Loading ...
Sorry, an error occurred while loading the content.

Re: [soaplite] SSH as a transport

Expand Messages
  • Christer Palm
    Hi Daryl, ... I just wanted to comment on this, since I had the same idea and did some research. As you say, there s a few references to this on the net, but
    Message 1 of 1 , May 1 11:36 PM
    • 0 Attachment
      Hi Daryl,

      Daryl Williams wrote:
      > helo scott, everyone. i'm still pretty new to this stuff and
      > still trying to learn. i'm interested in your statement about
      > using ssh as a transport. i'm currently writing something
      > using httpd as the transport. i dont want to use https
      > since i dont have any certificates. yet i want to make
      > the application secure...
      >

      I just wanted to comment on this, since I had the same idea and did some
      research. As you say, there's a few references to this on the net, but
      as far as I can tell they're all using port redirection/tunneling.

      However, although it would probably not be very hard to use the IO
      transport to set up stdin/stdout piped through SSH as the transport, you
      will miss one of the key reasons to use SOAP in the first place, which
      is interoperability. You can't expect Java, Visual Basic, etc. to allow
      you to do the same thing. At least not easily.

      The performance would also not be very good, because the SSH server
      would have to start up your Perl server program for every transaction,
      just like a CGI server. In my experience, it takes about a second to
      compile and start the SOAP::Lite server.

      Based on that, I would say that SSL or HTTPS is a better solution. If
      you don't have a certificate you just generate one, just as you would
      generate an SSH key pair.

      This brings me into another issue. Does anyone has any experience with
      setting up a standalone HTTPS SOAP::Lite server? If so, I'm interested
      to hear about how you did it. I tried to simply tweak HTTP::Daemon to
      use IO::Socket::SSL instead of IO::Socket::INET - unfortunately it
      didn't work. Is there a more straightforward way? I'd like to avoid
      messing around with modified "standard" packages whenever possible.
      --
      Christer Palm
    Your message has been successfully submitted and would be delivered to recipients shortly.