× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Nathan, I can picture you huffing and puffing any time you think about .Net :-)

Blaming ASP.Net and my XMLSERVICE .Net wrapper for SQL injection, war in Iraq, ground water contamination and anything else you are unhappy with on a given day doesn't make me even consider you as a credible source on SPA, web development, web services or any of this.

Since you've not taken the time to download or even take a look at my XMLSERVICE wrapper for .Net or ASP.Net/C#/VB in general, I won't even attempt to describe to you how it would be used.

Once you take the time to get some real basis on ASP.Net and valid usage of XMLSERVICE I would be happy to have a deeper discussion.

All of the recent Microsoft ignite sessions are online for you to self-educate.
http://ignite.microsoft.com/

Regards,

Richard Schoen | Director of Document Management Technologies, HelpSystems
T: + 1 952-486-6802
RJS Software Systems | A Division of HelpSystems
richard.schoen@xxxxxxxxxxxxxxx
www.rjssoftware.com
Visit me on: Twitter | LinkedIn

------------------------------

message: 2
date: Wed, 20 May 2015 13:37:11 -0600
from: Nathan Andelin <nandelin@xxxxxxxxx>
subject: Re: [WEB400] IBM i authentication and RESTful web service
design


Are you saying your SPA's talk directly to the DB ? Not sure I would be
advocating that.
You need some sort of server side code to interact with the DB unless you
know something I don't :-)


I just returned from our monthly meeting of Utah IBM i Professionals
Association (UIIPA). We started a Linkedin group under the same name, and a
sub-group named IBM i Application Modernization. A few members plan on our
first GotoMeeting, which is scheduled in the afternoon of June 3, 2015 to
discuss this type of application architecture and review some tooling which
one of our members has been working on.

We're just getting the group started; there are no current discussions. But
we plan on discussing "modernization, from A to Z" over coming months. Feel
free to join the group for announcements and further discussions.

Regarding SPAs talking "directly to the DB", for me that conjures up images
of clients "injecting" SQL and performing DB I/O with few or no security
constraints; the kinds of things that most ASP.NET applications do. No, I
would not advocate for that.

The problem would be even worse to provide unconstrained or insecure
interfaces to client devices, because it is so easy for client-side tooling
to monitor network communications, mimic browsers, and commandeer REST
interfaces.

It appears that Kelly may have been reading my posts more closely, and
gaining a picture of a utilitarian interface (requiring little or no
server-side programming), but still enabling SPAs access to IBM i
resources, to perform DB operations, by using an interface which is more
secure than say a .Net data provider.

If I understand correctly, you created an interface between .Net and
XMLSERVICE, which provides for IBM i SQL injection and program calls.
XMLSERVICE in that context is a "utility". I'm talking about a similar
utility, which includes finer grained "authorities", and which prevents SQL
injection.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.