Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Guide to Secure Web Services with GJXML Hey I downloade d an IEPD! Cool, how do you write a web service? I use.NET Moo! I use Java.

Published byRaymond Hoover Modified over 8 years ago

Similar presentations

Presentation on theme: "A Guide to Secure Web Services with GJXML Hey I downloade d an IEPD! Cool, how do you write a web service? I use.NET Moo! I use Java."— Presentation transcript:

1

2 A Guide to Secure Web Services with GJXML Hey I downloade d an IEPD! Cool, how do you write a web service? I use.NET Moo! I use Java

3 WIJIS Justice Gateway The WIJIS Justice Gateway: The WIJIS Justice Gateway: A single, secure point of read-only access to disparate state and local justice information resources. Local Law Enforcement Records Management Systems Service-Oriented Architecture 1)Publish pointers from RMS to Gateway Cache 2) End Users Search Cache, Request Incident Report 3) Gateway requests Incident Report from RMS 4) RMS returns Incident Report 5) Gateway displays Incident Report

4 WIJIS WIJIS Developer Guide Service providers should be mapping data to GJXML, not bogged down in implementation details Provide example WSDL – Contract First! Server and client implementation in multiple languages compile schema into objects XSLT http://www.wijiscommons.org/gjxdm_example/

5 WIJIS Incident Report IEPD – The Homer Simpson Case Study IEPD can be downloaded here: http://www.search.org/programs/info/xml-iep.asp Doh, Now what? Let’s take a look, we see… Instance Examples Document and constraint schemas

6 WIJIS DOT NET 2.0 Instructions Generate C# Objects from WSDL with this command: wsdl.exe /server http://wijis.wisconsin.gov/wsdl/RecordRetrievalServiceWithIEPD.wsdl Create.NET Web Service and add references Example C# files and instructions here: http://www.wijiscommons.org/gjxdm_example/#dotNet

7 WIJIS Testing the Service – The Python Way Create a sample invocation file Run the sample python script Script can be run over http, https or https w/ client certificates Keep the test client simple! Examples available here: http://www.wijiscommons.org/gjxdm_example/#client

8 WIJIS Java Instructions - Overview Generate Jar File from WSDL using Jaxb Download sample Record Retrieval Service Project for Eclipse WIJIS provides Ant tasks in project Full details at: http://www.wijiscommons.org/gjxdm_example/#java

9 WIJIS Make your XML look Pretty - XSLT WIJIS Gateway invokes services, then: WIJIS Needed to transform results End users are not machines but humans Distributing XSLT helps service providers inspect Incident Reports before publishing Instance and transformed documents here http://www.wijiscommons.org/gjxdm_example/#xslt

10 WIJIS WIJIS – Security Overview Incident Report request conducted over HTTPS with X509 Client Certificates Layer 3 IP Address filtering WIJIS runs our own certificate authority Authorization granted based on name in certificate

11 WIJIS WIJIS – 4 Security Tests Certificate signed by WIJIS Certificate Authority Certificate is not expired Name in Certificate matches name on wire Certificate has been revoked

12 WIJIS X509 Certificate Request Process Client creates a private key openssl genrsa -out MyPrivateKey.key 1024 Using private key, client creates a Certificate Signing Request (CSR) openssl req -new -nodes -key MyPrivateKey.key -out MyCSR.csr CSR sent to CA and signed certificate is returned Signed certificate can be joined with Private Key openssl pkcs12 -export -in MyCertificate.pem -inkey MyPrivateKey.key -out MyPFXFile.pfx

13 WIJIS X509 Certificate Tools OpenSSL useful for both.NET and Java users. Keytool useful only for Java users Microsoft CertUtil – Not really useful for anyone

14 WIJIS Example Server Configurations with SSL and Client Certificates IIS 6.0 Step by Step available at: http://www.wijiscommons.org/gjxdm_example/#dotNet http://www.wijiscommons.org/gjxdm_example/#dotNet Apache Tomcat 5.5 Step by Step available at: http://www.wijiscommons.org/gjxdm_example/#java http://www.wijiscommons.org/gjxdm_example/#java

15 WIJIS IEPD Distribution Suggestions In addition to Instance Examples, include Example WSDL Auto-generated C# files and Jar Files (JaxB) Sample Implementations and test client XSLT with sample HTML output

