DOCSLIB.ORG

Oracle® Cloud Using the REST Adapter

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Oracle® Cloud Using the REST Adapter Oracle® Cloud Using the REST Adapter Release 18.3 E66630-19 September 2018 Oracle Cloud Using the REST Adapter, Release 18.3 E66630-19 Copyright © 2015, 2018, Oracle and/or its affiliates. All rights reserved. Primary Author: Mark Kennedy This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency- specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group. This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle. Contents Preface Audience vi Documentation Accessibility vi Related Resources vi Conventions vi 1 Understanding the REST Adapter REST Adapter Capabilities 1-1 About Oracle Integration Cloud Service 1-27 About Oracle Integration Cloud Service Connections 1-28 About Oracle Integration Cloud Service Integrations 1-28 How to Implement Specific REST Adapter Features 1-28 How Do I Build an Integration that Exposes the REST API Using the REST Adapter? 1-29 How Do I Configure the REST Adapter to Consume a REST API Protected with 2-Legged OAuth Token-Based Authentication? 1-31 How Do I Configure the REST Adapter to Consume a REST API Protected with 3-Legged OAuth Token-Based Authentication? 1-36 Security Configurations for Popular OAuth-Protected APIs 1-40 Typical Workflow for Creating and Including an Adapter Connection in an Integration 1-40 2 Creating a REST Adapter Connection Prerequisites for Creating a Connection 2-1 Uploading an SSL Certificate 2-2 Creating a Connection 2-3 Adding a Contact Email 2-4 Configuring Connection Properties 2-4 Configuring Connection Security 2-5 Configuring an Agent Group 2-9 Testing the Connection 2-9 iii Testing a REST Adapter Connection with the HTTP Basic Authentication Security Policy Does Not Validate the Credentials 2-9 Editing a Connection 2-10 Cloning a Connection 2-10 Deleting a Connection 2-11 3 Creating an Integration 4 Adding the REST Adapter Connection to an Integration Configuring REST Adapter Basic Information Properties 4-1 What You Can Do from the REST Adapter Basic Info Page 4-2 What You See on the REST Adapter Basic Info Page 4-2 Configuring REST Adapter Request Parameters Properties 4-4 What You Can Do from the REST Adapter Request Parameters Page 4-5 What You See on the REST Adapter Request Parameters Page 4-5 Configuring REST Adapter Request Properties 4-5 What You Can Do from the REST Adapter Request Page 4-5 What You See on the REST Adapter Request Page 4-6 Configuring REST Adapter Request Header Properties 4-8 What You Can Do from the REST Adapter Request Headers Page 4-8 What You See on the REST Adapter Request Headers Page 4-9 Configuring REST Adapter CORS Configuration Properties 4-9 What You Can Do from the REST Adapter CORS Configuration Page 4-10 What You See on the REST Adapter CORS Configuration Page 4-10 Configuring REST Adapter Response Properties 4-10 What You Can Do from the REST Adapter Response Page 4-10 What You See on the REST Adapter Response Page 4-11 Configuring REST Adapter Response Header Properties 4-13 What You Can Do from the REST Adapter Response Headers Page 4-13 What You See on the REST Adapter Response Headers Page 4-14 Configuring Oracle REST Adapter Invoke Operation Selection Properties 4-14 What You Can Do from the REST Adapter Operation Selection Page 4-15 What You See on the REST Adapter Operation Selection Page 4-15 Reviewing Configuration Values on the Summary Page 4-15 What You Can Do from the Summary Page 4-15 What You See on the Summary Page 4-16 5 Creating Mappings and Lookups in Integrations Entering q as a Standard HTTP Query Parameter with the Query as a Value 5-1 iv JSON to XML Special Character Conversion 5-1 6 Administering Integrations 7 Troubleshooting the REST Adapter Processing Large Sample JSON Files with Special Characters 7-1 Using a Surrogate Namespace in Schemas Without a Namespace 7-2 Troubleshooting SSL Certification Issues 7-3 Defining Fault and Response Pipelines in Basic Map Data Integrations 7-3 Empty Arrays Are Not Supported in Sample JSON Files 7-5 Invoke Endpoint URI Must Match the Base URI + Resource URI in REST Adapter 7-5 Invoking JD Edwards Form Service with the REST Adapter Causes APIInvocationError 7-5 REST Adapter Data is Only Saved When You Click Next 7-6 Converting XML to a JSON Document 7-6 Supported Special Characters in JSON 7-7 content-type is Missing for an Asynchronous Flow 7-7 REST URLs Exceeding 8251 Characters Fail 7-8 v Preface Preface Using the REST Adapter describes how to configure the REST Adapter as a connection in an integration in Oracle Integration Cloud Service. Topics • Audience • Documentation Accessibility • Related Resources • Conventions Audience Using the REST Adapter is intended for developers who want to use the REST Adapter in integrations in Oracle Integration Cloud