archive/apache-tuscany
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add scripts to setup HTTPS support. A few fixes to get HTTPS working end to end with both HTTPD and WSGI servers. Minor cleanup of the HTTPD config scripts.

Browse source 
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@928160 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
jsdelfino 2010-03-27 06:24:56 +00:00
commit d64a280c20
26 changed files with 618 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

4
sca-cpp/trunk/components/webservice/axis2-conf
View file

@ -42,7 +42,8 @@ cp $here/axis2.xml $root/axis2c/axis2.xml
# Configure HTTPD Axis2 module
cat >>$root/conf/httpd.conf <<EOF
SetEnv AXIS2C_HOME $root/axis2c
# Support for Web Services
SCASetEnv AXIS2C_HOME $root/axis2c
LoadModule axis2_module $root/axis2c/lib/libmod_axis2.so
Axis2RepoPath $root/axis2c
Axis2LogFile $root/axis2c/logs/mod_axis2.log
@ -50,4 +51,5 @@ Axis2LogLevel debug
<Location /axis2>
SetHandler axis2_module
</Location>
EOF

9
sca-cpp/trunk/modules/http/curl-test.cpp
View file

@ -32,6 +32,8 @@
namespace tuscany {
namespace http {
string testURI = "http://localhost:8090";
ostream* curlWriter(const string& s, ostream* os) {
(*os) << s;
return os;
@ -41,13 +43,13 @@ const bool testGet() {
CURLSession ch;
{
ostringstream os;
const failable<list<ostream*> > r = get<ostream*>(curlWriter, &os, "http://localhost:8090", ch);
const failable<list<ostream*> > r = get<ostream*>(curlWriter, &os, testURI, ch);
assert(hasContent(r));
assert(contains(str(os), "HTTP/1.1 200 OK"));
assert(contains(str(os), "It works"));
}
{
const failable<value> r = getcontent("http://localhost:8090", ch);
const failable<value> r = getcontent(testURI, ch);
assert(hasContent(r));
assert(contains(car(reverse(list<value>(content(r)))), "It works"));
}
@ -59,7 +61,7 @@ struct getLoop {
getLoop(CURLSession& ch) : ch(ch) {
}
const bool operator()() const {
const failable<value> r = getcontent("http://localhost:8090", ch);
const failable<value> r = getcontent(testURI, ch);
assert(hasContent(r));
assert(contains(car(reverse(list<value>(content(r)))), "It works"));
return true;
@ -78,6 +80,7 @@ const bool testGetPerf() {
int main() {
tuscany::cout << "Testing..." << tuscany::endl;
tuscany::http::testURI = tuscany::string("http://") + tuscany::http::hostname() + ":8090";
tuscany::http::testGet();
tuscany::http::testGetPerf();

