Hi contestants!

We've introduced a set of bonuses for the projects for the Interoperability Contest 2021!

Here are projects that scored it:

Project

Basic Auth

Bearer/JWT

OAuth

Authorization

Auditing

Encryption

Docker

ZPM

Online Demo

Code Quality

Article on DC

Video on YouTube

Total Bonus

Nominal 2 3 5 2 2 2 2 2 3 1 2 3 29
appmsw-forbid-old-passwd             2 2     2   6
isc-apptools-lockdown       2     - -     2   4
passwords-tool             2 2   1 2   7
API Security Mediator 2     2 2   2 2 3 1 4 3 21
Audit Mediator         2   2 2   1 4 3 14
iris-disguise             2 2   1 4 3 12
iris-saml-example     5 2     2 2 3 1 2   17
Server Manager 3.0 Preview 2                   4   6
appmsw-dbdeploy             2 2     2   6
Data_APP_Security 2     2 2   2 2 3 1 2 3 19
IRIS Middlewares             2     1     3
TimeTracking-workers       2     2     1     5
zap-api-scan-sample             2     1     3
https-rest-api             2           2

Please apply with your comments here in the posts or in Discord.

20
0 15 153
Contestant


In this article I will demonstrate basics of OAuth2 authentication with GitHub account with the help of online demo 
https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp by using SuperUser | SYS

Please read the related documentations Using an InterSystems IRIS Web Application as an OAuth2 Client
and a nice articles about OAuth https://community.intersystems.com/post/intersystems-iris-open-authoriza...

We need below 3 steps to achieve the desire :

  • Step 1 : Register Application with GitHub Authentication Server
  • Step 2 : Configure OAuth 2.0 Client from InterSystems Management portal
  • Step 3 : Call API to login with GitHub account

So Let's start with Step 1

Step 1 : Register Application with GitHub Authentication Server

In order to register application with GitHub authentication server we need GitHub account. 
Log in to GitHub account and navigate to https://github.com/settings/developers and under OAuth Apps tab click New OAuth App button

 

Enter Application name, Homepage URL, Description and Authorization call back URL
Please note that Authorization call back URL must refer to OAuth2.Response.cls class ({domain}/csp/sys/oauth2/OAuth2.Response.cls)
Click Register Application

This will open detail page. Click Generate a new client secret and save Client ID and Secret Key which we will use while configuring IRIS OAuth2 client

Application is registered successfully

10
0 0 12
Contestant
Article
Henrique Dias · 10 hours ago 6m read
Why? How? What's zap-api-scan-sample?

Hey community, how are you all doing?

What if you could check if your REST application is susceptible to some vulnerability? What if you could check if any known attacks affect your application?

With these issues in mind, we've brought our sample application using the ZAP testing tool. A way to quickly, conveniently provide tools for developers to validate security issues in an accessible manner practically.

20
0 0 22
Contestant

Does anyone know of a relatively quick and straightforward way of converting code written in the old dot scoping syntax with argumentless do (see here for reference: https://docs.intersystems.com/latest/csp/docbook/DocBook.UI.Page.cls?KEY=RCOS_cdo_legacy) to the modern parentheses scoping syntax? It's not too bad to do it by hand, but it's also easy to make a mistake and leave a "quit" in an if statement by accident for example.

E.g.

00
0 6 200
Contestant
Contestant

The InterSystems IRIS has a great audit system. It is responsible for auditing system events, but you can use it to audit your applications (great feature).

The audit system is based into event concept. The events can occur with IRIS or in an application. So, we have two type of events to the audit system:

1. System events: events occured into the InterSystems IRIS components (database, interoperability, analytics and core);

50
1 4 96
Contestant

In this article I will explain how to Authenticate, Authorize and Audit by code by using CSP Web Application along with Enabling /Disabling and Authenticate/Unauthenticate any Web Application.

Application Layout
 

30
0 2 102

When i use &sql(SELECT ......)  in Cache I can watch the generated code
In the generated .int code and see what is happening.
Just with my normal rights

Now in IRIS I have just 4 line calling some class %sqlcq.***
With enough rights i find there is no such class but the generated .int routine
%sqlcq.IRISAPP.xEZgUjdXCCgQdZQPpRdOye1Ci2ue.1
That holds the code that i had in my .int on Cache

Can i switch this back somehow ?

