   secure_service|
>>> Is it ok to have this in the hosts file?
>>>
>>> 127.0.0.1 localhost localhost.localdomain
>>> 127.0.0.1 secure_service
>>>
>>>
>>>
>>>> and I added a new server section to my nginx.conf file
>>>>
>>>> server
>>>> {
>>>> server_name secure_service;
>>>>
>>>> location /
>>>> {
>>>> proxy_pass https://api.secure_service.com;
>>>> }
>>>> }
>>>>
>>>
>>>
>>> Is the proxy_pass the name of my amazon server, like this:
>>>
>>> https://ec2-nnn-nn-n-nnn.compute-1.amazonaws.com
>>>
>>> ?
>>>
>>> Boy, I am confused as to what is going on. Safari says that it can't
>>> reach my non-http server from the https server.
>>>
>>> Larry
>>>
>>>
>>>
>>>>
>>>> I am trying to restart nginx with sudo -HUP nginx master pid, not sure
>>>> if it is working.
>>>>
>>>> I opened up port 443 in my Amazon EC2 instance.
>>>>
>>>> So, should I be able to reach my server with https://servername
>>>> <https://servername/>, as before, right?
>>>>
>>>> That doesn't seem to work so I must not have something set up right….
>>>>
>>>> Larry
>>>>
>

Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Larry Kellogg
In reply to this post by SeanTAllen

On May 30, 2012, at 2:59 PM, SeanTAllen wrote:

> Hi, I wrote the article being referenced.
>
> Can you post the contents of your nginx.conf and hosts file?
>

Hello Sean,
  Thanks for offering to help, but I got it to work. This link:

http://wiki.nginx.org/HttpSslModule

was especially helpful in leading me through all of the steps to create the certificate and change the nginx.conf so that my service
could be reachable from HTTPS. I now render my app on Facebook within a Facebook canvas. I hope this brings me a ton of new users!

Thanks to all who helped!

Larry


> -Sean-
>
> --
> View this message in context: http://forum.world.st/HTTPClient-for-GLASS-3-0-1-tp4617651p4632535.html
> Sent from the GLASS mailing list archive at Nabble.com.

Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Larry Kellogg
In reply to this post by Paul DeBruicker

On May 30, 2012, at 3:25 PM, Paul DeBruicker wrote:

>
> And since its the second option you don't need to worry about Zodiac or SSL from within smalltalk/seaside.  You can just use HTTP/FastCGI between nginx and gemstone and have nginx speak HTTP/HTTPS to the outside world.
>
>
> https://www.startssl.com has free certs that work fine.
>


   Do i need to use one of these free certs? I created a certificate as outlined here: http://wiki.nginx.org/HttpSslModule 
and it worked from Facebook, although the browser does ask to continue when it hits the certificate. I guess my users
will be faced with the same decision if they access my app from within, Facebook, but I don't know for sure. Is this a problem?