48
sca-cpp/trunk/modules/http/curl.hpp
View file

@ -57,10 +57,10 @@ public:
*/
class CURLSession {
public:
CURLSession() : h(curl_easy_init()), owner(true) {
CURLSession(const string& ca = "", const string& cert = "", const string& key = "") : h(curl_easy_init()), owner(true), ca(ca), cert(cert), key(key) {
}
CURLSession(const CURLSession& c) : h(c.h), owner(false) {
CURLSession(const CURLSession& c) : h(c.h), owner(false), ca(c.ca), cert(c.cert), key(c.key) {
}
~CURLSession() {
@ -76,6 +76,11 @@ private:
const bool owner;
friend CURL* handle(const CURLSession& c);
public:
const string ca;
const string cert;
const string key;
};
/**
@ -163,7 +168,29 @@ template<typename R> const failable<list<R> > apply(const list<list<string> >& h
CURLWriteContext<R> wcx(reduce, initial);
curl_easy_setopt(ch, CURLOPT_WRITEFUNCTION, (size_t (*)(void*, size_t, size_t, void*))(writeCallback<R>));
curl_easy_setopt(ch, CURLOPT_WRITEDATA, &wcx);
// Setup protocol options
curl_easy_setopt(ch, CURLOPT_TCP_NODELAY, true);
curl_easy_setopt(ch, CURLOPT_FOLLOWLOCATION, true);
curl_easy_setopt(ch, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
// Setup SSL options
if (cs.ca != "") {
debug(cs.ca, "http::apply::ca");
curl_easy_setopt(ch, CURLOPT_CAINFO, c_str(cs.ca));
curl_easy_setopt(ch, CURLOPT_SSL_VERIFYPEER, true);
curl_easy_setopt(ch, CURLOPT_SSL_VERIFYHOST, 2);
}
if (cs.cert != "") {
debug(cs.cert, "http::apply::cert");
curl_easy_setopt(ch, CURLOPT_SSLCERT, c_str(cs.cert));
curl_easy_setopt(ch, CURLOPT_SSLCERTTYPE, "PEM");
}
if (cs.key != "") {
debug(cs.key, "http::apply::key");
curl_easy_setopt(ch, CURLOPT_SSLKEY, c_str(cs.key));
curl_easy_setopt(ch, CURLOPT_SSLKEYTYPE, "PEM");
}
// Set the request headers
curl_slist* hl = headers(NULL, car(hdr));
@ -377,15 +404,25 @@ const failable<value, string> del(const string& url, const CURLSession& ch) {
return value(true);
}
/**
* Returns the current host name.
*/
const string hostname() {
char h[256];
if (gethostname(h, 256) == -1)
return "localhost";
return h;
}
/**
* HTTP client proxy function.
*/
struct proxy {
proxy(const string& uri) : uri(uri) {
proxy(const string& uri, const string& ca, const string& cert, const string& key) : uri(uri), ca(ca), cert(cert), key(key) {
}
const value operator()(const list<value>& args) const {
CURLSession cs;
CURLSession cs(ca, cert, key);
failable<value> val = evalExpr(args, uri, cs);
if (!hasContent(val))
return value();
@ -393,6 +430,9 @@ struct proxy {
}
const string uri;
const string ca;
const string cert;
const string key;
};
}

92
sca-cpp/trunk/modules/http/httpd-ca-conf Executable file
View file

@ -0,0 +1,92 @@
#!/bin/sh
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# Generate a test certificate of authority
here=`readlink -f $0`; here=`dirname $here`
root=`readlink -f $1`
host=$2
if [ "$host" = "" ]; then
host=`hostname -f`
fi
# Don't regenerate the certificate if it already exists
if [ -f $root/conf/ca.crt ]; then
return 0
fi
# Generate openssl configuration
mkdir -p $root/conf
umask 0007
cat >$root/conf/openssl-ca.conf <<EOF
[ req ]
default_bits = 1024
encrypt_key = no
prompt = no
distinguished_name = req_distinguished_name
x509_extensions = v3_ca
[ req_distinguished_name ]
C = US
ST = CA
L = San Francisco
O = Test Authority Organization
OU = Test Authority Unit
CN = $host
emailAddress = root@$host
[ v3_ca ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
basicConstraints = CA:true
[ca]
default_ca = ca_default
[ca_default]
certificate = $root/conf/ca.crt
private_key = $root/conf/ca.key
serial = $root/conf/ca-serial
database = $root/conf/ca-database
new_certs_dir = $root/conf
default_md = sha1
email_in_dn = no
default_days = 365
default_crl_days = 30
policy = policy_any
copy_extensions = none
[ policy_any ]
countryName = supplied
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
EOF
rm -rf $root/conf/*.pem
rm -f $root/conf/ca-database
echo 1000 > $root/conf/ca-serial
touch $root/conf/ca-database
# Generate the certificate of authority
openssl req -new -x509 -config $root/conf/openssl-ca.conf -out $root/conf/ca.crt -keyout $root/conf/ca.key

61
sca-cpp/trunk/modules/http/httpd-cert-conf Executable file
View file

@ -0,0 +1,61 @@
#!/bin/sh
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# Generate a test certificate
here=`readlink -f $0`; here=`dirname $here`
root=`readlink -f $1`
host=$2
if [ "$host" = "" ]; then
host=`hostname -f`
fi
# Don't regenerate the certificate if it already exists
if [ -f $root/conf/server.crt ]; then
return 0
fi
# Generate openssl configuration
mkdir -p $root/conf
umask 0007
cat >$root/conf/openssl-cert.conf <<EOF
[ req ]
default_bits = 1024
encrypt_key = no
prompt = no
distinguished_name = req_distinguished_name
[ req_distinguished_name ]
C = US
ST = CA
L = San Francisco
O = Test Organization
OU = Test Unit
CN = $host
emailAddress = root@$host
EOF
# Generate a certificate request
openssl req -new -config $root/conf/openssl-cert.conf -out $root/conf/server-req.crt -keyout $root/conf/server.key
# Generate a certificate, signed with our test certificate of authority
openssl ca -batch -config $root/conf/openssl-ca.conf -out $root/conf/server.crt -infiles $root/conf/server-req.crt
# Export it to PKCS12 format, that's the format Web browsers want to import
openssl pkcs12 -export -passout pass: -out $root/conf/server.p12 -inkey $root/conf/server.key -in $root/conf/server.crt -certfile $root/conf/ca.crt

