[erlang-questions] Erlang web framework

Tristan Sloughter tristan.sloughter@REDACTED
Sun Dec 11 03:40:03 CET 2011

Andrew, do you have an example of using it as an intermediate between the
frontend and Webmachine? I was just looking through your examples and
couldn't find one and was hoping too. Because yes, I have Webmachine call
out while handling the request session information and authentication and
wanted to give your way a shot.


On Sat, Dec 10, 2011 at 7:50 PM, Andrew Berman <rexxe98@REDACTED> wrote:

> I'm doing something similar to Tristan.  I'm using Webmachine in the
> backend which houses all the db, business, and security logic and using
> SpineJS and CoffeeScript for my front-end which communicates with
> Webmachine using JSON.  After writing a web app this way, I have to say
> that it is more difficult than most prepackaged frameworks, however, it
> allows you a complete separation of concern, forces you to really think
> about your security, and also forces you to focus on a solid, usable REST
> API.  The cool thing is that you are using your own REST API and if you're
> looking for an API for your service/web app, you can find and fix any pain
> points that someone else might encounter using your API.
> Unlike Tristan, however, I separated all my sessioning into a completely
> separate web app from the main Webmachine web app.  I saw the Webmachine
> app as something I wanted to keep as a completely standalone service and so
> I basically wrote an intermediate app using Misultin which proxies messages
> from the front-end to Webmachine adding any necessary authentication
> tokens, dealing with sessions, and any web security features.  As for web
> security, this is built into my Misultin app and I followed this guide:
> http://guides.rubyonrails.org/security.html.  It's pretty easy to
> implement them yourself.
> I haven't used Opa, but I have used NodeJS and I was very tempted to use
> it for the intermediate app.  You might want to look at Express for NodeJS
> if you're looking for more of a framework.
> Hope this helps,
> Andrew
> On Sat, Dec 10, 2011 at 2:06 PM, Tristan Sloughter <
> tristan.sloughter@REDACTED> wrote:
>> I've tried pretty much every Erlang web framework (some more than
>> others).
>> Could you explain what you mean about Lift's security, 'ajax+html
>> component security'?
>> The main frameworks are: ChicagoBoss (Railish), Nitrogen (evet-based
>> architecture), Zotonic (a CMS/framework in my opinion, they may just say
>> CMS), Erlang Web (the one I have least played with but does seem the most
>> OTP fitting) and Erlyweb.
>> I haven't personally been happy with building full projects in any of
>> these (though Zotonic has been GREAT for projects that just need a CMS like
>> my wedding website, and Chicago BOSS looks great for MVC style Erlang web
>> development) and now I'm doing my own which is based on Webmachine and
>> Batman.js with security based on resource access control using Seresye (
>> https://github.com/afiniate/seresye) and an Erlang security framework
>> Genbu.
>> So the idea is the client is built completely in Batman.js and
>> communicates (JSON) with the Webmachine based RESTful interface of the
>> backend (which I am greatly simplifying the necessary steps needed to
>> build). And then all security on the backend is based on the idea of
>> writing a rules engine with Seresye which will be simplified for web
>> resource/db use as part of Genbu (which I am moving all web session,
>> authentication logic from Maru to).
>> I hope to have the pieces for Genbu and Maru and an example, for others
>> to start using it, committed tomorrow or sometime this week, but
>> http://claimstrade.github.com/maru/ is the "idea" -- well its more than
>> an idea I am building this while building a real business on top of it. So
>> it is taking what I find I need as I build the business and then adding it
>> to the framework, or taking out and moving to the framework. Also is based
>> on a couple years of Webmachine based web development and what I saw went
>> wrong in some cases as we did so.
>> That said, and even though this is an Erlang list so I hope I'm not
>> yelled at :), I have to also point you at Opa (http://opalang.org/)
>> because I really like it for building sites. And it is very secure
>> and statically typed (even your frontend code is compiled and type
>> checked!).
>> Tristan
>> On Sat, Dec 10, 2011 at 3:41 PM, eigenfunction <emeka_1978@REDACTED>wrote:
>>> Hi everybody, i would loke to get my feet wet into erlang web
>>> development so i wanted to ask: what is the state of erlang web
>>> frameworks? i did google a little bit and found a couple  of
>>> interesting projects. But having written some web applications in
>>> webobjects before, security is paramount for me. I have been playing
>>> with "scala lift" lately and wanted to know if the erlang community
>>> has something of the sort, i mean easy ajax + html component security.
>>> Or something in the line of smaltalk seaside. Thank you very much
>>> indeed.
>>> _______________________________________________
>>> erlang-questions mailing list
>>> erlang-questions@REDACTED
>>> http://erlang.org/mailman/listinfo/erlang-questions
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20111210/a5d3b6e1/attachment.htm>

More information about the erlang-questions mailing list