Ticket #604 (closed task: fixed)

Opened 13 years ago

Last modified 13 years ago

[S] Web Services working over https

Reported by: pjkersha Owned by: pjkersha
Priority: desirable Milestone: PreBeta
Component: security Version:
Keywords: Security, Web Services, https, SSL Cc:

Description

For message confidentiality https is likely to be a more straightforward alternative to using encryption with WS-Security. This is particularly the case for DEWS where Python web services must interoperate with Java WebSphere clients. Digital signature must work in these cases but adding message level encryption may make it unnecessarily complicated. Using transport level security should simplify the task.

ZSI and https

Client side is simple: the correct protocol is picked up from the uri specifier https/http. For the server side, it is more straightforward when using Twisted. Use M2Crypto or Twisted's SSLServer. (Use pyGridWare for examples)

Change History

comment:1 Changed 13 years ago by pjkersha

  • Status changed from new to assigned

comment:2 Changed 13 years ago by pjkersha

  • Status changed from assigned to closed
  • Resolution set to fixed

Working version with Session Manager. It uses twisted.internet.SSLServer for the server side and default ZSI client (socket.ssl package).

The SSLServer default context class twisted.internet.ssl.DefaultOpenSSLContextFactory uses pyOpenSSL. It may be preferrable to replace with M2Crypto to reduce the number of dependencies.

Note: See TracTickets for help on using tickets.