May 10, 2021
This Zato how-to is about ensuring that only API clients with valid SSL/TLS certificates, including expected certificate fingerprints or other metadata, can invoke selected REST endpoints. In this way, we are making access to the endpoints secure and, at the same time, we can guard against a class of faults related to the Certificate Authority infrastructure.
May 3, 2021
Even if most of new APIs today are built around REST, there are still already existing, production applications and systems that expose their APIs using SOAP and WSDL only - in today’s article we are integrating with a SOAP service in order to expose it as a REST interface to external applications.
January 15, 2021
December 14, 2020
With the rise of Single-Page Applications (SPA) in web frontends, it is often the case that backend REST APIs based on Zato need to be configured for CORS. This article will explore what CORS is and how to make Zato participate in scenarios using it.
May 27, 2014
January 24, 2014
While Zato can support AMQP, WebSphere MQ, ZeroMQ or FTP as well, the majority of environments will use the ubiquituous HTTP protocol only and this post describes the traffic patterns within a typical HTTP-only cluster consisting of a load-balancer, web admin, Redis, SQL ODB and two servers, right after it’s been installed without any user-specific customizations.
January 12, 2014
A Zato ESB and application server feature that has just been added on GitHub is an HTTP access log. This is an additional log to what has been already available in regular server logs and keeps nothing but information regarding HTTP requests in a format used by Apache httpd. This makes it possible to use existing tools in order to parse and extract interesting information out of the logs.