Re: [appengine-java] Tasks SSL

[Fabrizio Accatino]

 - what error do you receive?  copy and paste log
 - try to remove ssl. The connection is internal. (AFAIK)

fabrizio


On Tue, Nov 9, 2010 at 3:37 AM, Dom Derrien dominique.derr...@gmail.comwrote:

 Context:
 - Tasks as defined in
 http://code.google.com/appengine/docs/java/taskqueue/overview.html
 - Secured URLs as described in
 http://code.google.com/appengine/docs/java/config/webxml.html

 In the following excerpts, you can see I want to be sure that only
 administrators can access over SSL resources  in the /_admin folder.
 This works fine when I access JSP page or call a servlet. However, the
 automatic task execution fails continuously on production, which
 generates a never ending task rescheduling...

 - Sample task scheduling:
QueueFactory.getDefaultQueue().add(url(/
 _admin/...).method(Method.GET));
 - web.xml part:
security-constraint
web-resource-collection
url-pattern/_admin/*/url-pattern
/web-resource-collection
auth-constraint
role-nameadmin/role-name
/auth-constraint
user-data-constraint
transport-guaranteeCONFIDENTIAL/transport-guarantee
/user-data-constraint
/security-constraint

 As tasks are issued server-side and consumed there without having
 transited on the public Internet (I hope so), I don't think there's a
 risk of having non encrypted task calls.

 I've just created another path for my tasks entry points (/_tasks) and
 the path is not covered by the SSL restriction. Is it the right way?
 Or did I hit a defect?

 Thanks,
 A+, Dom

 --
 You received this message because you are subscribed to the Google Groups
 Google App Engine for Java group.
 To post to this group, send email to
 google-appengine-j...@googlegroups.com.
 To unsubscribe from this group, send email to
 google-appengine-java+unsubscr...@googlegroups.comgoogle-appengine-java%2bunsubscr...@googlegroups.com
 .
 For more options, visit this group at
 http://groups.google.com/group/google-appengine-java?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Google App Engine for Java group.
To post to this group, send email to google-appengine-j...@googlegroups.com.
To unsubscribe from this group, send email to 
google-appengine-java+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/google-appengine-java?hl=en.

[appengine-java] Tasks SSL

[Dom Derrien]

Context:
- Tasks as defined in 
http://code.google.com/appengine/docs/java/taskqueue/overview.html
- Secured URLs as described in 
http://code.google.com/appengine/docs/java/config/webxml.html

In the following excerpts, you can see I want to be sure that only
administrators can access over SSL resources  in the /_admin folder.
This works fine when I access JSP page or call a servlet. However, the
automatic task execution fails continuously on production, which
generates a never ending task rescheduling...

- Sample task scheduling:
QueueFactory.getDefaultQueue().add(url(/
_admin/...).method(Method.GET));
- web.xml part:
security-constraint
web-resource-collection
url-pattern/_admin/*/url-pattern
/web-resource-collection
auth-constraint
role-nameadmin/role-name
/auth-constraint
user-data-constraint
transport-guaranteeCONFIDENTIAL/transport-guarantee
/user-data-constraint
/security-constraint

As tasks are issued server-side and consumed there without having
transited on the public Internet (I hope so), I don't think there's a
risk of having non encrypted task calls.

I've just created another path for my tasks entry points (/_tasks) and
the path is not covered by the SSL restriction. Is it the right way?
Or did I hit a defect?

Thanks,
A+, Dom

-- 
You received this message because you are subscribed to the Google Groups 
Google App Engine for Java group.
To post to this group, send email to google-appengine-j...@googlegroups.com.
To unsubscribe from this group, send email to 
google-appengine-java+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/google-appengine-java?hl=en.