  Larry




>
> On 05/30/2012 11:53 AM, Lawrence Kellogg wrote:
>>
>> On May 30, 2012, at 2:18 PM, Paul DeBruicker wrote:
>>
>>> I'm sorry.  I don't understand what you're trying to achieve.  Do you want to use smalltalk to access an https-only service? OR do you want other clients (your users/facebook) to be able to access your Seaside app using HTTPS from their browsers?
>>>
>>
>>   Ah, it's the second one, not the first one, that's the trouble. I need Facebook and other users to access my Seaside app through HTTPS because Facebook now requires communication to all apps through HTTPS.
>>
>>>
>>>
>>> If you want the first then the link I sent has the info you need.
>>>
>>>
>>>
>>> If its the second just set Nginx up as an https reverse proxy.
>>>
>>> Try these links:
>>>
>>> http://nginx.org/en/docs/http/configuring_https_servers.html
>>> http://wiki.nginx.org/HttpSslModule
>>>
>>
>>  Thanks for the links.
>>
>>> You'll of course need to get an SSL cert and get it set up properly on your server and google has lots of articles about that.
>>>
>>>
>>
>>    I was wondering when certificates would come into the picture. I'll give it a try….
>>
>>   Larry
>>
>>
>>
>>>
>>>
>>> On 05/30/2012 11:01 AM, Lawrence Kellogg wrote:
>>>>
>>>> On May 30, 2012, at 12:48 PM, Lawrence Kellogg wrote:
>>>>
>>>>>
>>>>> On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote:
>>>>>
>>>>>> http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html
>>>>>>
>>>>>
>>>>> Paul,
>>>>> Thanks for this link! I'm trying to understand what I have to do.
>>>>>
>>>>> So, as I read it, I won't use stunnel, but will instead use my fastcgi
>>>>> server and proxy to that.
>>>>>
>>>>> I added this line to my /etc/hosts file:
>>>>> |127.0.0.1   secure_service|
>>>> Is it ok to have this in the hosts file?
>>>>
>>>> 127.0.0.1 localhost localhost.localdomain
>>>> 127.0.0.1 secure_service
>>>>
>>>>
>>>>
>>>>> and I added a new server section to my nginx.conf file
>>>>>
>>>>> server
>>>>> {
>>>>> server_name secure_service;
>>>>>
>>>>> location /
>>>>> {
>>>>> proxy_pass https://api.secure_service.com;
>>>>> }
>>>>> }
>>>>>
>>>>
>>>>
>>>> Is the proxy_pass the name of my amazon server, like this:
>>>>
>>>> https://ec2-nnn-nn-n-nnn.compute-1.amazonaws.com
>>>>
>>>> ?
>>>>
>>>> Boy, I am confused as to what is going on. Safari says that it can't
>>>> reach my non-http server from the https server.
>>>>
>>>> Larry
>>>>
>>>>
>>>>
>>>>>
>>>>> I am trying to restart nginx with sudo -HUP nginx master pid, not sure
>>>>> if it is working.
>>>>>
>>>>> I opened up port 443 in my Amazon EC2 instance.
>>>>>
>>>>> So, should I be able to reach my server with https://servername
>>>>> <https://servername/>, as before, right?
>>>>>
>>>>> That doesn't seem to work so I must not have something set up right….
>>>>>
>>>>> Larry
>>>>>
>>
>

Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

SeanTAllen
In reply to this post by Larry Kellogg
Ah so you got the nginx proxying http to https working but you also needed to take incoming https requests, correct?


On Wed, May 30, 2012 at 3:27 PM, Lawrence Kellogg <[hidden email]> wrote:

On May 30, 2012, at 2:59 PM, SeanTAllen wrote:

> Hi, I wrote the article being referenced.
>
> Can you post the contents of your nginx.conf and hosts file?
>

Hello Sean,
 Thanks for offering to help, but I got it to work. This link:

http://wiki.nginx.org/HttpSslModule

was especially helpful in leading me through all of the steps to create the certificate and change the nginx.conf so that my service
could be reachable from HTTPS. I now render my app on Facebook within a Facebook canvas. I hope this brings me a ton of new users!

Thanks to all who helped!

Larry


> -Sean-
>
> --
> View this message in context: http://forum.world.st/HTTPClient-for-GLASS-3-0-1-tp4617651p4632535.html
> Sent from the GLASS mailing list archive at Nabble.com.


Reply | Threaded
Open this post in threaded view
|

Re: Accessing my Seaside/GLASS app through HTTPS

Larry Kellogg

On May 30, 2012, at 3:38 PM, Sean Allen wrote:

Ah so you got the nginx proxying http to https working but you also needed to take incoming https requests, correct?


  Yes, well, all incoming https requests get referred to Seaside, with the same forwarding that was going on for http requests, 
if I did this right. Everything seems to work, I can run my app from https through a Facebook canvas, where all traffic has to be https. 

I think I'm all set unless I'm missing something. 

  If you guys are on Facebook, you can search for the PracticeMusic app and connect to it in order to see if it comes up. 
Do you get asked a question about certificates? 

  Larry




On Wed, May 30, 2012 at 3:27 PM, Lawrence Kellogg <[hidden email]> wrote:

On May 30, 2012, at 2:59 PM, SeanTAllen wrote:

> Hi, I wrote the article being referenced.
>
> Can you post the contents of your nginx.conf and hosts file?
>

Hello Sean,
 Thanks for offering to help, but I got it to work. This link:

http://wiki.nginx.org/HttpSslModule

was especially helpful in leading me through all of the steps to create the certificate and change the nginx.conf so that my service
could be reachable from HTTPS. I now render my app on Facebook within a Facebook canvas. I hope this brings me a ton of new users!

Thanks to all who helped!

Larry


> -Sean-
>
> --
> View this message in context: http://forum.world.st/HTTPClient-for-GLASS-3-0-1-tp4617651p4632535.html
> Sent from the GLASS mailing list archive at Nabble.com.



12