Skip to content

Instantly share code, notes, and snippets.

@bryaakov

bryaakov/https-support-in-cmwell.md

Last active September 20, 2018 08:08
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bryaakov/16fff50df27259b53b373fc27b831c59 to your computer and use it in GitHub Desktop.
Save bryaakov/16fff50df27259b53b373fc27b831c59 to your computer and use it in GitHub Desktop.
Download ZIP
HTTPS support in CM-Well: Phases
Raw
https-support-in-cmwell.md

HTTPS support in CM-Well: Phases

Introduction

In RDF, all elements are URIs. The Subject is somewhat special in the eyes of CM-Well, as it is the path of the Infoton. Other elements (Predicate, Object, and Quad/Graph) are preserved as they were ingested.

  • Note this has nothing to do with the way CM-Well is communicated with. A CM-Well Cluster can live in an http endpoint and ingest data which "https" exists in payload, and vice versa.

Phase 0 - The Way It Used to Be

In order to preserve the https protocol of Subjects, we used to mangle the path of the Infoton, adding a prefix of https. before the domain. While this was fully supported, it felt "ugly" and we wanted to choose a different representation.

Phase 1 - The Break

Before a large ingest of an important customer, we wanted to avoid the path mangling, so we simply cancelled it. This was done in Wombat release. The only fix we made was in UIs. We knew we broke _out and other output ways - as we lose data on ingests - we cannot tell which protocol, http or https, was an Infoton ingested in.

Phase 2 - The Fix for Graph Traversal/Expansion APIs

This was taking place in Wombat Update 2. We fixed xg/yg/gqp APIs to support relations between an object and a subject on which the object is written as HTTPS. The implementation was to search for both http:/PATH and https:/PATH as we still can't tell in what protocol any Infoton was ingested in.

Phase 3 - The Temporary Ugly Fix for _sp API

Since our important customer wants to run STP to materialize data, we wanted _sp to return https for all subjects. So we made an ugly hack that is activated upon an environment variable (so we won't screw up other instances) - that just replace each subject to be https in the population phase on an _sp call. This means they can use their SPARQL with https relationships.

  • This happened in Wombat Update 3.
  • Womabt Update 3 was not merged to master branch.

Phase 4 - The Actual Fix

This phase was not yet implemented, when this bloop was written. We want to preserve the HTTP protocol per Infoton.

  • Probably as a boolean in Infoton trait, but not as a System Field.
  • Can be encoded into the Infoton Type in CAS/ES. e.g. o vs os
  • In our important customer's instance we will have one time "migration" when we encode all existing Infotons as HTTPS.
  • Then we will make sure all APIs support Infoton.isHttps flag when rendering.
  • An optional request parameter will be supported for overrides.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment