When you say "not so long ago" it sounds like the exception-with-
random-bytes issue has since been fixed? I'll have to try this out!
The other things you mention can be handled from within the thrift-
based service handler but yes, thrift is not an out-of-the-box
solution for everything.
FWIW, I'm using iptables for incoming connection limiting [1],
fail2ban [2] for temporarily banning clients that are misbehaving, and
homebrew stuff for authentication, replay attacks, etc.
[1] http://www.debian-administration.org/articles/187
[2] http://www.fail2ban.org/wiki/index.php/Main_Page
On Apr 27, 2009, at 3:24 PM, Ted Dunning wrote:
Swaroop,
Thrift is generally best for internal consumption. If you expose an
API to
the wild world, you need more than just a JSON translator. You also
need
anti-spoofing measures, transaction rate limits, authentication and
input
verification. Raw thrift is really pretty raw and not so long ago,
it was
pretty easy to get an Exception by just sending random bytes to a
Thrift
server.
That said, if *all* you care about is the JSON/Thrift translation,
jabsorb+thrift looks pretty sweet.
On Mon, Apr 27, 2009 at 10:57 AM, Dave Engberg
<[email protected]>wrote:
... a JavaScript ORB bridge.
Swaroop C H wrote:
... how do people deal with the issue
of interaction between Ajax and Thrift-based APIs?
...
If the Ajax cannot access the API directly, then a wrapper (that
works
with Ajax) would have to be written for every single service call.
