OnDemand User Group

Support Forums => OD/WEK & JAVA API => Topic started by: jsquizz on September 01, 2021, 08:36:32 AM

Title: Connection between ODWEK and Library Server.
Post by: jsquizz on September 01, 2021, 08:36:32 AM

Apologize for the ignorance with the topic, I am not an ODWEK person, at all.

Our ODWEK folks came to us with a question- they want to know what protocol is used by ODWek to communicate with the CMOD servers, and most importantly, whether that protocol is secure.

It is my understanding that TCP/IP is used, and that the connection is secure because ODWEK and the library server, will use the IBM Global Security kit to secure that connection.

Is that accurate? Or am I in left field.

Thanks!

Title: Re: Connection between ODWEK and Library Server.
Post by: rjrussel on September 02, 2021, 03:59:12 PM

Well you could use SSL to connect from ODWEK to CMOD Server if you're aren't already. You are correct though, it is TCP/IP. I would add, there may be many definitions of "secure". Keep in mind, you are typically talking about a connection from two internal servers, not WEB facing environments. In addition, you can lock down this down in other ways as well. For example, only opening specific ports through a firewall.

The point is, there is lot more to consider then just how ODWEK communicates with the CMOD server.

-RR

Title: Re: Connection between ODWEK and Library Server.
Post by: Justin Derrick on September 08, 2021, 10:41:14 AM

Without SSL, the CMOD communications aren't secure, merely "obscure".  I've managed to reverse engineer the method used to hide passwords in unencrypted connections.  For systems where there are multiple hops (web browser to web server, web server to CMOD server) they should all use some flavour of SSL/TLS/HTTPS to protect data in transit.

-JD.