00
0 0 41

DTL Transformations and GetValueAt/SetValueAt calls on HL7 messages will truncate any fields longer than 32K.  To avoid this, the methods GetFieldStreamRaw and StoreFieldStreamRaw must be used when dealing with fields that might be larger than 32K.  OBX:5 is a frequent example.  These methods have some subtleties and must be used carefully.

This can't be done by simply dragging from left to right in a DTL.  It must be done with a code action.  Also, the StoreFieldStreamRaw call must be the last edit made to the segment because the segment becomes immutable after that.

80
3 6 1,511
Contestant

We are seeing ERROR #5002: Cache error: <MAXSTRING>zSaveData+14 ^EnsLib.HL7.Segment.1 come up on a Routing rule when we are trying to Encoded PDF's through a DTL. In the DTL we are copying source to target. Is there a limitation on trying to copy source to target? 

At the bottom of the DTL you are see that we commented out converting the Encoded PDF to a Stream, is it recommended that we always use %Stream anytime we are dealing with PDF's?

 

Thanks

00
0 4 140
I need help with resolving this issue of Synchronization failing.

13:55:46.338:HS.Director: Switching to namespace 'MYPORTAL' [Foundation]
13:55:46.450:Ens.Director: Production 'MYPORTALPKG.HSCOMMProduction' starting...
13:55:46.589:....HSCOMMProduction: Table synchronization state: Waiting
13:56:01.604:....HSCOMMProduction: Startup Error 0 =‰Synchronization failed*zOnStart+50^HS.Util.AbstractProduction.1
00
0 2 62

Hello everybody

I'm in need of a lot of help from you.
I work in a company with all system cached script, using global.

I need to develop web applications accessing the cache database, and global.

Could you help me indicate the best language option to develop web applications, and easier to access cache, and if possible send me some examples of applications accessing globals.

I thank you all.

Hugs

00
0 3 135
Question
Thiago Andrade · Dec 3
Clean CACHETEMP

Hi

 

How to clean cachetemp/CACHE.DAT, without cache restart?

I have the procedure to clean cachetemp/CACHE.DAT in my scritp stop/start cache, but, in some cases, I need to clean this base without restart.

It's  possible?

 

00
0 2 67
Question
James Keith · Dec 2
Server Connections

I'm upgrading my laptop, and installed HealthShare 2020.2.  I wanted to import my server connections from my previous laptop, so I exported the Registry Keys (Windows 10) Under Computer\HKEY_CURRENT_USER\SOFTWARE\InterSystems\Cache\Servers from the old machine.  I then imported them into new laptop, but I still don't get the list of connections in my HealthShare Remote System Access list from the HS Cube in my system tray.

Does anyone have a solution for this?  I thought this was more portable.

 

00
0 1 66

Hi Dev Community,

I have a persistent Document class that has a FileName string property and another Question class that has an optional one-to-many relationship with Document.

I'm trying to add a SqlComputed property to the Question class (docFileName) where docFileName = Document.FileName if there is a related Document or an empty string if there isn't one. 

I'd prefer the property to be SqlComputed so that if Question.Document changes, Question.docFileName will automatically update.

00
0 7 112
Contestant
Contestant

Not so while ago GitHub introduced, ability to very quickly run VSCode in the browser for any repository hosted there. Press the . key on any repository or pull request, or swap .com with .dev in the URL, to go directly to a VS Code environment in your browser.

github dev

This VSCode is a light version of the Desktop version but works entirely in Browser. And due to this, it has a limitation for extensions which was allowed to work this way. And let me introduce the new version 1.2.1 of VSCode-ObjectScript extension which now supports running in Browser mode.

40
0 0 51
Discussion
Eduard Lebedyuk · Nov 17
Code Golf - Encoder

We need to send some coordinates to a spaceship through a laser beam.
To do that we have to encode it, and beam it out into space.
Your mission is to implement the encoder with a compression standard.
As usual shortest solution wins.

Task

You will receive a string of comma-separated integers and you will return a new string of comma-separated integers and sequence descriptors.

Input

"0,2,4,5,5,5,5,5,3,4,5"

Output

"0-4/2,5*5,3-5"

40
1 4 254
Contestant