During my recent CodeRage 8 "Secure DataSnap Development" session, I have promised to make the source code of both demos available for download. I have just uploaded them to Embarcadero CodeCentral!
This is a very simple demo that shows basic security in DataSnap, including secure communication with HTTPS protocol, encryption transport filters plus authentication and authorisation in code.
- Demo 2: Secure C++ DataSnap "Departments" demo using new FireDAC JSON Reflection framework introduced in Delphi, C++Builder and RAD Studio XE5 Update 2.
This demo builds on top of the first demo and shows using SSL, encryption and authentication/authorization in the context of the multitier database system with InterBase database at the server, accessed via FireDAC and server methods for retrieving data and applying updates back to the database. The client is a mobile app that is using FireDAC in-memory database tables and Visual LiveBindings for binding data to visual controls.
Marco Cantu, Delphi Product Manager, has blogged about this new approach to building multitier database apps here: http://blog.marcocantu.com/blog/delphi_xe5_update2_datasnap_firedac.html
During the session I have been also using OpenSSL for generating test security certificates. All relevant links to OpenSSL and custom batch file you can find in my blog post about my earlier Delphi CodeRage 8 "Secure DataSnap Development" session here: http://blogs.embarcadero.com/pawelglowacki/2013/10/16/40089
I would like to thank Jim Tierney, Embarcadero R&D Engineer, for providing me with the initial version of the second demo and Vsevolod Leonov, Embarcadero Technical Evangelist, for helping with C++ coding:-)