HTTPClient for GLASS 3.0.1
Locked
12
12
HTTPClient for GLASS 3.0.1
 
|
Hi, I need to send an HTTPPost request to validate a captcha. I was
using Hyper (HyHTTPClient) in previous versions of GLASS. Is it possible to use Hyper with 3.0.1? I'm having problems trying to load it. Which is the simplest way to do a post? Thanks! Sebastian |
|
|
Sebastian,
I haven't ported Hyper to 3.0 ... these days I think that Zinc is the better alternative. Paul DeBruicker did a port a while ago (ConfigurationOfZincHTTPComponents inSqueakSource MetacelloRepository). Most of the tests passed and most of the important functionality was present ... it does end up dirtying some of the GLASS packages (clean at the time of the port), so there is some work pending to make another pass. I've talked to Sven Van Caekenberghe and he is willing to put Zinc (and Zodiac) up on git hub, where we can mount a collaborative effort to port the latest and greatest code to GemStone ... With all of that said, it shouldn't be that hard to get Hyper ported to 3.0. Take a quick look at Zinc ... if it looks like you can't easily use it, let me know and I'll take a stab at a Hyper port ... Dale ----- Original Message ----- | From: "Sebastian Van Lacke" <[hidden email]> | To: [hidden email] | Sent: Tuesday, May 8, 2012 7:32:16 AM | Subject: [GS/SS Beta] HTTPClient for GLASS 3.0.1 | | Hi, I need to send an HTTPPost request to validate a captcha. I was | using Hyper (HyHTTPClient) in previous versions of GLASS. | | Is it possible to use Hyper with 3.0.1? I'm having problems trying to | load it. | | Which is the simplest way to do a post? | | Thanks! | | Sebastian | |
Accessing my Seaside/GLASS app through HTTPS
|
|
Hello,
So, I would like to have my app renew itself on a canvas within Facebook. Unfortunately, they now require HTTPS connections to the app server. What can I do to support SSL through nginx to Seaside/GLASS? Am I out of luck? Larry |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
Larry,
I wonder if you can proxy https connections? I'm not a web-server guru, so I'm not the one to ask ... GemStone 3.1 will have SSL socket support, so you might consider upgrading to 3.1 when it becomes available, which is very soon ... Dale ----- Original Message ----- | From: "Lawrence Kellogg" <[hidden email]> | To: "GemStone Seaside beta discussion" <[hidden email]> | Sent: Tuesday, May 29, 2012 5:45:15 PM | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS | | Hello, | So, I would like to have my app renew itself on a canvas within | Facebook. Unfortunately, they now require HTTPS connections to the | app server. What can I do to support SSL through nginx to | Seaside/GLASS? Am I out of luck? | | | Larry | | |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ...
Dale ----- Original Message ----- | From: "Dale Henrichs" <[hidden email]> | To: "GemStone Seaside beta discussion" <[hidden email]> | Sent: Tuesday, May 29, 2012 6:25:05 PM | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS | | Larry, | | I wonder if you can proxy https connections? I'm not a web-server | guru, so I'm not the one to ask ... | | GemStone 3.1 will have SSL socket support, so you might consider | upgrading to 3.1 when it becomes available, which is very soon ... | | Dale | | ----- Original Message ----- | | From: "Lawrence Kellogg" <[hidden email]> | | To: "GemStone Seaside beta discussion" <[hidden email]> | | Sent: Tuesday, May 29, 2012 5:45:15 PM | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS | | | | Hello, | | So, I would like to have my app renew itself on a canvas within | | Facebook. Unfortunately, they now require HTTPS connections to the | | app server. What can I do to support SSL through nginx to | | Seaside/GLASS? Am I out of luck? | | | | | | Larry | | | | | |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
That would be great! Thanks, Dale!
