skip to main content
Corticon Server: Integration & Deployment Guide : Secure servers with authentication and encryption : Implementing deployment security : Setting up authentication for secure server access : Securing Server endpoints : Using API calls to a secure web application
 

Try Corticon Now
Using API calls to a secure web application
The following are examples of each of the five core URL patterns outlined in Securing Server endpoints.
Corticon Admin SOAP example
In this example, the SOAP call is made to the /axis/services/CorticonAdmin URL requesting a list of Decision Services that are deployed on a remote server.

IMPORT STATEMENTS:
import java.net.URL;
import org.apache.axis.client.Call;
import org.apache.axis.client.Service;

SAMPLE CODE:
Service service = new Service();
Call call = (Call) service.createCall();

String username = "admin";
String password = "admin";

// Add in username/password
call.setProperty(Call.USERNAME_PROPERTY, username);
call.setProperty(Call.PASSWORD_PROPERTY, password);

URL serverURL = new URL("http://localhost:8850/axis/services/CorticonAdmin");
String methodName = "getDecisionServiceNames";
Object[] variables = new Object[]{};

call.setTargetEndpointAddress(serverURL);
call.setOperationName(methodName);

// Make the actual call to the Web Service
String targetNamespaceXSD = "http://soap.corticon.com";
String returnValue = (String) call.invoke(targetNamespaceXSD, methodName, variables);
CorticonExecute SOAP example
In this example, the SOAP call is made to the /axis/services/CorticonExecute URL while passing a CorticonRequest String through a remote procedure call (RPC) to the remote server.

IMPORT STATEMENTS:
import java.net.URL;
import org.apache.axis.client.Call;
import org.apache.axis.client.Service;

SAMPLE CODE:
Service service = new Service();
Call call = (Call) service.createCall();

String username = "ccuser";
String password = "ccuser";

// Add in username/password
call.setProperty(Call.USERNAME_PROPERTY, username);
call.setProperty(Call.PASSWORD_PROPERTY, password);

URL serverURL = new URL("http://localhost:8850/axis/services/CorticonExecute");
String methodName = "executeRPC";

String corticonRequest = "";
corticonRequest += "<CorticonRequest decisionServiceName=\"ProcessOrder\">";
corticonRequest += " <WorkDocuments>";
corticonRequest += " <Order id=\"Order_id_1\">";
corticonRequest += " <dueDate>1/1/2008</dueDate>";
corticonRequest += " <myItems id=\"Item_id_1\">";
corticonRequest += " <price>10.000000</price>";
corticonRequest += " <product>Ball</product>";
corticonRequest += " <quantity>20</quantity>";
corticonRequest += " </myItems>";
corticonRequest += " </Order>";
corticonRequest += " </WorkDocuments>";
corticonRequest += "</CorticonRequest>";


Object[] variables = new Object[]{corticonRequest};

call.setTargetEndpointAddress(serverURL);
call.setOperationName(methodName);

// Make the actual call to the Web Service
String targetNamespaceXSD = "http://soap.corticon.com";
String returnValue = (String) call.invoke(targetNamespaceXSD, methodName, variables);
Corticon Decision Service Admin REST example
In this example, the REST API call is made to the /axis/corticon/decisionService/list URL requesting a list of Decision Services that are deployed on the remote server.
IMPORT STATEMENTS:
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

import com.sun.org.apache.xml.internal.security.utils.Base64;

SAMPLE CODE:
String serverURL = "http://localhost:8850/axis/corticon/decisionService/list";

HttpGet getRequest = new HttpGet(serverURL);

String username = "admin";
String password = "admin";

// Encode the username/password in Base64. This is needed for REST calls
String encodedString = Base64.encode((username + ":" + password).getBytes());

String base64EncodedCredentials = "Basic " + encodedString;

getRequest.setHeader("Authorization", base64EncodedCredentials);

// Send the request; It will immediately return the response in HttpResponse object // if any
CloseableHttpClient httpClient = HttpClients.createDefault();
HttpResponse response = httpClient.execute(getRequest);

// First verify for valid status code
int statusCode = response.getStatusLine().getStatusCode();
if (statusCode != 200)
{
String error = "Failed with HTTP error code " + statusCode + ": " +
response.getFirstHeader("error");

throw new Exception(error);
}

HttpEntity httpEntity = response.getEntity();
String responseObjectString = EntityUtils.toString(httpEntity, "UTF-8");
CorticonAdmin REST example
In this example, the REST API call is made to the corticon/server/info URL requesting a JSONObject containing information about what Decision Services are currently deployed on the remote server.
IMPORT STATEMENTS:
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

import com.sun.org.apache.xml.internal.security.utils.Base64;

