Hi Stephen,
Thank you very much for you response. Are you saying I just need to
use "https" connection in python like following:
>>> conn = httplib.HTTPSConnection('xxxx.appspot.com')
>>> conn.putrequest('POST', 'xxxx.appspot.com')
>>> conn.putheader('Content-Length', str(len(packet_send)))
>>> conn.putheader('Content-Type', 'text/plain; charset="utf-8"')
>>> conn.endheaders()
>>> conn.send(packet_send)
How the authentication at the server part is done without giving any
user name and password?
My current situation is I would like to have both python apps, one at
client end one at the server (GAE) end to communicate with each other
by sending data from client to server over https channel, but I am not
sure what is the appropriate way to implement such secure data
transmission. Would you be able to be specific please?
Many thanks,
Best regards,
Ruoshui
On 7月28日, 下午5时36分, Stephen Johnson <onepagewo...@gmail.com> wrote:
> Hi Ruoshui,
> You're app can use "https" regardless of whether or not you use any type of
> login authentication. "https" causes the http data transmission to be
> encrypted, it doesn't have anything to do with actually logging in to your
> app or not. So, when your python app makes the "http" request, replace it
> with an "https" url instead. If in addition, you want to make sure that your
> client-side app is the only one sending data to it just as a precaution then
> just add a "password/identifier" to the request that the server validates
> and have some mechanism to change this on both the client and server side,
> but it doesn't sound like that is even necessary from what your saying, the
> company just doesn't want the data sent over the internet in plain text. You
> can check that requests are being sent over https by checking the Quota
> Details page once you've made the changes to your client-side app. You
> could also add to your request handlers on the server-side that any
> communication that isn't https be rejected as a further precaution.
>
> Stephen
> CortexConnect
> cortexconnect.appspot.com
>
>
>
>
>
>
>
> On Thu, Jul 28, 2011 at 4:35 AM, liu <ruos...@aquamw.com> wrote:
> > Hi all,
>
> > Currently, we are deploying a wireless sensor network at one of
> > international leading semiconductor companies in UK to monitor the
> > efficiency of their facilities. We are building a non web based python
> > application which is residing on GAE. The situation is this:
>
> > I have built another non web based python application on a remote PC
> > to gather the data from the wireless sensor network and send those
> > information via https to the python application on GAE, and put them
> > into the google data store.
>
> > Our customer require the https for the data communication. My current
> > strategy is using what GAE suggests "login" and "secure" features
> > enables in app.yaml file, but I think this is for the web based
> > application authentication, is that right?
>
> > The question is I have no problem for sending data from python app at
> > PC end to GAE without authentication, but if this is enabled, the
> > python can't be able to send data to GAE even I logged in using admin
> > account in the web browser. So I think logging in from web using my
> > Google account will enable the non web based python application to be
> > authorised for data communication over https. Am I right?
>
> > I have looked at OAuth, but it seems to me I still need to do the web
> > sign-in before the data consumer app can act on behalf of users. In
> > addition, my understanding is that the data consumer app is also web
> > based.
>
> > Can anyone make some suggestions for our specific situation please?
> > How to make the auto sign-in for the data communication over https
> > between two non web based python apps?
>
> > Thank you very much.
>
> > Best regards,
>
> > Ruoshui
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Google App Engine" group.
> > To post to this group, send email to google-appengine@googlegroups.com.
> > To unsubscribe from this group, send email to
> > google-appengine+unsubscr...@googlegroups.com.
> > For more options, visit this group at
> >http://groups.google.com/group/google-appengine?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com.
To unsubscribe from this group, send email to
google-appengine+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-appengine?hl=en.
