I roughly know what a PEP (Policy Enforcemente Point) is
It intercepts the request for access, it constructs and sends the request to the PDP...etc
But I don't know how to use it in order to filter any access (from client) to a static page on a web server
Scenario:
Tomcat web server with a static web page only
The static page should only be accessible from 9 am until 5 pm
I need a PEP and a PDP in order to accomplish my objective.
Is AuthZForce suitable for my needs?
I desperately need to find someone willing to help me to implement my project from scratch in step by step way
Is there anyone who I can get in touch with, personally?
Thanks a lot
Terence
You may use AuthzForce mailing list.
Related
I have installed the basic jUDDI Server in my machine. I am able to Register the Service and able to read my Service info as a new user. I want to restrict the users who wants to look up my services. I want only my clients to access these information. I want to authenticate them so only my clients can view the business, service, tModel, Binding Template information. How can I achieve this? Can any body help me get through this?
Try turning on the setting the requires authentication for the inquiry API. You can find it in the juddiv3.xml config file for the server. Here's the xpath to get you there.
config/juddi/auth/Inquiry=true
Future readers, the documentation is located here for the current release (as of this time of this post)
https://juddi.apache.org/docs/3.3/juddi-guide/html/ch04.html#_administering_users_and_access_control
but the website https://juddi.apache.org/docs.html will get you to whatever is current. The docs (that website) is also available as part of the distribution and (i think) maven artifacts
Hello smart people on stackoverflow,
I would be very happy if someone could point me to the right libraries/frameworks to do what I want.
We have the following web architecture set up.
1. We have a tomcat server that offers REST services.
2. We have an apache2 server that serves up php pages to users.
a. Some of these php pages make REST calls to tomcat for data.
b. Other php pages contain javascript that makes REST calls that are routed through apache2 via mod_proxy to tomcat. e.g. All request to http://myapache.com/PASSTOTOMCAT/rest/getSecureData would go to tomcat.
Now, I'm asked to add authentication to everything, both the user pages as well as the REST calls. It would obviously be ideal for the user to sign-in once for access to both.
What library can I use for this? I don't think I can use any php-based solution (ie. one that involves adding a ) because the pass-through url's won't have a chance to add this code and check for authentication. I think I need to use something built into apache2 itself.
One minor requirement is that I would like the user credentials stored in a mysql database as opposed to a file.
Am I over-thinking this?
Thanks in advance
Well it's been 5 days, so I guess I'll answer my own question...
I ended up using the new mod_auth_form for authentication because it lets you use a nice stylized webpage to log users in.
I also used mod_dbd to access user credentials in mysql.
I couldn't find a nice tutorial on this so I struggled through the installation and setup a bit, but if anyone cares, I created a set of instructions on my blog in case anyone else tries to do the same thing.
Installation
Setup
I have a requirement to kickoff a workflow which is in salesforce.com thorugh web service from UNIX box. Can any one suggest me options or guide lines to achive this scenario?
I don't think you can just "kick off workflows". You'll have to perform an insert or update of records in Salesforce that will satisfy the workflow's entry criteria.
There's a Java tool called Data Loader for your basic data manipulation activities (you can download it from your own production org)
and it can be scripted for scheduled runs, has config file where you can store user's password in secure way etc. Check out the pdf guide for more ("Command Line Quick Start" chapter)
So I don't think you really need a webservice call...
Unless I misunderstood and you're talking about calling an Apex class' method that has "webservice" keyword and it will somehow perform the updates?
In that case you'll need to download the WSDL file generated for this class (Setup->Develop->Classes) and well, consume it in language of your choice (Java, PHP, Python... this link will help, steps aren't too different), then do your command line magic?
http://wiki.developerforce.com/page/Integration has tons of resources for you :)
Salesforce uses SOAP for their web service. They don't have restful web services now. Just request them to give the wsdl file.
Use this wsdl file to generate the java code. After that get their webService url so that you can proceed with your data pulling
This link may help you..
http://salesforce-walker.blogspot.in/2011/12/to-access-salesforce-data-from-java-we.html
Hope this helps
I am new to Enyo and web services. I am looking to build a web page with Enyo that will require use of Echonest. Can anyone help me understand how to connect to the Echonest service from inside Enyo and whether to use SOAP, REST, or something else?
I assume you are talking about the Echo Nest found here: http://the.echonest.com ?
Briefly glancing at their API, you may not have to use SOAP or REST since everything is accessible with simple GET requests through the Web service. It looks like the hardest part of using their API will be generating OAuth signatures for authenticated requests.
As far as the enyo.WebService, http://enyojs.com/api/#enyo.WebService, goes, you should be able to include the kind, set the URL and call the .send() method on it. Then you response handler would get the data back (I recommend json) so you can do what you will with it.
Another option would be to use enyo.Ajax, http://enyojs.com/api/#enyo.Ajax, directly. enyo.WebService wraps that and provides a familiar (to Enyo 1 developers) way to use it.
I am looking on advice on how best to approach a new project I need to develop. From the outset I must add, I have 0 experience with Web development on any level.
What I need to do is provide a web interface through the browser which will communicate with a server back end. The data retrieved will be sourced from either a DB or from another source - external device which the server itself will communicate with via IP. The data retrieved from the external device will always be a string format of n length (non unicode) and the DB data will mostly be strings and numbers with the odd blob thrown in (storing a picture). The communication will always go from the Client (web browser) to the Server. I don't believe that the server would need to instigate the comms.
I have Delphi XE, so started looking at using a REST server for communication and I think that seems to be OK. However, from what I can see, I need to create HTML web pages to "render" the data on the web browser. Is that true? Can I use the IW components with a REST server? If so, I'm not sure how to get the data to/from the browser UI. Am I better of investigating Ruby on Rails perhaps? From what I read on a different thread in here, it's based on MVC and some other areas which I feel, design wise, would fit how I would create the application (I was planning on creating the app based on the MVP or similar design pattern).
I think REST makes the most sense, so if the IW components can't be used, are there any 3rd party products I can use which would let me design "pretty" UI html. Given I don't know java script, would that be a stumbling block with REST too.
Thanks and hopefully I have provided enough information.
Thanks
Jason
Will a human being be responsible for typing the data retrieved from your external device into a web page?
If so, and you have no web development experience, Intraweb is definitely the way to go for Delphi programmers wanting to build a web application without learning new skills. For additional components to create a prettier UI I suggest using TMS Software's Intraweb Component Pack Pro.
If you don't need a human being to manually type in this data then you don't need Intraweb at all. Instead you would write a client application which presumably interrogated your external device for the data and then transmitted it to the REST server. Look at the documentation you've used to build your REST server and it should have a section on how to build a REST client.
You can build an ISAPI module with delphi that does the job, or include a HTTP server right into you executable with Indy, ICS or Synapse.
ISAPI will give you the freedom to choose Apache or IIS and give you all their power this way. Embeded HTTP server will give you a nice small application in which you control all ascpects of how it works.
Yes go with REST as it is simple and clean. All you need is to think and design the API (functions that your server will support). You can bind the APIs to the URL schema thus using the REST principle. I would do it simply like this.
A client makes a request. You show some form of GUI (load or render a HTML page with possible javascript)
User makes an action, you call appropriate API (or the user does it directly).
Show the user some result
Just guide the user process through a series of API calls until the result is made
You can use plain HTML and then add javascript if needed (jquery) or you can use ExtJS from Sencha which makes building a nice GUI a lot easier and is very well structured.
I would not use any "WYSIWYG" web tools. Plain old HTML written by your favorite editor is still the king in my opinion.