Service. Documentation Accessibility For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup? ctx=acc&id=docacc. Access to Oracle Support Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/ lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired. Related Resources See these Oracle resources: • Oracle Cloud http://cloud.oracle.com • Using Oracle Integration Cloud Service • Using the Oracle Mapper Conventions The following text conventions are used in this document: vi Preface Convention Meaning boldface Boldface type indicates graphical user interface elements associated with an action, or terms defined in text or the glossary. italic Italic type indicates book titles, emphasis, or placeholder variables for which you supply particular values. monospace Monospace type indicates commands within a paragraph, URLs, code in examples, text that appears on the screen, or text that you enter. vii 1 Understanding the REST Adapter Review the following conceptual topics to learn about the REST Adapter and how to use it as a connection in integrations in Oracle Integration Cloud Service. A typical workflow of adapter and integration tasks is also provided. Topics • REST Adapter Capabilities • About Oracle Integration Cloud Service • About Oracle Integration Cloud Service Connections • About Oracle Integration Cloud Service Integrations • Typical Workflow for Creating and Including an Adapter Connection in an Integration REST Adapter Capabilities The REST Adapter can expose integrations as REST APIs by configuring a REST Adapter connection as a trigger. The REST Adapter can also consume any external REST API by configuring a REST Adapter connection as an invoke. This section identifies the capabilities of the REST Adapter when used as a trigger or invoke connection. Note: The REST Adapter treats all endpoints as they are exposed.
Load more

Recommended publications
  • RPC and SOAP Services
    www.it-ebooks.info www.it-ebooks.info PHP Web Services Lorna Jane Mitchell www.it-ebooks.info PHP Web Services by Lorna Jane Mitchell Copyright © 2013 Lorna Jane Mitchell. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://my.safaribooksonline.com). For more information, contact our corporate/ institutional sales department: 800-998-9938 or [email protected]. Editors: Maria Gulick and Rachel Roumeliotis Cover Designer: Randy Comer Production Editor: Marisa LaFleur Interior Designer: David Futato Proofreader: Marisa LaFleur Illustrator: Rebecca Demarest April 2013: First Edition Revision History for the First Edition: 2013-04-19: First release See http://oreilly.com/catalog/errata.csp?isbn=9781449356569 for release details. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. PHP Web Services, the image of an Alpine Accentor, and related trade dress are trademarks of O’Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc., was aware of a trade‐ mark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
    [Show full text]
  • 5G; 5G System; Access and Mobility Management Services; Stage 3 (3GPP TS 29.518 Version 15.0.0 Release 15)
    ETSI TS 129 518 V15.0.0 (2018-09) TECHNICAL SPECIFICATION 5G; 5G System; Access and Mobility Management Services; Stage 3 (3GPP TS 29.518 version 15.0.0 Release 15) 3GPP TS 29.518 version 15.0.0 Release 15 1 ETSI TS 129 518 V15.0.0 (2018-09) Reference RTS/TSGC-0429518vf00 Keywords 5G ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice The present document can be downloaded from: http://www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI.
    [Show full text]
  • Towards an Ontology of HTTP Interactions Mathieu Lirzin, Béatrice Markhoff
    Towards an ontology of HTTP interactions Mathieu Lirzin, Béatrice Markhoff To cite this version: Mathieu Lirzin, Béatrice Markhoff. Towards an ontology of HTTP interactions. [Research Report] Université de Tours - LIFAT. 2020. hal-02901879 HAL Id: hal-02901879 https://hal.archives-ouvertes.fr/hal-02901879 Submitted on 17 Jul 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Towards an ontology of HTTP interactions Mathieu Lirzin1;2[0000−0002−8366−1861] and B´eatriceMarkhoff2[0000−0002−5171−8499] 1 N´er´eide,8 rue des d´eport´es,37000 Tours, France [email protected] 2 LIFAT EA 6300, Universit´ede Tours, Tours, France [email protected] Abstract. Enterprise information systems have adopted Web-based foun- dations for exchanges between heterogeneous programmes. These programs provide and consume via Web APIs some resources identified by URIs, whose representations are transmitted via HTTP. Furthermore HTTP re- mains at the heart of all Web developments (Semantic Web, linked data, IoT...). Thus, situations where a program must be able to reason about HTTP interactions (request-response) are multiplying. This requires an explicit formal specification of a shared conceptualization of those inter- actions.
