Loading ...
Sorry, an error occurred while loading the content.

Re: SSL and SOAP server (again)

Expand Messages
  • Thomas J Pinkl
    ... [...] The approach I used, was a forking server based upon HTTP::Daemon::SSL. Each connection is handled by a child process which creates a
    Message 1 of 3 , Apr 26, 2006
    • 0 Attachment
      On Wed, Apr 26, 2006 at 08:21:15PM -0000, monsieur_magoo wrote:
      > I'm trying to write a soap server that will handle SSL requests.
      [...]

      The approach I used, was a forking server based upon HTTP::Daemon::SSL.
      Each connection is handled by a child process which creates a
      SOAP::Transport::HTTP::Server object to deal with SOAP requests.

      --
      Thomas J. Pinkl | T: 215-442-9300
      Senior Systems Architect | 800-444-1427
      Health Business Systems, Inc | F: 215-442-7555
      An SXC Company |
      738 Louis Drive | http://www.hbsrx.com/
      Warminster, PA 18974 | http://www.sxc.com/
    • Thomas J Pinkl
      ... I cannot post the code, as it is part of a commercial product that is sold by my employer. In pseudo code, it would look like so (untested): use
      Message 2 of 3 , Sep 9, 2008
      • 0 Attachment
        On Tue, Sep 09, 2008 at 05:42:37PM -0000, fistan11 wrote:
        > Thomas, can you put any example here? Multithreaded SSL standalone
        > server could be MUCH MORE expressive than thousands of doc lines.
        > Thank you!

        I cannot post the code, as it is part of a commercial product that
        is sold by my employer. In pseudo code, it would look like so
        (untested):

        use IO::Socket;
        use HTTP::Daemon::SSL;
        use SOAP::Transport::HTTP;
        ...

        # set up HTTP and SSL options
        my %https_opts = ();
        $https_opts{LocalPort} = 443;
        $https_opts{Proto} = "tcp";
        $https_opts{Type} = SOCK_STREAM;
        $https_opts{Listen} = SOMAXCONN;
        $https_opts{ReuseAddr} = 1;
        $https_opts{Timeout} = 300;
        $https_opts{SSL_version} = 'SSLv2/3';
        $https_opts{SSL_cipher_list} = 'ALL:!LOW:!EXP';
        $https_opts{SSL_use_cert} = 1;
        $https_opts{SSL_key_file} = "server.key";
        $https_opts{SSL_cert_file} = "server.crt";
        $https_opts{SSL_ca_file} = "ca-bundle.crt";
        $https_opts{SSL_ca_path} = "/path/to/CA/certs";
        $https_opts{SSL_verify_mode} = 0x01|0x02;
        $https_opts{SSL_check_crl} = 0;
        ...

        sub https_daemon {
        # become a daemon (optional)
        &make_me_a_daemon();

        # start HTTPS listener
        my $server = HTTP::Daemon::SSL->new( %https_opts );

        # accept loop
        while (1) {
        # wait for a client connection
        my $client = $server->accept();
        next if (! $client);

        # start a child process to handle the connection
        &start_child($server,$client);

        # parent process closes the connected socket
        $client->close();
        }
        }

        sub start_child {
        my $server = shift;
        my $client = shift;

        my $pid = fork();
        return if (! defined $pid);

        if ($pid > 0) {
        # parent process
        return;
        } else {
        # child process
        $server->close();

        # handle the HTTP connection and exit
        &handle_http_connection($client);
        $client->close();
        exit(0);
        }
        }

        sub handle_http_connection {
        my $client = shift;

        my $soap = new SOAP::Transport::HTTP::Server;
        $soap->dispatch_to( $SOME_LIST_OF_MODULES );

        while (1) {
        # read HTTP request
        my $req = $client->get_request();
        last if (! $req);

        # handle HTTP request and generate HTTP response
        my $resp = &handle_http_request( $req, $soap );

        # send HTTP response
        if ($resp) {
        $client->send_response( $resp );
        } else {
        last;
        }
        }
        }

        sub handle_http_request {
        my $req = shift;
        my $soap = shift;

        # process the SOAP request
        $soap->request( $req );
        $soap->handle();

        # return the SOAP response
        return $soap->response();
        }

        Note that error and signal handling have been omitted to save space
        and to direct attention to the main concepts.

        Also note that this represents a forking server, suitable for a UNIX
        type system (eg. Linux). It is not multi-threaded and it may not
        work on Windows.

        --
        Thomas J. Pinkl


        This communication, including any attachments, may contain information that is confidential and may be privileged and exempt from disclosure under applicable law. It is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender. Thank you for your cooperation.
      Your message has been successfully submitted and would be delivered to recipients shortly.