63
sca-cpp/trunk/modules/http/httpd-conf
View file

@ -17,22 +17,77 @@
# specific language governing permissions and limitations
# under the License.
# Generate a minimal httpd.conf
# Generate a minimal HTTPD configuration
here=`readlink -f $0`; here=`dirname $here`
root=`readlink -f $1`
port=$2
htdocs=`readlink -f $3`
host=`hostname -f`
user=`id -un`
group=`id -gn`
mkdir -p $root
mkdir -p $root/logs
mkdir -p $root/conf
cat >$root/conf/httpd.conf <<EOF
# Apache HTTPD server configuration
# Set server name
ServerName $host
# Basic security precautions
User $user
Group $group
ServerSignature Off
ServerTokens Prod
Timeout 45
LimitRequestBody 1048576
HostNameLookups Off
# Logging
ErrorLog $root/logs/error_log
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
CustomLog $root/logs/access_log combined
ServerName http://127.0.0.1:$port
Listen $port
DocumentRoot $htdocs
LogLevel warn
# Configure Mime types
DefaultType text/plain
TypesConfig $here/conf/mime.types
# Set document root
DocumentRoot $htdocs
DirectoryIndex index.html
# Protect server files
<Directory />
Options None
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<FilesMatch "^\.ht">
Order deny,allow
Deny from all
Satisfy Any
</FilesMatch>
# Allow access to document root
<Directory "$htdocs">
Options +SymLinksIfOwnerMatch
Allow from all
</Directory>
# Allow access to service components
<Location />
Options +SymLinksIfOwnerMatch
Allow from all
</Location>
# Setup HTTP virtual host
Listen $port
<VirtualHost _default_:$port>
</VirtualHost>
EOF

99
sca-cpp/trunk/modules/http/httpd-ssl-conf Executable file
View file

@ -0,0 +1,99 @@
#!/bin/sh
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# Generate a minimal HTTPD SSL configuration
here=`readlink -f $0`; here=`dirname $here`
root=`readlink -f $1`
port=$2
if [ "$port" != "80" ]; then
sslport=`echo "$port + 443" | bc`
else
sslport="443"
fi
host=`hostname -f`
# Extract organization name from our CA certificate
org=`openssl x509 -noout -subject -nameopt multiline -in $root/conf/ca.crt | grep organizationName | awk -F "= " '{ print $2 }'`
# Generate HTTPD configuration
cat >>$root/conf/httpd.conf <<EOF
# Redirect all HTTP traffic to HTTPS
<Location />
RewriteEngine on
RewriteCond %{SERVER_PORT} !^$sslport$
RewriteRule .* https://%{SERVER_NAME}:$sslport%{REQUEST_URI} [R,L]
</Location>
# Setup SSL support
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:$root/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLMutex "file:$root/logs/ssl_mutex"
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
# HTTPS virtual host
Listen $sslport
<VirtualHost _default_:$sslport>
# Enable SSL
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCACertificateFile "$root/conf/ca.crt"
SSLCertificateFile "$root/conf/server.crt"
SSLCertificateKeyFile "$root/conf/server.key"
BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
CustomLog "$root/logs/ssl_request_log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
# Require clients to present either:
# a certificate signed with our CA certificate of authority
# or a userid + password for HTTP basic authentication
<Location />
Satisfy Any
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +FakeBasicAuth
SSLRequireSSL
SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128 and %{SSL_CLIENT_I_DN_O} == "$org"
AuthType Basic
AuthName "$host"
AuthUserFile "$root/conf/httpd.passwd"
Require valid-user
</location>
</VirtualHost>
# Configure SCA SSL support
SCASSLCACertificateFile "$root/conf/ca.crt"
SCASSLCertificateFile "$root/conf/server.crt"
SCASSLCertificateKeyFile "$root/conf/server.key"
EOF
# Create test users for HTTP basic authentication
htpasswd -bc $root/conf/httpd.passwd admin admin 2>/dev/null
htpasswd -b $root/conf/httpd.passwd user password 2>/dev/null
htpasswd -b $root/conf/httpd.passwd test test 2>/dev/null
htpasswd -b $root/conf/httpd.passwd foo foo 2>/dev/null
htpasswd -b $root/conf/httpd.passwd bar bar 2>/dev/null

