[Freeipa-devel] [PATCH] jderose 017 Giant WebUI patch part 1
Dmitri Pal
dpal at redhat.com
Tue Sep 8 21:43:09 UTC 2009
Rob Crittenden wrote:
> Jason Gerard DeRose wrote:
>> This is a big patch to get everyone synced up with what I'm doing on
>> the webUI.
>> The Engine is currently *very* dumb because I need to tare through a
>> bunch of
>> plugin metadata, make a lot of changes, but doing that is likely
>> going to make
>> merging any outstanding patches too difficult, break any work in
>> progress. I
>> even I backed out some crazier changes I had made, realizing the
>> headache I was
>> inviting.
>>
>> So what I propose is acking this and acking any other outstanding
>> patches, and
>> then quickly making the needed metadata changes in a coordinated
>> fashion (read:
>> Rob, Pavel, and I staying pretty much lock-step for a few days). The
>> metadata
>> changes aren't a lot of work, but they are very disruptive as they
>> will change
>> the plugin API slightly and will affect every Command and Object
>> plugin we have
>> (which by my count is currently 108 plugins).
>>
>> Some highlights:
>>
>> * lite-xmlrpc.py and lite-webui.py have been replaced by the new
>> lite-server.py
>> script, which mounts XML-RPC, JSON-RPC, and the WebUI all on the
>> same paths
>> as they would be under Apache (but on a different port).
>>
>> * Per above, the default xmlrpc_uri is now http://localhost:8888/ipa/xml
>>
>> * The IPA server is now a WSGI application. A few pieces still are
>> missing, most
>> notably running all this under Apache, but it's 90% there.
>> Currently under
>> Apache things will still run the same as before, just XML-RPC and
>> not through
>> the new Backend.xmlserver WSGI interface. Because IPA is a WSGI
>> app, I think
>> we should strongly consider running IPA under mod_wsgi instead of
>> mod_python,
>> although running under mod_python is still possible with a
>> mod_python <=> WSGI
>> adapter.
>>
>> * For flexibility and to ease debugging, the XML-RPC and JSON-RPC
>> services can
>> now also be called via GET or POST query strings. For example:
>>
>> http://localhost:8888/ipa/json/user_add?givenname=Jason&sn=DeRose
>>
>> Or
>>
>> http://localhost:8888/ipa/xml/user_add?givenname=Jason&sn=DeRose
>>
>> Is the same as:
>>
>> api.Command.user_add(givenname='Jason', sn='DeRose')
>>
>> * In theory, lite-server.py supports SSL, but there is a bug in paste
>> 1.7.2 that
>> prevents it from working under Python 2.6. To turn on SSL, just
>> place a PEM
>> format cert at ~/.ipa/lite.pem
>>
>>
>> Anyway, this gives everyone something to play with/review till I get
>> back from
>> PTO on Thursday.
>>
>> Cheers,
>> Jason
>
> Have a bunch of questions/issues before I can ack this:
>
> - We need to get the wehjit library accepted into Fedora ASAP
> - There is a change to ipa-server-install that reverts your previous
> patch, 016
> - This patch includes the previous SSO patch that we can't commit
> until we get an alternative for the Crypto package on some distros
> - Is it going to be confusing to register the jsonserver in a file
> named xmlserver.py?
> - in rpcserver.py::extract_query(environ) should an error be raised if
> these conditions aren't met? For example, you do a POST and the
> content-type isn't application/x-www-form-urlencoded
>
> Otherwise looks ok. I'm not opposed to switching to WSGI as long as we
> have feature parity.
>
> rob
How the addition of the wehjit library affects our ability to run on
RHEL 5.5?
> ------------------------------------------------------------------------
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
--
Thank you,
Dmitri Pal
Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-devel
mailing list