Twice the solitude
Solitude is a server to do payment processing for the Mozilla Marketplace. In my last post I blogged about how Solitude seperates itself from the client application to provide a level of defense by depth.
Well Solitude provides yet another layer of defense. It can be run in two modes: as a server or as a server and a proxy. Currently this mode works with PayPal, but is applicable to any third party payment provider. The former looks like this:
In this case if a security breach occurs on the Solitude server you'll get access to the credentials to access PayPal and some key tokens to access PayPal with. You'd need to get into both the file system and the database to get that information. But still it's just one server.
In the latter mode, Solitude is run twice, once as server with access to the database and once as a proxy that can access PayPal:
In this scenario a security breach needs to occur on the Solitude database server and the proxy. You'd need to get into both the file system and the database, but on two seperate machines.
To have the database server talk to a proxy, point to the proxy in the Solitude settings file:
PAYPAL_PROXY = 'https://addons.mozilla.local/proxy/paypal'
On you proxy server, run the server with the environment variable:
SOLITUDE_PROXY='enabled'
Just make sure you don't do something silly and connect that instance to the database (you should block that at the network level anyway), on the proxy your set:
DATABASES = {'default': {}}
Should work. More information on setting this up is in the Solitude docs.