Portus Version 2018-08-24     PDF BOOKS   |   HOME   UP   PREV   NEXT
 

Securing Portus Web Services

The methods supported by Portus are provided by Web Services. Thus, when an administrator uses the Control Centre to change the Portus configuration, they are calling a web service. It is the same when a user issues are request from .NET, PHP, etc, to access data; they are calling a web service.

Overview

Portus provides one dynamic and two static web services.

  1. The static configuration service: 

    http://<hostname>:<port>/configurationService

  2. The static resource administration service:

    http://<hostname>:<port>/resourceService

  3. The dynamic resource service: 

    http://<hostname>:<port>/<resource_name>

Appending “?WSDL” to the end of these URLs will return the WSDL for that particular web service, (see more information below). <hostname> and <port> (if required) will be the respective IP address/hostname and port of your Portus server. <resource_name> will be dynamically created based on the resource name you set in the configuration. E.g. http://myServer/adabasEmployees would be the endpoint for the “adabasEmployees” resource running on “myServer” (port 80).

The Configuration Service

The configuration service is used to create, delete and update the current configuration of Portus. It is also used to import and export the view of a particular resource, which in Eclipse terms is the XRD file. In Eclipse, the configuration service is used when using the Portus Import or Export wizards.

The Resource Administration Service

The resource administration service is used to create and delete resources based on a specific resource name.

This should not be confused with defining a resource in the configuration. For example, the configuration service could be used (via Eclipse) to create a new resource name “adabas_newResource”.

The resource administration service would be used to define an Adabas file on this resource. The resource administration service could also be used to delete (or drop) this Adabas file.

In Eclipse, the resource administration service is used when executing the “Portus Create Resource” or “Portus Delete Resource” functions.

WSDL Access

An administrator can also prohibit usage of the service, but allow a client to view the description of the web service.

A standard language called WSDL describes what this web service looks like.

To access the WSDL for a web service, the client should append the “?WSDL” argument to the web service endpoint. E.g. to get the WSDL for the configuration service, the following URL could be entered into a browser:

http://myServer/configurationService?WSDL

This provides the WSDL specifically for this web service.

A client who understands WSDL will now know how to access this web service. Normally a ‘client’ will be software as the WSDL is not intended to be read by humans in the normal course of events.

To use a web service, the client constructs and sends a SOAP request based on the WSDL. The WSDL also describes what the SOAP response will look like.

In terms of security


Ostia
www.ostiasolutions.com 		Copyright @ 2006-2018 Ostia Software Solutions Limited.