
	Corporate Info \| News \| Solutions \| Products \| Partners \| Services \| Events \| Download \| How To Buy
	e-docs.beasys.com \| Site Map \| Search \| PDF Files \| Contact \| Glossary

WLE Doc Home \| Samples & Related Topics \| Previous \| Next \| Contents \| Index

The Security Sample Application

This topic includes the following sections:

How the Security sample application works
The development process for the Security sample application
Building the Security sample application
Compiling the Security sample application
Running the Security sample application
Using the client applications in the Security sample application

Refer to Readme.txt in the \security directory for troubleshooting information and the latest information about using the Security sample application.

How the Security Sample Application Works

The Security sample application enhances the Basic sample application by adding application-level security to the WebLogic Enterprise (WLE) application. Application-level security requires each student to have an ID and a password. Therefore, the concept of a Student is added to the Security sample application.

The following functionality is added to the Basic sample application:

The client applications add a logon operation. This operation uses a SecurityCurrent environmental object to invoke operations on the PrincipalAuthenticator object, which is part of the process of logging on to access the domain.
The University server application implements an additional operation, get_student_details() , on the Registrar object to return information about a student. After a proper CORBA logon is complete, the get_student_details() operation accesses the student information in the database to obtain the student information needed by the client logon operation.
The University database contains student information in addition to course information.

Figure 4-1 illustrates how the Security sample application works.

Figure 4-1 The Security Sample Application

The Development Process for the Security Sample Application

This section describes the development process required when adding security to WLE client and server applications. These steps are in addition to the development steps outlined in The Basic Sample Application.

Note: The steps in this section have been done for you and are included in the Security sample application.

OMG IDL

During the development process, you would define the StudentDetails struct and the get_student_details() operation in Object Management Group (OMG) Interface Definition Language (IDL).

The Client Application

During the development process, you would add the following code to your client application:

The Bootstrap environmental object to obtain a reference to the SecurityCurrent environmental object in the specified WLE domain
The Tobj::PrincipalAuthenticator operation of the SecurityCurrent environmental object to return the type of authentication expected by the WLE domain
Operations to log on to the WLE domain using the required security information

For the Security sample application, this code has already been added for you.For information about adding security to client applications, see Getting Started.

The Server Application

During the development process, you would write the method implementation for the get_student_details() operation. For information about writing method implementations, see Creating C++ Server Applications.

The UBBCONFIG File

In the WLE software, security levels are defined for the configuration by the system administrator. The system administrator defines the security for the WLE domain by setting the SECURITY parameter RESOURSES section of the UBBCONFIG file to the desired security level. In the Security sample application, the SECURITY parameter is set to APP_PW for application-level security. For information about adding security to a WLE domain, see Administration Guide.

The ICF File

No changes to the Implementation Configuration File (ICF) are required.

Building the Security Sample Application

Perform the following steps to build the Security sample application:

Copy the files for the Security sample application.
Change the protection on the files for the Security sample application.
Set the environment variables.
Initialize the University database.
Load the UBBCONFIG file.
Build the client and server sample applications.

The following sections describe these steps.

Note: Before you can build or run the Security sample application, you need to perform the steps in Setting Up Your Environment.

Copying the Files for the Security Sample Application into a Work Directory

The files for the Security sample application are located in the following directories:

drive :\ WLEdir \samples\corba\university \security

/usr/ WLEdir /samples/corba/university /security

In addition, you need to copy the utils directory into your work directory. The utils directory contains files that set up logging, tracing, and access to the University database.

You will use the files listed in Table 4-1 to create the Security sample application.

