[Dart] more secure submission

Blezek, Daniel J (GE, Research) blezek at crd.ge.com
Tue Nov 21 09:56:07 EST 2006 

Hi Darby,

  In principle all three of your options are feasible.

Some thoughts:

1) SCP is the easiest.  We could setup a submission method on Dart to
watch a directory and import any XML it finds.  The difficulty is to
grab the submission when it's finished scp'ing, and not in the middle.
This lack of a "trigger" mechanism makes this option a bit hard.  We
could just wait for the file to not have changed size for some timeout
period before declaring it submitted, but that could be problematic.
I'm not sure anyone has a scp "server" for Java.

2) This might be best for the short term.  I'm sure that Apache has a
ton more documentation on SSL configuration than Jetty.

3) This is the best possible way, but requires some significant head
scratching.  This page gives most of the clues:
http://docs.codehaus.org/display/JETTY/How+to+configure+SSL  However, we
don't use the Jetty configuration files, we make the calls directly in
Java.  I think this would be do-able, but I'm not sure when we could get
to this.  Jim has the most experience.

Regards,
-dan



-----Original Message-----
From: dart-bounces+blezek=crd.ge.com at public.kitware.com
[mailto:dart-bounces+blezek=crd.ge.com at public.kitware.com] On Behalf Of
Darby J Van Uitert
Sent: Tuesday, November 21, 2006 9:41 AM
To: dart at public.kitware.com; cates >> Joshua Cates
Subject: [Dart] more secure submission

Hi,

I am using Dart2 for our dashboard, which submits over http using
xml-rpc. We want it be more secure (run over https or use scp) and I was
wondering how other groups are dealing with this. I can think of a
couple solutions:

  1) Use scp as the submission method. Is this implemented for Dart2 and
using ctest to submit? If so, can someone give me an example of the
CTestConfig.cmake file? Also, if we go this route, does each person
submitting need a username and password?

  2) Use Apache instead of the embedded Jetty web server and use a self
signed ssl certificate. Is anyone currently doing this? I've read
through the documentation regarding using Apache to proxy requests to
Dart. I believe with this approach, we can also force people to use a
username and password.

  3) Add an additional servlet to Dart. This is the one I know the least
about.

I'm hoping to get around requiring a username and password since we want
people outside of our group to easily be able to submit to our
dashboard. Any insights or suggestions would be appreciated. Thanks.

   -darby j

--
Darby J Van Uitert
SCI Institute
University of Utah
Email: darbyb at sci.utah.edu
Phone: (301) 528-8469


_______________________________________________
Dart mailing list
Dart at public.kitware.com
http://public.kitware.com/mailman/listinfo/dart

More information about the Dart mailing list