Sent from my iPhone On May 29, 2012, at 9:27 PM, Dale Henrichs <[hidden email]> wrote: > If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ... > > Dale > > ----- Original Message ----- > | From: "Dale Henrichs" <[hidden email]> > | To: "GemStone Seaside beta discussion" <[hidden email]> > | Sent: Tuesday, May 29, 2012 6:25:05 PM > | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS > | > | Larry, > | > | I wonder if you can proxy https connections? I'm not a web-server > | guru, so I'm not the one to ask ... > | > | GemStone 3.1 will have SSL socket support, so you might consider > | upgrading to 3.1 when it becomes available, which is very soon ... > | > | Dale > | > | ----- Original Message ----- > | | From: "Lawrence Kellogg" <[hidden email]> > | | To: "GemStone Seaside beta discussion" <[hidden email]> > | | Sent: Tuesday, May 29, 2012 5:45:15 PM > | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS > | | > | | Hello, > | | So, I would like to have my app renew itself on a canvas within > | | Facebook. Unfortunately, they now require HTTPS connections to the > | | app server. What can I do to support SSL through nginx to > | | Seaside/GLASS? Am I out of luck? > | | > | | > | | Larry > | | > | | > | |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
you can of course use stunnel with your existing application on gemstone to achieve what you want.
eg: set a stunnel configruation file similar to: client = yes foreground = yes debug = 7 [amazonses] accept = 20011 connect = email.us-east-1.amazonaws.com:443 And then connect to port 20011 on your local host via http to connect to amazon. (just remember that you may need to set the HOST paramater in the http call to the correct hostname- this is true for amazon). I think this is the simplest way to get things going and I am using it in production now. S. On May 30, 2012, at 9:33 AM, Lawrence Kellogg wrote: > That would be great! Thanks, Dale! > > Sent from my iPhone > > On May 29, 2012, at 9:27 PM, Dale Henrichs <[hidden email]> wrote: > >> If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ... >> >> Dale >> >> ----- Original Message ----- >> | From: "Dale Henrichs" <[hidden email]> >> | To: "GemStone Seaside beta discussion" <[hidden email]> >> | Sent: Tuesday, May 29, 2012 6:25:05 PM >> | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS >> | >> | Larry, >> | >> | I wonder if you can proxy https connections? I'm not a web-server >> | guru, so I'm not the one to ask ... >> | >> | GemStone 3.1 will have SSL socket support, so you might consider >> | upgrading to 3.1 when it becomes available, which is very soon ... >> | >> | Dale >> | >> | ----- Original Message ----- >> | | From: "Lawrence Kellogg" <[hidden email]> >> | | To: "GemStone Seaside beta discussion" <[hidden email]> >> | | Sent: Tuesday, May 29, 2012 5:45:15 PM >> | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS >> | | >> | | Hello, >> | | So, I would like to have my app renew itself on a canvas within >> | | Facebook. Unfortunately, they now require HTTPS connections to the >> | | app server. What can I do to support SSL through nginx to >> | | Seaside/GLASS? Am I out of luck? >> | | >> | | >> | | Larry >> | | >> | | >> | |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
Hello,
Thanks for the response. I've never used stunnel before so I'm a little confused. On May 29, 2012, at 10:59 PM, mail list wrote: > you can of course use stunnel with your existing application on gemstone to achieve what you want. > > eg: set a stunnel configruation file similar to: > client = yes > foreground = yes > debug = 7 > [amazonses] > accept = 20011 > connect = email.us-east-1.amazonaws.com:443 > > As far as I know, currently, nginx is listening on port 80, and then it forwards to FastCGI servers on 9001, 9002, 9003. Now, I have installed stunnel and opened up port 443 in the security group. Do I need to monitor/forward another port in nginx? > And then connect to port 20011 on your local host via http to connect to amazon. > I don't know what this means, sorry. > (just remember that you may need to set the HOST paramater in the http call to the correct hostname- this is true for amazon). > Where do I set the HOST parameter in the http call? Larry > I think this is the simplest way to get things going and I am using it in production now. > > S. > On May 30, 2012, at 9:33 AM, Lawrence Kellogg wrote: > >> That would be great! Thanks, Dale! >> >> Sent from my iPhone >> >> On May 29, 2012, at 9:27 PM, Dale Henrichs <[hidden email]> wrote: >> >>> If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ... >>> >>> Dale >>> >>> ----- Original Message ----- >>> | From: "Dale Henrichs" <[hidden email]> >>> | To: "GemStone Seaside beta discussion" <[hidden email]> >>> | Sent: Tuesday, May 29, 2012 6:25:05 PM >>> | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS >>> | >>> | Larry, >>> | >>> | I wonder if you can proxy https connections? I'm not a web-server >>> | guru, so I'm not the one to ask ... >>> | >>> | GemStone 3.1 will have SSL socket support, so you might consider >>> | upgrading to 3.1 when it becomes available, which is very soon ... >>> | >>> | Dale >>> | >>> | ----- Original Message ----- >>> | | From: "Lawrence Kellogg" <[hidden email]> >>> | | To: "GemStone Seaside beta discussion" <[hidden email]> >>> | | Sent: Tuesday, May 29, 2012 5:45:15 PM >>> | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS >>> | | >>> | | Hello, >>> | | So, I would like to have my app renew itself on a canvas within >>> | | Facebook. Unfortunately, they now require HTTPS connections to the >>> | | app server. What can I do to support SSL through nginx to >>> | | Seaside/GLASS? Am I out of luck? >>> | | >>> | | >>> | | Larry >>> | | >>> | | >>> | > |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html
On 05/30/2012 07:31 AM, Lawrence Kellogg wrote: > Hello, > Thanks for the response. I've never used stunnel before so I'm a little confused. > > > On May 29, 2012, at 10:59 PM, mail list wrote: > >> you can of course use stunnel with your existing application on gemstone to achieve what you want. >> >> eg: set a stunnel configruation file similar to: >> client = yes >> foreground = yes >> debug = 7 >> [amazonses] >> accept = 20011 >> connect = email.us-east-1.amazonaws.com:443 >> >> > > As far as I know, currently, nginx is listening on port 80, and then it forwards to FastCGI servers on 9001, 9002, 9003. > Now, I have installed stunnel and opened up port 443 in the security group. > > Do I need to monitor/forward another port in nginx? > > >> And then connect to port 20011 on your local host via http to connect to amazon. >> > > I don't know what this means, sorry. > > >> (just remember that you may need to set the HOST paramater in the http call to the correct hostname- this is true for amazon). >> > > Where do I set the HOST parameter in the http call? > > Larry > > > >> I think this is the simplest way to get things going and I am using it in production now. >> >> S. > > > > > >> On May 30, 2012, at 9:33 AM, Lawrence Kellogg wrote: >> >>> That would be great! Thanks, Dale! >>> >>> Sent from my iPhone >>> >>> On May 29, 2012, at 9:27 PM, Dale Henrichs<[hidden email]> wrote: >>> >>>> If you want to start playing with SSL and 3.1 I can make a pre-release engineering build available ... >>>> >>>> Dale >>>> >>>> ----- Original Message ----- >>>> | From: "Dale Henrichs"<[hidden email]> >>>> | To: "GemStone Seaside beta discussion"<[hidden email]> >>>> | Sent: Tuesday, May 29, 2012 6:25:05 PM >>>> | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS >>>> | >>>> | Larry, >>>> | >>>> | I wonder if you can proxy https connections? I'm not a web-server >>>> | guru, so I'm not the one to ask ... >>>> | >>>> | GemStone 3.1 will have SSL socket support, so you might consider >>>> | upgrading to 3.1 when it becomes available, which is very soon ... >>>> | >>>> | Dale >>>> | >>>> | ----- Original Message ----- >>>> | | From: "Lawrence Kellogg"<[hidden email]> >>>> | | To: "GemStone Seaside beta discussion"<[hidden email]> >>>> | | Sent: Tuesday, May 29, 2012 5:45:15 PM >>>> | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS >>>> | | >>>> | | Hello, >>>> | | So, I would like to have my app renew itself on a canvas within >>>> | | Facebook. Unfortunately, they now require HTTPS connections to the >>>> | | app server. What can I do to support SSL through nginx to >>>> | | Seaside/GLASS? Am I out of luck? >>>> | | >>>> | | >>>> | | Larry >>>> | | >>>> | | >>>> | >> > |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
Larry,