2
sca-cpp/trunk/modules/java/java-conf
View file

@ -22,6 +22,8 @@ here=`readlink -f $0`; here=`dirname $here`
root=`readlink -f $1`
cat >>$root/conf/httpd.conf <<EOF
# Support for Java SCA components
LoadModule mod_tuscany_eval $here/libmod_tuscany_java.so
EOF

2
sca-cpp/trunk/modules/python/python-conf
View file

@ -22,5 +22,7 @@ here=`readlink -f $0`; here=`dirname $here`
root=`readlink -f $1`
cat >>$root/conf/httpd.conf <<EOF
# Support for Python SCA components
LoadModule mod_tuscany_eval $here/libmod_tuscany_python.so
EOF

2
sca-cpp/trunk/modules/server/cpp-conf
View file

@ -22,5 +22,7 @@ here=`readlink -f $0`; here=`dirname $here`
root=`readlink -f $1`
cat >>$root/conf/httpd.conf <<EOF
# Support for C++ SCA components
LoadModule mod_tuscany_eval $here/libmod_tuscany_eval.so
EOF

66
sca-cpp/trunk/modules/server/mod-eval.hpp
View file

@ -53,15 +53,17 @@ namespace modeval {
*/
class ServerConf {
public:
ServerConf(server_rec* s) : s(s), home(""), wiringServerName(""), contributionPath(""), compositeName("") {
ServerConf(server_rec* s) : s(s), wiringServerName(""), contributionPath(""), compositeName(""), ca(""), cert(""), key("") {
}
const server_rec* s;
lambda<value(const list<value>&)> lifecycle;
string home;
string wiringServerName;
string contributionPath;
string compositeName;
string ca;
string cert;
string key;
list<value> implementations;
list<value> implTree;
};
@ -253,7 +255,7 @@ int handler(request_rec *r) {
const list<value> path(pathValues(r->uri));
const list<value> impl(assoctree<value>(cadr(path), sc.implTree));
if (isNil(impl))
return HTTP_NOT_FOUND;
return httpd::reportStatus(mkfailure<int>(string("Couldn't find component implementation")));
// Handle HTTP method
const lambda<value(const list<value>&)> l(cadr<value>(impl));
@ -273,14 +275,14 @@ int handler(request_rec *r) {
/**
* Convert a list of component references to a list of HTTP proxy lambdas.
*/
const value mkrefProxy(const value& ref, const string& base) {
return lambda<value(const list<value>&)>(http::proxy(base + string(scdl::name(ref))));
const value mkrefProxy(const value& ref, const string& base, const string& ca, const string& cert, const string& key) {
return lambda<value(const list<value>&)>(http::proxy(base + string(scdl::name(ref)), ca, cert, key));
}
const list<value> refProxies(const list<value>& refs, const string& base) {
const list<value> refProxies(const list<value>& refs, const string& base, const string& ca, const string& cert, const string& key) {
if (isNil(refs))
return refs;
return cons(mkrefProxy(car(refs), base), refProxies(cdr(refs), base));
return cons(mkrefProxy(car(refs), base, ca, cert, key), refProxies(cdr(refs), base, ca, cert, key));
}
/**
@ -323,7 +325,7 @@ const value evalComponent(ServerConf& sc, server_rec& server, const value& comp)
<< "/references/" << string(scdl::name(comp)) << "/";
else
base << sc.wiringServerName << "/references/" << string(scdl::name(comp)) << "/";
const list<value> rpx(refProxies(scdl::references(comp), str(base)));
const list<value> rpx(refProxies(scdl::references(comp), str(base), sc.ca, sc.cert, sc.key));
// Convert component proxies to configured proxy lambdas
const list<value> ppx(propProxies(scdl::properties(comp)));
@ -440,6 +442,21 @@ apr_status_t serverCleanup(void* v) {
* Called after all the configuration commands have been run.
* Process the server configuration and configure the deployed components.
*/
const int postConfigMerge(const ServerConf& mainsc, server_rec* s) {
if (s == NULL)
return OK;
