× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. RPG400-L
  3. April 2020

Re: Web service HTTP Basic Authentication - where to start from?

Hi Patrik,

So far, I already have a few REST APIs answering via an IWS web service and
it works fine, the Vue front-end makes the calls and consumes the responses.
I need to add a security layer, meaning instead of the front-end directly
making the calls, a server in the middle will receive the front-end
requests and forward them to the web service using an existing IBM i user
profile. I guess, basic authentication is needed for this connection
to successfully happen.

Back to your question: firstly, I think I'll explore how Web Server Process
itself takes care of this. From the middle server perspective it should
consist in some headers attributes properly set. From the Web Server
process, I don't know where to start from. I am groping in the dark.

Later on, I'll explore the second option you mentioned, which is my case I
assume will be some IBM i APIs, because I have just found an article (
https://www.linkedin.com/pulse/announcing-rpgapi-daniel-long/?trackingId=0Q2XJyfCjDcI7AtXZVbl7w%3D%3D)
describing how to set up an RPG server listening for REST APIs' requests,
which works without the middle IWS layer (no Java conversion in between).

What do you think about it?



Il giorno mar 28 apr 2020 alle ore 10:17 Patrik Schindler <poc@xxxxxxxxxx>
ha scritto:

Hello Maria,

Am 28.04.2020 um 07:58 schrieb Maria Lucia Stoppa <mlstoppa@xxxxxxxxx>:

I know very little about basic authentication: I know REST API must be
called with login information set in the headers, but I can't figure out
how to configure the web service HTTP instance to accept it and, most of
all, how these information will be checked against user profile security
on
IBM i.

Basic-Auth is done by the Web Server Process(es) itself, while some AUTH
in some API is handled by the API. Which of these two do you want to have?

I would like to know a bit more on the subject before paying for a
course.

Regarding REST and http, there's plenty of information out there in the
network. I'd start with Wikipedia (preferred: English, the
computing-centric articles are often of vrey good quality) and follow Links
in there to learn more.

:wq! PoC

PGP-Key: DDD3 4ABF 6413 38DE - https://www.pocnet.net/poc-key.asc


--
This is the RPG programming on IBM i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com




As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.