I have a ruby project written purely in ruby. Now I want to include a java archive (jar) file which has some functionality my users want. It is good to just place the file in one of the directories and bundle as a gem? Are there any security issues related to this? Any advice would be greatly appreciated.
The answer is that it depends on the use case.
If this is a gem that users will be using purely for their own purposes, and it's not broadcasting over a network, then security issues are fairly minimal - they would relate more to system security.
If part of your program involves binding to a port and accepting TCP/UDP connections then you've got to really start thinking about network security. Another possible problem is if you're giving file system access to non-privileged users (e.g. if this is a rails gem, and the JAR gives functionality to manipulate the file system and for some reason you're passing this on to the site users - bit of a stupid example but I hope you see what I'm getting at).
However, as for running a java JAR file, there's nothing innately insecure about that unless there are known security flaws with that particular JAR.
In the end, it's up to the end-user of the gem. Make it clear what the gem does and they can make the decision about whether they want to use it.
Have been using Savon for my webservice stuff so far, but need to talk to a more "secure" service now, needing WS Addressing and WS Security Extensions.
Have started to extend this fork of Savon to handle it, but then found WSO2 WSF/Ruby - so wondering if anyone has any experience of it, pros/cons etc. That is, is it worth my switching to it? I cant see much out there about it, besides on their own site - their forums seem awfully quiet, which does not bode well.
Currently dev on OSX/Snow Leopard, deploying on CentOS.
Thanks in advance,
Chris
It does not seem so (from the lack of replies...)
I want to write a web application and want to use Ruby. I have no knowledge of Ruby as of now and I want to write this app. to learn Ruby.
Is Ruby alone sufficient to write a web application or Rails need to be included?
You sound like you're interested in writing something in a barebones fashion.
For that then the Sinatra framework might be more approachable.
You could also use Heroku's service to make the deployment and hosting of your web application simple. I can't overstate how slick Heroku is - it's a masterclass in design and user experience!
The only thing you need to made a simplest web application with Ruby is rack. It's used by all Framework in Ruby. And all server like Passenger/Thin/unicorn/mongrel are rack compatible.
So you can put the must simplest ruby web application like that :
class HelloWorld
def call(env)
[200, {"Content-Type" => "text/plain"}, ["Hello world!"]]
end
end
But the dynamic system are more difficult. So a framework is really helpful.
Yes, you can, depending on your development environment. The most common approach that doesn't use any framework, such as Rails, is to use Apache with modruby/eruby. See http://www.modruby.net/en/ for more information (also wikipedias eruby entry: http://en.wikipedia.org/wiki/ERuby)
And, technically speaking, Rails is just a framework written in Ruby, so it's technically still "just ruby" :)
Here is a list of other frameworks than Rails.
You might want to start with Sinatra : it's really small and lets you focus more on the Ruby-learning than on the framework-learning.
Ruby is sufficient but you would have to wire the http server (like webrick/apache/mongrel) with the application you are writing by yourself.
I'd recommend, as to avoid this wireing, to use a simple basic framework like sinatrarb http://www.sinatrarb.com/
Ruby is sufficient, but I wouldn't recommend it. I would recommend working with a framework until you're comfortable with Ruby.
You may want to start even smaller though.
I would definitely use Rails if I were you. Although you can build a website using only Ruby, it's a bit overkill, and you sure can get a lot more using Rails.
A great start for learning Rails (that's where I started) is:
http://headfirstlabs.com/books/hfrails/
There's a few chapters in there you can read. It's really good, and will give you a nice and solid introduction.
Edit
Also, you can use Mongrel, Webrick, lighttpd, Apache etc with it with no problems
You can start off by checking out Chapter 18 (and the rest) of the "Pickaxe Book" titled Ruby and the Web. You can find the online version here to see the nitty gritty of writing Ruby only scripts for a website. There are many options to choose from, most of which have been already suggested here, that will get your website running much quicker and easier.
Which set of libraries and tools would you recommend to use for development SOAP-service on Ruby 1.9 - soap-tools, web-servers, or maybe a web-framework?
I have researched this myself. As far as I can tell, there is just one current implementation:
wash_out
It is a very nice to do SOAP in Rails. It does the most basic stuff but it isn't a complete SOAP implementation. I think you are in for a world of hurt if you are building a SOAP service on Rails.
Soap Ui is a pretty good way to test/debug/etc.
Good luck!
Take a look at http://aws.rubyonrails.org/, when it's explained how to create web services within RubyOnRails.
SOAP doesn't seem to be popular in Ruby land. The only library for creating services I know of is SOAP4R (which comes bundled with Ruby), and the documentation for it isn't very detailed.
What is a good approach to a client proxy written in ruby that I can use to create a custom filter.
So far I've found
Ruby Proxy using webrick
Mousehole, a scriptable Ruby proxy by _why (UPDATE this was not robust)
A little on the fringe, this guy wants to Use rack as thin proxy with his question. I don't think he got an answer; or even a hint that it was possible.
What is your advice on these suggested approaches or do you have a better approach.
Thanks!
I can’t speak on personal experience as I’ve not done this myself, but I have heard of mouseHole before and it seems to be a good package. Why not try writing a simple script for it and see how you find it?
There are also some sample scripts in that repository that you could check out.