SSL in Yesod (was Re: [web-devel] State of yesod-auth)

Michael Snoyman michael at snoyman.com
Sun Oct 3 17:25:39 CEST 2010


Do you mean serving a Yesod site over HTTPS? I've done it for one of
my sites. The preferred deployment option for Yesod is to use
wai-handler-fastcgi and nginx, so all you need to do is configure
nginx for SSL properly. Of course, you're free to use other options
(FastCGI + lighttpd, snap, SCGI + Apache, whatever).

Michael

On Sun, Oct 3, 2010 at 5:10 PM, Max Cantor <mxcantor at gmail.com> wrote:
> TLS brings up another question, what is the current state and roadmap of SSL in Yesod?
>
> Max
>
> On Oct 3, 2010, at 9:28 PM, Michael Snoyman wrote:
>
>> On Sun, Oct 3, 2010 at 12:17 PM, Max Cantor <mxcantor at gmail.com> wrote:
>>> Is yesod-auth ready for use in development?  the 0.0.0 version number is setting off a few alarm bells that there might be a lot of undefined/error calls sprinkled throughout the code and its mostly just type signatures.
>>>
>>> If it is, I'd like to take a look at it.
>>
>> yesod-auth has a deceptively low version number: up until and
>> including yesod 0.5.*, the Auth subsite is included with yesod. For
>> various reasons, I've decided to start releasing it as a separate
>> package. yesod-auth 0.0.0 is basically a straight rip-off from the
>> yesod 0.5.1 codebase, plus the new plugin approach to authentication
>> backends. Given that the main authentication code is in production use
>> in a few places, I'd say that yesod-auth is stable enough to use.
>>
>> I'm currently working on adding OpenID 2 support to yesod-auth using
>> the openid package[1]. To do so, I've had to take a long, circuitous
>> path of creating the http-enumerator[2] package based on tls[3], but
>> hopefully these efforts will benefit the community in general. I just
>> got OpenID 1/2 seemless authentication working on my home system, and
>> I'm going to try deploying that as the authentication method for the
>> upcoming haskellers.com.
>>
>> Of course, most of the code needed to get the built-in OpenID 2
>> support isn't released yet, but depending on how things go with some
>> upstream patches it can be released in the near future.
>>
>> Michael
>>
>> [1] http://hackage.haskell.org/package/openid
>> [2] http://hackage.haskell.org/package/http-enumerator
>> [3] http://hackage.haskell.org/package/tls
>
>


More information about the web-devel mailing list