GpIndy

GpIndy pack is the Indy version of Gp library for remote control.

The use of Indy, is not only for the SSL support but is for standaring with the most popular internet developer library for Delphi at the moment: Indy 9 and Indy 10. Indy do to Gp more easy, robust, SSL compatible and suitable to grow with other Indy components.

TGpIndy is the basic TIdCustomHTTPServer extension that provide primary remote control web access to your program, similar than TGranPrimo but in Indy framework.

TGpIndySSL is a new class to handle both https and http connections at same time.

One of the great 'refactoring' that I have done in Gp to do it Indy compatible, is in session management, in order to have a unique session list between different GpIndy components (both normal and ssl web servers, bridges, clients...). So the session management in the kernet library is similar to Indy management but reside outside the traditional Indy compatible servers. The inclusion of SSL and Normal server modes working together was a problem too.

Indy and SSL

Basically I introduce HTTPS or SSL communications between gpIndy server and the Java Applet client. .

Concerning SSL, Java 2 SDK 1.4 include JSSE (Java Secure Socket Extension).

This link might help you more for HTTPS and securing Java URLconnection :
http://cannings.org/oldCourses/javaAdvanced/jsse.html

It is well known HTTPS (SSL mode) is always ~30-50% slower than HTTP communications for the same WebPages.
The sample certificate are 1024 bits key. That means, every packets will be encrypted with a large key. Encrypting and decrypting few hundreds POSTs per minutes between client's machine and server machine will take long and will need lots of CPU.

In fact, both machines, the client and server will need to have some good CPU and memory to handle few hundreds encryption and decryption transactions per minutes.

As engineers, we need to think of deployment and if what I saw with speed happens for our clients, they will all complain and stop using it.

I don't see any harm in Java applet to communicate in default HTTP mode, since the speed is really important here. The worst case scenario is a hacker will get encoded binary small snapshot of images.

We need to find a way to handle both protocols (HTTP & HTTPS) with the Indy web server. We need to create two web servers (one for each port). Somehow allow JAVA APPLET as a default to travel through HTTP or as an option HTTPS BUT allow exclusively the WEB PAGES to travel ONLY with HTTPS.