 |
|
|
Coming Soon |
|
|
You also have the ability to store local data in a text file and recall the data from different sections within the text file. For example using the windows ini file format you can have different sections that can be returned back to the calling device in XML format. The Max Soap interface would typically be used by third party appliances that are required to obtain information securely from a data source that is behind a firewall. It could be used by any application that has to obtain data without the need to expose sql servers or any other data source to the internet. This allows sensitive data to be protected. Typical applications would be smart phones, tablets or other websites which either requires to read from a data source and or update a back office system. An Example of this could be a smart phone that is required to select an option from a list and send an update code to the back office. This could be a professional organisation notifying the back office about a particular event without having to return back to the office to update the organisations systems. The Options could be held in a text file on the server and uploaded to the device on connection. A sql statement could then run a T-Sql procedure or an Insert to update the back office. SecurityThe service has a number of security features to stop the system being compromised. Max Soap does not use a third party web server to run. It has it’s own dedicated web interface. This means that if there are security issues within the third party interface they do not effect Max Soap. Soap would normally be configured to bind to port 80. This allows for it to co-exist with the web interface. Max Soap can be configured to port 80 if required, but being a standalone service can be bound to any other port. By using a none standard port this helps by hiding it from potential threats. Soap is a great system for hackers to play with. This is because it produces a WSDL interface that explains to the hacker what is required to access the system. Using Max Soap this interface can be turned off, once the application has been completed. The potential hacker can not then work out the required commands to talk to the system. Also if there is an attempt to query the wsdl interface the offending device or person is sent a redirect URL. Another method of hacking Soap is to keep sending random commands to it. Soap then sends back detailed error information to explain why the command failed. This allows the hacker to piece together what the required commands are. Max Soap allows these error messages to be turned off. Only a generic error message saying “Error” is returned. Max Soap also has an additional protection. Max Soap counts the number of times a device attempts to connect to it and causes a error. These errors are counted and when they hit a predefined count will ban the offending IP number, for a predetermined amount of time. Max Soap can also be configured to only allow certain IP’s or Class ‘C’ ranges to access its interface. Blocking any other IP Authorisation methods can be built into the application software for additional security. However Max Soap has a list of codes held on the system that are required by the application to use. These codes can be added to and of any length string. They would for example be the smart phone imei number. This code is checked before any sql or access to the system is granted. The Max Soap text file that is held on the server is a windows ini file. Different sections can be added and these sections can be returned back to the calling application. These sections can be enabled or disabled to allow the calling application access or not. Max Soap runs over Http or Https. |
|
.
Max SOAP Web Service Link to Sql Data base