[Cubicweb] Pyro and ZMQ deprecated?

Yann Cointepas yann at cointepas.net
Tue Mar 4 15:31:03 CET 2014


Hi,

Is there a documentation or some examples that could help to know how to
create a server and to develop a client to use an appropriate REST API ?

On the client side, I only need to be able to do things like this:

my_instance = ConnectToMyInstance( login, password )
result = my_instance.execute( any_valid_rql )
for row in result:
   do_something_with( row )

Today, I have two implementation of this very simple API. One that use
zmq+pickle and another one (this one is read only) forging URLs with
vid=jsonexport to get the result. As far as I understand, both
implementations are wrong and I would like to to be on the right side.

Thanks for any help,

      Yann

Yann Cointepas            Tel: +33 1 69 08 78 31
CEA - Neurospin           Fax: +33 1 69 08 79 80
Bâtiment 145, Point Courrier 156
91191 Gif-sur-Yvette cedex, France


On Sun, Mar 2, 2014 at 3:20 PM, aurélien campéas <aurelien.campeas at gmail.com
> wrote:

> Hi Dimitri,
>
>
> 2014-03-02 14:47 GMT+01:00 Dimitri Papadopoulos Orfanos <
> dimitri.papadopoulos at cea.fr>:
>
> Dear all,
>>
>> I've stumbled upon the following tickets and learned that ZMQ and Pyro
>> support will be deprecated/dropped in CubicWeb 3.19:
>>         http://www.cubicweb.org/ticket/2919295
>>         http://www.cubicweb.org/ticket/2919297
>>         http://www.cubicweb.org/ticket/2919309
>>
>> We were planning on using ZMQ to remotely update and access CubicWeb
>> databases, in order to avoid HTTP limitations and the hassle of managing
>> HTTPS sessions in scripts. Are ZMQ and Pyro to be entirely dropped? What
>> should we be using instead of ZMQ?
>>
>
> The idea is to use a combination of the "signedrequest" and "rqlcontroller"
> cubes (server-side) and request.py (client side) to perform authenticated
> restful repo access.
>
> Still, this is far from a drop-in replacement of pyro/zmpqpickle protocols.
>
> For pyro, it's just a dead unsupported library (there exists a version 4
> but version number indicates it is a new thing).
>
> I still believe there should be some room for zmq-pickle in the very short
> term
> provided its users are aware of the following:
>
> * the client is basically granted full access to the resources of the
> user at host
> running the server, which is a bit of a security concern ...
> * the transport is insecure (anyone sniffing the traffic will grab
> everything)
> * there are obscure bugs and corner cases
> * it needs to die (as currently done at least)
>
> (that's basically what Pierre-Yves noted in the tickets).
>
> Regards,
> Aurélien.
>
>
> _______________________________________________
> Cubicweb mailing list
> Cubicweb at lists.cubicweb.org
> http://lists.cubicweb.org/mailman/listinfo/cubicweb
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cubicweb.org/pipermail/cubicweb/attachments/20140304/ecf74529/attachment-0165.html>


More information about the Cubicweb mailing list