Jump to:

5450 Posts in 1672 Topics by 1197 members

Customising the CMS

SilverStripe Forums » Customising the CMS » Creating a custom SOAP API

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 2776 Views
  • HansR
    Avatar
    Community Member
    140 Posts

    Creating a custom SOAP API Link to this post

    Hi,

    I have already previously asked about using SOAP to create a backend in relation to the e-commerce module (se this thread. I see now that SOAP is mentioned under APIs in the list of features in Silverstripe 2.3.0 (here).

    Is there any documentation about how one would create a new SOAP based API? So far I have seen none. There are a few basic items that I would need to know:
    - How to create the access functions
    - How to get data into and out of the database
    - How to secure the SOAP API, i.e., make it HTTPS only and require authentication of some sort (possibly require HTTPS client authentication)

    Hans

  • Ingo
    Avatar
    Forum Moderator
    801 Posts

    Re: Creating a custom SOAP API Link to this post

    Its a wrapper around RestfulServer, see http://doc.silverstripe.com/doku.php?id=restfulserver.
    I've improved documentation slighty (see http://doc.silverstripe.com/doku.php?id=soapmodelaccess),
    but its still fairly crude...

  • HansR
    Avatar
    Community Member
    140 Posts

    Re: Creating a custom SOAP API Link to this post

    @Ingo

    Thanks. You're doc updates are a start. So does this mean that you must have a REST API in order to have a SOAP backend?

    I'd like to see more details about the security side of things. How do you restrict API access for data objects? How would you force all API accesses to use SSL?

    Hans

  • Ingo
    Avatar
    Forum Moderator
    801 Posts

    Re: Creating a custom SOAP API Link to this post

    Yes, you'll need to enable RESTful as well for the moment, I've filed a ticket to separate them a bit more cleanly: http://open.silverstripe.com/ticket/3727

    > How do you restrict API access for data objects?
    That should be in the RESTfulServer docs. Anything else you need?

    > How to secure the SOAP API, i.e., make it HTTPS only
    You have Director::forceSSL() at your disposal, which you could limit to match specific URLs only. Patches to make this configurable in the SOAP/REST servers are welcome

    2776 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.