ServerConf& sc = httpd::serverConf<ServerConf>(s, &mod_tuscany_eval);
sc.wiringServerName = mainsc.wiringServerName;
sc.contributionPath = mainsc.contributionPath;
sc.compositeName = mainsc.compositeName;
sc.ca = mainsc.ca;
sc.cert = mainsc.cert;
sc.key = mainsc.key;
sc.implementations = mainsc.implementations;
sc.implTree = mainsc.implTree;
return postConfigMerge(mainsc, s->next);
}
int postConfig(apr_pool_t *p, unused apr_pool_t *plog, unused apr_pool_t *ptemp, server_rec *s) {
extern const value applyLifecycle(const list<value>&);
@ -483,7 +500,8 @@ int postConfig(apr_pool_t *p, unused apr_pool_t *plog, unused apr_pool_t *ptemp,
// Register a cleanup callback, called when the server is stopped or restarted
apr_pool_pre_cleanup_register(p, (void*)&sc, serverCleanup);
return OK;
// Merge the config into any virtual hosts
return postConfigMerge(sc, s->next);
}
/**
@ -511,12 +529,6 @@ void childInit(apr_pool_t* p, server_rec* s) {
/**
* Configuration commands.
*/
const char* confHome(cmd_parms *cmd, unused void *c, const char *arg) {
gc_scoped_pool pool(cmd->pool);
ServerConf& sc = httpd::serverConf<ServerConf>(cmd, &mod_tuscany_eval);
sc.home = arg;
return NULL;
}
const char* confWiringServerName(cmd_parms *cmd, unused void *c, const char *arg) {
gc_scoped_pool pool(cmd->pool);
ServerConf& sc = httpd::serverConf<ServerConf>(cmd, &mod_tuscany_eval);
@ -535,6 +547,24 @@ const char* confComposite(cmd_parms *cmd, unused void *c, const char *arg) {
sc.compositeName = arg;
return NULL;
}
const char* confCAFile(cmd_parms *cmd, unused void *c, const char *arg) {
gc_scoped_pool pool(cmd->pool);
ServerConf& sc = httpd::serverConf<ServerConf>(cmd, &mod_tuscany_eval);
sc.ca = arg;
return NULL;
}
const char* confCertFile(cmd_parms *cmd, unused void *c, const char *arg) {
gc_scoped_pool pool(cmd->pool);
ServerConf& sc = httpd::serverConf<ServerConf>(cmd, &mod_tuscany_eval);
sc.cert = arg;
return NULL;
}
const char* confCertKeyFile(cmd_parms *cmd, unused void *c, const char *arg) {
gc_scoped_pool pool(cmd->pool);
ServerConf& sc = httpd::serverConf<ServerConf>(cmd, &mod_tuscany_eval);
sc.key = arg;
return NULL;
}
const char* confEnv(unused cmd_parms *cmd, unused void *c, const char *name, const char *value) {
gc_scoped_pool pool(cmd->pool);
@ -546,11 +576,13 @@ const char* confEnv(unused cmd_parms *cmd, unused void *c, const char *name, con
* HTTP server module declaration.
*/
const command_rec commands[] = {
AP_INIT_TAKE1("TuscanyHome", (const char*(*)())confHome, NULL, RSRC_CONF, "Tuscany home directory"),
AP_INIT_TAKE1("SCAWiringServerName", (const char*(*)())confWiringServerName, NULL, RSRC_CONF, "SCA wiring server name"),
AP_INIT_TAKE1("SCAContribution", (const char*(*)())confContribution, NULL, RSRC_CONF, "SCA contribution location"),
AP_INIT_TAKE1("SCAComposite", (const char*(*)())confComposite, NULL, RSRC_CONF, "SCA composite location"),
AP_INIT_TAKE12("SetEnv", (const char*(*)())confEnv, NULL, OR_FILEINFO, "Environment variable name and optional value"),
AP_INIT_TAKE12("SCASetEnv", (const char*(*)())confEnv, NULL, OR_FILEINFO, "Environment variable name and optional value"),
AP_INIT_TAKE1("SCASSLCACertificateFile", (const char*(*)())confCAFile, NULL, RSRC_CONF, "SSL CA certificate file"),
AP_INIT_TAKE1("SCASSLCertificateFile", (const char*(*)())confCertFile, NULL, RSRC_CONF, "SSL certificate file"),
AP_INIT_TAKE1("SCASSLCertificateKeyFile", (const char*(*)())confCertKeyFile, NULL, RSRC_CONF, "SSL certificate key file"),
{NULL, NULL, NULL, 0, NO_ARGS, NULL}
};

