HTTPS with Seaside
62 views
Skip to first unread message
Totally Objects
Jul 30, 2011, 12:22:46 PM7/30/11
to VA Smalltalk, matt...@totallyobjects.com
We are wondering how this happens within VAST 8.0.3.
We are currently experimenting with Seaside to see if it is easier,
etc. than WebConnection. We have set up WebConnection using HTTPS
thorugh the IIS web server. However, it seems that you address a
running Seaside image through port 8080 (or whichever you choose).
Can anyone explain how this works when we want to use https on 443?
David
Totally Obects.
We are currently experimenting with Seaside to see if it is easier,
etc. than WebConnection. We have set up WebConnection using HTTPS
thorugh the IIS web server. However, it seems that you address a
running Seaside image through port 8080 (or whichever you choose).
Can anyone explain how this works when we want to use https on 443?
David
Totally Obects.
jtu...@objektfabrik.de
Jul 30, 2011, 2:55:58 PM7/30/11
to va-sma...@googlegroups.com, matt...@totallyobjects.com
David,
afaict, most of the time people avoid using ssl in the smalltalk image and have that handled by their web server like apache. the protocol between the server and the st image is then normal http. It's just a matter of a few settings in an ini file, and you can offload all the cycles needed for de/encryption and stuff out of the image...
If you want to use https on the smalltalk side, it's not a Seaside specific topic, but one for server smalltalk. On the plus side, this means it is documented up to the point where it comes to the SST-Seaside Adapter.
Unfortunaely, I've never had to work with iis, so I'm afraid I can't help you with that.
hth,
Joachim
Totally Objects
Jul 30, 2011, 4:38:33 PM7/30/11
to VA Smalltalk
I wasn't trying to handle the ssl in Smalltalk. In our current web
application, the Smalltalk Web Connection software handles the code
whilst IIS handles the HTTP = HTTPS side of things.
However, we are not passing a port in the url and as I understand it
passing 8080 on the end of the url will interfere with the IIS hadling
whch is looking for 443 to implement a secure connection.
I don't fully understand this and am hoping that some out there has
had to do this.
David
On Jul 30, 7:55 pm, "jtuc...@objektfabrik.de"
application, the Smalltalk Web Connection software handles the code
whilst IIS handles the HTTP = HTTPS side of things.
However, we are not passing a port in the url and as I understand it
passing 8080 on the end of the url will interfere with the IIS hadling
whch is looking for 443 to implement a secure connection.
I don't fully understand this and am hoping that some out there has
had to do this.
David
On Jul 30, 7:55 pm, "jtuc...@objektfabrik.de"
Marten Feldtmann
Jul 31, 2011, 1:45:50 AM7/31/11
to va-sma...@googlegroups.com
I used Apache and here I start my Seaside stuff on a different port (e.g. 9345) on a local device (127.0.0.1) - then my Seaside stuff is not reachable from outside. When the request is coming to Apache (on 8080 and a public device) I let Apache rewrite the URL (defined by rules in the Apache configuration file) and Apache itselfs then queries the Seaside server on 127.0.0.1:9345, collects the result from my Seaside stuff and send it back to the user.
When the request is coming on port 443, then Apache is doing the SSL stuff for me.
When the request is coming on port 443, then Apache is doing the SSL stuff for me.
Louis Andriese
Jul 31, 2011, 4:49:38 AM7/31/11
to VA Smalltalk
We used to do the same thing Marten describes, but then on IIS.
Since IIS doesn't provide a rewrite module (like mod_rewrite on
apache), you'll have
to use 3rd party isapi plugins for that. We used isapi_rewrite from
helicontech, which is more or less syntax-compliant with apache.
Later on we moved to a hardware-based loadbalancer.
Kind regards,
Louis
On 31 jul, 07:45, Marten Feldtmann <marten.feldtm...@googlemail.com>
wrote:
Since IIS doesn't provide a rewrite module (like mod_rewrite on
apache), you'll have
to use 3rd party isapi plugins for that. We used isapi_rewrite from
helicontech, which is more or less syntax-compliant with apache.
Later on we moved to a hardware-based loadbalancer.
Kind regards,
Louis
On 31 jul, 07:45, Marten Feldtmann <marten.feldtm...@googlemail.com>
wrote:
Reply all
Reply to author
Forward
0 new messages