----- "Brian Hammond" <[email protected]> wrote: > What I'm curious about is how I can do all of the following: > > 1) use SSL to encrypt user credentials > 2) write my service implementation in python > > I guess there's a few options for python but none completely solve > both of these requirements. > > 1) use the Twisted python generator and run a daemon with twistd > 2) deploy to nginx/apache with mod_wsgi and somehow hook-in support > for decoding HTTP / HTTPS requests as Thrift RPCs.
Unless you need an asynchronous server side framework for high concurrency and low memory footprint, I would stay clear of Twisted. I think a standard threaded wsgi server would work fine. If you're inclined to use a mod_wsgi, I recommend Graham Dumpleton's outstanding wsgi implementation for Apache. The Nginx wsgi interface is good as well, but beware if your app needs to block -- you'll be serializing your requests. Both options would let you run SSL as well as handle basic or digest auth. As far as tying in Thrift, I haven't done this myself and unfortunately can't offer much. Hopefully there are others here who can. As you've already suggested, taking a look at the RPC layer and seeing how you can tie it into the backend from wsgi is a start. IMO, the lack of a security story for Thrift is a weakness. I'm not sure what discussions there have been to address this. I started to implement SSL support for Java and Python, but found I had to modify a fair amount of Thrift code and ended up punting by using stunnel to setup a secure connection between client and server. You might find this the path of least resistance as well, in particular if you can add the authentication layer to your Thrift IDL. As one other approach, you can use a symmetric key to sign a request and send the signature in the clear with the rest of your thrift data. As long as you keep the signing key secret, this would let you validate the origin and integrity of the request. If there's anything sensitive in the request itself, though, this is no good. Alas, message signing is another application layer measure -- it would be sweet to see auth work its way into the Thrift spec. Good luck! Garrett
