Jason Gerard DeRose wrote:
This is a big patch to get everyone synced up with what I'm doing on the webUI. The Engine is currently *very* dumb because I need to tare through a bunch of plugin metadata, make a lot of changes, but doing that is likely going to make merging any outstanding patches too difficult, break any work in progress. I even I backed out some crazier changes I had made, realizing the headache I was inviting.So what I propose is acking this and acking any other outstanding patches, and then quickly making the needed metadata changes in a coordinated fashion (read: Rob, Pavel, and I staying pretty much lock-step for a few days). The metadata changes aren't a lot of work, but they are very disruptive as they will change the plugin API slightly and will affect every Command and Object plugin we have (which by my count is currently 108 plugins). Some highlights: * lite-xmlrpc.py and lite-webui.py have been replaced by the new lite-server.py script, which mounts XML-RPC, JSON-RPC, and the WebUI all on the same paths as they would be under Apache (but on a different port). * Per above, the default xmlrpc_uri is now http://localhost:8888/ipa/xml * The IPA server is now a WSGI application. A few pieces still are missing, most notably running all this under Apache, but it's 90% there. Currently under Apache things will still run the same as before, just XML-RPC and not through the new Backend.xmlserver WSGI interface. Because IPA is a WSGI app, I think we should strongly consider running IPA under mod_wsgi instead of mod_python, although running under mod_python is still possible with a mod_python <=> WSGI adapter. * For flexibility and to ease debugging, the XML-RPC and JSON-RPC services can now also be called via GET or POST query strings. For example: http://localhost:8888/ipa/json/user_add?givenname=Jason&sn=DeRose Or http://localhost:8888/ipa/xml/user_add?givenname=Jason&sn=DeRose Is the same as: api.Command.user_add(givenname='Jason', sn='DeRose') * In theory, lite-server.py supports SSL, but there is a bug in paste 1.7.2 that prevents it from working under Python 2.6. To turn on SSL, just place a PEM format cert at ~/.ipa/lite.pem Anyway, this gives everyone something to play with/review till I get back from PTO on Thursday. Cheers, Jason
Have a bunch of questions/issues before I can ack this: - We need to get the wehjit library accepted into Fedora ASAP- There is a change to ipa-server-install that reverts your previous patch, 016 - This patch includes the previous SSO patch that we can't commit until we get an alternative for the Crypto package on some distros - Is it going to be confusing to register the jsonserver in a file named xmlserver.py? - in rpcserver.py::extract_query(environ) should an error be raised if these conditions aren't met? For example, you do a POST and the content-type isn't application/x-www-form-urlencoded
Otherwise looks ok. I'm not opposed to switching to WSGI as long as we have feature parity.
Description: S/MIME Cryptographic Signature
_______________________________________________ Freeipa-devel mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-devel