Article
· Feb 14, 2017 1m read
Can you keep a secret?

If you are developing applications that use CSP or Zen, or potentially any of the other InterSystems web-related stuff that's built on top of CSP, then it's important to know how to keep one particular secret.

A central part of the CSP security architecture is a server-side session key. "Server-side" because its value should never be revealed to the client that is issuing the web requests. If it is revealed, a malicious client might be able to use it to bypass your security and make your server do things you don't want it to.

7 1
0 700

We are using an F5 load balancer to route public traffic to our IS server. My goal is to block public access to the Management Portal, and only allow what we want to expose, such as REST/SOAP services. At the F5, they can block URL wildcards or specific ports, so those are our options.

Since the URLs for the web services are in the same path ([host]/csp/healthshare/[namespace]/*), I can't see any URL wildcards happening. That leads me to ports; is there a way to put services on a specific port for all services, and everything else stay on a standard web port?

0 5
0 405
Question
· Mar 24, 2017
Firefox V52

I have a 100% ZEN application combined with 100% ZENReports and am also using IFind which is part of the solution.

Our application is a cloud hosted solution where we lease a server which does not have a website, only Cache configured under IIS. Connectivity to our site is premised on a URL string such as u12345.usa-server.com/csp/namespace/Cache.cls

0 2
0 322

So I installed Atelier, created my project, imported and compiled all my classes but now I need to import all my CSP files too but I can't find any instructions on how to do so. Just copying the files into [project]\CSp\csp is not working as they don't show up in the project tree.

0 2
0 553

I'm currently re-engineering an application from CSP pages directly accessing COS Methods, to an Angular/Material front end accessing a REST DAL. Both the Angular front end and REST services are hosted from the same Caché instance and the same namespace, but the REST services have their own CSP application, with all calls being routed through a Dispatch class.

0 5
0 589

Hi all,
Basically i have 2 queries..

  1. Is there any simple way to fetch the data directly from the database (using the URL and credentials) from the csp file without creating a link table for that particular Table...??
    If there is, could you please share the syntax of using them ..?

  2. Can we have an object return type from the below mentioned method to a javascript function.. ???

0 9
0 819

Hi all,

We've found that in most cases when we open a new CSP session the CGI varaiable %CGIEVAR("HTTP_COOKIE") contains the client name.

It looks like that : "state=SYSADM%3A0; Username=Urish; CSPWSERVERID=Cache for Windows (x86-64) 2013.1.1 (Build 501_1_13062) Sun Aug 11..."
In some other cases this CGI only contains $zv - like "CSPWSERVERID=Cache for Windows (x86-64) 2013.1.1 (Build 501_1_13062) Sun Aug 11 2013 23:20:33 EDT"

0 2
0 461

Hi,

I am using the &sql () tag to retrieve the value from the Cache DB.

below is the piece of code i am using:

script language="cache" method="retrieveDetail" arguments="pVariable" returntype="%String"
&sql( select columnA,
into :tempVariable1
from TABLE
where COLUMNC = pVariable

quit tempVariable1

i have to return the ColumnA value back to the calling procedure.

can i know how it can be done ? since i am getting an javascript error.

1 4
0 456

Interesting anecdote I want to share. Not 100% Caché related, but I hope it would be useful.

When CSP Gateway is configured on IIS, opening CSP Gateway Configuration page is prohibited by default -- as IIS blocks URLs with '/bin' in it.

In our documentation we advise to add <remove segment="bin" /> to applicationHost.config file.
That is correct.

4 0
0 1K

Hi


I have been working on changing a web application from using %FileBinaryStream to storing and serving the file content from a %Stream.GlobalBinary property, stored in a new database. I have managed to migrate the data across, and have also been able to redirect the stream so that it is being served through the web link. However, the previous method set attributes on the File stream to have the stream be rendered as the original file type through MIME, using this code

0 2
0 1.1K
Question
· Sep 14, 2016
Question: CSP Session

Hi,

  I was set one session in user namespce (%session.Data("sup")="login User ").but i couldn't get this session(%session.Data("sup")) in  another namespace.

Cache version:cache 16

but i can acces in cache 5.02.

0 4
0 1.1K

Hi all,

Do anyone know how to force to close the CSP connection used before redirecting to a different page so a new connection ( and therefore a new session id) is generated?

The idea is to generate new CSP session once we log off our application so the session identifiers are different.

Best Regards

1 4
0 563

I've noticed that Management portal somehow manages to allow a single user to be in different namespaces in different tabs in the same application (i.e. Management Portal). I've looked at my Processes, however, and see that all of my processes using MgmtPortal think I'm in %SYS, even though 2 of them are looking at globals in two different namespaces; NamespaceA and NamespaceB.

I can even fool MgmtPortal because the first time I try to look at a global in NamespaceA it thinks I'm in %SYS! After a refresh, however, I can see the global in NamespaceA.

0 8
0 781