    [Show full text]
  • X41 D-SEC Gmbh Dennewartstr
    Browser Security White PAPER Final PAPER 2017-09-19 Markus VERVIER, Michele Orrù, Berend-Jan WEVER, Eric Sesterhenn X41 D-SEC GmbH Dennewartstr. 25-27 D-52068 Aachen Amtsgericht Aachen: HRB19989 Browser Security White PAPER Revision History Revision Date Change Editor 1 2017-04-18 Initial Document E. Sesterhenn 2 2017-04-28 Phase 1 M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 3 2017-05-19 Phase 2 M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 4 2017-05-25 Phase 3 M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 5 2017-06-05 First DrAFT M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 6 2017-06-26 Second DrAFT M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 7 2017-07-24 Final DrAFT M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 8 2017-08-25 Final PAPER M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER 9 2017-09-19 Public Release M. VERVIER, M. Orrù, E. Sesterhenn, B.-J. WEVER X41 D-SEC GmbH PAGE 1 OF 196 Contents 1 ExECUTIVE Summary 7 2 Methodology 10 3 Introduction 12 3.1 Google Chrome . 13 3.2 Microsoft Edge . 14 3.3 Microsoft Internet Explorer (IE) . 16 4 Attack Surface 18 4.1 Supported Standards . 18 4.1.1 WEB TECHNOLOGIES . 18 5 Organizational Security Aspects 21 5.1 Bug Bounties . 21 5.1.1 Google Chrome . 21 5.1.2 Microsoft Edge . 22 5.1.3 Internet Explorer . 22 5.2 Exploit Pricing . 22 5.2.1 ZERODIUM . 23 5.2.2 Pwn2Own .
    [Show full text]
  • Httpclient-Tutorial.Pdf
    HttpClient Tutorial Oleg Kalnichevski Jonathan Moore Jilles van Gurp Preface .................................................................................................................................... iv 1. HttpClient scope .......................................................................................................... iv 2. What HttpClient is NOT .............................................................................................. iv 1. Fundamentals ....................................................................................................................... 1 1.1. Request execution ...................................................................................................... 1 1.1.1. HTTP request .................................................................................................. 1 1.1.2. HTTP response ............................................................................................... 2 1.1.3. Working with message headers ........................................................................ 2 1.1.4. HTTP entity .................................................................................................... 3 1.1.5. Ensuring release of low level resources ............................................................ 5 1.1.6. Consuming entity content ................................................................................ 6 1.1.7. Producing entity content .................................................................................. 6 1.1.8. Response
    [Show full text]
  • Fortiadc Server Load Balance Script Deployment Guide
    FortiADC Server Load Balance Script Deployment Guide VERSION 5.2.0 FORTINET DOCUMENT LIBRARY http://docs.fortinet.com FORTINET VIDEO GUIDE http://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com FORTIGATE COOKBOOK http://cookbook.fortinet.com FORTINET TRAINING SERVICES http://www.fortinet.com/training FORTIGUARD CENTER http://www.fortiguard.com END USER LICENSE AGREEMENT http://www.fortinet.com/doc/legal/EULA.pdf FEEDBACK Email: [email protected] Friday, December 28, 2018 FortiADC Link Load Balance Deployment Guide First Edition TABLE OF CONTENTS TABLE OF CONTENTS 3 Configuration Overview 4 Deployment –Content Routes Based on URI String 9 Introduction FortiADC SLB supports Lua scripts to perform actions that are not currently supported by the built-in feature set. Scripts enable you to use predefined script commands and variables to manipulate the HTTP request/response or select a content route. The multi-script support feature enables you to use multiple scripts by setting their sequence of execution. Here are FortiADC's predefined scripts and commands that you can copy and customize in the GUI/Server Load Balance/Scripting page. Configuration Overview The script used in the SLB/VS configuration that is triggered when the associated virtual server receives an HTTP request or response. Then, it does the programmed action. The events in which you can create them are shown as below: Event name Description RULE_INIT The event is used to initialize global or static variables used within a script. It is triggered when a script is added or modified, or when the device starts up, or when the software is restarted.
