I have commited several changes to the scratchpad admin, including the SSL support (sloppy at the moment, but working).
To use the code: 1. I am using JDK 1.3.1 which does not include the JSSE packages, 1.4.? has these included. If you are running JDK 1.3.x, you will need to install the Sun JSSE package. 2. Run "ant build" from xml-xindice/java/scratchpad/admin 3. Run xml-xindice/java/scratchpad/admin/xindiceadmin.sh to start the admin tool 4. entering 'help' will return a list of available commands (not many yet!) 5. To run a batch of commands, type 'execute script_file_here' you can see the script file format and/or execute the sample script from java/scratchpad/admin/test.scr 6. 'exit' to exit the app To make things work under SSL, create a cert for Tomcat and install it using port 8443 and 1. Uncomment the url starting with "https" in XindiceAdmin.java 2. Restart the admin tool There are a couple other things in the XindiceAdmin.java file worth looking at: //XmlRpc.setKeepAlive(true); //XmlRpc.setDebug(true); Every command is using a stopwatch borrowed from the main tree to display execution times. Let me know if you have any problems getting this to work. Kurt ----- Original Message ----- From: "Gianugo Rabellino" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, December 03, 2002 3:52 PM Subject: Re: [RT] Xindice 2.0 > Kurt Ward wrote: > > Kurt Ward wrote: > > > > > >>b. transport: if we are going to have username and passwords flying over > >>the wire, we need to protect them. XML-RPC over HTTPS? CHAP? Kerberos? > >>Other thoughts? > >> > >> > >>XML-RPC over HTTPS is pretty straight-forward and easy for users to > >>implement. The interactive admin tools I have been working on already > > > > does > > > >>>this using the Sun JSSE package (although I have not commited it to the > >>>scratchpad area yet). Creation of the random key to start an SSL > > > > connection > > > >>>is a slow, but the performance is satisfactory in my opinion. > >> > >>Hmmm... I'm wondering if this startup delay will occur on every XML-RPC > >>request: in this case it might be unaccettable in a production > >>environment with lots of queries. Is it possible (I'm ignorant about > >>JSSE) to cache a session-wide random key for reuse? > > > > > > The random key is not generated on each request. On initial startup of an > > XML-RPC client, it takes ~3-4 seconds to generate the key. After that, the > > key is reused and speed degradation is not very noticable. (Maybe 30ms or > > so?). > > This is good news. I'm very curious to see how it works, if and when > you're ready, count on me for testing. :-) > > Ciao, > > -- > Gianugo Rabellino
