Question

With AppScale with is there a facility with AppScale to "secure" an application deployed with it, that is for instance an application can only be accessed through some sort of secure connection?

So we won't have to put too much security logic (like Spring security) on the application, especially to those apps that the sole purpose is to provide Restful key-value access to the datastore like this: http://bit.ly/RvLUTw and http://bit.ly/PTZkW. And the purpose is not really a web application but a "datastore appliance."

Was it helpful?

Solution

Sure, since AppScale just runs Google App Engine apps, anything that you do for an App Engine app works when running on AppScale. If by "secure connection" you mean HTTPS, then you could take your app.yaml file and add secure:always on each route to force HTTPS. Here's an example:

handlers:

- url: /youraccount/.*
  script: accounts.py
  login: required
  secure: always

If by "secure connection" you mean authenticated access, you can use the Users API to restrict access to logged in users or users on a white-list. If you need it to be programmatically accessed, you can log in to the AppLoadBalancer via your script (as it has a RESTful interface), save the cookie it gives you, and then use that when you make requests to your app.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top