Pairing open source with traditional IBM i programs works great for APIs, web, and mobile applications. But how do you stay on top of your business’s requirements for speed and scalability?
OCEAN User Group recently asked Alan to help answer that question. In the recording of their November meeting (also linked from the graphic below), he covers:
The Apache-based IBM HTTP Server for i is a vital defense in web and API security for IBM i. As such, it requires regular attention.
IBM Support’s PCI Compliance web page is a resource we use to help our clients protect their systems.
Even if your organization does not process, store, or transmit credit card information, applying the PTFs recommended for PCI compliance constitutes a general best practice for IBM i web and API security.
The Toronto User Group recently invited Alan to speak with them about how to implement secure, flexible APIs to connect IBM i applications to other systems.
Using several real-world code examples written in various free tools and languages—including RPG, PHP, Python, and Node.js—Alan demonstrated how others send and receive data safely using their favorite language paired with IBM i business logic. This video contains the details.
You may have heard claims that HTTP “basic” authentication (classic user/password popup prompt or via an API call) leaves credentials unencrypted and exposed. While it’s true that basic auth itself doesn’t encrypt credentials, this doesn’t matter in practice.
Modern sites and APIs should be using HTTPS, which encrypts everything over the wire, protecting basic authentication credentials in transit. This article will explain why that’s the case.
In this post we’ll take a closer look at how IBM i developers can use the QSHCURL command to easily reach out from CL or RPG and talk to internet-based services and APIs, then consume the resulting data, without a lot of extra effort.
First we’ll provide a short curl intro, and then we’ll look at an example of how to use the PASE-based curl command with an RPG program.
To follow up on Rob Allen’s article about choosing a PHP framework for APIs, here is an edited discussion between Rob and a developer at a Seiden Group client regarding their new API.
In this discussion, Rob addresses common developer concerns about frameworks for APIs.
Alan and I provide API strategy for a software company who asked us whether they should use a PHP framework and, if so, which one would be best. They also wondered whether to invest in a commercial API gateway.
My thoughts on APIs and frameworks struck Alan as useful for any language and platform. Alan encouraged me to document my “philosophy of frameworks” here for anyone planning to develop web apps or APIs.
When we do performance assessments for web applications and APIs running on HTTP Server (Powered by Apache) for i, one of the first things we do is enable a powerful Apache extension called mod_deflate. Just as zipping up files on your PC saves space and accelerates file transfers, mod_deflate compresses output from your server before sending it over your network.
Does it really work? My tests show a speed improvement of 10 to 50 percent!
This guide will outline writing your first Node.js application. Node.js is a packaged version of the V8 Javascript engine, created by Google and shipped in Chromium. Although Node.js is cross-platform, specific tips for IBM i are given in section 8.
When modernizing applications, we help organizations select a software architecture that’s flexible, yet can last many years.
A recent article about our client K3S got our attention. Author Alex Woodie wrote that the inventory forecasting software vendor had updated their package with an attractive web-based interface using PHP, while adapting their existing RPG code into APIs written in RPG.
But I knew there was more to this story. So I asked King Harrison IV—K3S’s executive vice president, friend, and founding member of Club Seiden— to elaborate on their choice of RPG APIs.