This content applies to WaaS 1.0 only. We highly recommend that you upgrade to WaaS 2.0.
- Make sure to modify the coboPubKey, URL, and customCheck based on your business needs.
- This demo sets up an HTTP server that can receive POST requests from Cobo.
Java
Dependency configurations
Java
- HTTPS: Configure the callback server to use HTTPS, and employ the SSL/TLS handshake to establish an encrypted link between the client and server to enable secure data transmission.
- Callback verification: Ensure that you only accept callback requests from trusted sources. You can employ token validation, IP whitelisting, or other methods to verify if requests originate from legitimate sources.
- Firewall and security group rules: Set up firewall rules on your cloud server or network devices to allow inbound and outbound callback traffic. Only permit specific ports and IP ranges to access the callback server.
- Logging: Enable detailed logging on the callback server to track and analyze the history of callback requests. This is instrumental for troubleshooting and monitoring system performance.
- Timeout and retry policies: Define appropriate timeout and retry policies for callback requests to ensure proper handling and retries in case of network issues or server unavailability.
- Security: Ensure that the operating system, web server, and applications running on your server are up-to-date, with the latest security updates and patches installed.
- Monitoring and alerts: Configure server monitoring to detect the status and performance of the callback server. In the event of failures or anomalies, set up alerts to promptly notify your operations team.
- Fault Tolerance: Ensure that the callback server can tolerate and appropriately handle duplicate callback requests to prevent data duplication or other issues.
- Documentation and notifications: Provide documentation or notifications to enable the initiator of callback requests to understand how to correctly construct and handle callback requests.
- Disaster recovery and backup: Configure a disaster recovery or backup server to ensure that services continue to operate even if the primary callback server experiences a failure.
- Compliance: Ensure that your callback server complies with applicable regulations and legal requirements, especially those related to data privacy and security.

Feel free to share your feedback to improve our documentation!