ssc rest api
play

SSC REST API Jonathan Couch Fortify Security Support Engineer How - PowerPoint PPT Presentation

Dec 28, 2022 •197 likes •370 views

SSC REST API Jonathan Couch Fortify Security Support Engineer How to create a project version Creating a project is not one REST API endpoint call but uses two separate calls using the following endpoints /projectVersions /bulk To

  1. SSC REST API Jonathan Couch Fortify Security Support Engineer

  2. How to create a project version  Creating a project is not one REST API endpoint call but uses two separate calls using the following endpoints /projectVersions /bulk  To see how the two endpoints work together under the SSC covers, a trick used by Fortify technical support is using the browser’s network web developer tools. In IE that is accessible by clicking F12 and FireFox that is pressing CTRL+SHIFT+E. We would create a new application version using the “NEW APPLICATION VERSION” wizard under the Dashboard or Application view and go through the process creating a new application version and monitor the network traffic to see the SSC calls. 2

  3. How to create a project version  After clicking “Finish” for the new application version, in the Network web developer tool console, under the Network section, the 2 POST requests made by /projectVersions and /bulk endpoint can be seen. Switching between “Header” and “Params” where the header contains the url used and params contains the json payload. This will come handy when using the REST API swagger page later in the presentation. 3

  4. SSC REST API Swagger page This can access by logging into SSC and clicking on Help icon -> API Documentation -> API Reference or access it via http://ssc_context_path/ssc/html/docs/api-reference/index.jsp 4

  5. Using the SSC Rest API Swagger page  Locate “project-version-controller”  Click the /projectVersions create endpoint 5

  6. How to create a project version  Here you can enter the json input to create a project Using the info from the browser’s web developer tool, the params section contains the json payload that would be entered here with slight modifications. 6

  7. How to create a project version  /projectVersions endpoint payload example (important parts in blue). This will generate an ID for the new application version. This can be found in the URL bar when open the application version or when viewing the network developer tool { "name":"1.0",  Application Version "description":"", "active":true, "project":{ "name":"Test4",  Application Name "description":"", "issueTemplateId":"Prioritized-HighRisk-Project-Template" }, "issueTemplateId":"Prioritized-HighRisk-Project-Template", "committed":true } 7

  8. How to create a project version 8

  9. How to create a project version  Click the "Execute" button and it should return a response code 201. Keep track of the new project version ID, in this example it is "id": 10043. This information will be needed to enable the project version using the /bulk endpoint step. 9

  10. How to create a project version  Verify that the new project version was created by going to the Application page. Here you can see that the project version has been created but it is not accessible because it is not enabled.  To enable the new project version, use /bulk endpoint under bulk-controller section 10

  11. How to create a project version  /bulk endpoint payload example (important parts in blue). The <PROJ_ID> comes from the /projectVersions {"requests": [{"uri":"http://localhost:8080/ssc/api/v1/projectVersions/ <PROJ_ID> /attributes", "httpVerb":"PUT", "postData": [ {"attributeDefinitionId":5,"values":[{"guid":"Active"}],"value":null}, < These attributeDefinitionId can be found {"attributeDefinitionId":1,"values":[{"guid":"High"}],"value":null}, in the metaoptionview table {"attributeDefinitionId":6,"values":[{"guid":"Partial"}],"value":null}, {"attributeDefinitionId":7,"values":[{"guid":"externalpublicnetwork"}],"value":null} ] }, {"uri":"http://localhost:8080/ssc/api/v1/projectVersions/ <PROJ_ID> ?hideProgress=true", "httpVerb":"PUT", "postData":{"committed":true} } ] 11 }

  12. How to create a project version 12

  13. How to create a project version  Verify that new project version is enabled by going to the Application page in SSC 13

  14. How to upload FPR to a project version  Use the /projectVersions/{parentId}/artifact endpoint 14

  15. Troubleshooting SSC REST API ▪ Depending on the endpoint, perform the action in SSC and use the browser’s web developer tool to see what payload and calls it is doing. ▪ Check the ssc.log for any errors ▪ Using Postman better than using curl from command line 15

  16. Questions 16

  17. Thank you. www.microfocus.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Outline What is ReST ? Constraints in ReST REST Architecture Components Features of

Outline What is ReST ? Constraints in ReST REST Architecture Components Features of

Outline What is ReST ? Constraints in ReST REST Architecture Components Features of ReST applications Example of requests in REST &amp; SOAP Complex REST request REST Server response Real REST examples REST Design

603 views • 34 slides
REST API What it means to be RESTful What is REST REST stands for REpresentational State

REST API What it means to be RESTful What is REST REST stands for REpresentational State

REST API What it means to be RESTful What is REST REST stands for REpresentational State Transfer It is neither a standard nor a protocol REST is not HTTP , although because of HTTPs prevalence and popularity the two tend to go