    [Show full text]
  • Identity Provider (IDP) Technical Specifications Version 1.3
    Identity & Authorization Management (I.AM) Identity Provider (IDP) Technical specifications Version 1.3 This document is provided to you free of charge by the eHealth platform Willebroekkaai 38 – 1000 Brussel 38, Quai de Willebroeck – 1000 Bruxelles All are free to circulate this document with reference to the URL source. Table of contents Table of contents .................................................................................................................................................... 2 1. Document management ........................................................................................................................ 4 1.1 Document history ................................................................................................................................... 4 2. Introduction ........................................................................................................................................... 5 2.1 Goal of the service ................................................................................................................................. 5 2.2 Identity ................................................................................................................................................... 5 2.3 Trust ....................................................................................................................................................... 6 2.3.1 Web SSO ................................................................................................................................................
    [Show full text]
  • Security Analysis of Real-Life Openid Connect Implementations
    Single Sign-On Security: Security Analysis of real-life OpenID Connect Implementations Lauritz Holtmann Master’s Thesis – September 30, 2020. Chair for Network and Data Security. Supervisor: Dr.-Ing. Christian Mainka Advisor: Prof. Dr. Jörg Schwenk Advisor: Dr.-Ing. Vladislav Mladenov Abstract OpenID Connect 1.0 is an authentication protocol that extends the OAuth 2.0 Au- thorization Framework. A typical OpenID Connect 1.0 setup involves three parties: an End-User who wants to sign-in at a service, the OpenID Provider that authenti- cates the End-User and a Relying Party that provides a service to the End-User. Im- plementing Single Sign-On protocols like OpenID Connect enables Service Providers to delegate authorization and authentication tasks to a dedicated third party. This decentralized scenario comes with flexibility for implementing entities and usability benefits for End-Users but also introduces new challenges regarding secure andre- liable authentication mechanisms. In this thesis, three novel variants of attacks on OpenID Connect implementations and two attacks on the OpenID Connect speci- fication are presented. Besides these novel attacks, four Identity Provider andfive Service Provider implementations are evaluated against a set of previously known attacks and requirements resulting from the specification and current security best practices. During the execution of the analysis, NodeJS implementations of the Identity Provider and Service Provider parts of the OpenID Connect specification were created, which are also introduced in this thesis. Finally, common vulnerability patterns observed within the set of OpenID Connect implementations are derived and recommendations for additions to the OpenID Connect security considerations are given.
    [Show full text]
  • Aiohttp Documentation Release 3.7.4.Post0
    aiohttp Documentation Release 3.7.4.post0 aiohttp contributors Mar 06, 2021 CONTENTS 1 Key Features 3 2 Library Installation 5 2.1 Installing speedups altogether......................................5 3 Getting Started 7 3.1 Client example..............................................7 3.2 Server example:.............................................7 4 What’s new in aiohttp 3? 9 5 Tutorial 11 6 Source code 13 7 Dependencies 15 8 Communication channels 17 9 Contributing 19 10 Authors and License 21 11 Policy for Backward Incompatible Changes 23 12 Table Of Contents 25 12.1 Client................................................... 25 12.2 Server................................................... 79 12.3 Utilities.................................................. 162 12.4 FAQ.................................................... 177 12.5 Miscellaneous.............................................. 184 12.6 Who uses aiohttp?............................................ 246 12.7 Contributing............................................... 250 Python Module Index 255 Index 257 i ii aiohttp Documentation, Release 3.7.4.post0 Asynchronous HTTP Client/Server for asyncio and Python. Current version is 3.7.4.post0. CONTENTS 1 aiohttp Documentation, Release 3.7.4.post0 2 CONTENTS CHAPTER ONE KEY FEATURES • Supports both Client and HTTP Server. • Supports both Server WebSockets and Client WebSockets out-of-the-box without the Callback Hell. • Web-server has Middlewares, Signals and plugable routing. 3 aiohttp Documentation, Release 3.7.4.post0 4 Chapter 1. Key Features CHAPTER TWO LIBRARY INSTALLATION $ pip install aiohttp You may want to install optional cchardet library as faster replacement for chardet: $ pip install cchardet For speeding up DNS resolving by client API you may install aiodns as well. This option is highly recommended: $ pip install aiodns 2.1 Installing speedups altogether The following will get you aiohttp along with chardet, aiodns and brotlipy in one bundle.
