|
Bryce,
I should point out that whilst I have consulted with KrengelTech over the
past few years, DB2WSE isn't my software in any way - it's KrengelTech's.
Basically, I ain't gettin' rich if someone buys it :) So these questions
should really be asked of them (via Aaron Bartell who frequents these
forums, would no doubt be easiest).
That all being said, yes, if you sent your userid/password over HTTP, there
would be some risk. However, you could either use SSL or you could use a
'dummy' userid/password (i.e. a userid which isn't an IBM i userid), and
DB2WSE has its own 'security model' to process those. That way, you could
give people outside the organization a userid/password which they could use
to access certain files in certain specific ways. You could even specify
exactly which queries they could run.
But all of this is in the User Manual, which you should read if you're
interested......
Rory
p.s. I know it sounds like I'm selling something, but I'm really not - I
just think it's cool software.
On Thu, Jul 21, 2011 at 6:35 AM, Bryce Martin <BMartin@xxxxxxxxxxxx>
wrote:
Rory,is
I guess my main concern here is username/passwords being send via xml....
I'm guessing this stuff works just fine over https so that the data is
sent encrypted?
Thanks
Bryce Martin
Programmer/Analyst I
570-546-4777
Rory Hewitt <rory.hewitt@xxxxxxxxx>
Sent by: rpg400-l-bounces@xxxxxxxxxxxx
07/20/2011 02:17 PM
Please respond to
RPG programming on the IBM i / System i <rpg400-l@xxxxxxxxxxxx>
To
"RPG programming on the IBM i / System i" <rpg400-l@xxxxxxxxxxxx>
cc
Subject
Re: Web service question...
All,
FWIW, without wanting to disagree about what REST is (or isn't), much
discussion of REST on the web points to its relative simplicity and
implementation. Many of these examples show how a possibly complex
procedure
call can be simplified to a simple URL.
I suspect that in many cases, this is what people 'mean' when they talk
about a RESTful implementation or interface - the fact that you can model
your application (a collection of web services) in such a way that each
acalled
stand-alone object which can be called using only a URL to perform a
specific action. This 2003 article points out that 85% of developers who
interface to Amazon's web services do so using REST rather than SOAP. Old
article, of course, but stil...
This is not to say that this is what REST *is* - but I have to admit that
when I first looked it up on Wikipedia several years ago, I was pretty
baffled. On looking at that Wikipedia entry again, I think the total lack
of
good examples is a severe deficiency.
Rory
p.s. KrengelTech (home of Aaron Bartell) has a pretty nifty product
DB2WSE (http://iwiki.krengeltech.com/wiki/DB2WSE_User_Guide) whichallows
you to run SQL queries against your back-end database using either ainterface
'complex' XML interface or a much simpler REST (or at least REST-like)
interface, e.g.:
http://red.rpg-xml.com/db2wse/demo:demo/petstore/item/est-1
instead of
<DB2WSEREQ>
<STATEMENT>
select * from petstore/item where itemid = 'EST-1'
</STATEMENT>
<USER>DEMO</USER>
<PASSWORD>DEMO</PASSWORD></DB2WSEREQ>
It is this user-visible feature of REST (the simple interface) which is
what
many people 'mean' when they talk about the benefits of REST.
On Wed, Jul 20, 2011 at 9:25 AM, Henrik Rützou <hr@xxxxxxxxxxxx> wrote:
I agree with that, REST has a very loose definition and I will gofurther
thanbrowser
that and argue that most REST services when evoked from AJAX in a
uses POST in order to ensure that the client don't get buffered data.
You can argue that REST acts like and is a RPC (Remote Procedure Call)
As an example a CGI program that acts as a CRUD service and where the
program just remains active and stateless under the Apache environment.
Further more XML isn't the only way to communicate because the
actis bilatteral agreed so a REST service could also communicate in JSON,verb.
consume FORMDATA etc.
Most of these definitions discussed here overlaps each other in one or
several ways.
On Wed, Jul 20, 2011 at 5:48 PM, Joe Pluta <joepluta@xxxxxxxxxxxxxxxxx
wrote:
That's a reasonable description, but of course the devil is in the
details. First, a lot of RESTful services don't rely on the HTTP
toThey all use GET (some use POST) and then leave it up to the service
adetermine what to do. This is often the case when you simply expose
business logic as RESTful services; the HTTP interface is always the
same, the service interprets and executes the request. That makes it
havelittle easier to program the JavaScript on the browser; it doesn't
into worry about different verbs. Second, XML is no longer the only or
moresome cases even the dominant format for the message. JSON is used
toand more for both sides of the transaction, especially in Rich UI
applications where both the client and server are written by the same
development organization.
Joe
The way I've always described it...
1) In REST, the URI describes a "thing" to be acted upon. (Ex: An
invoice, PO, zip code, whatever)
2) In REST, the HTTP method is the "verb" telling it what to do.
(Retrieve, Update, Delete, Insert, etc)
3) In SOAP, the URI describes an 'endpoint' which generally refers
URI,some piece of software rather than a thing to act upon. A second
called Soap Action describes what that software should do. A set of
input parameters defined in an XML message describe what data to
isofupon.
4) In both cases, an XML message is returned, either as the output
service.the web service, or describing the effect of calling the web
(or
On 7/20/2011 4:51 AM, Larry Ducie wrote:
REST is a concept - it is the idea that the client has a picture
representation) of a "thing" in a certain well defined and valid
"state". The "thing" exists on the remote server. Changes to the
state of the "thing" from one valid state to another valid state
bill).andperformed via a call to a web service. A RESTful architecture will
provide a set of services that allow the client to describe the
current state (customer details, order details, invoice details)
to also change the current state (start order, add item, pay
mailing
--
This is the RPG programming on the IBM i / System i (RPG400-L)
andlistlist
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.
--
Regards,
Henrik Rützou
http://powerEXT.com <http://powerext.com/>
--
This is the RPG programming on the IBM i / System i (RPG400-L) mailing
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.
--
Rory Hewitt
http://www.linkedin.com/in/roryhewitt
--
This is the RPG programming on the IBM i / System i (RPG400-L) mailing
list
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.
--- This message (including any attachments) is intended only for the use
of the individual or entity to which it is addressed and may contain
information that is non-public, proprietary, privileged, confidential,
exempt from disclosure under applicable law. If you are not the intendeddestroy
recipient, you are hereby notified that any use, dissemination,
distribution, or copying of this communication is strictly prohibited. If
you have received this communication in error, please notify us and
this message immediately. ---list
--
This is the RPG programming on the IBM i / System i (RPG400-L) mailing
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.
--
Rory Hewitt
http://www.linkedin.com/in/roryhewitt
--
This is the RPG programming on the IBM i / System i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.