[Buildbot-devel] Re: [Python-Dev] buildbot

[Stephen Davis]

On Jan 10, 2006, at 10:16 AM, Brian Warner wrote:

>> I have security concerns as well, but not in buildbot itself.  My
>> project is restricted even withinz the company I work for so I need
>> the buildbot web server to only be available to certain people.
>> HTTPS access would be nice too.  TwistedWeb doesn't seem to have
>> support for either HTTPS or authentication so I've been forced to
>> "hide" it by putting it on a non-standard port.  Very weak.
>
> Actually twisted-web provides pretty good support for both SSL and
> password-based authentication, but my own web skills are too weak  
> to really
> figure out how to take advantage of them. I've been hoping to  
> address this in
> the "web status page cleanup" item on the TODO list, but other bugs  
> and
> features keep getting in the way.
>
> There are a couple of examples of setting up an HTTPS website in  
> the twisted
> docs, in case you're interested. I think the changes would only  
> have to go
> into Waterfall.setup, probably just replacing the internet.TCPServer 
> () call
> to something involving SSL.

Interesting.  Where are these docs?  Last time I searched the  
TwistedWeb docs, there was no mention of SSL whatsoever.

> The authentication stuff is called "guard", and I think it would  
> involve
> inserting an additional password-checking resource between the top- 
> level
> server.Site and the primary html.StatusResource object. But, as I  
> said, my
> twisted-web-foo is not strong, so I could be completely wrong about  
> this.

I see "Guard" now but did not realize what that meant when I was  
looking for authentication.  Where is the "funny twisted name = thing  
you're looking for" glossary?  :-)

Regardless, my Apache foo is better than my Twisted foo and setting  
up a reverse proxy will probably integrate more cleanly in my  
environment anyway so I'll probably stick with that.

stephen