Over a million developers have joined DZone.

Enteprise SaaS integration using REST and OAuth

· Cloud Zone

Build fast, scale big with MongoDB Atlas, a hosted service for the leading NoSQL database on AWS. Try it now! Brought to you in partnership with MongoDB.

The current trend of moving enterprise applications to SaaS-style public cloud solutions is raising a number of concerns regarding security and governance. What about integration though? In the now legacy enterprise, various applications are deployed within the same trusted network under a single security domain which facilitate the integration between these applications.

How do you integrate these applications moving forward when they are separated across a number of different public cloud providers independent from each other? If you thought it was hard enough to integrate applications from different vendors inside your domain, imagine what this will turn into once different solution providers host these applications. As a consumer of such services, you need to demand and favor solutions providing adequate integration mechanisms; this is a critical selection factor. On the web, an elegant solution to integrate various services on behalf of users is gaining popularity: OAuth.

OAuth standardizes the process where the owner of a resource authorizes an application to access this resource on the resource provider. OAuth is very ‘resource-oriented’. As such, OAuth is well suited to enable authorization between two entities communicating using a RESTful web service interaction. This very pattern involving OAuth and REST, is ideal to enable the integration of two SaaS provider acting on behalf of their common enterprise subscriber as illustrated below.

In this case, two SaaS (or PaaS) solutions, which are otherwise independent, can share data as coordinated by the enterprise subscriber. This interaction substitutes the integration that would traditionally occur on-premise between two applications managed by the enterprise itself and provides the basis for restoring integration on the cloud.

Of course, the SaaS/PaaS adoption by the enterprise is only partial, and many IT assets remain on-premise. The enterprise therefore requires the same level of integration between externally hosted SaaS and these resources within the enterprise itself. It is logical that the enterprise supports the very integration mechanism that it demands from its external providers. This pattern is known as the ‘cloud call-back’ and is enabled by a specialized perimeter gateway that facilitates the enterprise cloud adoption such as CloudConnect.

To learn more about such patterns or find out how Layer 7 Technologies can help your enterprise integrate to the cloud securely, I invite you to visit us at the SOA/Cloud symposium October 5-6 2010 in Berlin. I will be presenting on the topic of Enterprise Security Patterns for RESTful Web Services.

Now it's easier than ever to get started with MongoDB, the database that allows startups and enterprises alike to rapidly build planet-scale apps. Introducing MongoDB Atlas, the official hosted service for the database on AWS. Try it now! Brought to you in partnership with MongoDB.


Published at DZone with permission of Francois Lascelles, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}