    [Show full text]
  • Ts 129 503 V15.4.0 (2019-07)
    ETSI TS 129 503 V15.4.0 (2019-07) TECHNICAL SPECIFICATION 5G; 5G System; Unified Data Management Services; Stage 3 (3GPP TS 29.503 version 15.4.0 Release 15) 3GPP TS 29.503 version 15.4.0 Release 15 1 ETSI TS 129 503 V15.4.0 (2019-07) Reference RTS/TSGC-0429503vf40 Keywords 5G ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice The present document can be downloaded from: http://www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI deliverable is the one made publicly available in PDF format at www.etsi.org/deliver. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI.
    [Show full text]
  • Development and Implementation of Secure Web Applications
    DEVELOPMENT AND IMPLEMENTATION OF SECURE WEB APPLICATIONS AUGUST 2011 Acknowledgements CPNI would like to acknowledge and thank Daniel Martin and NGS Secure for their help in the preparation of this document. Abstract This guide is intended for professional web application developers and technical project managers who want to understand the current threats and trends in the web application security realm, and ensure that the systems they are building will not expose their organisations to an excessive level of risk. Disclaimer: Reference to any specific commercial product, process or service by trade name, trademark, manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favoring by CPNI. The views and opinions of authors expressed within this document shall not be used for advertising or product endorsement purposes. To the fullest extent permitted by law, CPNI accepts no liability for any loss or damage (whether direct, indirect or consequential and including, but not limited to, loss of profits or anticipated profits, loss of data, business or goodwill) incurred by any person and howsoever caused arising from or connected with any error or omission in this document or from any person acting, omitting to act or refraining from acting upon, or otherwise using, the information contained in this document or its references. You should make your own judgment as regards use of this document and seek independent professional advice on your particular circumstances. Executive summary Document scope This document is a practical guide on how to design and implement secure web applications. Any such analysis must start with an understanding of the risks to which your application will be exposed.
    [Show full text]
  • Decentralized Control and Adaptation in Distributed Applications Via Web and Semantic Web Technologies
    DECENTRALIZED CONTROL AND Felix Leif Keppmann ADAPTATION IN DISTRIBUTED DECENTRALIZED APPLICATIONS CONTROL AND via Web and Semantic Web Technologies ADAPTATION IN DISTRIBUTED APPLICATIONS via Web and Semantic Increased use of mobile devices, wearables, Web Technologies and sensors characterizes current develop- ments in multiple domains. In this context, the visions of the Internet of Things, Web of Things, and Semantic Web of Things as well as related visions such as Industry 4.0 promise interconnection and collaboration between billions of “things”. Still, what we are currently witnessing is the proliferation of isolated is- lands of custom solutions that cannot be easily integrated or extended. The work presented in this book provides an approach and an implementation for enabling decentralized control in distributed applica- tions composed of heterogeneous components APPLICATIONS IN DISTRIBUTED AND ADAPTATION CONTROL DECENTRALIZED by benefiting from the interoperability provid- ed by the Web stack and relying on semantic technologies for enabling data integration. In ISBN 978-3-7315-0966-0 particular, the concept of Smart Components enables adaptability at runtime through an adaptation layer and is complemented by a reference architecture as well as a prototypi- Gedruckt auf FSC-zertifiziertem Papier auf FSC-zertifiziertem Gedruckt 9 783731 509660 cal implementation. Keppmann Felix Leif Keppmann Decentralized Control and Adaptation in Distributed Applications via Web and Semantic Web Technologies Decentralized Control and Adaptation in Distributed Applications via Web and Semantic Web Technologies by Felix Leif Keppmann Decentralized Control and Adaptation in Distributed Applications via Web and Semantic Web Technologies Zur Erlangung des akademischen Grades eines Doktor der Ingenieur- wissenschaften (Dr.-Ing.) von der KIT-Fakultät für Wirtschaftswissen- schaften des Karlsruher Instituts für Technologie (KIT) genehmigte Dissertation von M.Sc.
    [Show full text]