IIB(v10)/ACE(v11) email input node: The doc suggests that only iMap and POP3 protocols are supported and these require a configured uid/pwd combination via mqsisetdbparms.
I'd like to know if access to the email server is possible using OAuth2.0 or if this is anticipated in future releases.
Related
Context: We are hosting an online shop that needs to track customer behaviour. To achieve this tracking we have integrated several tracking events based on the customer journey in our shop. Based on the GDPR requirements in Europe we are forced to send the tracking events to infrastructure that is controlled by us as a company. Sending data via the Google Analytics Tag Manager directly to Google Servers is forbidden by the GDPR law. Sidenote: To simplify this question, I intentionally leave out all stuff regards user consent management.
Problem statement: We have the need that each client sends every tracking event directly from the browser to a Pub/Sub endpoint. Now, my question is how a best practise for a proper security would look like.
Current proposal: The Pub/Sub endpoint doesn't require an authentication --> AllUsers have been granted Pub/Sub Publisher permission. In addition I've created an API-KEY that is restricted to
the Pub/Sub API only
to specific HTTP referrers (basically the domain our webshop operates)
Are there other strategies that could be applied? Is the current proposal a valid (aka secure) way to go?
Giving pub/sub publisher access to allUsers are not recommended. Create service account and give publisher access to that and send messages using that service account.
I have an application that I've been spending way too much time on trying to send an email via a service account that I setup in my google apps account.
I was wondering if should continue down this overly complex method of using a service account or if I should just use Gmail's SMTP server. The only function I need is to actually send an email.
Are there any pros/cons to simply using Gmail's SMTP server vs setting up a service account and calling Google's API to send emails? If it makes a difference this will be sort of a batch email in that it will send to many people at once.
Please consider the following:
I guess you should majorly be concerned on sending batch emails. If you don't do it right you might have problems. To avoid those problems make sure to follow the Bulk Senders Guidelines here https://support.google.com/a/answer/81126 Another factor to take into account is the email authentication. When using smtp, make sure all email sent will pass SPF and DKIM to prevent being marked as spam or worse, getting emails rejected. If you use the Gmail API then all you need to do is make sure you set up SPF by following the steps here https://support.google.com/a/answer/178723?hl=en and DKIM by following the steps here https://support.google.com/a/answer/174126?hl=en As per the GMAIL API quotas, you can use 1,000,000,000 units per day so I don't think that will be a problem. The benefit of using SMTP is that you can use SMTP RELAY https://support.google.com/a/answer/2956491 which gives you a way much higher limit when sending emails in case the Bulk Senders Guidelines is something that won't work for you.
In summary, if all you are looking for is to send batch emails, then I guess going with SMTP is easier. Hope this helps!
For just ordinary usage by one user, SMTP will work fine except API has the advantage on server-side for the sysadmin for security.
Differences are theoretical for web service, web application development. Both are ways to give access or to interact with their server. Nowadays REST is used for integrating their service for custom software development, their one part will have F/OSS implementation like OAuth. With REST API we get some extra advantages but that is for integrating for professional grade software development. SMTP relay is less secure.
Take as 2 servers with two technologies. That "Google Apps Service Account" one modern web application supporting Representational State Transfer(REST) API to give access to resource, interact with the server. SMTP one is older web software using Simple Object Access Protocol (SOAP). You can search with SOAP vs REST to understand the basics.
Google SMTP Server is traditional SMTP traditional SMTP relay service. Advantages are -- easy to setup by the users, lesser documentation to help the users to use etc. Disadvantage are they are less secure, plus all inherited disadvantages of SOAP.
"Google Apps Service Account" is modern web application developed in service oriented architecture providing RESTful API for server to server communication over TCP/IP. Advantages are easy to integrate with custom software using open source authentication library (they use OAuth), REST provide more control on sending request, username-password for communication can be avoided, extensive examples of usage, more secure, granular control to operation on server, JSON response has common meaningful format etc. Disadvantages are related to common disadvantages of SOA, Web Hook, RESTful API, difficult to use by a new user etc.