FWIW, I assume that in addition to basic SSL support, we'd need to port something like Zodiac[1] to GemStone 3.1 first ... so stunnel will probably be your best near term solution. Dale [1] https://github.com/svenvc/zodiac ----- Original Message ----- | From: "Paul DeBruicker" <[hidden email]> | To: "GemStone Seaside beta discussion" <[hidden email]> | Sent: Wednesday, May 30, 2012 8:07:59 AM | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app through HTTPS | | http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html | | On 05/30/2012 07:31 AM, Lawrence Kellogg wrote: | > Hello, | > Thanks for the response. I've never used stunnel before so I'm a | > little confused. | > | > | > On May 29, 2012, at 10:59 PM, mail list wrote: | > | >> you can of course use stunnel with your existing application on | >> gemstone to achieve what you want. | >> | >> eg: set a stunnel configruation file similar to: | >> client = yes | >> foreground = yes | >> debug = 7 | >> [amazonses] | >> accept = 20011 | >> connect = email.us-east-1.amazonaws.com:443 | >> | >> | > | > As far as I know, currently, nginx is listening on port 80, and | > then it forwards to FastCGI servers on 9001, 9002, 9003. | > Now, I have installed stunnel and opened up port 443 in the | > security group. | > | > Do I need to monitor/forward another port in nginx? | > | > | >> And then connect to port 20011 on your local host via http to | >> connect to amazon. | >> | > | > I don't know what this means, sorry. | > | > | >> (just remember that you may need to set the HOST paramater in the | >> http call to the correct hostname- this is true for amazon). | >> | > | > Where do I set the HOST parameter in the http call? | > | > Larry | > | > | > | >> I think this is the simplest way to get things going and I am | >> using it in production now. | >> | >> S. | > | > | > | > | > | >> On May 30, 2012, at 9:33 AM, Lawrence Kellogg wrote: | >> | >>> That would be great! Thanks, Dale! | >>> | >>> Sent from my iPhone | >>> | >>> On May 29, 2012, at 9:27 PM, Dale Henrichs<[hidden email]> | >>> wrote: | >>> | >>>> If you want to start playing with SSL and 3.1 I can make a | >>>> pre-release engineering build available ... | >>>> | >>>> Dale | >>>> | >>>> ----- Original Message ----- | >>>> | From: "Dale Henrichs"<[hidden email]> | >>>> | To: "GemStone Seaside beta | >>>> | discussion"<[hidden email]> | >>>> | Sent: Tuesday, May 29, 2012 6:25:05 PM | >>>> | Subject: Re: [GS/SS Beta] Accessing my Seaside/GLASS app | >>>> | through HTTPS | >>>> | | >>>> | Larry, | >>>> | | >>>> | I wonder if you can proxy https connections? I'm not a | >>>> | web-server | >>>> | guru, so I'm not the one to ask ... | >>>> | | >>>> | GemStone 3.1 will have SSL socket support, so you might | >>>> | consider | >>>> | upgrading to 3.1 when it becomes available, which is very soon | >>>> | ... | >>>> | | >>>> | Dale | >>>> | | >>>> | ----- Original Message ----- | >>>> | | From: "Lawrence Kellogg"<[hidden email]> | >>>> | | To: "GemStone Seaside beta | >>>> | | discussion"<[hidden email]> | >>>> | | Sent: Tuesday, May 29, 2012 5:45:15 PM | >>>> | | Subject: [GS/SS Beta] Accessing my Seaside/GLASS app through | >>>> | | HTTPS | >>>> | | | >>>> | | Hello, | >>>> | | So, I would like to have my app renew itself on a canvas | >>>> | | within | >>>> | | Facebook. Unfortunately, they now require HTTPS connections | >>>> | | to the | >>>> | | app server. What can I do to support SSL through nginx to | >>>> | | Seaside/GLASS? Am I out of luck? | >>>> | | | >>>> | | | >>>> | | Larry | >>>> | | | >>>> | | | >>>> | | >> | > | | |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
In reply to this post by Paul DeBruicker
On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote: Paul, Thanks for this link! I'm trying to understand what I have to do. So, as I read it, I won't use stunnel, but will instead use my fastcgi server and proxy to that. I added this line to my /etc/hosts file: and I added a new server section to my nginx.conf file I am trying to restart nginx with sudo -HUP nginx master pid, not sure if it is working. I opened up port 443 in my Amazon EC2 instance. So, should I be able to reach my server with https://servername, as before, right? That doesn't seem to work so I must not have something set up right…. Larry
|
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
On May 30, 2012, at 12:48 PM, Lawrence Kellogg wrote:
Is it ok to have this in the hosts file? 127.0.0.1 localhost localhost.localdomain 127.0.0.1 secure_service
Is the proxy_pass the name of my amazon server, like this: ? Boy, I am confused as to what is going on. Safari says that it can't reach my non-http server from the https server. Larry
|
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
I'm sorry. I don't understand what you're trying to achieve. Do you
