[Seaside-dev] Client certificate verification and load-balancing
with AJP13
Philippe Marschall
philippe.marschall at gmail.com
Sun Jun 21 16:31:59 UTC 2009
2009/6/20 Christopher Schuster <cs at livoris.de>:
> Hi list,
>
> I wanted to verify a client certificate in my Seaside application and
> realized, that there is already an issue in Seaside that will solve this
> problem, too.
>
> http://code.google.com/p/seaside/issues/detail?id=89
>
> I've started work on this issue and now finally managed to use Seaside with
> AJP13. I've based my implementation on Comanche to reuse small portions of the
> code. If you interested you can check out the code and some screenshots at:
>
> http://www.squeaksource.com/KomAjpServer.html
>
> What works:
> - Accessing X509 client certificate in Seaside (see Seaside-Examples-AJP)
> - Load-balancing multiple seaside applications with apache2 and lighttpd
>
> What does not work:
> - sticky session (should work out-of-the-box, but there are still problems)
There is also [1] which does sticky sessions. It currently does not do
multipart parsing and has not been updated for the latest Seaside 2.9
versions. Nobody was showing any interest so I wasn't pushing it.
> Two questions:
> - can this code be integrated into the official Seaside code base?
I think there are two different things here. The AJP implementation
and the Seaside adapter. I wouldn't make the AJP implementation part
of the Seaside code base the same way that Kom, Swazoo, and the rest
are not part of it. As for the adapter, once it has been used in
anger, sure why not?
> - if yes, is the dependency to Comanche a problem?
I don't think so, it just limits it to Squeak.
> I've tried to comply with the official seaside code style, tests and so on.
> Any comments, improvements or critics are welcome!
[1] http://www.squeaksource.com/ajp.html
Cheers
Philippe
More information about the seaside-dev
mailing list