Download OJA Generic Template

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
Document related concepts
no text concepts found
Transcript 
A Guide to Secure Web
Services with GJXML
Hey I
downloade
d an IEPD!
Cool, how do you
write a web
service?
Moo! I
use Java
I use
.NET
Service-Oriented Architecture
The WIJIS Justice Gateway: A single, secure
point of read-only access to disparate state
and local justice information resources.
Local Law Enforcement
Records Management Systems
1)
Publish pointers from RMS
to Gateway Cache
2) End Users Search Cache,
WIJIS
3) Gateway requests Incident
Report from RMS
Request Incident Report
Justice
Gateway
5) Gateway displays
4) RMS returns Incident Report
Incident Report
WIJIS
WIJIS Developer Guide
Service providers should be mapping data to
GJXML, not bogged down in implementation
details
Provide
example WSDL – Contract First!
Server and client implementation in multiple languages
compile schema into objects
XSLT
http://www.wijiscommons.org/gjxdm_example/
WIJIS
Incident Report IEPD – The Homer Simpson
Case Study
IEPD can be downloaded here:
 http://www.search.org/programs/info/xml-iep.asp
Let’s take a look, we see…
Instance Examples
Document and constraint schemas
Doh, Now what?
WIJIS
DOT NET 2.0 Instructions
Generate C# Objects from WSDL with this
command:
 wsdl.exe /server
http://wijis.wisconsin.gov/wsdl/RecordRetrievalServiceWithIEPD.wsdl
Create .NET Web Service and add references
Example C# files and instructions here:
http://www.wijiscommons.org/gjxdm_example/#dotNet
WIJIS
Testing the Service – The Python Way
Create a sample invocation file
Run the sample python script
Script can be run over http, https or
https w/ client certificates
Keep the test client simple!
Examples available here:
http://www.wijiscommons.org/gjxdm_example/#client
WIJIS
Java Instructions - Overview
Generate Jar File from WSDL using Jaxb
Download sample Record Retrieval Service
Project for Eclipse
WIJIS provides Ant tasks in project
Full details at:
 http://www.wijiscommons.org/gjxdm_example/#java
WIJIS
Make your XML look Pretty - XSLT
WIJIS Gateway invokes services, then:
WIJIS Needed to transform results
End users are not machines but humans
Distributing XSLT helps service providers
inspect Incident Reports before publishing
Instance and transformed documents here
http://www.wijiscommons.org/gjxdm_example/#xslt
WIJIS
WIJIS – Security Overview
Incident Report request conducted over
HTTPS with X509 Client Certificates
Layer 3 IP Address filtering
WIJIS runs our own certificate authority
Authorization granted based on name in
certificate
WIJIS
WIJIS – 4 Security Tests
Certificate signed by WIJIS Certificate
Authority
Certificate is not expired
Name in Certificate matches name on wire
Certificate has been revoked
WIJIS
X509 Certificate Request Process
Client creates a private key
 openssl genrsa -out MyPrivateKey.key 1024
Using private key, client creates a Certificate
Signing Request (CSR)
openssl req -new -nodes -key MyPrivateKey.key -out MyCSR.csr
CSR sent to CA and signed certificate is returned
Signed certificate can be joined with Private Key
openssl pkcs12 -export -in MyCertificate.pem -inkey
MyPrivateKey.key -out MyPFXFile.pfx
WIJIS
X509 Certificate Tools
OpenSSL
useful for both .NET and Java users.
Keytool
useful only for Java users
Microsoft CertUtil – Not really useful for
anyone
WIJIS
Example Server Configurations with SSL and
Client Certificates
IIS 6.0
Step by Step available at:
http://www.wijiscommons.org/gjxdm_example/#dotNet
Apache Tomcat 5.5
Step by Step available at:
http://www.wijiscommons.org/gjxdm_example/#java
WIJIS
IEPD Distribution Suggestions
In addition to Instance Examples, include
Example WSDL
Auto-generated C# files and Jar Files (JaxB)
Sample Implementations and test client
XSLT with sample HTML output
WIJIS
Developer Guide – Return on Investment
Lowers the barriers to secure web services using
GJXML
Re-use of code saves developer time for
agencies/vendors and stretches grant $$
Vendors integrate with WIJIS once and can
distribute to all customers
Prior to Guide: 0 Services, now 7 vendors, over
73 agencies in 8 months
Links
wijiscommons.org/gjxdm_example – wijis
developer guide
oja.wi.gov/wijis – WIJIS Web Page
wijisgateway.org – WIJIS Blog
Contact Info
[email protected]
[email protected]
Related documents
Association for Molecular Pathology Certificate of
Association for Molecular Pathology Certificate of
Webinar - Association for Molecular Pathology
Webinar - Association for Molecular Pathology
Association for Molecular Pathology Certificate of Attendance
Association for Molecular Pathology Certificate of Attendance
Networking Support Certificate C25340B
Networking Support Certificate C25340B
Social Media Marketing Certificate
Social Media Marketing Certificate
Natural Resource Conservation and Management
Natural Resource Conservation and Management
Natural Language Processing Graduate Level Academic Credit
Natural Language Processing Graduate Level Academic Credit
NEWS RELEASE FOR IMMEDIATE RELEASE August 23, 2011
NEWS RELEASE FOR IMMEDIATE RELEASE August 23, 2011
Associate of Science in Computer Information Technology Program
Associate of Science in Computer Information Technology Program
Application Form : Fellowship Programme
Application Form : Fellowship Programme