Skip to Content

Changes for page Data Exchange

Last modified by Erik Bakker on 2024/09/05 14:00
From version 7.1
edited by Erik Bakker
on 2022/07/26 09:05
Change comment: There is no comment for this version
To version 10.1
edited by Erik Bakker
on 2022/07/26 14:11
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -expert-create-your-transformations-xpath-expert
1 +Data Exchange
Default language
... ... @@ -1,0 +1,1 @@
1 +en
Content
... ... @@ -1,5 +1,6 @@
1 1  {{container}}{{container layoutStyle="columns"}}(((
2 -Within the crash course, we already explained XPath conceptually. In that same microlearning, we looked at some more uncomplicated cases of using XPath within your transformation. If you need to brush up on that knowledge, please check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-create-transformation-xpath-basic.WebHome||target="blank"]]. In the intermediate microlearning on this subject, we built upon that knowledge. Please check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.Create your transformations.intermediate-create-your-transformations-xpath-intermediate.WebHome||target="blank"]] if you need a refresher on that. In the [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Create your transformations.advanced-create-your-transformations-xpath-advanced.WebHome||target="blank"]] that followed, we built upon that knowledge and looked at some concrete, practical examples that could be useful in your project. In this microlearning, we will wrap the concept of XPath by looking at three complex XPath alternatives that are sometimes needed when dealing with messages in eMagiz.
2 +Because eMagiz provides the integration between two or more applications via the eMagiz platform, the point at which the data is interchanged between application and integration is a critical part of the integration in terms of security.
3 +Within eMagiz, there are three main integration patterns a user can configure to support their business case most optimally. First, this section will look at all three integration types and specify the security measures.
3 3  
4 4  Should you have any questions, please get in touch with [[academy@emagiz.com>>mailto:academy@emagiz.com]].
5 5  
... ... @@ -6,82 +6,86 @@
6 6  == 1. Prerequisites ==
7 7  
8 8  * Expert knowledge of the eMagiz platform
9 -* [[XPath Basic>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-create-transformation-xpath-basic.WebHome||target="blank"]]
10 -* [[XPath Intermediate>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.Create your transformations.intermediate-create-your-transformations-xpath-intermediate.WebHome||target="blank"]]
11 -* [[XPath Advanced>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Create your transformations.advanced-create-your-transformations-xpath-advanced.WebHome||target="blank"]]
12 12  
13 -
14 14  == 2. Key concepts ==
15 15  
16 -This microlearning focuses on very complex XPath operations.
13 +This microlearning focuses on security considerations when exchanging data via the platform.
17 17  
18 -With XPath Expert, we mean learning that XPath options are sometimes very complex but could benefit you in specific cases in your daily work.
15 +* Each pattern comes with generic and specific checks and balances to ensure security is taken care of when exchanging data.
19 19  
20 -Some of the very complex XPath options are:
17 +== 3. Data Exchange ==
21 21  
22 -* matches
23 -* replace
24 -* tokenize
19 +Because eMagiz provides the integration between two or more applications via the eMagiz platform, the point at which the data is interchanged between application and integration is a critical part of the integration in terms of security.
20 +Within eMagiz, there are three main integration patterns a user can configure to support their business case most optimally. First, this section will look at all three integration types and specify the security measures.
25 25  
26 -== 3. XPath Expert ==
22 +=== 3.1 Messaging ===
27 27  
28 -Within the crash course, we already explained XPath conceptually. In that same microlearning, we looked at some more uncomplicated cases of using XPath within your transformation. If you need to brush up on that knowledge, please check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-create-transformation-xpath-basic.WebHome||target="blank"]]. In the intermediate microlearning on this subject, we built upon that knowledge. Please check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.Create your transformations.intermediate-create-your-transformations-xpath-intermediate.WebHome||target="blank"]] if you need a refresher on that. In the [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Create your transformations.advanced-create-your-transformations-xpath-advanced.WebHome||target="blank"]] that followed, we built upon that knowledge and looked at some concrete, practical examples that could be useful in your project. In this microlearning, we will wrap the concept of XPath by looking at three complex XPath alternatives that are sometimes needed when dealing with messages in eMagiz.
24 +Messaging is the most flexible option of the three; therefore, a wide range of options is available within eMagiz to secure the connections.
25 +eMagiz offers users the tools to set up integrations and end-points securely. eMagiz supports well-known market standards, including:
29 29  
30 -Some of the very complex XPath options are:
27 +* OpenID Connect
28 +* WS-Security
29 +* API Keys in combination with HTTPS/SSL
30 +* SOAP Authentication
31 +* OAuth2.0
32 +* Basic Authentication
31 31  
32 -* matches
33 -* replace
34 -* tokenize
34 +This way, each connection between the application and the integration (end-point) can be adequately secured and gives the flexibility to confer with the external application which method best suits their needs.
35 35  
36 -=== 3.1 matches ===
36 +=== 3.2 API Gateway ===
37 37  
38 -Sometimes, you want to determine whether a specific value within your payload matches a pattern. In those cases, you can use the XPath function called matches. The function will return true if the supplied string matches a given regular expression. So, for example, if you want to check whether your OrderID contains exactly seven digits and nothing else, the following XPath expression will work for your use case.
38 +A structure with roles and rights per role can be specified within the portal or via an external IDP to secure the front end of the API Gateway in eMagiz. Note that for the backend of the API Gateway, the same logic applies as stated above for messaging, which means that eMagiz supports the industry standard. Therefore, you as a user should confer with the external party about the correct method.
