[Seaside] HTTPS & Seaside?
Miguel Enrique Cobá Martínez
miguel.coba at gmail.com
Fri Apr 24 22:54:10 UTC 2009
John Chludzinski wrote:
> Does Seaside support HTTPS (with Squeak)? ---John
>
>
Seaside doesn't know anything (besides the #serverProtocol and
#serverPort preference that just outputs 443 and https when generating
urls for links) about encryption.
This is responsibility of other player, in this case the web server in
front of Seaside, like Apache or lighttpd.
Configure your web server to use ssl and port 443 and then in your
seaside configuration make sure that you use the correct settings and
all will be encrypted between web server and users.
For example, this is from my root class initialize class method:
Main class >> initialize
"Nombre de la aplicacion"
application := self registerAsApplication: self appName.
"Our Custom session class"
application preferenceAt: #sessionClass put: CustomSession.
"Deployment mode"
application preferenceAt: #deploymentMode put: true.
"Remove WAStandardFiles library"
application removeLibrary: WAStandardFiles.
"Session timeout"
application preferenceAt: #sessionExpirySeconds put: 20 minutes asSeconds.
"Base URL for resources: images, styles, etc"
application preferenceAt: #resourceBaseUrl put: self resourcesUrl.
"Server Hostname"
application preferenceAt: #serverHostname put: self serverHostname.
"Server Path"
application preferenceAt: #serverPath put: self serverPath.
"Server protocol"
application preferenceAt: #serverProtocol put: self serverProtocol.
"Server port"
application preferenceAt: #serverPort put: self serverPort.
"Error handler"
application preferenceAt: #errorHandler put: self errorHandler.
"Configuration for Magma"
application configuration addAncestor: WAMagmaConfiguration new.
application preferenceAt: #location put: (MagmaRemoteLocation
host: self magmaHost
port: self magmaPort)
And
appName
^ 'myapp'
serverPath
^ ''
serverPort
^ 443
serverProtocol
^ #https
serverHostname
^ self productionEnvironment
ifTrue: [ 'example.com' ]
ifFalse: [ 'dev.example.com' ]
and in my lighttpd config, something like (isn't complete):
$HTTP["host"] =~ "^www\.(.*)" {
# no www for domains
url.redirect = ( "^/(.*)" => "http://%1/$1" )
}
$HTTP["host"] == "dev.example.com" {
$HTTP["scheme"] == "http" {
url.redirect = ( "^/(.*)" => "https://dev.example.com/$1" )
}
}
$SERVER["socket"] == "127.0.1.1:443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/dev.example.com.pem"
server.name = "dev.example.com"
server.document-root = "/home/miguel/proyectos/example/website/"
# We'll use the resources directory to host static files: images,
styles, etc
# Rewrite the URL
url.rewrite-once = (
"^/resources/(.*)" => "$0", # Unaltered
"^/about/(.*)" => "$0", # Unaltered
"^/(.*)" => "/seaside/myapp$1" # Rewritten
)
# Anything with seaside/myapp pass to Seaside on port 8080
proxy.balance = "hash"
proxy.server = (
"/seaside/myapp" => (
( "host" => "127.0.0.1", "port" => 8080)
)
)
}
If you need more details, I can put the complete config.
Cheers,
Miguel Cobá
> ------------------------------------------------------------------------
>
> _______________________________________________
> seaside mailing list
> seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
More information about the seaside
mailing list