We are back to %SYS once again! Since we covered managing users and resources in the last two articles, we can finally move on to roles. As you may have guessed, there are a lot of methods of managing them that you have already seen in our previous writings.

Hey Developers,

Check out the latest video on FHIR API Management:

⏯ FHIR API Management: Basic Configuration

https://www.youtube.com/embed/EYZ4dXNZNSY
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

⏯ FHIR API Management: FHIR Dev Portal

https://www.youtube.com/embed/9yEm7ZAZENI
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

⏯ FHIR API Management: Logging and Monitoring

https://www.youtube.com/embed/xcHjcBTLw8o
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

⏯ FHIR API Management: Security

https://www.youtube.com/embed/7ImJPCdp96A
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

Description

This is a template for a FastApi application that can be deployed in IRIS as an native Web Application.

InterSystems introduced this feature many years ago and a time when using Public Key Infrastructure was not yet widely used. Creating materials for use with Public Key Infrastructure is now widely available, and InterSystems is observing a decline in using the InterSystems PKI.

Hi Community,

Join us for this introduction to the terminology and workflow of using OAuth 2.0 with an HL7 FHIR server:

⏯ Securing FHIR Applications with OAuth 2.0 (Part 1)

https://www.youtube.com/embed/dCf8qOCx8Mo
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

Wanna Cry

Most of you should be aware that the Wanna Cry virus is massively infecting un-patched windows machines all around the world. It's particularly affecting the NHS, one of my main clients.

Wanna Cry is one of a line of Viruses that exploit SMBv1 over ports 135 and 445.

A kill switch has been enabled, but this won't protect machines sitting behind http proxies, and there are already reports of new versions without a kill switch.

All windows machines should be isolated and updated a.s.a.p.

Hi Developers,

Watch this video to learn the different roles in OAuth 2.0, scopes, tokens, important authentication flows/grant types, and more:

⏯ OAuth 2.0 Fundamentals @ Global Summit 2023

https://www.youtube.com/embed/5zLdCs5cCd0
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

The ideal number of table permissions to assign for your users is zero. Permissions should be granted upon sign-in based on the application used for access. For web applications, we have a simple way of doing this by appointing application roles, matching roles, and required resources in the System Management Portal.

ODBC and JDBC connections present a different problem, however, especially when third-party applications are involved. As providers of an ERP system, our customers often wish to be able to employ various software packages to integrate with or report on their data. Many of these programs are capable of running any kind of query. Yet, letting them do that can be devastating to a customer’s data.

Hi Community,

New video is already on InterSystems Developers YouTube:

⏯ Updates on Security: OpenSSL and a New "Security" Database

https://www.youtube.com/embed/Eb5kPw8-l08
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

Hello,

I have a very simple web service that I'd like to secure via SAML Authorization with X.509 Certificates. I am, however struggling with documentation and my lack of cryptographic skills. (I do this just for educational purposes now, but need to use it in the future)

Does anyone have an example that shows how to construct a SOAP Client with adding all necessary security headers manually or point me to a decent learning resource?

Thank you very much!

InterSystems FAQ rubric

You can use the List query of the %SYS.Audit to output audit logs programmatically.

The sample code is as follows:

The XData (https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls?KEY=GOBJ_XDATA) is a powerful feature to set documentation and metadata information for classes and methods.

Several steps should be done in order to secure the connection through xDBC clients to an IRIS Server instance using TLS. Most of the information can be obtained from the documentation about TLS on IRIS here, about configuring the security layer for encrypted connections. In the next paragraphs we will cover an step-by-step guide on how to configure and test the connection using SQL Clients apps using ODBC and JDBC.

In the WRC, we often see customers contact us because they are having been provided a .PPK file for use with SFTP connections, but they don’t know how to use that key within InterSystems IRIS. This article will explain why this represents such a problem, and explain how to use the .PPK key to generate a Private / Public Key pair in a format recognized by InterSystems IRIS.