PowerPointPrsentation - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

PowerPointPrsentation

Description:

XML based. Defined as exchange of XML objects. Schema definition available ... Apache 2.0 design. Hooks at every stage of connection and request handling. ... – PowerPoint PPT presentation

Number of Views:40
Avg rating:3.0/5.0
Slides: 18
Provided by: moni56
Category:

less

Transcript and Presenter's Notes

Title: PowerPointPrsentation


1
mod_epp Bringing EPP to Apache 2.0
Otmar Lendl lendl_at_nic.at
2
Extensible Provisioning Protocol
  • XML based
  • Defined as exchange of XML objects
  • Schema definition available
  • Simple mapping on TCP
  • SSL/TLS recommended
  • Client toolkits are available

3
Implementing an EPP server
  • Obvious challenges
  • XML schema verification
  • Security Layer
  • Obvious solutions
  • Easy use Xerces library
  • Easy use openssl

Tempting Use Open Source Toolbox roll your own
4
Challenges (2)
  • Not so obvious issues
  • Build system
  • Portability
  • Configuration infrastructure
  • Logging subsystem
  • Interface between EPP frontend and backend logic
  • Performance? (Multithreading / Pre-forking?)

5
Apache 2.0 design
  • Hooks at every stage of connection and request
    handling.
  • Configurable input and output filters.
  • HTTP handling is just a module which can be (and
    has been) replaced.
  • Modules can be loaded and configured at runtime
    by a single configuration file.

Lets use Apache 2.0 as foundation!
6
Benefits
  • Solves most of the challenges (software
    infrastructure, SSL, XML except schema support)
  • Handling Apache requests is a well-known problem
    (cf. CGI, PHP, mod_perl, server-side Java)

7
Architecture Overview
8
Implementation
  • 1500 lines of C code
  • No patches to Apache code
  • Loaded at runtime
  • Configurable via httpd.conf
  • Does not interfere with HTTP operation

9
Script interface
  • Incoming XML objects are passed to the request
    handler as HTML form input.
  • EPP authentication is mapped to HTTP
    authentication All Apache Authentication
    mechanisms are available.
  • Session state (login/logout) is done in mod_epp.
  • Output from scripts is framed by mod_epp
    according to the EPP/TCP standard.

10
Script example
  • !/usr/bin/perl
  • use CGI qw/standard/
  • q new CGI
  • print "Content-Type text/xml\r\n\r\n"
  • my cltrid q-gtparam("clTRID")
  • my eppxml q-gtparam("frame")
  • print "lt!- received eppxml --gt
  • ...

11
Basic Configuration
  • LoadModule epp_module \
  • modules/mod_epp.so
  • Listen 3121
  • ltVirtualHost 3121gt
  • EPPEngine On
  • lt/VirtualHostgt

12
Configuration (cont.)
  • EPPCommandRoot /epp/command
  • EPPSessionRoot /epp/session
  • EPPErrorRoot /epp/error
  • EPPVersion 7
  • version 6 and 7 of ltlogingt are
  • supported
  • This will map e.g. an EPP lttransfergt command to
    the local URI /epp/command/transfer.

13
Authentication
  • EPPAuthURI /epp/auth/login
  • ltLocation /epp/authgt
  • AuthType Basic
  • AuthName "EPP"
  • AuthUserFile .../htpasswd
  • require valid-user
  • lt/Locationgt

14
SSL Support
  • Listen 3121
  • ltVirtualHost 3121gt
  • EPPEngine On
  • SSLEngine On
  • SSLCiphersuite ...
  • SSLCertificateFile ...
  • ...
  • lt/VirtualHostgt

15
CGI Configuration
  • The actual EPP logic can be in local CGI scripts
    ...
  • EPPCommandRoot /epp/c
  • ScriptAlias /epp/c/ .../scripts/epp-c/

16
Reverse Proxy Configuration
  • ... or implemented somewhere else,
  • EPPCommandRoot /proxy/command
  • ProxyPass /proxy/ http//somewhere/epp/
  • while EPP errors are handled locally
  • EPPErrorRoot /cgi-bin/epp-errors

17
Try it!
  • Source code is available at
  • http//sourceforge.net/projects/aepps/
  • mod_epp is distributed under the Apache licence.
  • We rate the current version as early beta
    software.
  • Comments (and patches!) are welcome!
Write a Comment
User Comments (0)
About PowerShow.com