Table 4-1 Files Included in the Security Sample Application

File

Description

univs.idl

The OMG IDL that declares the CourseSynopsisEnumerator , Registrar , and RegistrarFactory interfaces

univss.cpp

The C++ source code for the University server application in the Security sample application

univs_i.h
univs_i.cpp

The C++ source code for method implementations of the CourseSynopsisEnumerator , Registrar , and RegistrarFactory interfaces

univsc.cpp

The C++ source code for the CORBA C++ client application in the Security sample application

frmBrowser.frm

The Visual Basic source code for the ActiveX client application in the Security sample application

frmOpen.frm

The Visual Basic source code for the ActiveX client application in the Security sample application

University.vbp

The Visual Basic project file for the ActiveX client application in the Security sample application

University.vbw

The Visual Basic workspace file for the ActiveX client application in the Security sample application

modPublicDeclarations.bas

A Visual Basic file that contains the declarations for variables used in the sample applications

frmTracing.frm
frmTracing.frx

The files that provide tracing capabilities to the ActiveX client application

frmLogon.frm

The Visual Basic file that performs the security logon for the ActiveX client application

UnivSApplet.java

The Java source code for the CORBA Java client application in the Security sample application

univs_utils.h
univs_utils.cpp

The files that define database access functions for the CORBA C++ client application

univs.icf

The Implementation Configuration File (ICF) for the Security sample application

setenvs.sh

A UNIX script that sets the environment variables needed to build and run the Security sample application

setenvs.cmd

An MS-DOS command procedure that sets the environment variables needed to build and run the Security sample application

ubb_s.mk

The UBBCONFIG file for the UNIX operating system

ubb_s.nt

The UBBCONFIG file for the Windows NT operating system

makefiles.mk

The makefile for the Security sample application on the UNIX operating system

makefiles.nt

The makefile for the Security sample application on the Windows NT operating system

log.cpp , log.h , log_client.cpp , and log_server.cpp

The client and server applications that provide logging and tracing functions for the sample applications. These files are located in the \utils directory.

oradbconn.cpp and oranoconn.cpp

The files that provide access to an Oracle SQL database instance. These files are located in the \utils directory.

samplesdb.cpp and samplesdb.h

The files that provide print functions for the database exceptions in the sample applications.These files are located in the \utils directory.

unique_id.cpp and unique_id.h

C++ Unique ID class routines for the sample applications.These files are located in the \utils directory.

samplesdbsql.h and samplesdbsql.pc

C++ class methods that implement access to the SQL database. These files are located in the \utils directory.

university.sql

The SQL for the University database. This file is located in the \utils directory.

Changing the Protection on the Files for the Security Sample Application

During the installation of the WLE software, the sample application files are marked read-only. Before you can edit the files or build the files in the Security sample application, you need to change the protection of the files you copied into your work directory, as follows:

prompt>attrib -r drive:\ workdirectory \*.*

prompt>chmod u+rw / workdirectory /*.*

Setting the Environment Variables

Use the following command to set the environment variables used to build the client and server applications in the Security sample applications:

prompt>/bin/ksh

prompt>. ./setenvs.sh

Initializing the University Database

Use the following command to initialize the University database used with the Security sample application:

prompt>nmake -f makefiles.nt initdb

prompt>make -f makefiles.mk initdb

Loading the UBBCONFIG File

Use the following command to load the UBBCONFIG file:

prompt>tmloadcf -y ubb_s.nt

prompt>tmloadcf -y ubb_s.mk

The build process for the UBBCONFIG file prompts you for an application password. This password will be used to log on to the client applications. Enter the password and press Enter. You are then prompted to verify the password by entering it again.

Compiling the Security Sample Application

During the development process, you would use the buildobjclient and buildobjserver commands to build the client and server applications. However, for the Security sample application, this step has been done for you.

The directory for the Security sample application contains a makefile that builds the client and server sample applications.

Use the following commands to build the CORBA C++ client and server applications in the Security sample application:

prompt>nmake -f makefiles.nt

prompt>make -f makefiles.mk

To build the CORBA Java client application:

prompt>nmake -f makefiles.nt javaclient

prompt>make -f makefiles.mk javaclient

For information about starting the ActiveX client application, see Starting the ActiveX Client Application.

For more information about the buildobjclient and buildobjserver commands, see the C++ Programming Reference.

Running the Security Sample Application

Perform the following steps to run the Security sample application:

Start the University server application.
Start one or more of the client applications.

