Secure communication between two web servers (Amazon EC2 with Django and Google App Engine).
I have a website that uses Amazon EC2 with Django and Google App Engine to implement its robust image API and image serving infrastructure. When a user uploads an image, the browser makes an AJAX request to my EC2 server to get the Blobstore upload URL. I get this through my Django server so I can check if the user is authenticated, and then the server needs to get the url from the App Engine server. Once the upload is complete and processed in App Engine, I need to send the upload information back to the Django server in order to build the required model instance. How can I do this? I’m considering using urllib, but how do I secure it to ensure that URLs are only accessible by my server and not by network users? Maybe some kind of secret key?
In addition to HTTPS calls (you should transfer information to django), you can also use AES encryption (using Pycrypto/any other library). It requires a key to encrypt your messages.