Page 1 of 1

Database Connection to eXist-db using XMLRPC with SSL encryption (port 8443)

Posted: Tue Jul 10, 2012 11:12 pm
by joewiz
Is it possible to configure an oXygen XML Editor "Database Explorer" connection to eXist-db over XMLRPC with SSL encryption over port 8443?

Reading the wiki article[1], I expected to be able to provide Connection Details values such as:

XML DB URI: xmldb:exist://localhost:8443/exist/xmlrpc
User: admin
Password: ***
Collection: /db

But when I did, I got this error dialog in oXygen:

org.xmldb.api.base.XMLDBException: Failed to read server's response: The server localhost failed to respond (http://localhost:8443/exist/xmlrpc) Failed to read server's response: The server localhost failed to respond (http://localhost:8443/exist/xmlrpc)

This is using eXist-db 2.1-dev rev. 16449. Using this version, I have no problems using the Java Admin Client to connect to URL xmldb:exist://localhost:8443/exist/xmlrpc using port 8443 and having the "SSL: Use a secure HTTPS connection" checkbox selected. I can also make an SSL-encrypted WebDAV connection over port 8443.

So clearly port 8443 is working to provide secure XMLDB/XMLRPC/WebDAV connections. Is my problem with oXygen that I crafted the wrong URL, or is it that oXygen doesn't support SSL-encrypted connections to eXist's XMLDB/XMLRPC interface?

Let me also add that had fully completed oXygen's directions to add eXist/Jetty's self-signed certificate to my machine's keystore, as documented at:

http://www.oxygenxml.com/doc/ug-oxygen/ ... icate.html

oXygen will let me establish a secure WebDAV connection to https://localhost:8443/exist/webdav/db/. It just won't let me establish a secure XMLRPC connection to xmldb:exist://localhost:8443/exist/xmlrpc. (The error is as pasted in above.)

(Is it suspicious that the URLs listed in these error dialogs are
"http" and not "https"?)

Thanks for your guidance.

Joe

Re: Database Connection to eXist-db using XMLRPC with SSL encryption (port 8443)

Posted: Wed Jul 11, 2012 6:09 pm
by adrian
Hi,

I have just tested this and you are correct, Oxygen does not handle XMLRPC with SSL. It seems this was overlooked during implementation.

I have logged this to our issue tracking tool and we will resolve this in the next release of Oxygen (a SSL checkbox will be added in the database configuration).
If the implementation is simple (we believe it is) and no problems appear during testing, we will also include this bugfix in the next maintenance build of Oxygen v14.0 (in a few weeks).

Regards,
Adrian

Re: Database Connection to eXist-db using XMLRPC with SSL encryption (port 8443)

Posted: Wed Jul 11, 2012 6:24 pm
by joewiz
Thank you very much, Adrian! I know several other eXist/oXygen users will be very happy to have this improvement in security. I hope it's a simple fix and that it can be included in a coming maintenance update, as you suggest might be possible.

Joe

Re: Database Connection to eXist-db using XMLRPC with SSL encryption (port 8443)

Posted: Wed Jul 11, 2012 11:51 pm
by DannesW
I added the SSL support for the XMLDB driver of exist. The underlying XMLRPC already supported it, so it was only a matter to instruct to switch it on.

For the client, I decided to add a switch.....

more on http://atomic.exist-db.org/blogs/dizzzz/SecureWithHttps

cheers

Dannes

Re: Database Connection to eXist-db using XMLRPC with SSL encryption (port 8443)

Posted: Thu Jul 12, 2012 4:13 pm
by joewiz
Thanks for posting that link, Dannes. I had intended to include it with my original post but somehow forgot to. Thanks too for creating the facility for oXygen to use for this purpose!

Joe

Re: Database Connection to eXist-db using XMLRPC with SSL encryption (port 8443)

Posted: Fri Jul 13, 2012 5:36 pm
by adrian
Hello Dannes,

Thank you for the link.
To clarify, Oxygen uses the XMLDB API, not XMLRPC (at least not directly).

We've already implemented the SSL checkbox in the current development stream (it controls the "ssl-enable" property of the driver) and we are currently undergoing testing. If everything goes well and I believe it will, we will release a new maintenance build of v14.0 next week that includes this option.

We will post a notification on this thread when the new build becomes available.

Regards,
Adrian

Re: Database Connection to eXist-db using XMLRPC with SSL encryption (port 8443)

Posted: Fri Jul 13, 2012 9:35 pm
by joewiz
Excellent. Thanks, Adrian.

Re: Database Connection to eXist-db using XMLRPC with SSL encryption (port 8443)

Posted: Fri Aug 10, 2012 3:12 pm
by adrian
Hi,

I just wanted to let you know that this option has been included in the latest maintenance build of Oxygen 14.0, 2012080717 (released on August 8th):
Database: Added support (option) for eXist connections that work over HTTPS secure connections (SSL).
You can download it from our web site:
http://www.oxygenxml.com/download.html

The list of bug-fixes can be found here:
http://www.oxygenxml.com/build_history.html#2012080717

You can follow the release/build RSS feed here:
http://www.oxygenxml.com/rssBuildID.xml

Regards,
Adrian

Re: Database Connection to eXist-db using XMLRPC with SSL encryption (port 8443)

Posted: Fri Aug 10, 2012 7:19 pm
by joewiz
Hi Adrian,

Thank you! I had spotted the announcement! I downloaded the new version and can confirm that I am now able to establish secure XMLRPC connections to eXist's SSL port. This is a major improvement for those of us who administer local and remote eXist-db instances via oXygen - since now all connections to eXist-db (whether via WebDAV or XMLRPC) can be secured. I know the entire eXist-db community is grateful for your work in helping making oXygen into the best tool for eXist-db work.

You guys are the best. Thanks so much!

Joe