Secure Tunnelling in 9.5

Sandra_Popovic-Ovcina_(intato017_-_(deleted))

Message from <S.Popovic-Ovcina@iaea.org> via eLink

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

Would anyone be in a position to confirm whether the following (from LAPI documentation) is still (version 9.5 SP1) valid:

==============================================Secure TunnellingLAPI applications that do not implement LAPI security functions cannot ensure the confidentiality of data passed over the Internet or any unsecured network. By default, data exchanged between LAPI client applications and Livelink servers is passed in unencrypted messages (plaintext). If someone intercepts a plaintext message, they may be able to view its contents. Since most LAPI functions include sensitive data, such as a user ID and password (and may include a document added to or retrieved from Livelink), it is important to protect any LAPI transmission made on an unsecured network.Note: Secure tunnelling is supported for LAPI applications written in C++, Java, and Visual Basic. Secure tunnelling is not supported for .NET languages or with proxy server tunnelling.LAPI secure tunnelling requires Livelink Secure Connect. You must separately purchase and install Livelink Secure Connect before you can implement secure communications from your LAPI applications. Livelink Secure Connect includes RSA BSAFE cryptographic and security protocol software from RSA Security, Inc. The LAPI functions that support security allow you to protect the confidentiality of a LAPI application by converting plaintext messages to ciphertext, a form of secure, encrypted data. The data is virtually impossible to decipher if intercepted but is easily converted to plaintext by the application that is intended to receive the data. ==========================================If yes, is there any way we can use LAPI with https (SSL) in our VB.NET application?Thank you in advance,Sandra

This email message is intended only for the use of the named recipient.Information contained in this email message and its attachments may beprivileged, confidential and protected from disclosure. If you are not theintended recipient, please do not read, copy, use or disclose thiscommunication to others. Also please notify the sender by replying to thismessage and then delete it from your system.

Find more posts tagged with

Comments

Ann_Minton

There is currently not a way to use LAPI with Secure tunneling in any .NET language (including VB.NET).

Sandra_Popovic-Ovcina_(intato017_-_(deleted))

Message from via eLinkThank you for a quick reply. But, why is it so? Is there a chance that this could be provided soon?Regards,Sandra-----Original Message-----From: eLink Discussion: LAPI Discussion[mailto:lapi@elinkkc.opentext.com] Sent: Monday, 03 April 2006 17:26To: eLink RecipientSubject: Yes, this is still the caseYes, this is still the casePosted by Minton, Ann on 04/03/2006 11:22 AMThere is currently not a way to use LAPI with Secure tunneling in any.NET language (including VB.NET).[To reply to this thread, use your normal E-mail reply function.]============================================================Topic: Secure Tunnelling in 9.5https://knowledge.opentext.com/knowledge/livelink.exe/open/5169825Discussion: LAPI Discussionhttps://knowledge.opentext.com/knowledge/livelink.exe/open/765428Livelink Server:https://knowledge.opentext.com/knowledge/livelink.exeTo Unsubscribe from this Discussion, send an e-mail tounsubscribe.lapi@elinkkc.opentext.com.This email message is intended only for the use of the named recipient.Information contained in this email message and its attachments may beprivileged, confidential and protected from disclosure. If you are not theintended recipient, please do not read, copy, use or disclose thiscommunication to others. Also please notify the sender by replying to thismessage and then delete it from your system.

Sergio_Pinés_Martín

Is there any possible workaround for this? The point is to establish the connection, i.e., to have a valid session. Is there any way we could do that with secure tunneling using .NET, or a combination of .NET and something else?Thanks,

Ian Morrison

Is there a resolution to this problem or work arounds / alternatives to resolve it?

Your input will be greatly appreciated. Thanks

Ferdinand Prantl

There is a topic about the support for the 64-bit LAPI in .NET where the situation is the same. i posted some alternatives how to work around this at https://knowledge.opentext.com/knowledge/llisapi.dll?func=ll&objId=17261369&objAction=viewincontainer&ShowReplyEntry=17265640#forum_topic_17265640.

The product I work on needed both 64-bit and HTTPS and was heavily based on LAPI. We took the option 4 from the list I posted above. I am afraid this option is realistic only for internal Open Text products/projects.

If you can afford to change for EWS in your project, it seems to be generally an optimal solution. You get HTTPS and the support on any WS-friendly platform.

--- Ferda