I have been looking at multiple sources and can't seem to get a good answer. I am trying to deploy a very simple app that displays information from a mongodb, accepts post data for input, uses SSL, and AD for Authentication.
I am using bottle with python 2.7, mongodb, on a windows 64-bit platform. I can switch to CentOS if that is completely necessary.
So far, none of the very few tutorials out there seem to work on my current configuration. Is what I'm asking for possible? Should I switch to a different framework?
tldr:
Can you run a bottle application with SSL and AD integration?
If not, what python framework would be nearly as easy and still have this functionality.
edit: I found this for flask. Could it work with bottle? Also, can it be done on windows?
There are definitely ways to accomplish your goal of having bottle use SSL + AD on windows.
SSL with bottle:
https://github.com/nickbabcock/bottle-ssl
http://dgtool.blogspot.com/2011/12/ssl-encryption-in-python-bottle.html
bottle on cherrypy server + ssl
python with AD (as well as information on windows specifically):
Authenticating against active directory using python + ldap
https://gist.github.com/ibeex/1288159
If you wanted to use session management for authentication you could pair the AD with bottle middleware such as beaker: bottle hooks with beaker session middleware and checking logins
Bottle itself does not have built in abilities to deal with SSL that I know of like flask. But the last SSL link above shows similar simple useability.
Related
I have task to create SSO (single sign-on) authorization in Python backend application with the help of Kerberos and Active Directory.
In other words, frontend application make AJAX GET request of the specific URL of the backend application. That backend application must return information about employee in JSON format.
What I have done so far:
1) SPN name for the backend application was created in Active Directory.
2) krb5.keytab file for the backend application was created.
3) Active Directory and Kerberos server located on remote Windows server.
4) Backend application would be in Linux Docker container.
5) I install Kerberos client to Docker container.
6) Kerberos Realm: SERVICE.LOCAL.
7) Hostname for the KDC Server: CS001, CS002, CS003.
Have you ever seen any implementations of the above process in Python? I will be grateful for any help.
You have 2 ways to handle this:
Handle it directly in Python
Handle it in a proxy such as apache or nginx
Pure Python Solution
If you don't have a proxy or just want to handle it in python anyway, I recommend using the python-gssapi library. Here's a code sample. There are other Python bindings but from my reading, this one seems to be the most complete.
Note, if you handle it this way, your python server will probably need to be able to respect the keep-alive header (i.e. re-use the same connection for multiple requests). This isn't strictly part of the SPENGO protocol, but most browsers seem to require that the server implements it.
Proxy Solution
If you're using apache, there's a mod_auth_kerb module you can use which is well documented. There's also a mod_auth_gssapi which provides similar functionality.
For nginx, there's a similar module available.
With any of these proxy solutions, the idea is that the proxy handles Kerberos auth, and sets the REMOTE_USER env variable for your python app. So your python app needs to be able to accept this variable as an authenticated user. Django has middleware specifically for that purpose - I'm not sure about Flask (I mention these 2 frameworks because they're in your question's tags).
I been using python to create an web app and it has been doing well so far. Now I would like to encrypt the transmission of the data between client and server using https. The communication is generally just post form and web pages, no money transactions are involve. Is there anything I need to change to the python code except setting the server up with certificate and configurate it to use https? I see a lot of information regarding ssl for python and I not sure if I need those modules and python setup to make https work.
Thanks
Typically, the ssl part for Python web app is managed by some frontend web server like nginx, apache or so.
This does not require any modification of your code (assuming, you are not expecting user to authenticate by ssl certificate on client side, what is quite exotic, but possible scenario).
If you want to run pure Python solution, I would recommend using cherrypy, which is able providing rather reliable and performant web server part (it will be very likely slower then served behind nginx or apache).
About to embark on a Java project using Spring Security to create a Restful Web Service (JSON) that will use Kerberos authentication to authenticate users in Active Directory.
I'm not locked into using Java and am considering the use of Python to gain new skills and look at potential alternative platforms.
So far I have looked at Twisted and Web2Py but they don't seem to have support for Kerberos nor could I find information around implementing Kerberos support.
Does anyone know of frameworks supporting the above deployment or pointers to get me started?
Python Eve is a restful api written in Python that uses mongo as its backend.
It provides a simple class that you can use to implement your own authentication which would allow you to use the python kerberos module
I use this setup but with ldap instead of kerb.
The underlying web framwork behind eve is Flask.
I am developing my web app with Python 2.7 + Bottle. Everything is great and python is an amazing language coming from ASP.NET. I am building a web application that needs to use real-time client/server communication and socket.io for node.js comes to mind.
I wanted to know how can I implement socket.io-like using Python + bottle. I've read this article on bottle, but I can't still seem to understand how it works - what I need to install, and how all works out (code examples?).
I really need that for my next web application but need help in understanding what I need to put in my project in order for it to work. I have no problem working with 'preview' codes which aren't stable release yet. I'm developing on Windows platform. Thanks.
I also want to know if its scalabe. whether I can use redis in the back so all calls will be sync when running my website on several servers, so when one client send data, all the other clients connected to the other servers will get it to.
maybe websocket can help you,many modern browser support this protocol,but bottle.py don't support it now,you can get some idea from tornado.websocket and some answer here
cause every connection can be saved,so i guess it can run on several servers,but i never implement.
since bottle is micro framework,you should do something by yourself.
Is there any lightweight mvc webframework which is not necessary to install to the server?
I need something simple, that i could just copy to the shared hosting. And it must handle urls other that localhost/test.py, something like this localhost/Blog/test
You should probably check out Flask or Bottle, two nice Python microframeworks. With an appropriate "main" Python script (to initialize your app and dispatch requests to it) and mod_rewrite rules in place, you can probably get pretty close to your goal of "just copy[ing] to the shared hosting" with nice URLs.
Flask has good documentation on deploying via CGI, which is what you might have to use on your shared host. (If your host supports FastCGI or mod_wsgi, those deployment options would be preferable.)
Checkout web2py. Seems to be about the simplest python based webserver I can think of.
Django might do, it's hefty, but it comes with it's own development server.
web2py includes everything (ssl-enabled web server, sqlite sql based transaction safe database, web based Integrated Development Enviroment, web based database interface) in one package. The web2py binaries for windows and mac also include Python itself. web2py does not require configuration or installation and can run off a usb drive. It was originally developed as a teaching tool for MVC.
checkout https://github.com/salimane/bottle-mvc or https://github.com/salimane/flask-mvc . They are boilerplates that could get you started with controllers, models in separate folders. They are based on bottle and flask micro frameworks, no useless features, they give you the flexibility to plugin whatever modules you want.