want to use smalltalk to access an https-only service? OR do you want other clients (your users/facebook) to be able to access your Seaside app using HTTPS from their browsers? If you want the first then the link I sent has the info you need. If its the second just set Nginx up as an https reverse proxy. Try these links: http://nginx.org/en/docs/http/configuring_https_servers.html http://wiki.nginx.org/HttpSslModule You'll of course need to get an SSL cert and get it set up properly on your server and google has lots of articles about that. On 05/30/2012 11:01 AM, Lawrence Kellogg wrote: > > On May 30, 2012, at 12:48 PM, Lawrence Kellogg wrote: > >> >> On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote: >> >>> http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html >>> >> >> Paul, >> Thanks for this link! I'm trying to understand what I have to do. >> >> So, as I read it, I won't use stunnel, but will instead use my fastcgi >> server and proxy to that. >> >> I added this line to my /etc/hosts file: >> |127.0.0.1 secure_service| > Is it ok to have this in the hosts file? > > 127.0.0.1 localhost localhost.localdomain > 127.0.0.1 secure_service > > > >> and I added a new server section to my nginx.conf file >> >> server >> { >> server_name secure_service; >> >> location / >> { >> proxy_pass https://api.secure_service.com; >> } >> } >> > > > Is the proxy_pass the name of my amazon server, like this: > > https://ec2-nnn-nn-n-nnn.compute-1.amazonaws.com > > ? > > Boy, I am confused as to what is going on. Safari says that it can't > reach my non-http server from the https server. > > Larry > > > >> >> I am trying to restart nginx with sudo -HUP nginx master pid, not sure >> if it is working. >> >> I opened up port 443 in my Amazon EC2 instance. >> >> So, should I be able to reach my server with https://servername >> <https://servername/>, as before, right? >> >> That doesn't seem to work so I must not have something set up right…. >> >> Larry >> |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
On May 30, 2012, at 2:18 PM, Paul DeBruicker wrote: > I'm sorry. I don't understand what you're trying to achieve. Do you want to use smalltalk to access an https-only service? OR do you want other clients (your users/facebook) to be able to access your Seaside app using HTTPS from their browsers? > Ah, it's the second one, not the first one, that's the trouble. I need Facebook and other users to access my Seaside app through HTTPS because Facebook now requires communication to all apps through HTTPS. > > > If you want the first then the link I sent has the info you need. > > > > If its the second just set Nginx up as an https reverse proxy. > > Try these links: > > http://nginx.org/en/docs/http/configuring_https_servers.html > http://wiki.nginx.org/HttpSslModule > Thanks for the links. > You'll of course need to get an SSL cert and get it set up properly on your server and google has lots of articles about that. > > I was wondering when certificates would come into the picture. I'll give it a try…. Larry > > > On 05/30/2012 11:01 AM, Lawrence Kellogg wrote: >> >> On May 30, 2012, at 12:48 PM, Lawrence Kellogg wrote: >> >>> >>> On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote: >>> >>>> http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html >>>> >>> >>> Paul, >>> Thanks for this link! I'm trying to understand what I have to do. >>> >>> So, as I read it, I won't use stunnel, but will instead use my fastcgi >>> server and proxy to that. >>> >>> I added this line to my /etc/hosts file: >>> |127.0.0.1 secure_service| >> Is it ok to have this in the hosts file? >> >> 127.0.0.1 localhost localhost.localdomain >> 127.0.0.1 secure_service >> >> >> >>> and I added a new server section to my nginx.conf file >>> >>> server >>> { >>> server_name secure_service; >>> >>> location / >>> { >>> proxy_pass https://api.secure_service.com; >>> } >>> } >>> >> >> >> Is the proxy_pass the name of my amazon server, like this: >> >> https://ec2-nnn-nn-n-nnn.compute-1.amazonaws.com >> >> ? >> >> Boy, I am confused as to what is going on. Safari says that it can't >> reach my non-http server from the https server. >> >> Larry >> >> >> >>> >>> I am trying to restart nginx with sudo -HUP nginx master pid, not sure >>> if it is working. >>> >>> I opened up port 443 in my Amazon EC2 instance. >>> >>> So, should I be able to reach my server with https://servername >>> <https://servername/>, as before, right? >>> >>> That doesn't seem to work so I must not have something set up right…. >>> >>> Larry >>> |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
In reply to this post by Larry Kellogg
Hi, I wrote the article being referenced.