39 39  
40 -matches(OrderID,'^\d{7}$')
40 +==== 3.2.1 Portal ====
41 41  
42 -As a result, you will get a true or false back which you can then use as a filter or within an if-then-else construction.
42 +As shown in the picture below, the roles are defined so that the Read role can only access two integrations available for this specific API Gateway. If a client has insufficient rights, they will receive a 401 Unauthorized
43 43  
44 -=== 3.2 replace ===
44 +[[image:Main.Images.Fundamental.WebHome@fundamental-emagiz-security-guide--api-gateway-portal-feedback.png]]
45 45  
46 -The replace function has many similarities with the matches function. It builds on the premise of the matches function, but instead of returning a true or false, you can state with what you want to replace the matched string. In other words, this function returns a string produced from the input string by replacing any substrings that match a given regular expression with a supplied replacement string.
46 +==== 3.2.2 (External) IDP ====
47 47  
48 -When we apply this to our earlier example, we can state that when the OrderID contains any non-digit, we will replace this value with nothing. This will lead to the following XPath expression.
48 +Apart from configuring the roles, users, and rights within the portal itself, it is also possible to hook the API Gateway up to an (external) IDP.
49 +By communicating with this IDP via the OAuth2.0 protocol, a check is done every time a client calls a specific operation to see whether that client has sufficient rights to access the operation.
49 49  
50 -replace(OrderID,'\D','')
51 +If the client has sufficient rights, the process continues. For example, if the client has insufficient rights, the client receives a 401 Unauthorized.
51 51  
52 -With a given input string of 12C34A567, the returned result will be 1234567.
53 +==== 3.2.3 Error Handling ====
53 53  
54 -=== 3.3 tokenize ===
55 +To prevent the error message if it occurs is sent straight back to the client, you can configure the front end of the API Gateway so that correct HTTP Status codes are given back to the client, including a descriptive message.
55 55  
56 -The tokenize function can split a string into multiple entries for you. This is particularly useful when you want to match an input string to a list of possible values that are valid for that string. For example, the function returns a sequence of strings constructed by splitting the input wherever a separator is found; the separator is any substring that matches a given regular expression.
57 +For more information on how this precisely can be configured via the eMagiz platform, please check the following [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course API Gateway.crashcourse-api-gateway-configure-roles-and-users.WebHome||target="blank"]].
57 57  
58 -So, for example, when the input string for AddressID is "street,housenumber,housenumberaddition" and you want to tokenize this with the help of the separator, you could use, in this example, the comma between the values as the separator. This will lead to the following XPath expression.
59 +=== 3.3 Event Streaming ===
59 59  
60 -tokenize(AddressID,',')
61 +Within the Event Streaming solution, eMagiz provides Event Streaming users, and topics can be created.
62 +Access to a topic within a cluster is governed by an Access Control List (ACL). This ACL links users to a topic and defines what the user can do on a topic (consume, produce, both).
61 61  
62 -The given input detailed above will result in the following output: street housenumber housenumberaddition.
64 +Only users with sufficient rights in the Deploy phase of eMagiz can add users, and topics and change the ACL entries specific to the Event Streaming cluster.
63 63  
66 +Apart from producing or consuming data on specific topics based on the ACL, users also need a valid Keystore (containing the key and cert generated automatically) and a valid truststore (containing the CA certificate of the event streaming cluster) to produce or consume data.
67 +
68 +These are all security measures to prevent third parties from unauthorized access to the data stored on the topics.
69 +
70 +For more information on how this precisely can be configured via the eMagiz platform, please check the following [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Event Streaming.crashcourse-eventstreaming-user-management.WebHome||target="blank"]].
71 +
72 +=== 3.4 General ===
73 +
74 +Regardless of the selected pattern for your solution, it would be best if you always considered that you only exchange relevant information with the external party. This means you should consider both headers as the payload you need to exchange with the external party. This is particularly interesting for any communication via HTTP gateways as they hold functionality to send all message headers as HTTP headers and vice versa.
75 +
64 64  == 4. Assignment ==
65 65  
66 -Check out which of the XPaths we have discussed today can be found within your project.
78 +Check whether you might be exchanging too much information with an external party within your project.
67 67  This assignment can be completed within the (Academy) project you created/used in the previous assignment.
68 68  
69 69  == 5. Key takeaways ==
70 70  
71 -Some of the very complex XPath options are:
83 +* Each pattern comes with generic and specific checks and balances to ensure security is taken care of when exchanging data.
84 +* When you are not careful, you might share too much information with external parties.
72 72  
73 -* matches
74 -* replace
75 -* tokenize
76 -
77 77  == 6. Suggested Additional Readings ==
78 78  
79 -If you are interested in this topic and want more information on it, please read the help text provided by eMagiz and read more information on the following links:
88 +If you are interested in this topic and want more information, please read the help text provided by eMagiz.
80 80  
81 -* http://www.xsltfunctions.com/xsl/fn_matches.html
82 -* http://www.xsltfunctions.com/xsl/fn_replace.html
83 -* http://www.xsltfunctions.com/xsl/fn_tokenize.html
84 -
85 85  == 7. Silent demonstration video ==
86 86  
87 87  As this is more of theoretical microlearning, there is no video accompanying the microlearning.)))((({{toc/}}))){{/container}}{{/container}}