Dealing with access-protected files behind cookies/https Web server

[Bultako]

Hi SAMPers
I have sucessfully installed SAMP Web Profile in a https-protected IPython Notebook Server with sampjs. See https://www.youtube.com/watch?v=Q3v1vFZyIAQ

It works really well with non-protected files, but I guess SAMP-enabled desktop apps cannot access files produced inside a https-protected IPython Notebook Server. Is there any existing (rapid) solution to deal with access-protected files?

[mbtaylor]

Jose,

there is an issue with earlier versions of the JSAMP hub not being
able to access HTTPS URLs. This was fixed at JSAMP v1.3-4, and
from the video it looks like you're using topcat v4.0-1 or earlier,
which does not have this fix.

Can you try it with a more recent version of the JSAMP hub
(e.g. by using topcat v4.1 or later) and see if that helps?

Mark

On Fri, 4 Jul 2014, Jose Enrique Ruiz wrote:

Hi SAMPers
I have sucessfully intalled SAMP Web Profile in a https-protected IPython Notebook Server with sampjs. See https://www.youtube.com/watch?v=Q3v1vFZyIAQ

It works really well with non-protected files, but samp-enabled desktop apps cannot access files produced inside https-protected IPython Notebook Server. Is there any existing (rapid) solution to deal with access-protected files?

---

Reply to this email directly or view it on GitHub:
#6

Mark Taylor Astronomical Programmer Physics, Bristol University, UK
m.b.taylor@bris.ac.uk +44-117-9288776 http://www.star.bris.ac.uk/~mbt/

[Bultako]

Hi Mark
I've tried now with latest topcat release (v4.1), with the same negative results :(
Nevertheless, I have to say that access is not protected with https (sorry, my fault), but only with simple single password by setting the NotebookApp.password param in the IPython Notebook Server configuration file, serving in port 9999.
http://ipython.org/ipython-doc/rel-1.1.0/interactive/public_server.html

Hope it helps !

[mbtaylor]

OK, it was worth a go.

The way that samp.js communicates with the hub from within the browser can get rather complicated, and I don't have time right now to look at it very closely. It may be that it's effectively impossible to get it working because of the security architecture. Or it may not.

If you want to investigate further, you could try turning on HTTP-level logging of the web profile communications; to do this start the hub with topcat -jsamp hub -web:log http before you start up topcat or any other hub-containing component, and you'll get loads of logging on stdout that may give you a clue about what's up. The relevant technical background is in section 5, especially 5.2.3, of the SAMP standard.

[Bultako]

Ok, thanks for the quick reply.
I cannot look at this in detail either, but I will tell you if I do some progress.