Hello,

I'm new to Twisted and would like to find out whether it is a good choice to solve my problem. For OpenPortalGuard's GateKeeper component (http://openportalguard.sourceforge.net/wiki/index.php/Specification/Architec...), I am looking for a platform to implement a reverse proxy that handles the following tasks before giving access to a private network that hosts multiple application servers:

* ssl processing (offloaded from application servers) * ssl client cert authentication * a custom authentication module that writes cookies * a custom access control module (role based) * an URL-rewriting engine like Apache's mod-proxy or mod-rewrite

My first idea was to use Apache with mod-ssl, mod-proxy, and mod-rewrite out of the box and write the two custom modules with mod-python.

My concern with Apache is scalability. I believe that Twisted (implementing the Reactor Pattern) should be able to handle many more concurrent connections. Can anybody confirm this and possibly quantify this with examples?

My concern with Twisted is (due to ignorance ;-) whether it has the out of the box functionality equivalent to Apache's mod-ssl and mod-rewrite (to proxy to remote hosts). A first look seems to indicate that twisted.internet.ssl, twisted.web.proxy, and twisted.web.rewrite are my friends. Is this correct? Are there any examples out there? Any experience on performance?

Alltogether, is Twisted a good choice for my plan? Has anyone already used Twisted for such a purpose?

Many thanks in advance for any input and suggestions.

-b

------------------------------------------------------------------------------------------------- Ing. Bud P. Bruegger, Ph.D. 0564-488 577 (voice) Servizio Elaborazione Dati 0564- 21139 (fax) Comune di Grosseto e-mail: bud@comune.grosseto.it Via Ginori, 43 jabber: bud@amessage.info 58100 Grosseto icq: 249-858-685

Collaborazione Open Source per la CIE e CNS http://www.comune.grosseto.it/cie/ Software Libero/Open Source in P.A.: Non solo una buona idea, ma una necessita'