ibmsecurity
v1.0.1
Published
Module that intercepts requests and perform security validation with MAS
Downloads
32
Readme
IBM Mobile Application Security (MAS) for Bluemix Service SDK
ATTENTION: This service is currently deprecated on Bluemix and will be completely removed shortly. Please use the 2nd generation of Bluemix MobileFirst Services.
BlueMix supports IBM's MobileFirst strategy by allowing you as a mobile developer to quickly incorporate pre-built, managed, and scalable cloud services into your mobile applications without relying on IT involvement. You can focus on building your mobile applications rather than the complexities of managing the back end infrastructure.
When you create a Mobile Cloud application, BlueMix provisions multiple services under a single application context. Your mobile application is given access to the following mobile services: Mobile Application Security, Push, and Mobile Data.
About the Mobile Cloud Services SDK
The IBM Mobile Application Security for Bluemix Service SDK is a JavaScript SDK that you use can inside a server-side Node.js JavaScript module. This SDK manages all the security integration with the Mobile Cloud Services in Bluemix. This module provides an express middleware filter that validates requests to your Node.js application.
Version: v1.0.0-20160421-1718
Installing the SDK
Install the ibmsecurity
package with the npm
package manager with the following command:
npm install ibmsecurity
Loading the SDK
After the SDK is installed, you can use the SDK within your application.
var mas = require('ibmsecurity');
Initializing the SDK
Configure the ibmsecurity SDK to enforce client whitelist security checks, access token security checks, or both against inbound requests. You can also configure the ibmsecurity package to require inbound requests to use HTTPS.
Enable Mobile Application Security (MAS) security checks for all service endpoints
var mas = require('ibmsecurity');
var app = express();
app.use(mas());
Configure the MAS express middleware before other application middleware that requires MAS-provided security checks. That is,
put the app.use(mas())
line before the app.use()
or app.router()
lines that are associated with application endpoints that require MAS security checks.
Require HTTPS for all service endpoints
var mas = require('ibmsecurity');
var app = express();
app.use(mas('requireSSL'));
app.use(mas());
You can configure MAS to enforce HTTPS with or without being configured to provide MAS security checks.
If both are configured, ensure the app.use(mas('requireSSL'))
line occurs before app.use(mas())
so that
HTTPS enforcement occurs before the security checks.
License information
Licensed Materials - Property of IBM (C) Copyright IBM Corp. 2013, 2015. All Rights Reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.