| Author |
Message
|
| diamondiona |
 Posted: Wed Jan 15, 2020 2:57 pm Post subject: Add Validation to RESTFul Service Main Flow |
 |
|
Acolyte
Joined: 19 Jun 2014
Posts: 50
|
Hello,
The default RESTFul Service main flow generated by MessageBroker toolkit is:
HTTP Input -> Router to Label
I need to add validation steps to the main flow:
HTTP Input ->FileRead(get username/password from files)->ComputeNode(validation) -> Router to Label.
My question is since Main Flow is generated by MessageBroker and should not be edited. How can I implement this? |
|
| Back to top |
|
 |
| timber |
| Posted: Thu Jan 16, 2020 2:09 am Post subject: |
|
|
Grand Master
Joined: 25 Aug 2015
Posts: 1292
|
That sounds like authenticaction, not validation.
You do not have to use the automatically-generate stubs. You can easily implement a flow using the HTTPInput node to do the same thing, and then you can add your authentication code into that flow. Or you could look into using an off-the-shelf authentication mechanism instead of rolling your own (but that decision is probably not in your hands). |
|
| Back to top |
|
|
| diamondiona |
| Posted: Thu Jan 16, 2020 6:27 am Post subject: |
|
|
Acolyte
Joined: 19 Jun 2014
Posts: 50
|
Do I need to check in auto-generated stub message flow to source code repository or it will be generated automatically after I imported project into workspace?
If I define "REST API base URL" in RESTFUL description as "/demo". Then HTTPInput URL in auto-generate sub message flow will use '/demo". If I added my own message flow, it's going to use different URL, like '/testdemo' which is inconsistent with "REST API BASE URL" in Service Descirption, right?
Anyway, we can disable messagebroker to automatically generate stub message flow.
Any example for off shelf authentication alternatives? |
|
| Back to top |
|
|
| timber |
| Posted: Thu Jan 16, 2020 7:41 am Post subject: |
|
|
Grand Master
Joined: 25 Aug 2015
Posts: 1292
|
If you decide to 'roll your own' main flow then you will not need the auto-generated one. But yes, it will be harder to maintain consistent naming standards and consistent look and feel. It's a design trade-off.
re: authentication mechanisms...the most common way to protect a REST API in IIB is to put an API gateway (e.g. IBM API Connect) in front of IIB. The API gateway performs authentication (usually OAuth) and also allows monitoring and control of the API in various ways. |
|
| Back to top |
|
|
| mehta10987 |
| Posted: Fri Jan 17, 2020 8:47 am Post subject: Add Validation to RESTFul Service Main Flow |
|
|
Novice
Joined: 12 Oct 2019
Posts: 13
Location: USA
|
If the ask is to validate the credentials of Users..
Are the details stored anywhere for lookup?
For e.g. a DB call?
Any other API exists which would provide valid User (if details are provided to that API)
Your solution will be driven by what call to be made |
|
| Back to top |
|
|
|
|
