[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] Re: [RFC][PATCH] Secure XML-RPC for Xend
On Thu, Jun 08, 2006 at 09:13:17PM -0500, Anthony Liguori wrote: > The following patch implements a secure XML-RPC protocol for Xend. > Instead of using HTTPS with basic authentication and dealing with all > that nasty OpenSSL/PAM integration, it just uses SSH. This gives you > all the properties you want (great security and PAM integration) with > very little code. Are there any plans to make the XML-RPC interface easily accessable for things other than xm? Although HTTPS (I'd use client certs rather than basic auth, but that's even worse from a PAM integration PoV) is more overhead, it's at least platform-independent. I've been doing a bit of poking into using XML-RPC to control Xend from Ruby, and it's a hassle. Adding an SSH tunnel layer over the top is going to be even more of a nightmare. My workaround at the moment is to create a higher-level interface to control Xend -- it's SOAP over HTTPS (with client certs to perform authentication and, eventually, authorization). I'm using SOAP simply because it's got WSDL. The interface is a lot simpler (very, very few S-expressions to deal with), so it'll probably still exist even if Xend gets a more advanced XML-RPC layer, but it'd save me some fiddling if I could poke Xend's XML-RPC securely without needing to grub around for a Unix socket. - Matt _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |