This is correct, XCC/XDBC uses a variant of HTTP
for its transport protocol. But the format of the
information transferred is very different. In Danny's
example, an HTTP request returns the simple string
"Hello World". An XCC request wraps the string with
other information that is parsed by the XCC client
to form a result sequence. XCC also implements a type
system for representing XQuery values in Java or C#.
NB: The fact that XCC/XDBC uses HTTP as its transport
is an implementation detail. We do not document the
protocol and we reserve the right to change or replace
it with something else in the future.
Neither HTTP nor XBDC app servers currently support
SSL encryption. We've focused our engineering resources
on adding new product-specific features. There are
several off-the-shelf solutions that provide securing
tunneling or proxy, such as ssh, stunnel or the Apache
reverse proxy that Danny mentioned.
In particular, XCC/XDBC is usually deployed behind
the firewall, were MarkLogic Server and an app container
are on a secure high-speed LAN. Connecting across the
open internet with XCC should always go through a
secure tunnel.
On Jun 2, 2008, at 9:45 AM, Danny Sokolsky wrote:
Hi Travis,
You use an HTTP server to execute XQuery code that is stored in
modules,
either in a database or on the filesystem (depending on
configuration).
The HTTP server executes the code when the path to the module is
accessed via a browser over standard HTTP. This is analogous to
accessing a web page over a standard HTTP server or to accessing a jsp
page over a Java App Server.
The XDBC server is used to run XCC programs and execute those against
MarkLogic Server. It does use HTTP to transmit its messages to the
server, but does so using a different wire protocol than standard
HTTP.
Both MarkLogic Server and the XCC client libraries (Java and .Net)
understand XDBC.
For example, consider the following XQuery program:
"Hello World"
If you put this in a file named test.xqy under an HTTP app server root
with the following settings:
root: c:\myroot
port: 8888
modules: file system
Therefore, you would put that file in:
c:\myroot\test.xqy
Then if you hit http://localhost:8888/test.xqy with a browser, you
would
see the results of your query (The string: Hello World).
In order to execute this same thing if the above setup were an XDBC
server, you would have to write a Java or .Net program that invoked
the
test.xqy module.
As far as putting https in front of either an XDBC or HTTP server, you
can do that using some other proxy server (like apache) or by some
other
means. For a tutorial about using Apache with MarkLogic server, see
http://xqzone.marklogic.com/howto/tutorials/2004-09-cisapache.xqy.
-Danny
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Travis
Spencer
Sent: Sunday, June 01, 2008 7:51 PM
To: General Mark Logic Developer Discussion
Subject: [MarkLogic Dev General] XCC and HTTP
Good Evening All,
I noticed something in the MLS logs the other day that made we wonder
if XCC was transporting over HTTP. I checked with WireShark and found
that it is. Now, I'm confused. When should one use an HTTP app
server and when should one use XCC? What additional value is XCC
providing? Also, it seems that XCC is transmitted the base64 encoded
credentials in the clear which I was easily able to sniff and decode.
Can XCC be configured to use HTTPS, so that this isn't possible?
--
Regards,
Travis Spencer
_______________________________________________
General mailing list
[email protected]
http://xqzone.com/mailman/listinfo/general
_______________________________________________
General mailing list
[email protected]
http://xqzone.com/mailman/listinfo/general
---
Ron Hitchens [EMAIL PROTECTED] 650-655-2351
_______________________________________________
General mailing list
[email protected]
http://xqzone.com/mailman/listinfo/general
