I'm using oracle apex 4.2.6.
I have a web service that I want to use. ( Web service is not mine )
I need to hide the API key when calling it. I want to know how.
Can I create my own web service that will call this one and then send my API key with the call? If yes , how?
You have 2 ways to consume web services on the back-end (and hiding your api key).
1) Under Shared Components --> Web server reference --> Create
You can consume REST / Based on WSDL and Custom. Then you can reference the Web service in your APEX application and the back-end does the call.
2) Create a custom PL/SQL function/procedure that uses UTL_TCP or UTL_DBWS (or UTL_HTTP if it's a simple REST service) to call the web-service and crunch the response.
http://www.oraclecafe.com/2014/08/calling-wsdl-webservice-from-plsql/
If the web service is simple then going with option 1) would be the quickest way.
Creating and Using a Manual SOAP Web Service in Your Application
Related
I have a requirement where I have to schedule a console application, which fetches certain records from database and calls an ASP.NET web API. Could someone help me with how to restrict the web API to not get called from anywhere else?
Please help me with any useful links, tips, or steps to follow.
There are a few ways you can lock down access to your application for an rpc call.
You can restrict access via IP with IP filtering.
If you're using windows authentication, you can grant permission to specific AD User or Groups in your web config file.
If you're using forms authentication and basically just need to make an RPC call, you can create an endpoint for your console app which accepts a username/password parameter (using https, of course).
If your setup is more advanced, you can use tokens and ASPNET Identity to limit access.
These are just a few ideas. Basically just google ASPNET security and you'll get a ton of ideas.
I am trying to create Azure Application Gateway with SSL certification. I have successfully created it using Azure Power-Shell.
Now I want to create it using Rest APIs so that I can use/call them in my code (ruby). My question is: Is there any Rest API exist to create AzureRM Application Gateway? Because I am not able to find any. I've gone through the following link
https://msdn.microsoft.com/en-us/library/azure/mt420159.aspx
It has the APIs present for Application Gateway but for classic mode not for RM mode.
Now I want to create it using Rest APIs so that I can use/call them in
my code (ruby). My question is: Is there any Rest API exist to create
AzureRM Application Gateway? Because I am not able to find any
There's a REST API but at this moment it is not documented and hence you are not able to find it. As a workaround, what you could do is run PowerShell Cmdlets with -Debug switch. Then you will see the request URL as well as request body sent to create an Application Gateway. You can use that in your ruby code.
Firstly, I'm relatively new to Web API / CORS and security implementation.
This question is specifically with regards to security. The Web API houses extremely sensitive data and provides clients with the ability to execute transactions online.
The context :
I have a Web API self hosted as a windows service with a fixed port.
The Web API is sitting behind a firewall / DMZ on an internal network.
The Web API (using CORS) only allows traffic from the external server.
The external server hosts our web site using IIS.
The Web API is making use of Token authentication (bound to client IP to avoid hi-jacking).
Both the external website and internal Web API force the use of SSL.
The problem :
The web page makes ajax calls via javascript to the Web API. However, the Web API is not directly exposed to the internet.
What would the security impact be on having the below setup?
What sort of vulnerabilities would I be exposing my network too by doing so.
Is there a better way of implementing such a setup!?
Eg
User enters https://test.mydomain.com into the browser and is served a page.
ajax call gets made to https://test.mydomain.com/api/test/action
external server routes https://test.mydomain.com/api messages to internal server https://myInternalWebAPI/api/test/action which is not exposed to the public.
So this requires a little bit of leg work, but it's implemented into a production environment so I thought I'd share the solution.
I created a WCF service and a WebAPI.
The primary WCF Service resides on the internal network and contains all the business logic, database connectivity.
The proxy WebAPI mimics the WCF service structure and is exposed to the public.
The proxy WebAPI is called from the client (javascript), the proxy WebAPI then calls the internal server hosting the WCF service and voila, victory.
I want to develop an application that makes use of MSPN service. Is it necessary that my backend service be a cloud service
There would be no way to determine if a service is a cloud service or not (without being anti-competitive), so you should be able to use any web service, whether it is implemented using a cloud service such as Azure or not - as I understand it, for certification, it would have to be a web service, and not rely on something being installed on a PC on a private network.
No you dont need it to be a Cloud-Service, you can even implement your Push-Service in PHP or similar. But that has Limits, it cannot run periodically a Script or sth like that. All Push-Notifications have to be send manually.
To do this you need 2 Core-Components(In my example in PHP).
You have a Page on which the Phone-Application can register his MSPN Push-Uri, which then is stored into the Database.
A Page which takes the Uri(s) and then sends the Push-Notification to them
Need to generate document on the fly. for all the operation in application we are using WCF service.
(to generate the document we are plannign to use Syncfusion library, call is been made from ExtJs client and WCF service performs all db operation.)
Whats the possible solution for generating the document using WCF?
The WCF service is used to access the services from server in client mode, hence it’s not possible to open a Winforms application in WCF service. However you are trying the reverse action and we can’t access the remote application in server.
Please refer the below link for further clarifications.
How to create a file in WCF service application in windows
Thanks,
AL.Solai.