CODEWITHSUNDEEP
securityadapteribm-mobilefirst
Paul Raj
Paul Raj

Reputation: 103

Invoking Worklight adapter from non-worklight applications

When deploying adapters (be it HTTP, SQL, JMS or CastIron) to the Worklight Server in WebSphere application server, I believe we can invoke the adapters externally from any non-Worklight applications as below.

http://localhost:8080/invoke?adapter=ADAPTER_NAME&procedure=PROCEDURE_NAME&parameters=[PARAMETER1,PAREMETER2,...]

As noticed from this thread: https://www.ibm.com/developerworks/forums/thread.jspa?threadID=453422

What are the pros and cons of using this approach? Is it really recommended?

Upvotes: 1

Views: 1436

Answers (2)

AAhad
AAhad

Reputation: 2845

Advantages:

Its easy to access from multiple application;accessing adapters URL and passing parameters.

Disadvantages: Easy to hack the enabled authentication frameworks

Workaround: I faced the same situation and i overcame it by injecting my custom listeners on server that listen every request and then based on my criteria, it forwards to adapter or worklight app. In this way i can prevent outside access.

There is another way to use a custom authentication model.

http://public.dhe.ibm.com/software/mobile-solutions/worklight/docs/v506/08_04_Custom_Authenticator_and_Login_Module.pdf

http://www.ibm.com/developerworks/mobile/worklight/getting-started.html

Upvotes: 2

Srik
Srik

Reputation: 7957

Ease of use is the biggest pro and security is the biggest con. To be able to invoke a procedure in that fashion, your adapter must be free of any security tests (wl_unprotected). If your Worklight host and port are open to the internet (which is very likely), anyone having a whiff of the adapter name, procedure name etc. can invoke your adapter.

Upvotes: 1

Related Questions