Hello,
I'm new to Thrift and have a general question about server deployment.
Part of my service requirement is similar to what EverNote is doing
with their web service implementation. For a few reasons, they have
decided to use HTTP as the transport (keep-alive, etc.). Also, they
don't want to send user credentials to the service without
encryption. So they've deployed their web service to support Thrift
over HTTP and for the user-authentication part, over HTTPS.
From the EverNote API docs at http://www.evernote.com/about/developer/api/evernote-api.htm
-
Thrift represents the API as a set of structures and procedures on
the client, which marshal into binary messages that are transmitted
as HTTP requests. Since HTTP is used as the low-level transport for
the EDAM messages over Thrift, these requests can take advantage of
standard HTTP tricks like keep-alive, load balancing, etc.
and
The UserStore should always be accessed via SSL using a Thrift
TBinaryProtocol wrapping a THttpClient transport through the
following URL: <snip>
I'm assuming EverNote is running the PHP generated "server" since
their staging/testing web service box is running Apache.
What I'm curious about is how I can do all of the following:
1) use SSL to encrypt user credentials
2) write my service implementation in python
I guess there's a few options for python but none completely solve
both of these requirements.
1) use the Twisted python generator and run a daemon with twistd
2) deploy to nginx/apache with mod_wsgi and somehow hook-in support
for decoding HTTP / HTTPS requests as Thrift RPCs.
In the first option I would have to run Twisted's webserver with SSL
support. This is different from the Twisted code generator solution
which generates a standalone Twisted-based server. Thus, I'm not sure
how to continue with this option.
For the second option I am not sure there's the equivalent support in
the python server code generator to do the equivalent of TPhpStream
for python. Again, I'm new to Thrift so maybe this option is not as
hard as I think it is to setup.
Thoughts?
Thanks,
Brian
