I am working on a new project and need some information. We are going to integrate sailpoint with BMC Remedy Service desk. we would like to give access to user through Remedy, Where we provide access request and then sailpoint provision them to the defined (groups or entitlements). I would like to get more knowledge how can we do that I went through sailpoint documentation to understand but I would like to visualize whats going on.
for example:
I have one user and would like to give him access to "IT-department" in order to do that I have to provision him into "IT-department" entitlement of Active Directory. I want to use BMC Remedy to give him access request to "IT-department". I want to understand how BMC remedy will be able to tell sailpoint to provision to specific entitlements and automate this process.
Any idea and suggestion will be really helpful.
Well I didnty get any answer but I was able to find it through some search.
Answer will be using REST API to call workflow
Related
I have some experience in MS Access, but mostly only as an offline DB tool.
I have begun working with both Seller and Vendor Central at my new company, and am in charge of scrubbing the vast amount of data for trends and whatnot. At the moment our company is solely relying on exporting reports from Seller Central directly, and cross referencing documents. I was hoping to get us started with a rudimentary database hooked into Seller directly. Our company already has a MWS Developer ID, and I see an MWS Access Key and whatnot.
I'm surprised to not finding any resources as to how I should actually connect MWS to Access. I feel confident that I can find some success by dabbling with the API once I get it connected, but I can't actually find any references on how to actually establish that connection.
Any resources you guys can forward me? Maybe I'm searching for the wrong terms. Everything I search just comes up with data service companies advertising their tools.
Well, the interface to AWS is going to be web service based. And access unfortantly does not have a built in web services interface.
So, your choices are:
Write some VBA code to hit/use/consume AWS web services. Web services are just that -a web API. (likly REST services. REST is just a fancy term that you have to type in a given URL.
So, what you looking to search for?
How can I consume web based data in Access.
Say this answer on SO
Making a SOAP request from Access 2007
The main issue is that Access does not have really good tools for consuming web data.
However, most web front "store" applcations tend to have a user area in which you can export the daily sales or data say to csv. You now can import that data into Access (or Excel).
And they often have a report area - you can generate a report, and then download again in some format like xml or csv (and again, import into Access or Excel).
If you don't want to have to maually import the data?
Then you have to code out web requests. And that can be painful.
This unfortantly means you can use say a linked table (ODBC) like you can for Acces say to some database.
So, you can start to write web interface code (it will be SOAP or REST.
Believe it or not, there was a SOAP add-in tool kit for Access 2003. But, no one used it, so they dropped it. (of course now 17 years later -gee, a truckload of people GET IT - and now see the need to consume web data!
So, you question and what to learn about?
You asking how does one consume web services.
Well, using a tool designed to work with web services helps a lot. (that's why I suggest Visual Studio and .net). If they have a WSDL for you? Then you can point Visual Studio at the web (WSDL), and it will crank out a set of "methods" and properites for you. (it will create a class. But then again, did you use and write class objects in VBA? (it does support you creating classes. But the SOAP tool kit (no longer avaiable) would write this code for you!
So, if you want to go beyond their built-in repoting tools (that let you export + download the data in some format like csv for use with Access or Excel)?
Then you have to write writing code to make web calls.
This is not a lot different in the past. If you wanted some data from the accounting system? Well, you can/could/usually do some export with the accounting package to spit out a csv file of some sort. You then import into Access.
However, if you had better skills, you might link up to the database from Access, using ODBC and then write some SQL queries against that data. So, it really comes down to skill level here. Some could not be bothered to learn say SQL and a query. So, they just export the data out of accounting, and then import into access.
The problem is now you can't link to that web site, and use SQL queries of data. You have to use web service calls. (at least if you want to make some of this process automatic).
So, you might be just fine by exporting data/files from the AWS services, and then just import into Excel or Access. As such, you not writing any code, and you just use the Access GUI to import data.
But, some want to just hit a button in Access, and see all the orders and sales from today - and have Access pull that data from the web site with one click.
For some simple data pulls? You could make a web call from Access. But for complex web interfaces? Then you need to use tools that support web interfacing (say like Visual Studio .net).
For a simple data pull? I'll use VBA and MSXML.
But, if the parameters and data call is complex? Then I write it in .net, and THEN expose that code as a consuming library to MS-Access.
So, once you signed up for AWS and what ever web services? Then they will supply you with the web calls, and documentation. You then are free to use your programming tools of choice to interface. But, this can be quite a bit of work. So, you might use VBA, but .net is much better for this type of work. (and it also a lot more difficult to code out).
As a developer who has done this, I would write a "sync" program that connects to MWS, pulls back your data, and then inserts that into MS Access. In my case, it was a C# .NET Core app with SQL Server and I used the available MWS SDK that Amazon provides for free to handle all the API calls to MWS. You can create a schedule so your app pulls the data on an interval, or make it manual where you push a button to sync it into your system.