Can you post the contents of your nginx.conf and hosts file? -Sean- |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
In reply to this post by Larry Kellogg
And since its the second option you don't need to worry about Zodiac or SSL from within smalltalk/seaside. You can just use HTTP/FastCGI between nginx and gemstone and have nginx speak HTTP/HTTPS to the outside world. https://www.startssl.com has free certs that work fine. On 05/30/2012 11:53 AM, Lawrence Kellogg wrote: > > On May 30, 2012, at 2:18 PM, Paul DeBruicker wrote: > >> I'm sorry. I don't understand what you're trying to achieve. Do you want to use smalltalk to access an https-only service? OR do you want other clients (your users/facebook) to be able to access your Seaside app using HTTPS from their browsers? >> > > Ah, it's the second one, not the first one, that's the trouble. I need Facebook and other users to access my Seaside app through HTTPS because Facebook now requires communication to all apps through HTTPS. > >> >> >> If you want the first then the link I sent has the info you need. >> >> >> >> If its the second just set Nginx up as an https reverse proxy. >> >> Try these links: >> >> http://nginx.org/en/docs/http/configuring_https_servers.html >> http://wiki.nginx.org/HttpSslModule >> > > Thanks for the links. > >> You'll of course need to get an SSL cert and get it set up properly on your server and google has lots of articles about that. >> >> > > I was wondering when certificates would come into the picture. I'll give it a try…. > > Larry > > > >> >> >> On 05/30/2012 11:01 AM, Lawrence Kellogg wrote: >>> >>> On May 30, 2012, at 12:48 PM, Lawrence Kellogg wrote: >>> >>>> >>>> On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote: >>>> >>>>> http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html >>>>> >>>> >>>> Paul, >>>> Thanks for this link! I'm trying to understand what I have to do. >>>> >>>> So, as I read it, I won't use stunnel, but will instead use my fastcgi >>>> server and proxy to that. >>>> >>>> I added this line to my /etc/hosts file: >>>> |127.0.0.1 secure_service| >>> Is it ok to have this in the hosts file? >>> >>> 127.0.0.1 localhost localhost.localdomain >>> 127.0.0.1 secure_service >>> >>> >>> >>>> and I added a new server section to my nginx.conf file >>>> >>>> server >>>> { >>>> server_name secure_service; >>>> >>>> location / >>>> { >>>> proxy_pass https://api.secure_service.com; >>>> } >>>> } >>>> >>> >>> >>> Is the proxy_pass the name of my amazon server, like this: >>> >>> https://ec2-nnn-nn-n-nnn.compute-1.amazonaws.com >>> >>> ? >>> >>> Boy, I am confused as to what is going on. Safari says that it can't >>> reach my non-http server from the https server. >>> >>> Larry >>> >>> >>> >>>> >>>> I am trying to restart nginx with sudo -HUP nginx master pid, not sure >>>> if it is working. >>>> >>>> I opened up port 443 in my Amazon EC2 instance. >>>> >>>> So, should I be able to reach my server with https://servername >>>> <https://servername/>, as before, right? >>>> >>>> That doesn't seem to work so I must not have something set up right…. >>>> >>>> Larry >>>> > |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
In reply to this post by SeanTAllen
On May 30, 2012, at 2:59 PM, SeanTAllen wrote: > Hi, I wrote the article being referenced. > > Can you post the contents of your nginx.conf and hosts file? > Hello Sean, Thanks for offering to help, but I got it to work. This link: http://wiki.nginx.org/HttpSslModule was especially helpful in leading me through all of the steps to create the certificate and change the nginx.conf so that my service could be reachable from HTTPS. I now render my app on Facebook within a Facebook canvas. I hope this brings me a ton of new users! Thanks to all who helped! Larry > -Sean- > > -- > View this message in context: http://forum.world.st/HTTPClient-for-GLASS-3-0-1-tp4617651p4632535.html > Sent from the GLASS mailing list archive at Nabble.com. |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
In reply to this post by Paul DeBruicker