708 views • 11 slides
Introduction to REST Web REST Web Services Characteristics Services Principle of REST Web

Introduction to REST Web REST Web Services Characteristics Services Principle of REST Web

Introduction to REST Web Services 2/14/2009 Agenda What is REST? Introduction to REST Web REST Web Services Characteristics Services Principle of REST Web Services Design Semantic of HTTP/1.1 Operations Asst. Prof. Dr. Kanda

522 views • 12 slides
Preparing a REST API Rules of REST APIs, API patterns, Typical CRUD operations Rules for a REST

Preparing a REST API Rules of REST APIs, API patterns, Typical CRUD operations Rules for a REST

Preparing a REST API Rules of REST APIs, API patterns, Typical CRUD operations Rules for a REST API Recall : REST Representational State Transfer o REST is statelessit has no idea of any current user state or history o API

535 views • 17 slides
Rest for the Restless (or Finding Rest in a Family Tree) Matthew 1:1-17 3 Promises of Rest for

Rest for the Restless (or Finding Rest in a Family Tree) Matthew 1:1-17 3 Promises of Rest for

Overview [not in slides] Rest for the Restless (or Finding Rest in a Family Tree) Matthew 1:1-17 3 Promises of Rest for the Restless 1. God promises rest in his righteousness 2. God promises rest in his presence 3. God promises rest in his

92 views • 5 slides
presentation kit leave the rest to us SM leave the rest to us SM centrally located leave the

presentation kit leave the rest to us SM leave the rest to us SM centrally located leave the

presentation kit leave the rest to us SM leave the rest to us SM centrally located leave the rest to us SM easy access to any places leave the rest to us SM exterior leave the rest to us SM lobby leave the rest to us SM lobby lounge

521 views • 18 slides
Developers Nicole Schmidt and Rob Kraft Agenda Lucity REST API introduction Lucity REST

Developers Nicole Schmidt and Rob Kraft Agenda Lucity REST API introduction Lucity REST

Lucity for Application Developers Nicole Schmidt and Rob Kraft Agenda Lucity REST API introduction Lucity REST API Recent Changes REST Client Applications Explained Web Hooks Other Options Future Plans Lucity REST API

498 views • 22 slides
Topics RPC vs. REST: What's the What makes an API truly REST best practices difference

Topics RPC vs. REST: What's the What makes an API truly REST best practices difference

Topics RPC vs. REST: What's the What makes an API truly REST best practices difference and why does it RESTful? (Constraints and (common problems and matter? interface) their solutions) Planning and developing Drupal services

632 views • 28 slides
RESTful Web Services Stefan Marr Agenda What is REST? The Bookmark Example Principles of REST

RESTful Web Services Stefan Marr Agenda What is REST? The Bookmark Example Principles of REST

RESTful Web Services Stefan Marr Agenda What is REST? The Bookmark Example Principles of REST Web Service Design Semantic of HTTP/1.1 Operations SOAP vs. REST Style Assets and Drawbacks Security Public Web Services HPI, Seminar Advanced

330 views • 10 slides
REST Web-based APIs REST Representational State Transfer Style of web software

REST Web-based APIs REST Representational State Transfer Style of web software

REST Web-based APIs REST Representational State Transfer Style of web software architecture that simplifies application Not a standard, but a design pattern REST Take all resources for web application (data, files, functions)

722 views • 22 slides
Continuations continued: the REST of the computation Anton van Straaten appsolutions.com 1

Continuations continued: the REST of the computation Anton van Straaten appsolutions.com 1

Continuations continued: the REST of the computation Anton van Straaten appsolutions.com 1 REST - The 10-second overview &quot;the name given to the architecture of the World Wide Web by Roy Fielding.&quot; -- rest-discuss Following REST

789 views • 59 slides
FROM 00s TO 20s: FROM REST ful to gRPC Gianfranco Reppucci @giefferre Data Engineer WHAT

FROM 00s TO 20s: FROM REST ful to gRPC Gianfranco Reppucci @giefferre Data Engineer WHAT

FROM 00s TO 20s: FROM REST ful to gRPC Gianfranco Reppucci @giefferre Data Engineer WHAT THIS TALK IS ABOUT BEFORE REST S O A P Common Object Request Simple Object Broker Architecture Access Protocol REST: REpresentational State

792 views • 44 slides
More on Distributed Web Services: REST Architecture REST, or Representational State Transfer, is

More on Distributed Web Services: REST Architecture REST, or Representational State Transfer, is

Web Services REresentation State Transfer (REST) More on Distributed Web Services: REST Architecture REST, or Representational State Transfer, is a distributed communication architecture fast becoming the lingua franca for Cloud Computing. The

353 views • 17 slides
REST: SOA without Contracts? Stefan Tilkov | innoQ | stefan.tilkov@innoq.com What is REST?