36
sca-cpp/trunk/modules/server/mod-wiring.cpp
View file

@ -48,12 +48,9 @@ namespace modwiring {
*/
class ServerConf {
public:
ServerConf(server_rec* s) : s(s), start(false), home(""), wiringServerName(""), contributionPath(""), compositeName("") {
ServerConf(server_rec* s) : s(s), contributionPath(""), compositeName("") {
}
const server_rec* s;
bool start;
string home;
string wiringServerName;
string contributionPath;
string compositeName;
list<value> references;
@ -147,6 +144,7 @@ int translateService(request_rec *r) {
// Find the requested component
const ServerConf& sc = httpd::serverConf<ServerConf>(r, &mod_tuscany_wiring);
debug(sc.services, "modwiring::translateService::services");
const list<value> p(pathValues(r->uri));
const list<value> svc(assocPath(p, sc.services));
if (isNil(svc))
@ -288,6 +286,17 @@ const bool confComponents(ServerConf& sc) {
* Called after all the configuration commands have been run.
* Process the server configuration and configure the wiring for the deployed components.
*/
const int postConfigMerge(const ServerConf& mainsc, server_rec* s) {
if (s == NULL)
return OK;
ServerConf& sc = httpd::serverConf<ServerConf>(s, &mod_tuscany_wiring);
sc.contributionPath = mainsc.contributionPath;
sc.compositeName = mainsc.compositeName;
sc.references = mainsc.references;
sc.services = mainsc.services;
return postConfigMerge(mainsc, s->next);
}
int postConfig(unused apr_pool_t *p, unused apr_pool_t *plog, unused apr_pool_t *ptemp, server_rec *s) {
// Count the calls to post config, skip the first one as
// postConfig is always called twice
@ -299,11 +308,12 @@ int postConfig(unused apr_pool_t *p, unused apr_pool_t *plog, unused apr_pool_t
// Configure the wiring for the deployed components
ServerConf& sc = httpd::serverConf<ServerConf>(s, &mod_tuscany_wiring);
debug(sc.wiringServerName, "modwiring::postConfig::wiringServerName");
debug(sc.contributionPath, "modwiring::postConfig::contributionPath");
debug(sc.compositeName, "modwiring::postConfig::compositeName");
confComponents(sc);
return OK;
// Merge the config into any virtual hosts
return postConfigMerge(sc, s->next);
}
/**
@ -321,18 +331,6 @@ void childInit(apr_pool_t* p, server_rec* svr_rec) {
/**
* Configuration commands.
*/
const char *confHome(cmd_parms *cmd, unused void *c, const char *arg) {
gc_scoped_pool pool(cmd->pool);
ServerConf& sc = httpd::serverConf<ServerConf>(cmd, &mod_tuscany_wiring);
sc.home = arg;
return NULL;
}
const char *confWiringServerName(cmd_parms *cmd, unused void *c, const char *arg) {
gc_scoped_pool pool(cmd->pool);
ServerConf& sc = httpd::serverConf<ServerConf>(cmd, &mod_tuscany_wiring);
sc.wiringServerName = arg;
return NULL;
}
const char *confContribution(cmd_parms *cmd, unused void *c, const char *arg) {
gc_scoped_pool pool(cmd->pool);
ServerConf& sc = httpd::serverConf<ServerConf>(cmd, &mod_tuscany_wiring);
@ -350,8 +348,6 @@ const char *confComposite(cmd_parms *cmd, unused void *c, const char *arg) {
* HTTP server module declaration.
*/
const command_rec commands[] = {
AP_INIT_TAKE1("TuscanyHome", (const char*(*)())confHome, NULL, RSRC_CONF, "Tuscany home directory"),
AP_INIT_TAKE1("SCAWiringServerName", (const char*(*)())confWiringServerName, NULL, RSRC_CONF, "SCA wiring server name"),
AP_INIT_TAKE1("SCAContribution", (const char*(*)())confContribution, NULL, RSRC_CONF, "SCA contribution location"),
AP_INIT_TAKE1("SCAComposite", (const char*(*)())confComposite, NULL, RSRC_CONF, "SCA composite location"),
{NULL, NULL, NULL, 0, NO_ARGS, NULL}

