The Bulk Check API consists of 3 services:
...
Congree Bulk Check Service
The Congree Bulk Check Service itself is available via the following address:
Codeblock | ||
---|---|---|
| ||
http://<BCS host>/CongreeBulkCheckService/BulkCheckService.svc |
The interface definition is available on a separate page.
Bulk Check Authentication Service
The Congree Bulk Check Service also supports CMS authentication in addition to Congree authentication. To apply this, CMS authentication should be enabled in the User Management of Congree Control Center.
Bulk Check Authentication service is available via the following address:
Codeblock | ||
---|---|---|
| ||
http://<BCS host>/CongreeBulkCheckService/BulkCheckAuthenticationService.svc |
Interface definition is available on a separate page.
Authentication Service generates security tokens which can be used in the main Bulk Check Service. Since security tokens provided are not protected with the password, it is strongly recommended to communicate with this service over SSL (see Security topic).
At the end of the session, these tokens should be released like ordinary ones – by calling ReleaseSecurityToken method of IBulkCheckService.
Certificates configuration
Two certificates are required to use CMS authentication (with the public key on the Congree Bulk Check Service side and with the private key on the client side).
The following steps show example how to create and configure certificates.
- It is necessary to install Windows SDK (https://developer.microsoft.com/en-us/windows/downloads/windows-8-1-sdk) if it is not installed.
- (Or just provide these two files, if you do not want to download and install an over 1 Gb package...: makecert_pvk2pfx.zip)
- Run the following cmd to generate root certificate:
makecert -sv CongreeBulkCheckRoot.pvk -n "CN=CongreeBulkCheckRoot" CongreeBulkCheckRoot.cer -r
- You are prompted to set the secret password of the root certificate.
- You are prompted to enter this secret password to generate the pvk-file
- and install output file in Trusted Root Certificate Authorities of the Local Machine (see SSL configuration above) where Congree Bulk Check Service is installed.
- As next step private client certificate should be generated. Note that private key is protected with the password.
If you are going to use this private key to configure Java clients note that Java password for store and private key password should be identical and by default it is "changeit" - so for testing purpose the same password should be used during the following command:makecert -n "CN=CongreeBulkCheckClient" -ic "CongreeBulkCheckRoot.cer" -iv "CongreeBulkCheckRoot.pvk" -a sha1 -sky exchange -sv "CongreeBulkCheckClient.pvk" "CongreeBulkCheckClient.cer"
- You are prompted to set the secret password of the client certificate
- You are prompted to enter this secret password of the client certificate
- You are prompted to enter the secret password of the root certificate
pvk2pfx -pvk "CongreeBulkCheckClient.pvk" -spc "CongreeBulkCheckClient.cer" -pfx "CongreeBulkCheckClient.pfx" -pi ###desiredpw###
- You are prompted to enter the secret password of the client certificate
Result CongreeBulkCheckClient.pfx file should imported in Personal Certificates of each client machine. On the client machine also should be imported CongreeBulkCheckRoot.cer in Trusted Root Certificate Authorities as described in #2.
Configuration for Java clients
- To add CongreeBulkCheckRoot.cer to the Java trust store, run the following command from JRE installation folder:
keytool -import -alias BulkCheckRoot -file CongreeBulkCheckRoot.cer -keystore "c:\Program Files (x86)\Java\jre1.8.0_66\lib\security\cacerts"
- To add client certificate to Java key store, run the following command:
keytool -importkeystore -srckeystore CongreeBulkCheckClient.pfx -srcstoretype pkcs12 -destkeystore "c:\Program Files (x86)\Java\jre1.8.0_66\lib\security\cacerts" -deststoretype JKS
Note that in this case password of key store and private key in the certificate (.pfx) should be identical. To change password the following commands should be used:
- To find private key alias name:
keytool -list -v -keystore "c:\Program Files (x86)\Java\jre1.8.0_66\lib\security\cacerts" -storepass changeit
keytool -keypasswd -alias <alias> -keystore "c:\Program Files (x86)\Java\jre1.8.0_66\lib\security\cacerts
- where <alias> is alias name found after first line was executed.
- To find private key alias name:
Bulk Check Settings Service
The Bulk Check Settings Service is available via the following address:
Codeblock | ||
---|---|---|
| ||
http://<BCS host>/CongreeBulkCheckService/BulkCheckSettingsService.svc |
The interface definition is available on a separate page.
The service provides current Document Check settings etc.
Examples
Here is a small Java code snippet which shows how to use Congree Bulk Check Service.
...
In the result XML file, every found error is marked with <?cngr-lc-b ID> (beginning of the error) and <?cngr-lc-e ID> (the corresponding ending) linguistic-specific processing instructions, where ID is unique in the scope of xml document. The beginning and ending have the same unique ID. This ID can be used to find related error information in ErrorInfo[] array. The ErrorInfo describes the details of found error.
Command line sample to call attached JAR:
...
Codeblock | ||
---|---|---|
| ||
java -jar WebServiceClientSample.jar localhost "JavaCMS" "" "Congree Standard" "<p>text content to be checked</p>" true true "c:\Program Files (x86)\Java\jre1.8.0_66\lib\security\cacerts" |
Note that Java certificate store password is hardcoded in the sample and it is "changeit" (default password for Java store).
The following parameters are available:
- Congree Bulk Check Service host name
- Congree user or CMS name
- Congree user password. In case of CMS it should be empty
- Congree document-specific rule set
- XML to check
- Use CMS authentication
- Use SSL connection
- JRE certificate store (e.g. "c:\Program Files (x86)\Java\jre1.8.0_66\lib\security\cacerts"). Note that if SSL connection or CMS authentication is selected this parameter must be specified