REST: SOA without Contracts? Stefan Tilkov | innoQ | stefan.tilkov@innoq.com What is REST?

REST: SOA without Contracts? Stefan Tilkov | innoQ | stefan.tilkov@innoq.com What is REST? REST: An Architectural Style One of a number of architectural styles ... described by Roy Fielding in his dissertation ... defined via a set of

563 views • 34 slides
Building a Killer REST Client for Your REST+JSON API Les

Building a Killer REST Client for Your REST+JSON API Les

Building a Killer REST Client for Your REST+JSON API Les Hazlewood @lhazlewood Apache Shiro Project Chair CTO, Stormpath stormpath.com @lhazlewood |

701 views • 59 slides
Deformable Bodies Deformation rest space deformed space x p ( x ) Given a rest shape x and

Deformable Bodies Deformation rest space deformed space x p ( x ) Given a rest shape x and

Deformable Bodies Deformation rest space deformed space x p ( x ) Given a rest shape x and its deformed configuration p ( x ), how large is the internal restoring force f ( p )? To answer this question, we need a way to measure

604 views • 39 slides
Project 7.1.3 Low profile body armour Huijun Li University of Wollongong April 7, 2009

Project 7.1.3 Low profile body armour Huijun Li University of Wollongong April 7, 2009

Project 7.1.3 Low profile body armour Huijun Li University of Wollongong April 7, 2009 Capability through collaboration 2 Company overview 3 Company overview 4 Business model and governance 5 Personnel survivability DMTC - Program 7

663 views • 29 slides
Investor Presentation August 2017 Safe Harbor This

Investor Presentation August 2017 Safe Harbor This

Investor Presentation August 2017 Safe Harbor This presentation and the accompanying slides (the Presentation), which have been prepared by PC Jeweller Limited (the Company), have been prepared

694 views • 41 slides
Redesign of Driving Teeth to Improve Performance by Team Members: Kelly Hogue Kristen Tucker

Redesign of Driving Teeth to Improve Performance by Team Members: Kelly Hogue Kristen Tucker

Redesign of Driving Teeth to Improve Performance by Team Members: Kelly Hogue Kristen Tucker Matthew Gassen Buck Melton Prepared for CONEQTEC Universal and BAE 4012 Mission statement Blue Diamond Machinery strives to improve products

390 views • 24 slides
RaDistance Safety Meter Kieran Paddock, Greg Wolf, Christina Sorenson, Alex Smith, Rebecca Alcock

RaDistance Safety Meter Kieran Paddock, Greg Wolf, Christina Sorenson, Alex Smith, Rebecca Alcock

RaDistance Safety Meter Kieran Paddock, Greg Wolf, Christina Sorenson, Alex Smith, Rebecca Alcock Client: Prof. John Webster, Dr. Eng. Sarah Hagi Advisor: Prof. Beth Meyerand Overview Problem Statement Background Product Design

281 views • 16 slides
Project Plan New Customer Service Channel The Capstone Experience Team Consumers Energy Andrew

Project Plan New Customer Service Channel The Capstone Experience Team Consumers Energy Andrew

Project Plan New Customer Service Channel The Capstone Experience Team Consumers Energy Andrew Morrissette Ibraheem Saleh Ben Weinstock Muhammed Zahid Hang Zhao Department of Computer Science and Engineering Michigan State University From

412 views • 12 slides
Project Plan Teachers Virtual Toolbelt The Capstone Experience Team TechSmith Ryan Cornillie

Project Plan Teachers Virtual Toolbelt The Capstone Experience Team TechSmith Ryan Cornillie

Project Plan Teachers Virtual Toolbelt The Capstone Experience Team TechSmith Ryan Cornillie Alex Crimin Zeke Zandbergen Yang He Department of Computer Science and Engineering Michigan State University Spring 2017 From Students

386 views • 13 slides
www.dotnetconf.net Client Backend http://.. gRPC gRPC ASP.NET Core Blazor MVC / Razor Pages

www.dotnetconf.net Client Backend http://.. gRPC gRPC ASP.NET Core Blazor MVC / Razor Pages

www.dotnetconf.net Client Backend http://.. gRPC gRPC ASP.NET Core Blazor MVC / Razor Pages Web APIs Components SignalR Worker services SPA (JavaScript) Security &amp; identity gRPC gRPC

142 views • 11 slides
T H E C O D E Y O U T R U S T W e a r e a p r o g r e s s i v e s o f t w a r e d e v

T H E C O D E Y O U T R U S T W e a r e a p r o g r e s s i v e s o f t w a r e d e v

T H E C O D E Y O U T R U S T W e a r e a p r o g r e s s i v e s o f t w a r e d e v e l o p m e n t c o m p a n y g r o w i n g a n d h e l p i n g b u s i n e s s e s f r o m a v a r i e t y o f l e a d i n g i n d u s t

483 views • 19 slides

More recommend