In real, it is basically one web software supporting both ways. One always should use DKIM, SPF etc as anti-spoofing measures.
We have come across similar problem, need your help to resolve this.
Can you please either let us know your contact number so that we can reach out to you or if you can provide your script if possible so that we can refer to
Here is the problem we are stuck with:
I am trying to test a Rest service through HTTP sampler using Jmeter. Not sure how to capture token from the sampler generates a token and to use this token for authorization in the header manager of another HTTP.
Loadrunner is not displaying the web address when trying to enter in the truclient browser. Below is the problem as this web address automatically redirect to another web address which is the authentication server.
Can you please suggest another solution for the below issue?
Here is the exact scenario we are trying to achieve
we want to loadtest the portal however due to redirect and different authentication method being used we are unable to do it using truclient protocol in loadrunner. Also tried Multiple protocol selecting LDAP, SMTP, HTTP/HTML etc but no luck.**
Thank You,
Sonny
JMETER is going to architecturally be the HTTP protocol layer equivalent with LoadRunner, with the exception of the number of threads per browser emulation.
In contrast to the code request, I want to architecturally visualize the problem. You mention redirect, is this an HTTP 301/302 redirect or one which is handled with information passed back to the client, processed on the client and then redirected to another host? You mention dynamic authentication via header token, have you examined the web_add_header() and web_add_auto_header() in Laodrunner web virtual users for passing of extra header messages, including ones which have been correlated from previous requests, such as the token being passed back as you note?
This authentication mechanism is based upon? LDAP? Kerberos? Windows Integrated Authentication? Simple Authentication based upon username/password in header? Can you be architecturally more specific and when this comes into play, such as from the first request to gain access to the test environment through the firewall or from a nth request to gain access within a business process?
You mention RESTFul services. These can be transport independent, such as being passed over SMTP using a mailbox to broker the passing of data between client and server, or over HTTP similar to SOAP messages. Do you have architectural clarity on this? Could it be that you need to provide mailbox authentication across SMTP and POP3 to send and receive?
I want to write own XMPP client. I have jabber server. Is it real use XMPP library only register on server programaticaly?
I want to generate login, password prog-ly, then register prog-ly on server and start to chat. Or XMPP protocol doesn't allow have registering operation?
Registering an account via the XMPP protocol is known as in-band registration, defined in XEP-0077.
However, not all servers support this, or they have it disabled, or impose time/IP limits, as this makes it easy for people writing spambots (which hopefully you are not doing) to easily create multiple accounts automatically.
Like with most XMPP extensions, you can use Service Discovery to determine whether a server supports in-band registration.
Does anyone know if any SIP providers provides an API allowing users to register directly from the iPhone application. As a user register with my application, they should be registered with the sip provider(a sip account) as-well. Is this possible.
Once you have a SIP account at a specific provider, all standard SIP providers allows you to register via the standard SIP protocol. It is a HTTP like protocol and you can assemble the messages directly. But most likely you will need something like called SIP client that creates the messages, handles the call state, etc. There are plenty of open source SIP clients with open APIs out there even for iPhone. One very popular such client is called pjsip, it might be interesting for you.
I've never come across a SIP provider that has an API that duplicates a SIP registration. It's actually a bit of a strange request since the purpose of a SIP registration is to let the server know that the SIP client is available and where it can be contacted. If you perform that function outside of SIP can you be sure that the SIP client is available? And if so will you always know what address it can be contacted on especially considering that contact addresses used in SIP often get mangled due to NAT?
What a lot of providers do offer is the ability to set up static SIP URI forwards, for example you could set a rule that states all incoming calls should be forwarded to SIP URI sip:me#somewhere.com. Setting up that kind of rule can remove the need to register in a lot of cases since the provider will now always forward calls to that SIP URI irrespective of whether any devices are registered on the account or not.