SDI Web service configuration
Overview
To use the service, You need configure the user authentication method, application authentication, and database connection string , etc. At a minimum, set the highlighted line in the cdbcService session and the service will work.
- SDI Web Service has a built-in CDBC, which is a separate product of our company.
Configurations
<configSections>
Description
Used to add configSections declarations. Please do not change.
XML example
<configSections>
<section name="oracle.manageddataaccess.client" type="OracleInternal.Common.ODPMSectionHandler, Oracle.ManagedDataAccess" />
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" />
<section name="cdbcService" type="CdbcServiceUtils.Config.CdbcConfigurationSectionHandler, CdbcServiceUtils" />
</configSections>
<cdbcService>
Description
cdbcService related configuration.
n order for cdbcService to work, at least set the highlighted line below.
XML example
<cdbcService>
<userAuthentication authMethod="None , Basic or UserPsk">
<authenticatedUsers>
<add userId="" userPsk="" comment=""/>
</authenticatedUsers>
</userAuthentication>
<clientApplicationAuthentication authMethod="None or ApplicationPsk">
<authenticatedApplications>
<add applicationId="" applicationPsk="" comment="" />
</authenticatedApplications>
</clientApplicationAuthentication>
<idps enabled="true"
accessBlockApplicationFailureCount="5"
accessBlockUserFailureCount="5"
accessBlockIpAdressFailureCount="20"
accessBlockSeconds="10"
failureResetSeconds="600"
clientServerMaxTimeLagSeconds="120" />
<connectionStrings>
<add name="" connectionString="" providerName=""/>
</connectionStrings>
</cdbcService>
<userAuthentication>
Description
Only authenticated users can access the cdbc service. In this session, you can set the user authentication method and related settings.
<userAuthentication authMethod="None , Basic or UserPsk">
Attributes
| Attribute | Description | Value | Remarks |
|---|---|---|---|
| authMethod | User authorization method. | None , Basic or UserPsk |
None - No user authorization. Any user can access the service.Basic - Use IIS basic authorization. Cdbc will not do user authentication. UserPsk - Use Pre-Shared Key for each user. |
<authenticatedUsers>
Description
The authenticated user list can be stored in the authenticatedUsers section.
You can use the AuthenticatedUsersCollection to retrieve authenticated users from application configuration files.
Its properties map to authenticated user attributes, allowing you to retrieve a single authenticated user specifying the userId.
This setting is valid only when userAuthentication authMethod = "UserPsk"
<authenticatedUsers>
<add userId="" userPsk="" comment=""/>
</authenticatedUsers>
Attributes
| Attribute | Description | Value | Remarks |
|---|---|---|---|
| userId | User ID | String | |
| userPsk | User psk (Pre-Shared Key 16 digital) | String | |
| comment | Comment about the user, It will not be used by the system | String |
<clientApplicationAuthentication>
Description
Only the authenticated client application can access cdbc service. You can configure client application authorization method and related settings in this session.
<clientApplicationAuthentication authMethod="None or ApplicationPsk">
Attributes
| Attribute | Description | Value | Remarks |
|---|---|---|---|
| authMethod | Client application authorization method. | None - No application authentication. All applications can access the service. ApplicationPsk - Use a Pre-Shared Key for each application. |
<authenticatedApplications>
Description
The authenticated applications list can be stored in the authenticatedApplications section. You can use the AuthenticatedApplicationsCollection to retrieve authenticated applications from application configuration files. Its properties map to authenticated application attributes, allowing you to retrieve a single authenticated application specifying the applicationId. This setting is valid only when clientApplicationAuthentication authMethod = "ApplicationPsk"
<authenticatedApplications>
<add applicationId="" applicationPsk="" comment="" />
</authenticatedApplications>
Attributes
| Attribute | Description | Value | Remarks |
|---|---|---|---|
| applicationId | Applicaion ID | String | |
| applicationPsk | Applicaion psk (Pre-Shared Key 16 digital) | String | |
| comment | Comment about the applicaion, It will not be used by the system | String |
<idps>
Description
Idps is used to block illegal access. The accesses will be blocked for a specified time period while authorization failed certain time.
<idps enabled="true"
accessBlockApplicationFailureCount="5"
accessBlockUserFailureCount="5"
accessBlockIpAdressFailureCount="20"
accessBlockSeconds="10"
failureResetSeconds="600" />
| Attribute | Description | Value | Remarks |
|---|---|---|---|
| enabled | Enable or disable Idps. If Idps is enabled , Cdbc service will block the accesses after authorization failed certain times. | true or false default true |
|
| accessBlockApplicationFailureCount | Used to set the application authorization failure count while start block. | int>=1 default 5 |
Count access from same ip and same application id |
| accessBlockUserFailureCount | Used to set the user authorization failure count while start block. | int>=1 default 5 |
Count access from same ip and same user id |
| accessBlockIpAdressFailureCount | Used to set the authorization failure count from the same ip while start to block access. | int>=1 default 20 |
Count access from same ip |
| accessBlockSeconds | Used to set how many seconds will the access be blocked. | int>=1 default 10 |
|
| failureResetSeconds | If there is no authorization error after a certain seconds the failure count will be reset to 0. failureResetSeconds is used to set the reset time. | int>accessBlockSeconds default 600 |
<connectionStrings>
Description
Connection strings used by cdbc service can be stored in the connectionStrings section. Please refer microsoft's document to see the details about connectionStrings.
Oracle : Connecting to Oracle Database
SQLServer : SqlConnection.ConnectionString
MySQL: Creating a Connector/NET Connection String
PostgreSQL:Npgsql Connection string parameters
<connectionStrings>
<add name="" connectionString="" />
</connectionStrings>
<log4net>
Description
Cdbc use log4net to log system and audit log.
Please refer log4net's document to see the details.
<log4net>
<appender name="RollingLogFileAppenderSystem" type="log4net.Appender.RollingFileAppender,log4net">
...
</appender>
<appender name="RollingLogFileAppenderAudit" type="log4net.Appender.RollingFileAppender,log4net">
...
</appender>
<logger name="audit">
<appender-ref ref="RollingLogFileAppenderAudit"/>
</logger>
<logger name="system">
<appender-ref ref="RollingLogFileAppenderSystem"/>
</logger>
</log4net>
<serviceModel>
Description
serviceModel session includes some wcf configurations for cdbc service . You can modify it to fit your requirement if you have deep knowledge about wcf. Please refer Microsoft's document to see the details.
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding maxReceivedMessageSize="5798464">
</binding>
</basicHttpBinding>
<basicHttpsBinding>
<binding maxReceivedMessageSize="5798464">
</binding>
</basicHttpsBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="false"/>
<serviceDebug includeExceptionDetailInFaults="false" httpHelpPageEnabled="false" httpsHelpPageEnabled="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<oracle.manageddataaccess.client>
Description
SDI Web Service uses ODP.NET managed drivers. You can configure ODP.NET Managed driver related settings here.
<oracle.manageddataaccess.client>
<version number="*">
</version>
</oracle.manageddataaccess.client>