Re: [soaplite] SSH as a transport (was: Wire dump for soap::Lite server)
I have created what I call SOAP::Transport::Cmd modules.
I have Client and Server sides. They support the client
invoking the server as what appears to be a local command.
In my case I run (ssh -T) to establish a connection from
inside my scripts. On the remote end, each authorized_keys2
file has a forced command which restricts the user to
invoking the soap server. Different ssh credentials can
result in the server being called differently; and therefore
exposing different methods.
If you're not familiar with forced commands, here are two
examples that should give you the idea.
command="./bin/soapserver.pl --development",no-pty ssh-dss ...
command="./bin/soapserver.pl --production",no-pty ssh-dss ...
The ... in the examples above match separate public keys.
Because I want to avoid the overhead of setup and teardown
of the secure connection, I've refined the server and client
to support multiple requests across on connection. In fact,
I can send requests and process responses asynchronously.
The down side is that I got this all to work when I barely
understood SOAP::Lite. I need to take the time to more
seamlessly integrate my work before I send it back to Paul.
Would you be interested in an 'as-is' release none the less?
On Wed, 01 May 2002 18:47:34 -0700, Daryl Williams wrote:
> are you using ssh as a wrapper or using port redirection?
> i dont see an ssh transport module anywhere under SOAP::Lite.
> your help, and the group's, is appreciated in understanding
> this issue.
- scott and christer, thank you both for your replies. i had
wondered if it was possible to use the IO::Socket::SSL
module for transport. i guess it's still not clear to
me if this is possible or not, but it sounds like it
scott if your offering to share your code, sure i'd
be interested to see it. the project i'm working on
can stand to only work with SOAP::Lite, although i
strongly favor openess in general.
oh and christer, i guess i dont know enough about
certificates either. are you saying that both SSL snd SSH
certificates are the same thing?
if anyone knows more about these topics please pipe up! :)