FAQ

Owned by Former user (Deleted)
Last updated: Apr 04, 2007 by Former user (Deleted)Version comment
2 min read

Index

Please comment

  1. How do I enable web services? 
  2. Where can I find stuff?
  3. What are the minimum security requirements for an Enterprise Web service?
  4. What is a JWS file?
  5. What are the advantages and disadvantages of JWS files?
  6. What is the difference between an EID and an ID and why should I care?

 Answers

How do I enable web services?


In sakai/sakai.properties add:
webservices.allowlogin=true

Note for programmers:
Any new code written is expected to honour the property and this achieved via commands such as: 
          boolean allowLogin = ServerConfigurationService.getBoolean("webservices.allowlogin", false);

Where can I find stuff?


 Source: https://source.sakaiproject.org/svn/webservices/

What are the minimum security requirements for an Enterprise Web service?


Web services use SOAP. The protocol sends XML, thus passwords etc are in plain text. I would therefore recommend the following:

  • Encrypt via SSL/TLS
    For example via an accelerator card on a loadbalancer.
  • IP restrictions for the service if possible.
    How about the IP filter or IP restrictions on the router or via Apache configuration for a given virtualhost?
  • Monitoring of logging for unusual activity. An example

What is a .jws file?


The sakaiscript services use Apache AXIS technology. If a file with an jws extension is placed in the sakai-demo/webapps/sakai-axis directory it is compiled when it is first called. A jws file should contain methods that return a string or an array of strings. For examples, see jws files under /sakai-demo/webapps/sakai-axis/.

What are the advantages and disadvantages of JWS files?


JWS files are easy to test and deploy. However, you cannot define a package name and like JSP files tend to become quickly long and unmaintainable. In the middle term, it well worth defining your own Web Service Deployment Descriptor (WSDD) files and related jars. A WSDD file allows you define your services and your own handlers to send complex data structures e.g. classes back. Within the client software, you will also need to unmarshal the data. Luckily, AXIS has Java libraries to do this chore for most common data structures. The location to define your own service is /sakai-demo/webapps/sakai-axis/WEB-INF/server-config.wsdd.

For more information, please visit:
http://ws.apache.org/axis/java/user-guide.html#CustomDeploymentIntroducingWSDD
http://ws.apache.org/axis/java/user-guide.html#HowYourJavaTypesMapToSOAPXMLTypes

What is the difference between an EID and an ID and why should I care?


Link: https://content.cc.vt.edu/confluence/display/DEV/2006-05-09+Glenn+on+External+IDs