3 March 2009 at 7:04pm
I have already previously asked about using SOAP to create a backend in relation to the e-commerce module (se [url=http://silverstripe.org/e-commerce-module-forum/show/254323]this thread[/url]. I see now that SOAP is mentioned under APIs in the list of features in Silverstripe 2.3.0 ([url=http://silverstripe.org/silverstripe-2-3-0-released-1000s-of-improvements/]here[/url]).
Is there any documentation about how one would create a new SOAP based API? So far I have seen none. There are a few basic items that I would need to know:
- How to create the access functions
- How to get data into and out of the database
- How to secure the SOAP API, i.e., make it HTTPS only and require authentication of some sort (possibly require HTTPS client authentication)
15 March 2009 at 8:09am
Its a wrapper around RestfulServer, see http://doc.silverstripe.com/doku.php?id=restfulserver.
I've improved documentation slighty (see http://doc.silverstripe.com/doku.php?id=soapmodelaccess),
but its still fairly crude...
17 March 2009 at 2:01am
Yes, you'll need to enable RESTful as well for the moment, I've filed a ticket to separate them a bit more cleanly: http://open.silverstripe.com/ticket/3727
> How do you restrict API access for data objects?
That should be in the RESTfulServer docs. Anything else you need?
> How to secure the SOAP API, i.e., make it HTTPS only
You have Director::forceSSL() at your disposal, which you could limit to match specific URLs only. Patches to make this configurable in the SOAP/REST servers are welcome :)