No Huddle Offense

"Individual commitment to a group effort-that is what makes a team work, a company work, a society work, a civilization work."

Deploying your (RESTful) python app in a PKI secured environment

August 1st, 2010 • 4 Comments

Now assume you have written an RESTful python application which you want to deploy in a secure manner. Many environments use a PKI security setup using X509 certificates. The good news is that you can do this. Install apache and the mod_wsgi module. On an Ubuntu Server a apt-get install libapache2-mod-wsgi apache2 will do.

Now simply add a site to your apache2 configuration – Normally located in /etc/apache2/sites-available:

WSGIPythonPath <python path>
    
    Listen 81
    NameVirtualHost *:81
    <VirtualHost *:81>
        ServerAdmin root@localhost
        ServerName localhost
    
        SSLEngine on
        SSLCertificateFile <path to cert>/newcert.pem
        SSLCertificateKeyFile<path to cert>/newkey.pem
        SSLCACertificateFile <path to cert>/cacert.pem
        SSLVerifyClient require
        SSLVerifyDepth 2
    
        SSLOptions +StdEnvVars
    
        WSGIScriptAlias / /<path to your service>/service.py
    
        ErrorLog /var/log/apache2/service.error.log
        CustomLog /var/log/apache2/service.log common
    </VirtualHost>

That’s it! The python app is now available on localhost:81 – Apache will ensure that the client certificate is authenticated against the CA! The statement SSLOptions +StdEnvVars ensures that the according headers are forwared to your python application so you also verify the user by his DN defined in the certificate.

A pythonic note to myself

February 19th, 2010 • Comments Off on A pythonic note to myself

How to find the unique elements of two lists:

def unique(self, a, b):
        return [item for item in a if item not in b]

Making python 5x faster

March 27th, 2009 • Comments Off on Making python 5x faster

Google’s Python engineers have launched a new project called Unladen Swallow that seeks to improve the performance of the Python programming language. One of the project’s goals is to replace the Python virtual machine with an LLVM-based JIT.

Source: http://arstechnica.com/open-source/news/2009/03/google-launches-project-to-boost-python-performance-by-5x.ars

http://code.google.com/p/unladen-swallow/

Inspecting the integrity of your source code.

February 26th, 2009 • Comments Off on Inspecting the integrity of your source code.

Software projects grow over time. They get bigger, more stuff is added, patches added and bugs fixed. New features added, and removed and code removed. But who keeps track of the changes and ensures that your source code repository stays clean? That they are no old undeleted files, no missing unittest, that all dependecies are correct? In short: that they are no broken windows (link) and a nice clean environment a engineer can checkout, compile and run within minutes? 

I’m using the ReInCheck tool for that. Currently it is customized to support a multi module maven project which consists of OSGi bundles. But it should be easy to adopt it to your needs.

Python wins again

February 18th, 2009 • Comments Off on Python wins again

logo

The site linuxquestions.org asked what the programming language of the year should be – And again python wins: http://www.linuxquestions.org/questions/2008-linuxquestions.org-members-choice-awards-83/programming-language-of-the-year-695662/