I have a WCF REST service. Now the question is how can I secure my REST service so no one can use/call it? and what would be the best way to call it (e.g. using jquery, or from code behind)? the client application is on MVC 3.
please help and advise
Many Thanks
Not sure if you're still looking for a solution. But I used WCFRESTContrib as a basis for my project for the security features, among other things. It's very easy to setup Basic Authentication on the entire service, or on an individual basis for each service method. They have a full description on it here. If you don't decide to use the project, it should at least give you a good understanding on how it works with WCF REST api's.
Related
I built a web app in Laravel 5.2, and now, I would like to use Angular or Vue, so I am separating an API from my controllers.
Thing is actually, in my controllers, I use a lot :
Auth::user() to refer to the logged user.
What is the best way to deal with it???
Read books about API design. If the existing app isn't designed to be a RESTful API in the first place then you're in for a lot of learning. Laracasts has a great series called Incremental APIs.
Laracasts.com
Build APIs You Won't Hate
OK, I'm expanding my answer, despite this is not a great question, it is probably too broad. You need to look into Oauth 2.0 authentication for your API, you can still use a username and password, but OAuth 2.0 tokens over SSL is probably the best simple way to provide authentication for your API. If it is only used internally, or is read only then you may not really require authentication for the API at all. There's not enough information about your use case to even make a guess about that. Good luck!
What is the purpose of rest API and where it should be used how can i know that in this part of website i should use rest API any one can tell me in simple words why,where and how can in implement that technology ?
My answer might be not througout and lacking in precision, but it may do.
REST API means serving app (website) API through HTTP requests (mainly)
Thats simple/silly explanation.
Better one is here:
What exactly is RESTful programming?
About when to use it... well.. that depends.
I guess common use case is when you want to expose some part of data/functionality of your site for third party developers. Then you may define URL under which you would return data in json or xml or....
I have read a thread regarding Yodlee implementation and on one of the responses a user said "It is easy to intergrate your app with Yodlee API" How exactly is it easy to implement Yodlee and integrate it with an existing C# Web App? I don't mind getting dirty, but I would like to know how hard can it get and is there forums out there and enough developer support? Please assist urgently as we need to test and implement Yodlee before the end of the month also note I am new to Yodlee and API integration.
Thanx in advance
You may not need to get dirty at all. It is so simple to implement Yodlee in any .net language. Yodlee provide a client library for .net as well, all you need to do is to wrap your business logic around the library. On other hand if you wish to take greater control of api calling as well, you will be provided wsdl proxies to the web services, code what ever way you feel good with it.
I know there are a lot of other question about this topic but I haven't found the right solution for my case.
The landscape is like that:
Backend runs on a tomcat and provides some services. Amongst others there is UserService.login().
The Frontend (JSF 2.0, Spring 3, OpenFaces or Primefaces) which i should implement runs on a different tomcat. I need to implement the security level in the frontend. For sure I'm searching for the best framework (seam, spring security, jaas). And if you know a good tutorial it would be great if you let me know. i can send username/password to the backend and receive a User with id, username and role.
I found lots of tutorials, but i didn't get it work properly. Can anyone help me?
I probably can't explain the whole thing. But you can follow these links and should get you want you need.
First setup basic JSF-Spring Security application like in this link . Here the author did hard code the user details in the applicationContext itself for simplicity. But for your requirement you need to implement a custom UserDetailsService and which is the authentication provider where it loads the user details from the backend. You can take a look at this link.
I'm working on a tool in C# that interfaces the JIRA SOAP API. I have read the documentation but I can't find what I'm looking for. Does anyone know if it is possible to link an issue to another one via this api?
PS : Actually, my real need is to convert an issue as a subtask of an issue...
Last time I looked, JIRA's web service wasn't really actively supported or encouraged by Atlassian. It's very much a second-class citizen compared to the web front end, with very basic operations.
Also, it's not a WSI-compliant web service (it's an old Axis-based RPC_encoded service), and so modern web service stacks won't even bind to it. You might want check that your client can perform basic query operations before diving into the depths of the API.
You can actually go pretty far with Jelly scripts, but converting an issue to a subtask then linking it as a subtask... I'm not positive that you can go that far.