I originally wrote this material for IBM. It was previously published as part of an IBM DeveloperWorks Tutorial located here. IBM has been gracious enough to let me republish it here.
What better example to show you dRuby in action than an ASCII duck image server? Why_ wrote it to show off a number of ASCII art ducks created on the ruby-talk mailing list.
The server code is simple:
Listing 1. A duck image server
|
Only a few things are going on here. First, Why_ uses $SAFE
and untaint
to help control access to just the files to distribute. Setting $SAFE
to 1 turns off the ability to process tainted data (data is considered tainted when it comes from outside the program). Because the file names used in the next step are tainted, Why_ uses untaint
to regain access to that data. This is a good example of an important concept for anyone writing code that will be executed by untrusted users.
The next couple of things occur in the Duck
class (notice that this class doesn't need to know about dRuby). Why_ starts with meta-programming, creating a method for each duck image file that displays the contents of that file. Then a method prints a listing of all the available images.
Now, Why_ uses dRb (the dRuby library). It just takes one line to start a dRb server that serves up an instance of the Duck
class (which creates a separate thread behind the scenes). Finally, Why_ joins the thread to ensure that dRb is finished before the process exits.
A client for this server is also simple. You can run it from the command line: ruby -rdrb -e
"DRb.start_service;duck=DRbObject.new(nil,
'druby://whytheluckystiff.net:6503');puts duck.list"
.
Running Ruby from the command line is a different idiom from what many people are used to, but it's not too hard to grok. The -r
switch requires the dRb library, and the -e
switch says to run the command(s) that follow. In this case, the command does three things: It starts a dRuby service, instantiates a Duck
object from the dRb server, then does a puts
of the output of the list
method.
Distributing your Ruby objects
If you want to use dRuby yourself, Why's duck image server has shown you the two things you need: DRb::start_service
and DRb::thread.join
. Using just these two methods, you can create a simple server of your own, as shown in Listing 2.
Listing 2. A DRb Morse code server
|
You probably want to do a bit more than this, though. A good first step is to add some security. Again, dRuby makes it easy. DRb#start_service
accepts ACL objects (which can also be defined separately), allowing you to lock your new service. The simplest ACLs (although not the most secure) are IP address-based. If you're running the Morse code service shown in Listing 11 on a machine in the 192.168.1.0/24 network, and you want to limit access to only those hosts on your local network, you can define an ACL as shown in Listing 3.
Listing 3. ACLs for DRb
|
You should do all you can to write safe and secure code. Use $SAFE
, and think about using undef
to get rid of unsafe methods. Don't forget, you're potentially opening up your code and your server to unknown users.
No comments:
Post a Comment