Brian, Thank you for your detailed instructions. I managed to get stunnel working, though it is a lot more complicated than I thought originally. On the windows server, the stunnel.conf file is setup as server mode and redirect port 8443 to 8000. On the client side, I also have to set up another stunnel as client mode and redirect 127.0.0.1:80 to 192.168.1.11 - server's IP address. As this server will be facing public, I cannot expect people to set up stunnel in their machine in order to access my website. I was expecting a tool which runs on the server side to do port redirection, and then when I type in http://server_ip:8443 from another machine, it will route me to my target app. (note: I did NOT set up any SSL certificate to get stunnel working)
Also with stunnel, I still cannot access the target app without entering the admin password, I cannot find any response.menu_auth to remove. I also have another mac which I tried to set up stunnel, but when I run sudo stunnel3 I got the following error: anyone familiar with mac can give some tips on how to solve this: inetd mode must define a remote host or an executable Cheers Al On Feb 12, 8:09 am, Brian M <bmere...@gmail.com> wrote: > Al, > > You'd want to get rid of the "edit" " menu when you "Go Live" that's > just there as a convenience while you're creating things. Just use > this (or remove response.menu_edit from menu.py which does it once & > for all): > response.menu_edit = None > If you don't want auth menu either do > response.menu_auth = None > > If you want to use the built-in server and be able to access on both > port 80 and port 443 (SSL) without running two web2py server instances > you could perhaps use a tunnel program likestunnel(www.stunnel.org). > Set it up to listen on port 443 (or really any port) and re-direct to > localhost:80. This way you should be able to get at admin and tickets > - as far as web2py is concerned you're accessing from the local > machine so tickets should work, but because it's tunneled it's also > secured as it goes to your remote computer. > > To get the general user to automatically go tohttp://myserver/myfirstapp > when they type inhttp://myserver/you can either work with routes or > just take the lazy route and replace the welcome app's default/index > with a redirect to whatever the home page of myfirstapp is. Of course > this will break the welcome app, but do you really want/need it when > deployed anyway? > > #in the Welcome application's default.py controller > def index(): > redirect(URL(a='myfirstapp', c='default', f='index')) > > Setting up web2py as a Windows Service is easy > enough:http://www.web2py.com/AlterEgo/default/show/77 > > ~Brian > > On Feb 11, 9:54 am, Al <albertsec...@gmail.com> wrote: > > > Thank you for your input. I am using Windows server so I cannot use > > the ubuntu scripts you mentioned. How about my second part of the > > question? I understand why web2py is designed in such a "secure" > > fashion. I am just trying to find a way around it so that I can deploy > > my first app. I theory I should be able to type from any > > machinehttp://myserver/myfirstapp, but it gives me an internal error - > > Ticket > > issues. When I click the ticket link, it gives "Admin is disabled > > because insecure channel". I have two instances of web2py running. I > > can runhttp://myserver/exampleorhttps://myserver/myfirstappwithout > > any issues. What's so special about the built-in examples app? Do I > > have to cut out some code from my app to get rid of all the admin menu > > and authentication for a general users? > > > On Feb 10, 11:38 pm, mdipierro <mdipie...@cs.depaul.edu> wrote: > > > > It depends. For development if you use the built in web server you > > > need to start it twice for http and https. This is in general a > > > security measure. You do not want the same process to listen to two > > > sockets else if something happens (like a memory leak) you may get > > > locked out. > > > > In deployment you should be using apache+mod_wsgi > > > > just download and run > > > this:http://web2py.googlecode.com/hg/scripts/setup-web2py-ubuntu.sh > > > > It will setup everything for you behind a single apache server. > > > I think this easier than rails actually. > > > > Massimo > > > > On Feb 10, 9:27 am, Al <albertsec...@gmail.com> wrote: > > > > > Hi, > > > > > Now that I get my secure channel (using self-signed certificate) > > > > working, I can remotely login from another computer to access the > > > > admin interface thru https. Todeploythis app for general users for > > > > http access, do I have to run another instance of web2py on another > > > > port - say port 80? Also how do I make these 2 instances to run as a > > > > service in windows 2003 server? Also do I have to change the code so > > > > that the general user just get directly to that single app? This whole > > > > thing seems a lot more complicated than ruby on rails. I would > > > > appreciate if people can explain this in more detail to me or point me > > > > to the right documentations. Thanks. > > > > > Cheers > > > > Al -- You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web...@googlegroups.com. To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/web2py?hl=en.
