What would be the best ?
Hi, I'm trying to integrate my J2EE Application with another system (my company system with the system of other company). The other company has an AS/400 system and I just need read its information... I read some articles, and I decided to create a web services in both company and one of web services will has a JDBC connection to the data base (DB2).... My questions is: Is this the best that I can do ? What about web service security ? Because I'm going to use Internet.... Does anybody suggest me any other architecture ? Any site, articles, patterns, books which can help me to decide the best architecture....
Thanks in advance
Alejandro.
Alejandro, I am actually doing the same thing here at work. We have a @#$@! AS/400 and a J2EE application server. (I am hoping the AS/400 will go the way of the Dodo soon, but am not holding my breath).
There is a product called the Java Toolkit, put out by IBM as well as an open-source community. You can interact with the DB2 database directly via the Toolkit, which is written completely in Java. You will have to check that your server has the required software installed on it. Otherwise, you can simply use Java and JDBC normally via the Toolkit from J2EE.
If you are trying to do something else, such as executing AS/400 commands, my advice would be to have the AS/400 either push/pull via FTP and write a script on the AS/400 end to trigger the desired job when the file is present.
- Saish
"My karma ran over your dogma." - Anon
Thank you !!!! , and what about the security ? I ask you that because I'm new developing web services, I've never developed a web services, this will be the first one, and I've heard that web services aren't secure ? Where can I read articles about it ? or where can I find some example which show me the security side of a web service
Thanks...
Alejandro
Whew! Security is a *BIG* topic. Start by getting a dedicated security book for the Box that is running your application server (Unix, Linux, etc.) Then, get a really good J2EE book with a decent chapter on security or find a dedicated J2EE security book (they do exist).
There's *SO* much to cover that I would probably be doing you a disservice by abbreviating it. If worst comes to worst, there are a variety of HOWTO's on the Net and FAQ's for specific implementations. You do need to think about:
> Application server
> Web server
> Encryption/SSL
> Operating system
> Physical network security
> Intrusion detection
> Backup/recovery
Security can break at any point (the last two are really tangential to security but are almost always involved) Best of luck!
- Saish
"My karma ran over your dogma." - Anon
There's also a dedicated "Security General" forum here. You may be able to find some answers there, but I would go to the forum after you have an ideal of what vulnerabilities or exploits you want to address.- Saish"My karma ran over your dogma." - Anon