2
sca-cpp/trunk/modules/server/scheme-conf
View file

@ -22,5 +22,7 @@ here=`readlink -f $0`; here=`dirname $here`
root=`readlink -f $1`
cat >>$root/conf/httpd.conf <<EOF
# Support for Scheme SCA components
LoadModule mod_tuscany_eval $here/libmod_tuscany_eval.so
EOF

15
sca-cpp/trunk/modules/server/server-conf
View file

@ -21,9 +21,18 @@
here=`readlink -f $0`; here=`dirname $here`
root=`readlink -f $1`
mkdir -p $root
mkdir -p $root/logs
mkdir -p $root/conf
host=`cat $root/conf/httpd.conf | grep ServerName | awk '{ print $2 }'`
port=`cat $root/conf/httpd.conf | grep Listen | tail -1 | awk '{ print $2 }'`
ssl=`cat $root/conf/httpd.conf | grep "SSLEngine" | awk '{ print $2 }'`
if [ "$ssl" = "on" ]; then
protocol="https"
else
protocol="http"
fi
cat >>$root/conf/httpd.conf <<EOF
# Support for SCA component wiring
LoadModule mod_tuscany_wiring $here/libmod_tuscany_wiring.so
SCAWiringServerName $protocol://$host:$port
EOF

16
sca-cpp/trunk/modules/wsgi/httputil.py
View file

@ -18,9 +18,10 @@
# HTTP client proxy functions
from httplib import HTTPConnection
from httplib import HTTPConnection, HTTPSConnection
from urlparse import urlparse
from StringIO import StringIO
import os.path
from util import *
from atomutil import *
from jsonutil import *
@ -37,9 +38,20 @@ class client:
req = StringIO()
writeStrings(jsonRequest(id, func, args), req)
id = id + 1
c = HTTPConnection(self.uri.hostname, 80 if self.uri.port == None else self.uri.port)
print "HTTP connect:", self.uri.hostname
c = None
if self.uri.scheme == "https":
if os.path.exists("server.key"):
c = HTTPSConnection(self.uri.hostname, 443 if self.uri.port == None else self.uri.port, "server.key", "server.crt")
else:
c = HTTPSConnection(self.uri.hostname, 443 if self.uri.port == None else self.uri.port)
else:
c = HTTPConnection(self.uri.hostname, 80 if self.uri.port == None else self.uri.port)
print "HTTP connection:", c
c.request("POST", self.uri.path, req.getvalue(), {"Content-type": "application/json-rpc"})
res = c.getresponse()
print "HTTP response:", res
print "HTTP status:", res.status
if res.status != 200:
return None
return jsonResultValue((res.read(),))

6
sca-cpp/trunk/modules/wsgi/scdl.py
View file

@ -146,9 +146,9 @@ def uriToComponent(u, comps):
# Evaluate a reference, return a proxy to the resolved component or an
# HTTP client configured with the reference target uri
def evalReference(r, comps):
if not r.startswith("http://"):
return nameToComponent(r, comps)
return mkclient(r)
if r.startswith("http://") or r.startswith("https://"):
return mkclient(r)
return nameToComponent(r, comps)
# Evaluate a component, resolve its implementation and references
def evalComponent(comp, comps):

34
sca-cpp/trunk/test/store-cpp/ssl-start Executable file
View file

@ -0,0 +1,34 @@
#!/bin/sh
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
../../modules/http/httpd-ca-conf tmp
../../modules/http/httpd-cert-conf tmp
../../modules/http/httpd-conf tmp 8090 htdocs
../../modules/http/httpd-ssl-conf tmp 8090
../../modules/server/server-conf tmp
../../modules/server/cpp-conf tmp
cat >>tmp/conf/httpd.conf <<EOF
# Configure SCA Composite
SCAContribution `pwd`/
SCAComposite store.composite
EOF
../../components/cache/memcached-start
../../modules/http/httpd-start tmp

2
sca-cpp/trunk/test/store-cpp/start
View file

@ -21,8 +21,10 @@
../../modules/server/server-conf tmp
../../modules/server/cpp-conf tmp
cat >>tmp/conf/httpd.conf <<EOF
# Configure SCA Composite
SCAContribution `pwd`/
SCAComposite store.composite
EOF
../../components/cache/memcached-start

