Separate API Endpoints
Version 26.1.9515
Version 26.1.9515
Separate API Endpoints
By default, CData Arc hosts the Administration Console (where administrators create and manage flows) and the public receiving endpoints on the same network port. To enhance security, you might want to separate the console from the public endpoints so that they are hosted on different ports.
Once the console and endpoints are separated, external partners that connect to Arc public endpoints cannot access the Administration Console even if they acquire the login credentials. (The default configuration protects the console behind a username/login combination).
Overview
Separating the console from the public endpoints requires explicitly configuring a second web application that consists of only the resources required to host public receiving endpoints. After this additional configuration, Arc uses two ports: one for the full (console) application, and one for the endpoint-only application.
This topic describes configuring the endpoint-only application. To configure the full application, see the standard web-configuration process that is described in the Installation and Configuration topics.
Restrictions
There are two requirements for separating the Arc console and public endpoints:
- Hosting Arc public endpoints via an external server (Microsoft Internet Information Services [IIS], Eclipse Jetty, Apache Tomcat, and so on)
- Configuring an enterprise application database (MySQL, SQL Server, PostgreSQL)
The following sections provide more details about these requirements.
.NET Edition
Setting Up the Endpoint-Only Application
If you use the .NET edition, you must use IIS to host the public receiving endpoints. You can still use the embedded web server to host the full (console) application that is not exposed to the public.
The .NET edition includes a www_services folder that contains the web configuration data required to host an endpoint-only application. When IIS is directed to this folder, the Arc public endpoint is accessible through IIS, without exposing the Administration Console. Further configuration of ports, SSL, and so on should be accomplished using IIS directly.
Setting Up the Application Directory and Application Database
Separating the public endpoints from the console requires configuring an enterprise database application. The www_services folder includes a web.config file where you configure the application directory and application database connections. When you configure a separate installation for the services endpoint and administration console, CData strongly recommends that both configurations point to the same application directory and database. For details about these configurations, see Configuring the Application Directory and Configuring the Application Database.
Note: The www_services folder is separate from the www folder, which hosts the full (console) application. The configuration of the www_services\web.config file should match the configuration of the file with the same name in the www folder. CData recommends that you manually update the \www_services\web.config file instead of copying the web.config file from the www folder because there is web configuration related to the user interface that is not needed in the services endpoint.
Cross-Platform Edition
Setting Up the Endpoint-Only Application
For Cross-Platform installations, you can use the embedded web server to host either the full console application or the endpoint-only application.
To set up the endpoint-only application, generate the services.war file that is used when you separate the endpoints from the console. Run the following command (this command also generates the services.properties file). This outputs the services.war file to the webapp folder and the services.properties file to the installation directory (where arc.jar is located).
java -jar arc.jar -CreateServicesWAR
The services.properties file includes the contents of the arc.properties file and overrides the WAR path and ports, as shown below:
!include arc.properties
cdata.warPath=./webapp/services.war
cdata.stopPort=18753
cdata.http.port=8088
After you have run CreateServicesWAR, start the services endpoint by running:
java -jar arc.jar -config services
You can also use the -config parameter to point Arc to a configuration file other than the default arc.properties file. See Configuring the Embedded Jetty Server for details.
Setting Up the Application Database
Separating the public endpoints from the console requires configuring an enterprise database application. For details about configuring the enterprise application database, see Configuring the Application Database.