On May 30, 2012, at 3:25 PM, Paul DeBruicker wrote: > > And since its the second option you don't need to worry about Zodiac or SSL from within smalltalk/seaside. You can just use HTTP/FastCGI between nginx and gemstone and have nginx speak HTTP/HTTPS to the outside world. > > > https://www.startssl.com has free certs that work fine. > Do i need to use one of these free certs? I created a certificate as outlined here: http://wiki.nginx.org/HttpSslModule and it worked from Facebook, although the browser does ask to continue when it hits the certificate. I guess my users will be faced with the same decision if they access my app from within, Facebook, but I don't know for sure. Is this a problem? Larry > > On 05/30/2012 11:53 AM, Lawrence Kellogg wrote: >> >> On May 30, 2012, at 2:18 PM, Paul DeBruicker wrote: >> >>> I'm sorry. I don't understand what you're trying to achieve. Do you want to use smalltalk to access an https-only service? OR do you want other clients (your users/facebook) to be able to access your Seaside app using HTTPS from their browsers? >>> >> >> Ah, it's the second one, not the first one, that's the trouble. I need Facebook and other users to access my Seaside app through HTTPS because Facebook now requires communication to all apps through HTTPS. >> >>> >>> >>> If you want the first then the link I sent has the info you need. >>> >>> >>> >>> If its the second just set Nginx up as an https reverse proxy. >>> >>> Try these links: >>> >>> http://nginx.org/en/docs/http/configuring_https_servers.html >>> http://wiki.nginx.org/HttpSslModule >>> >> >> Thanks for the links. >> >>> You'll of course need to get an SSL cert and get it set up properly on your server and google has lots of articles about that. >>> >>> >> >> I was wondering when certificates would come into the picture. I'll give it a try…. >> >> Larry >> >> >> >>> >>> >>> On 05/30/2012 11:01 AM, Lawrence Kellogg wrote: >>>> >>>> On May 30, 2012, at 12:48 PM, Lawrence Kellogg wrote: >>>> >>>>> >>>>> On May 30, 2012, at 11:07 AM, Paul DeBruicker wrote: >>>>> >>>>>> http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html >>>>>> >>>>> >>>>> Paul, >>>>> Thanks for this link! I'm trying to understand what I have to do. >>>>> >>>>> So, as I read it, I won't use stunnel, but will instead use my fastcgi >>>>> server and proxy to that. >>>>> >>>>> I added this line to my /etc/hosts file: >>>>> |127.0.0.1 secure_service| >>>> Is it ok to have this in the hosts file? >>>> >>>> 127.0.0.1 localhost localhost.localdomain >>>> 127.0.0.1 secure_service >>>> >>>> >>>> >>>>> and I added a new server section to my nginx.conf file >>>>> >>>>> server >>>>> { >>>>> server_name secure_service; >>>>> >>>>> location / >>>>> { >>>>> proxy_pass https://api.secure_service.com; >>>>> } >>>>> } >>>>> >>>> >>>> >>>> Is the proxy_pass the name of my amazon server, like this: >>>> >>>> https://ec2-nnn-nn-n-nnn.compute-1.amazonaws.com >>>> >>>> ? >>>> >>>> Boy, I am confused as to what is going on. Safari says that it can't >>>> reach my non-http server from the https server. >>>> >>>> Larry >>>> >>>> >>>> >>>>> >>>>> I am trying to restart nginx with sudo -HUP nginx master pid, not sure >>>>> if it is working. >>>>> >>>>> I opened up port 443 in my Amazon EC2 instance. >>>>> >>>>> So, should I be able to reach my server with https://servername >>>>> <https://servername/>, as before, right? >>>>> >>>>> That doesn't seem to work so I must not have something set up right…. >>>>> >>>>> Larry >>>>> >> > |
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
In reply to this post by Larry Kellogg
Ah so you got the nginx proxying http to https working but you also needed to take incoming https requests, correct?
On Wed, May 30, 2012 at 3:27 PM, Lawrence Kellogg <[hidden email]> wrote:
|
Re: Accessing my Seaside/GLASS app through HTTPS
|
|
On May 30, 2012, at 3:38 PM, Sean Allen wrote: Ah so you got the nginx proxying http to https working but you also needed to take incoming https requests, correct? Yes, well, all incoming https requests get referred to Seaside, with the same forwarding that was going on for http requests, if I did this right. Everything seems to work, I can run my app from https through a Facebook canvas, where all traffic has to be https. I think I'm all set unless I'm missing something. If you guys are on Facebook, you can search for the PracticeMusic app and connect to it in order to see if it comes up. Do you get asked a question about certificates? Larry
|
«
Return to GLASS
|
1 view|%1 views
| Free forum by Nabble | Edit this page |