RichText

Swirrl, the project that I’ve been working on for a while now, has recently opened its doors to the public. You can now sign-up for free and try it out.

I’ve shamelessly plugged Swirrl a couple of times before in this blog, but never really explained what it does.

Basically, it’s a hosted wiki service, but instead of just allowing users to create text entries, it also allows the creation of what we call Data Set entries using a spreadsheet-like user interface. But it’s not just another simple online spreadsheet.

Using contextual clues provided by the user, Swirrl builds up a picture of your data and it’s structure behind the scenes, allowing some powerful searching and analysis. So, it’s it easy for the user to add semantic information to their data in the context of their normal work, with no need for any manual entry of semantic mark-up.

(Swirrl follows the principles of the Resource Description Framework, or RDF, which is one of the building blocks of the semantic web. However, you don’t need to know anything about RDF or the semantic web to use Swirrl).

So what’s the point of this? Well, with Swirrl we hope to help make the information held in an organization more accessible and exploitable. We hope that our approach provides a simple and effective way to collaborate and share information. With our Data Sets feature we aim to combine the power of a database and the flexibility of spreadsheets with the collaboration potential of a wiki.

Anyway, I’d love it if readers of this blog could sign up and have a play around, and let us know what you think (email hello@swirrl.com). We’re very keen to get some feedback and comments, so that the service can be improved. Thanks.

I recently had to set up SSL for a Ruby on Rails app, and I thought I’d document my findings for the benefit of mankind… :-)

Actually configuring SSL on a production apache/mongrel ubuntu server is quite easy. Our rails-specialist hosts, Brightbox, have some excellent instructions on their wiki.

To get SSL working with rails, you need the ssl_requirement plugin. The readme file for this plugin is pretty self-explanatory, but here’s how to get started.

Install the plugin.

ruby script/plugin install ssl_requirement

Then, near the top of your application controller, add the line:

include SslRequirement

In the application controller, you might also want to override the ssl_required? method, to make life easier in development mode or testing, and to apply some application-specific logic. (Note that if your SSL logic is dependent on other action-filters, you need to put the include line, above, after those filters). Here’s a simple example:

def ssl_required?

  # (Comment this one line out if you want to test ssl locally)
  return false if local_request? 

  # always return false for tests
  return false if RAILS_ENV == 'test'

  # some logic to see if we need ssl, for example:
  if check_pricing_plan_feature("SSL")
    return true   
  end

  # otherwise, use the filters.
  super
end

Now in your individual controllers, you can add filters defining which actions need ssl. (If an action is defined as ‘ssl_required’, then you will be redirected to an ‘https’ version of the page). You can also use ‘ssl_allowed’ if the action can be used with OR without ssl.

ssl_required :log_in, :profile

Now, the code I’ve included in the ‘ssl_required?’ override above lets you test locally without using SSL. But how can you be sure if it’s working properly before deploying? As Mike Subelsky wisely says, you need to “train like you fight”.

If you’re on a Mac, here’s how to test ssl ‘for real’:

1. Make sure you’ve got apache 2.x installed.

OS X Leopard comes with 2.2.8 I think. To find out, just run

httpd -v 

If you’ve got an older version than 2.0, you can get the latest from the apache site.

2. Create self-signed certificates.

Download (but don’t install) the latest version of mod_ssl (I used 2.8.31) – you’ll need a file from this download for the instructions below…

Follow the instructions on the apple site to create a self-signed cert. (The actual steps to perform only start under the heading “Configuring SSL”).

Note: When it talks about your /etc/httpd directory, use /etc/apache2 instead.

Stop following the instructions when it starts talking about stopping your apache server: (”...Stop your web server if you haven’t already, either by using the Sharing control panel or through the command line…”).

3. Configure apache.

i. Change to the apache configuration folder

cd /etc/apache2

ii. Now edit your httpd.conf file:

sudo pico httpd.conf

iii. Find the Line that says “Listen 80” (around line 41), and below it add the lines:

Listen 443
SSLCertificateFile /etc/apache2/ssl.key/server.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key

(using the relevant paths to your new certificates)

<IfModule log_config_module>

CustomLog /private/var/log/apache2/ssl_request_log  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

(this isn’t strictly required but as Mike Subelsky suggested, it helps with debugging the apache setup)

v. Go to the bottom of the file and add the following just above the “” section:

<VirtualHost *:80>
 ServerName 127.0.0.1

 ProxyPass / http://localhost:3000/
 ProxyPassReverse / http://localhost:3000
 ProxyPreserveHost on

 DocumentRoot "/users/me/documents/myproject/public"

</VirtualHost>

<VirtualHost *:443>
SSLEngine On
ServerName 127.0.0.1

ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000
ProxyPreserveHost on
RequestHeader set X_FORWARDED_PROTO 'https'

DocumentRoot "/users/me/documents/myproject/public"

</VirtualHost>

• the ServerName must be the servername for which you created the cert
• change the DocumentRoot to wherever your rails development environment lives.

4. Configure Rails.

Comment out the line in the application_controller (added earlier) that says:

return false if local_request?

so you can test ssl conditions locally.

5. Start apache

You can start and stop apache with:

sudo httpd -k start

and

sudo httpd -k stop

respectively.

... and you’re all set to enjoy SSL goodness on your mac.