SAMPLE CODE:
String serverURL = "http://localhost:8850/axis/corticon/server/info";

HttpGet getRequest = new HttpGet(serverURL);

String username = "admin";
String password = "admin";

// Encode the username/password in Base64. This is needed for REST calls
String encodedString = Base64.encode((username + ":" + password).getBytes());

String base64EncodedCredentials = "Basic " + encodedString;

getRequest.setHeader("Authorization", base64EncodedCredentials);

// Send the request; It will immediately return the response in HttpResponse object // if any
CloseableHttpClient httpClient = HttpClients.createDefault();
HttpResponse response = httpClient.execute(getRequest);

// First verify for valid status code
int statusCode = response.getStatusLine().getStatusCode();
if (statusCode != 200)
{
String error = "Failed with HTTP error code " + statusCode + ": " +
response.getFirstHeader("error");

throw new Exception(error);
}

HttpEntity httpEntity = response.getEntity();
String responseObjectString = EntityUtils.toString(httpEntity, "UTF-8");
CorticonExecute REST example
In this example, the REST call is made to the /corticon/execute URL while passing a JSONObject as the payload to the remote server.
IMPORT STATEMENTS:
import java.io.StringWriter;

import javax.ws.rs.core.MediaType;

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.json.JSONArray;
import org.json.JSONObject;

import com.sun.org.apache.xml.internal.security.utils.Base64;

SAMPLE CODE:
String serverURL = "http://localhost:8850/axis/corticon/execute";

HttpPost postRequest = new HttpPost(serverURL);

//Set the API media type in http content-type and the Decision Service Name to the header
postRequest.addHeader("content-type", MediaType.APPLICATION_JSON);
postRequest.addHeader(ICcServer.REST_HEADER_DECISION_SERVICE_NAME, "ProcessOrder");

String username = "ccuser";
String password = "ccuser";

// Encode the username/password in Base64. This is needed for REST calls
String encodedString = Base64.encode((username + ":" + password).getBytes());

String base64EncodedCredentials = "Basic " + encodedString;

postRequest.setHeader("Authorization", base64EncodedCredentials);

// Create JSON Payload
StringWriter writer = new StringWriter();

/*
String jsonPayload = {"Objects": [{
"myItems": {
"product": "Ball",
"price": "10.000000",
"quantity": "20",
"__metadata": {
"#id": "Item_id_1",
"#type": "Item"
}
},
"__metadata": {
"#id": "Order_id_1",
"#type": "Order"
},
"dueDate": "1/1/2008",
}]}
*/

JSONObject jsonPayload = new JSONObject();

// Create Order object
JSONObject order = new JSONObject();
order.put("dueDate", "1/1/2008");

JSONObject orderMetadata = new JSONObject();
orderMetadata.put("#id", "Order_id_1");
orderMetadata.put("#type", "Order");

order.put("__metadata", orderMetadata);

// Create Item object
JSONObject item = new JSONObject();
item.put("product", "Ball");
item.put("price", 10.0);
item.put("quantity", 20);

JSONObject itemMetadata = new JSONObject();
itemMetadata.put("#id", "Item_id_1");
itemMetadata.put("#type", "Item");

item.put("__metadata", itemMetadata);

// Add Item object to rolename myItems
order.put("myItems", item);

// Add Order to main payload
JSONArray rootObjects = new JSONArray();
rootObjects.put(order);
jsonPayload.put("Objects", rootObjects);

// Attach JSONObject to the postRequest
jsonPayload.write(writer);
StringEntity userEntity = new StringEntity(writer.getBuffer().toString(), "UTF-8");
postRequest.setEntity(userEntity);

// Send the request; It will immediately return the response in HttpResponse object // if any
CloseableHttpClient httpClient = HttpClients.createDefault();
HttpResponse response = httpClient.execute(postRequest);

// First verify for valid status code
int statusCode = response.getStatusLine().getStatusCode();
if (statusCode != 200)
{
String error = "Failed with HTTP error code " + statusCode + ": " +
response.getFirstHeader("error");

throw new Exception(error);
}

HttpEntity httpEntity = response.getEntity();
String responseObjectString = EntityUtils.toString(httpEntity, "UTF-8");