A core requirement of my application is the ability to automatically deploy ArangoDB with all collections, graphs, data, and APIs. The HTTP API and the various wrappers have been sufficient for this so far, but I haven't been able to find an API for deploying Foxx services. Is there any way to create and deploy a Foxx service via RESTful API or through one of the wrappers? So far, the only way I know to create a Foxx service is through the web interface.
I found this question which leads me to believe it's possible, but I don't know how to specify the Git location of the Foxx service. Could you provide instructions for creating a Foxx service without the web UI and list the possible parameters?
To install a Foxx service via the REST API, you can use the endpoint HTTP PUT /_admin/foxx/install.
It will require a JSON body to be sent, with attributes named mount and appInfo. mount needs to contain the mountpoint (needs to start with a forward slash). appInfo is the application to be mounted. It can contain the filename as previously returned by the server from the call to /_api/upload, e.g.
{
"appInfo" : "uploads/tmp-30573-2010894858",
"mount" : "/my-mount-point"
}
install from remote URL
You can also install a Foxx service from a zip file available via HTTP(S) from an external server. You can include the username and password for HTTP Basic Auth as necessary:
{
"appInfo" : "https://user:password#example.com/my-service.zip",
"mount" : "/my-mount-point"
}
install from GitHub
You can also install a Foxx service from a GitHub repository, if the repository is public accessible, e.g.
{
"appInfo" : "git:arangodb-foxx/demo-hello-foxx:master",
"mount" : "/my-mount-point"
}
Behind the scenes, ArangoDB will translate the request into a regular URL for the zip bundle GitHub provides.
install from local file system
You can also install a Foxx service from a zip file or directory on the local filesystem:
{
"appInfo" : "/path/to/foxx-service.zip",
"mount" : "/my-mount-point"
}
This also works with directory, but ArangoDB will create a temporary zip file for you in this case.
Related
I created a rest reference service, then create a pipeline and expose pipleine as proxy service. It got workied however the resource path for both is same automatically.
Now if i change resource path in the Proxy service the path of business service auto got changed.. Any idea.
If I forcefully change path the PS it showed me below error in the pipeline.. cannot invoke native rest to pipeline some thing
I tried to create a separate rest proxy and tried to connect to pipeline but not worked
I am working on a project and I am forced to not using Spring Boot. I have a Eureka server running on localhost:8090 and some services already registered on it.
How can I force Apache Camel's serviceCall to look for services on the Eureka server?
I know that to make it work for Consul as the service discovery you should do something like following:
ConsulConfiguration config = new ConsulConfiguration();
config.setUrl("http://ip:port");
ConsulServiceDiscovery discovery = new ConsulServiceDiscovery(config);
// configure camel service call
ServiceCallConfigurationDefinition config = new ServiceCallConfigurationDefinition();
//config.setServiceDiscovery(servers);
// register configuration
camelContext.setServiceCallConfiguration(config);
How to make it work for Eureka server on localhost:8090??
there’s no direct support for eureka in camel so if you can’t use spring-boot, you need to build your own ServiceDiscovery implementation
As #Luca suggested and after some research I came to this conclusion that you should implement a custom service discovery to read from Eureka. In order to do that I did the following:
Extending my EurekaServiceDiscovery class from DefaultServiceDiscovery class of camel-core module
Overriding the method public List getServices(String name) of
DefaultServiceDiscovery class which is responsible to retrieve services from Eureka
Using Eureka REST API to get all the services in the overrided method. In order to do this you should convert the recieved JSON data from Eureka REST API to appropriate java classes. You need to define Application and InstanceInfo classes based on those JSON data.
For example after running Eureka on localhost:8090 and after registering a service named account-service on it, you can git information of account-service by sending a Http.GET request to localhost:8090/eureka/apps/account-service
For more info look at this Github repo: https://github.com/hamedmirzaei/service-gateway-bootless
What's the best practices to hide or prevent the user see the credentials (implemented in WebService calls). The development is ReactJS and use Heroku to deploy the WebApp.
I have this code:
I want to prevent the user can see the credentials and some security details.
I started using the node module dotenv recently and really like how easy it is to use. All you need to do is install it and create a .env file with your environment variables like this:
.env
SECRET_KEY=123456
ANOTHER_KEY=78901
Then, require it as early as possible in your application:
require('dotenv').config().
I do this inside my server.js file (or whatever you name it).
That's it! Anything stored in the file can now be accessed by doing process.env.{name}
For example:
let secret = process.env.SECRET_KEY;
console.log(secret); // 123456
This is not really possible to do in a client side because all the HTTP calls can be easily visible in Network tab in Chrome Inspect Elements(or any web browser).
I would suggest you work on the security so you don't care if a user will see your HTTP endpoints or not.
You can also consider making your HTTP request on a server which will act as a bridge between your client and an API.
I have a simple web application. I want to set Shibboleth native SP in front of my web app so that it issues/asserts SAML related things and forwards request to my web app. Is there a complete tutorial how to achieve that?
Use testshib to test your app, it gives too much ease.
Follow the steps
download and instal sp on your machine
include shibboleth's configuration into your apache
2.1. into httpd.conf file add include "PATH/opt/path/etc/apache22"(if version is apache2.2, otherwise appropriate)
in apache22.config file add the location you want to secure - it would be /secure bydefault
in your shibboleth2.xml file (in etc folder) put your entity id(application defaults element), ex https://mywebsite.com/shibboleth - this can be anything, not neccessary a real path
put entity id of your idp in sso element, in case of testshib it would be https://idp.testshib.org/idp/shibboleth
in the metadata provider put idp's metadata uri to your idp's metadata urn, incase testshib it would be http://www.testshib.org/metadata/testshib-providers.xml
Download your metadata from https://mywebsitehost.com/Shibboleth.sso/Metadata - here mywebsitehost would be a real host and rest path will be automatically configured by shibboleth - this path will download your sp's metadata file
Upload your metadata file to testshib via register
You are ready to go. Go to https://mywebsitehost.com/secure and you should be redirected to idp to authenticate.
NOTE: Make sure you have a domain name configured with ssl(https)
I have created a Google Apps Script doPost script that I have published as a Service, only available to myself (as described in https://developers.google.com/apps-script/guide_user_interfaces#RunDecision, section "Publishing a Script as a Service").
I have now a URL like https://sites.google.com/a/macros/[google apps domain]/exec?service=[service key]
I want to call this service from a Google App Engine GWT application, but I don't know how to manage with authentication.
If selecting the "Allow anyone to invoke this service" then "Allow anonymous access", then I can call this service from AppEngine, but in my case, I absolutely need the authentication.
Do you have any idea how to handle it ?
If you only need to call this script from server to server and both of the endpoints are in your ownership, you could use a shared secret to do so, e.g.
Apps Script:
function doPost(e) {
if(e.parameters.secret != 'mysecret') {
return ContentService.createTextOutput("Nice try!");
}
// your code here
}
and transmit it with the request. If you only share your script with "Anyone having the link" that should provide reasonable security - make sure you never log that request nor include it in an error message however ;)