Archive

Posts Tagged ‘ssl’

Authenticating Users in Nginx Using Both User Password and Client Certificates

February 5th, 2014 No comments

In some use cases, you want to protect different parts of a Web application with different approaches. For example, the admin related resources normally require stronger mechanism than the user related ones. The following I will show how to use Nginx with client side certificate for the resources under /admin namespace for admins, and user/name for normal users.

Generating Certificates and Keys

Securing Thrift Traffic: Uncommon But Important Use Case

January 22nd, 2014 No comments

Thrift is mostly used for distributed systems which run mostly in house. There is no strong demand for securing the traffic on the wire. There are however use cases in which the Thrift services are exposed as a public service. In these use cases, the Thrift traffic should be secured with SSL/TLS. It comes with a price which more work on client and server on encryption and decryption. This is not a big deal for light load server, but for heavy load server it could be a problem. It can be mitigated with hardware acceleration on load balance servers between which and the client can be SSL, but not after that to the Thrift server.

Categories: Software Development Tags: ,