16 WIJIS Developer Guide – Return on Investment Lowers the barriers to secure web services using GJXML Re-use of code saves developer time for agencies/vendors and stretches grant $$ Vendors integrate with WIJIS once and can distribute to all customers Prior to Guide: 0 Services, now 7 vendors, over 73 agencies in 8 months

17 Links wijiscommons.org/gjxdm_example – wijis developer guide oja.wi.gov/wijis – WIJIS Web Page wijisgateway.org – WIJIS Blog Contact Info James.pingel@wisconsin.gov Yogesh.chawla@wisconsin.govwisconsin.gov

Download ppt "A Guide to Secure Web Services with GJXML Hey I downloade d an IEPD! Cool, how do you write a web service? I use.NET Moo! I use Java."

Similar presentations

Distributed Access Control System

Distributed Access Control System
18 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Introduction to Web Services.

18 Copyright © 2005, Oracle. All rights reserved. Distributing Modular Applications: Introduction to Web Services.
WEB SERVICES. FIRST AND FOREMOST - LINKS Tomcat 6.0 - AXIS2 -

WEB SERVICES. FIRST AND FOREMOST - LINKS Tomcat AXIS2 -
Lecture plan Information retrieval (from week 11)

Lecture plan Information retrieval (from week 11)
Chapter 17: WEB COMPONENTS

Chapter 17: WEB COMPONENTS
Presentation 7 part 2: SOAP & WSDL. Ingeniørhøjskolen i Århus Slide 2 Outline Building blocks in Web Services SOA SOAP WSDL (UDDI)

Presentation 7 part 2: SOAP & WSDL. Ingeniørhøjskolen i Århus Slide 2 Outline Building blocks in Web Services SOA SOAP WSDL (UDDI)
1 HyCon Framework Overview Frank Allan Hansen and Bent Guldbjerg Christensen ! Run this presentation in presentation mode to watch animations.

1 HyCon Framework Overview Frank Allan Hansen and Bent Guldbjerg Christensen ! Run this presentation in presentation mode to watch animations.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Apache Tomcat Server – installation & use Server-side language-- use Java Server Pages Contrast Client-side languages HTML Forms Servers & Server-side.

Apache Tomcat Server – installation & use Server-side language-- use Java Server Pages Contrast Client-side languages HTML Forms Servers & Server-side.
LYU9901-Travel Net LYU9901-Travel Net Supervisor: Prof. Michael R. Lyu Students: Ho Chi Ho Malcolm Lau Chi Ho Arthur (Presentation on 29-02-2000)

LYU9901-Travel Net LYU9901-Travel Net Supervisor: Prof. Michael R. Lyu Students: Ho Chi Ho Malcolm Lau Chi Ho Arthur (Presentation on )
Apache Tomcat Server Typical html Request/Response cycle

Apache Tomcat Server Typical html Request/Response cycle
Implementation of One Stop Search by XSLT By Dave Low University of Hong Kong 9-Dec-2003.

Implementation of One Stop Search by XSLT By Dave Low University of Hong Kong 9-Dec-2003.
1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.

1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.
Web Applications Basics. Introduction to Web Web features Clent/Server HTTP HyperText Markup Language URL addresses Web server - a computer program that.

Web Applications Basics. Introduction to Web Web features Clent/Server HTTP HyperText Markup Language URL addresses Web server - a computer program that.
Getting Started with Windows Communication Foundation 4.5 Ed Jones, MCT, MCPD, MCTS Consultant RBA Inc.

Getting Started with Windows Communication Foundation 4.5 Ed Jones, MCT, MCPD, MCTS Consultant RBA Inc.
TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.

TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.
APACHE SERVER By Innovationframes.com »

APACHE SERVER By Innovationframes.com »
Tomcat Celsina Bignoli History of Tomcat Tomcat is the result of the integration of two groups of developers. – JServ, an open source.

Tomcat Celsina Bignoli History of Tomcat Tomcat is the result of the integration of two groups of developers. – JServ, an open source.
CSCI 6962: Server-side Design and Programming

CSCI 6962: Server-side Design and Programming
Server Side Scripting Norman White. Where do we do processing? Client side – Javascript (embed code in html) – Java applets (send java program to run.

Server Side Scripting Norman White. Where do we do processing? Client side – Javascript (embed code in html) – Java applets (send java program to run.

Similar presentations

Ads by Google