36
sca-cpp/trunk/test/store-java/ssl-start Executable file
View file

@ -0,0 +1,36 @@
#!/bin/sh
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
../../modules/http/httpd-ca-conf tmp
../../modules/http/httpd-cert-conf tmp
../../modules/http/httpd-conf tmp 8090 htdocs
../../modules/http/httpd-ssl-conf tmp 8090
../../modules/server/server-conf tmp
../../modules/java/java-conf tmp
cat >>tmp/conf/httpd.conf <<EOF
# Configure SCA Composite
SCAContribution `pwd`/
SCAComposite store.composite
EOF
export CLASSPATH=`pwd`/../../modules/java/libmod-tuscany-java-1.0.jar:`pwd`
../../components/cache/memcached-start
../../modules/http/httpd-start tmp

2
sca-cpp/trunk/test/store-java/start
View file

@ -21,8 +21,10 @@
../../modules/server/server-conf tmp
../../modules/java/java-conf tmp
cat >>tmp/conf/httpd.conf <<EOF
# Configure SCA Composite
SCAContribution `pwd`/
SCAComposite store.composite
EOF
export CLASSPATH=`pwd`/../../modules/java/libmod-tuscany-java-1.0.jar:`pwd`

34
sca-cpp/trunk/test/store-python/ssl-start Executable file
View file

@ -0,0 +1,34 @@
#!/bin/sh
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
../../modules/http/httpd-ca-conf tmp
../../modules/http/httpd-cert-conf tmp
../../modules/http/httpd-conf tmp 8090 htdocs
../../modules/http/httpd-ssl-conf tmp 8090
../../modules/server/server-conf tmp
../../modules/python/python-conf tmp
cat >>tmp/conf/httpd.conf <<EOF
# Configure SCA Composite
SCAContribution `pwd`/
SCAComposite store.composite
EOF
../../components/cache/memcached-start
../../modules/http/httpd-start tmp

2
sca-cpp/trunk/test/store-python/start
View file

@ -21,8 +21,10 @@
../../modules/server/server-conf tmp
../../modules/python/python-conf tmp
cat >>tmp/conf/httpd.conf <<EOF
# Configure SCA Composite
SCAContribution `pwd`/
SCAComposite store.composite
EOF
../../components/cache/memcached-start

34
sca-cpp/trunk/test/store-scheme/ssl-start Executable file
View file

@ -0,0 +1,34 @@
#!/bin/sh
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
../../modules/http/httpd-ca-conf tmp
../../modules/http/httpd-cert-conf tmp
../../modules/http/httpd-conf tmp 8090 htdocs
../../modules/http/httpd-ssl-conf tmp 8090
../../modules/server/server-conf tmp
../../modules/server/scheme-conf tmp
cat >>tmp/conf/httpd.conf <<EOF
# Configure SCA Composite
SCAContribution `pwd`/
SCAComposite store.composite
EOF
../../components/cache/memcached-start
../../modules/http/httpd-start tmp

2
sca-cpp/trunk/test/store-scheme/start
View file

@ -21,8 +21,10 @@
../../modules/server/server-conf tmp
../../modules/server/scheme-conf tmp
cat >>tmp/conf/httpd.conf <<EOF
# Configure SCA Composite
SCAContribution `pwd`/
SCAComposite store.composite
EOF
../../components/cache/memcached-start

2
sca-cpp/trunk/test/store-wsgi/app.yaml
View file

@ -44,7 +44,9 @@ handlers:
- url: /(.*\.(html|png))
static_files: htdocs/\1
upload: htdocs/(.*\.(html|png))
secure: always
- url: /.*
script: composite.py
secure: always

8
sca-cpp/trunk/test/store-wsgi/domain-frontend.composite
View file

@ -28,13 +28,13 @@
<t:binding.http uri="store"/>
</service>
<reference name="catalog">
<t:binding.http uri="http://sca-store-backend/catalog"/>
<t:binding.http uri="https://sca-store-backend.appspot.com/catalog"/>
</reference>
<reference name="shoppingCart">
<t:binding.http uri="http://sca-store-backend/shoppingCart"/>
<t:binding.http uri="https://sca-store-backend.appspot.com/shoppingCart"/>
</reference>
<reference name="shoppingTotal">
<t:binding.http uri="http://sca-store-backend/shoppingCart"/>
<t:binding.http uri="https://sca-store-backend.appspot.com/shoppingCart"/>
</reference>
</component>
@ -56,7 +56,7 @@
<t:binding.jsonrpc uri="total"/>
</service>
<reference name="cache">
<t:binding.http uri="http://sca-store-backend.appspot.com/cache"/>
<t:binding.http uri="https://sca-store-backend.appspot.com/cache"/>
</reference>
</component>