cancel
Showing results for 
Search instead for 
Did you mean: 

Webservice Do's and Don't's

0 Kudos
1,837

Until now, we communicated with the db via standard statements or procedures. We would like to use services but are looking for more information than what the SAP documentation provides. What are the pitfalls to avoid? What have you come across that you wish had been in the documentation? Security concerns?

The web developer would have to supply me more involved questions but here's the basics. We don't have our production db open to the web. We are transitioning from a desktop app to a web app. Currently, the web app (ASPX) does all calls to the db with OLE connections / transaction based. I used to be a programmer, so I set up an http listener on our development db and gave them an example of an ajax call to fill a search autocomplete with JSON from a webservice I created. It accesses the DB via a url on a local IP. They like the speed and simplicity and want to know how we could implement it in a production environment while still protecting the DB. That's beyond my scope of knowledge, to be honest. The example was pretty simple - I added a header to get around CORS restrictions (that took awhile to figure out) and used the variables passed in on the url to run a proc that returned a result set with id, label and value. We will be starting from the ground up when it comes to web services from the DB and wanted to start off on the right track. Use cases seem difficult to find when I search for them.

Accepted Solutions (0)

Answers (2)

Answers (2)

Breck_Carter
Participant

See this folder for working sample code:

   C:\\Users\\Public\\Documents\\SQL Anywhere 17\\Samples\\SQLAnywhere\\HTTP\\ 

Note that the built-in SQL Anywhere Monitor component, the Foxhound performance monitor product, and this site all run on the SQL Anywhere HTTP component.

The documentation certainly assumes you know everything you need to know about HTTP, HTML and so forth... the SQL Anywhere documentation describes how SQL Anywhere implements particular aspects of HTML and HTTP but no further (and that "no further" stuff is enormous... it's ALL available on the web so you have that going for you 🙂

Also note that the worldwide security landscape changes on an hourly basis; e.g., TLS certificate handling... it's not SQL Anywhere's fault, for example, that Firefox now almost completely refuses to handle the sample certificates shipped with SQL Anywhere.

Vlad
Product and Topic Expert
Product and Topic Expert
0 Kudos

And it is not a Firefox’ fault that the certificate is self-signed either
¯\\(ツ)

ximen
Participant
0 Kudos

Did you successfully deploy web service and support CORS? Could you please publish your answers for your communication! Thank you very much!

My current visit to ASA 17.0.10 will result in errors. The documentation does not say how to create and test the environment deployment