On Thu, 2014-01-23 at 08:55 +0100, Tarnyko wrote: > Hi Daniel, > > I guess that if I wanted it to work in its current state, I would have a CGI > (or other) app handling authentication, and if successful spawning the GTK+ > application on a new IP port and redirecting the user to this port. > > Subsequent connections to this IP port should be protected by some web > server magic (reading a password database). > > But I agree that it would be nice if such a feature was supported > out-of-the-box. I've done a lot of reading on this subject in the last few weeks (being that I don't exactly have a web background), it would seem that such an out-of-the-box solution would be unrealistic - given the stateless nature of HTTP and the ever-evolving state of the art in web security and authentication (you have various forms of authentication with various tradeoffs you would make for different types of web sites/services). But I would be really interested in understanding how this backend works, perhaps one could run the web server with libsoup and perform authentication there, passing a session identifier directly to the broadway backend - routing all traffic relevant to that given session to the appropriate application UI instance (perhaps one GtkApplicationWindow could be used for each active session ? and a special GtkWindow could be used for any unauthenticated user, just to display a splash / login page ?). Somehow I think using a separate port for each active session is unrealistic (what if you have many active sessions, can you really just allocate that many ports ?). Anyway, I'm no expert in web/http but learning about it, and would be really interested in a solution for this as well... perhaps I will dig into this in the coming months. Cheers, -Tristan > > Regardsn > Tarnyko > > Daniel Kasak writes: > > > Fair enough. Good to see someone answer ;) The other question I posted to > > an app-devel list or something like that. I can deal with not being able to > > resize / maximise for now. What I'm not clear on is security. The way I > > assumed it would work was this: > > > > - I write a simple login page that checks credentials in a DB > > - If login is successful, an authentication key is generated, an instance > > of broadwayd is spawned on a new port, an instance of the app is spawned, > > and pointed ( somehow ) at the correct instance of broadwayd, and the key > > and port is returned to the client's browser > > > > What happens from here on is less clear. The browser would have to keep > > passing this key back to broadwayd or the app? Can we use https or tunnel > > through ssh? Is anything like this implemented already? > > > > From what I've seen with my limited testing, the default setup basically > > allows anyone to hit the IP / port that broadway is running on, and take > > over control of the app. > > > > Any thoughts? > > > > Dan > > > > > > On Thu, Jan 23, 2014 at 11:07 AM, Jasper St. Pierre > > <jstpierre@xxxxxxxxxxx>wrote: > > > >> Hi Daniel, > >> > >> I can only find one email to this list about this, which is about > >> maximizing windows on Broadway. I'm sorry I didn't reply, but I was busy > >> that day. I do remember investigating the question before getting poked to > >> do something else instead. > >> > >> Broadway is indeed not "officially" supported, in that it's not ready for > >> production. > >> > >> > >> On Wed, Jan 22, 2014 at 6:55 PM, Daniel Kasak <d.j.kasak.dk@xxxxxxxxx>wrote: > >> > >>> Hi all. Unfortunately, my last couple of posts to various gtk lists on > >>> this topic have had ZERO replies :( > >>> > >>> This is giving me the impression that broadway is not officially > >>> supported, and possibly developed and maintained by a single person. Is > >>> this the case? Does anyone know who I'd contact who does know about > >>> broadway status? > >>> > >>> Dan > >>> > >>> _______________________________________________ > >>> gtk-list mailing list > >>> gtk-list@xxxxxxxxx > >>> https://mail.gnome.org/mailman/listinfo/gtk-list > >>> > >>> > >> > >> > >> -- > >> Jasper > >> > _______________________________________________ > gtk-list mailing list > gtk-list@xxxxxxxxx > https://mail.gnome.org/mailman/listinfo/gtk-list _______________________________________________ gtk-list mailing list gtk-list@xxxxxxxxx https://mail.gnome.org/mailman/listinfo/gtk-list