Of course you can use Java or PHP instead of C#, or you can roll your own MWS API calls. Or like you mention there are several third party vendors that have out-of-the-box ready solutions.
I haven't used MS Access in 20 years or so, so I'm not sure about calling MWS directly. I would gather it could be done, but is probably too much work, but I could be wrong. A .NET app can insert into MS Access, no problem, but also handle the HTTP calls to MWS for you.
So I have the website that provides the API for logging in/registering/etc. And I have the MediaWiki set up at my server.
I need to disallow MediaWiki registration and only allow logging people in through our API. So, when the user tries to login, no request to MediaWiki db for the user should be done, instead the request to our API should be done, logging person in if our API returned the correct data and displaying an error if it didn't.
Is there a way to get it done with MediaWiki?
Thanks in advance.
Your question is very broad and involves some development but also a lot of configuration as well. So, let's start:
First of all, you need to somehow integrate with the API you mentioned, which is possible by developing your own primary authentication provider. See the high level documentation. In this, you will have all the necessary entry points a user might hit when logging in or registering a new account and you can "translate" them to the actual actions which you need to do in your API (which you do not mention what it is or provides, so we can not give you better guidance here).
The second step would then be to configure this new authentication provider as the only one using $wgAuthManagerConfig which will in fact disable all other ways of creating other accounts as well as logging in with other accounts then the ones provided from your API.
If you've more questions, I would suggest that you provide more information and specific points where you're stuck :)
You can have a look at Extension:Auth remoteuser, it could fit at least partly you needs.
newbie for sawtooth here. Currently I am working on a POC for supply chain by using sawtooth as their record storage and there is one use case that i am still trying to sort it out. Here is the usecase, let say there is company A and company B, both companies will upload document to the supply chain system and the file url will store into sawtooth. In this case, may i know what is the best design for the permission control? As those documents able to view by all company A and company B staff. thanks!
Once the file URL is stored in the chain, anyone with access to the node will be able to view it. Only allowing certain people to read from the sawtooth chain can be done, similar to how traditional access restriction is given for APIs or servers. You can put the sawtooth system, behind a proxy and an API and give permissions for the access. That is one way to do it.
I've got a question related to oracle database and working with an API/web service to extract data from said database for use.
My experience in the area is limited so I'm hoping for some discussion here about it. My goal is to create a web service that has several fields and the should all fields submitted match an entry in the database, the program should return something positive, lets just say "true". If false, it will identify that there is a problem with the input.
My understanding right now is I can first use an API to expose the data, which I can then manipulate and query-check with a web service? Correct me if I am wrong with this general/overall plan. Moving on from this, if anyone have any relevant advice or programs that might prove to be useful here, but the main goal of posting this is to get a high-level understanding of the process.
Also, the plan is to use REST/JSON services here. Thanks all.
I am also not very skilled yet but if I correctly understand your question the answer could be ORDS
I found many essential informations here
With ORDS is possible to POST a request associated with a store procedure that do all the validations that the client can't do.
At the moment I am working on a CRUD app that I am going to deploy (someday) and use for my own startup company. However I am nowhere near finishing this product and I stumbled upon a question that I can't seem to figure out.
I am using Express to serve angular the data out of my MySQL database. To do this I had to create '/api/' routes. However if I go (for example) to '/api/clients' I will be able to see the entire list of clients in an ugly array. In this case that does not really matter since it's just the data they were able to see anyways.
However my question is, is it important to block these kind of routes from users? Will problems arise when a user goes to 'api/createClient'? Could this result in a DB injection that could ruin my db?
My project can be found here: https://github.com/mickvanhulst/BeheerdersOmgevingSA
The server-side routing code can be found: server > Dao > clientDao.js
Controllers, HTML & client-side routing can be found in the 'public' folder.
I hope my question is clear enough and someone will be able to answer my question. If not, please state why the question is not clear and I will try to clarify.
Thanks!
Looking at the code, it looks like your URLs can directly be accessed using browser and if yes, then this does pose a security concern.
Doing DB transaction with the user provided fields or values is major security concern, if these data are not validated and sanitised before making a database call.
I would recommend following minimum steps to follow before crafting APIs which is internal but can be accessed using browser -
If this is internal, then do not provide HEADER ACCESS CONTROL from the server or keep it confined only to your domain name. This prevents any ajax call to be made to your APIs from another domains.
Do sanitise and validate all the data thoroughly before doing any kind of database transactions. There are lots of material on this everywhere on how to do it.
If these APIs are meant to be used for internal purpose, then kindly provide some kind of authentication to your APIs before doing the logical work in your routes with the help of middle-wares. You can leverage cookie authentication for very simple API authentication management. You can also use JSON Web Tokens, if you want a more levels of security.
If you are manipulating your databases then I would highly recommend to use some kind of authentication in your APIs. Ofcourse, point number 2 is must.