What is the best practice for implementing Security measures

Posted by kuhles on 01-Nov-2018 07:16

I have created an REST service connecting it to a Openedge Database, and a Nativescript App that calls the REST service, fully Functional CRUD on the database. However I have no security on the REST calls.

Either through authentication or Sessions.

I'd like someone to point me in the right direction.

i have looked at this link :

https://knowledgebase.progress.com/articles/Article/What-are-the-basic-steps-to-authenticate-REST-clients-against-the-OpenEdge-database-User-table .

Thanks

OpenEdge Deployment - Forum

All Replies

Posted by Peter Judge on 01-Nov-2018 08:28

There’s some doc on securing rest services at documentation.progress.com/.../index.html

You can use the OE _user table for your credentials but if you aren’t using that today then I would go with something like AD/LDAP or even SAML/OAuth in 11.7.4.

There should be archived sessions at the US (pugchallenge.org) and EMEA (pugchallenge.eu) PUG Challenge sites that can provide a higher level view.

Posted by Mike Fechner on 01-Nov-2018 08:30

Cross-posted at stackoverflow.com/.../how-to-implementing-security-for-your-rest-application-in-openedge-11-6

This thread is closed