Topic: rest

Dariusz Suchojad

May 10, 2021

Resilient REST APIs with SSL/TLS client certificates

This Zato how-to is about ensuring that only API clients with valid SSL/TLS certificates, including expected certificate fingerprints or other metadata, can invoke selected REST endpoints. In this way, we are making access to the endpoints secure and, at the same time, we can guard against a class of faults related to the Certificate Authority infrastructure.

Topics:REST, Security, SSL-TLS

Dariusz Suchojad

May 3, 2021

Converting SOAP and WSDL into REST APIs

Even if most of new APIs today are built around REST, there are still already existing, production applications and systems that expose their APIs using SOAP and WSDL only - in today’s article we are integrating with a SOAP service in order to expose it as a REST interface to external applications.

Topics:SOAP, WSDL, REST

Dariusz Suchojad

January 15, 2021

New REST programming examples

As we are preparing to release Zato 3.2 soon, all the programming examples are being rewritten to showcase what the platform is capable of. That includes REST examples too and this article presents a few samples taken from the documentation.

Topics:REST

Dariusz Suchojad

January 4, 2021

Diving deep into REST API channels

We begin in 2021 with a deep dive into Zato REST API channels. What are they? How to use them efficiently? How can they configured for maximum flexibility? Read on to learn all the details.

Topics:REST

Dariusz Suchojad

December 14, 2020

Configuring REST channels for CORS

With the rise of Single-Page Applications (SPA) in web frontends, it is often the case that backend REST APIs based on Zato need to be configured for CORS. This article will explore what CORS is and how to make Zato participate in scenarios using it.

Topics:REST, CORS

Dariusz Suchojad

March 18, 2019

HTTP Method and Accept headers

Zato 3.1 includes new means to manage access to REST services based on input Method and Accept headers in HTTP requests - here is how they can be employed in practice.

Topics:REST

Dariusz Suchojad

May 27, 2014

Store HTTP data in a secure and searchable audit log

New on GitHub, Zato HTTP audit log allows you to store requests and responses, along with their headers in a database that can be queried at any time.

Topics:REST

Dariusz Suchojad

May 7, 2014

HTTP timeouts in outgoing connections

A newly added Zato feature lets one update HTTP timeouts on the fly, without any redeployments.

Topics:REST

Dariusz Suchojad

January 24, 2014

Understanding traffic flow in an HTTP cluster

While Zato can support AMQP, WebSphere MQ, ZeroMQ or FTP as well, the majority of environments will use the ubiquituous HTTP protocol only and this post describes the traffic patterns within a typical HTTP-only cluster consisting of a load-balancer, web admin, Redis, SQL ODB and two servers, right after it’s been installed without any user-specific customizations.

Topics:REST

Dariusz Suchojad

January 12, 2014

HTTP access log

A Zato ESB and application server feature that has just been added on GitHub is an HTTP access log. This is an additional log to what has been already available in regular server logs and keeps nothing but information regarding HTTP requests in a format used by Apache httpd. This makes it possible to use existing tools in order to parse and extract interesting information out of the logs.

Topics:REST