These steps are explained in the following sections.

Starting the University Server Application

Start the system and sample application server applications in the Security sample application by entering the following command:

prompt>tmboot -y

This command starts the following server processes:

TMSYSEVT
The BEA TUXEDO system event broker.
TMFFNAME
The transaction management services, including the NameManager and the FactoryFinder services.
TMIFSRVR
The Interface Repository server process. This server process is used only by ActiveX client applications.
univs_server
The University server process.
ISL
The IIOP Listener/Handler process.

Before using another sample application, enter the following command to stop the system and sample application server processes:

prompt>tmshutdown

Starting the CORBA C++ Client Application

Start the CORBA C++ client application in the Security sample application by performing the following steps:

At the MS-DOS prompt, enter the following command:
prompt>univs_client
At the Enter student id: prompt, enter any number between 100001 and 100010.
Press Enter.
At the Enter domain password: prompt, enter the password you defined when you loaded the UBBCONFIG file.
Press Enter.

Starting the CORBA Java Client Application

To start the CORBA Java client application in the Security sample application, perform the following steps:

Modify the following lines in the UnivSApplet.html file:
code="UnivSApplet.class"
codebase=.
to read as follows:
code="UnivSApplet"
archive="UnivSApplet.jar,m3envobj.jar"
Copy the modified UnivSApplet.html file to the source directory for the Web server (the directory varies by Web server product).
After executing the makefile to build the Security sample application, create a UnivSApplet.jar file, as follows:
1. Create a tmp directory under the directory where you built the sample application and copy the UniversityS subdirectory and the class files it contains into the tmp directory.
  Copy the class files in the Security sample application directory that were generated by the makefile into the tmp directory, set the directory (cd ) to the tmp directory, and issue one of the following commands to create a jar file that contains all the Security sample application classes:
  
  jar -cf ..\UnivSApplet.jar *.* (Microsoft Windows NT systems)
  jar -cf ../UnivSApplet.jar * (UNIX systems)
Copy the UnivSApplet.jar file you just created to the source directory for the Web server (the directory name varies by Web server product).
Copy the m3envobj.jar file from the appropriate subdirectory (%TUXDIR%\udataobj\java Microsoft Windows NT systems or ${TUXDIR}/udataobj/java UNIX systems) to the Web server source directory.
Make sure the Security server application is running, start up your Web browser, and point it to the node where the Web server is running.
Note: On Microsoft Windows NT systems, the node name needs to be in all uppercase characters. For example, if the node is specified as SERVER in the UBBCONFIG file and in the UnivSApplet.html file, set your browser to http://SERVER/UnivSApplet.html .
Enter a number between 100001 and 100010 in the student ID field.
Enter the password you defined when you loaded the UBBCONFIG file in the Domain Password field.
Click the Logon button.
Enter a search string to find a course.

Starting the ActiveX Client Application

Note: For the University sample applications, the task of loading the OMG IDL for the CORBA interfaces into the Interface Repository is automated by the makefile .

Before you can start the ActiveX client application, you must use the Application Builder to create ActiveX bindings for the CORBA interfaces.

To create an ActiveX binding for a CORBA interface:

Click the BEA Application Builder icon in the WLE program group.
The IIOP Listener window appears.
In the IIOP Listener window, enter the host name and port number that you specified in the ISL parameter in the UBBCONFIG file . You must match exactly the capitalization used in the UBBCONFIG file.
The Logon window appears.
In the Logon window, enter a student ID between 100001 and 100010 for the user name and the password you defined when you loaded the UBBCONFIG file.
The Application Builder window appears. All the CORBA interfaces loaded in the Interface Repository appear in the Services window of the Application Builder.
Highlight the UniversityS folder in the Services window and drag it to the Workstation Views window, or copy the UniversityS folder from the Services window and paste it into the Workstation Views window.
A confirmation window appears.
Click Create to create ActiveX bindings for the CORBA interfaces in the Security sample application.
The Application Builder creates the following:

Perform the following steps to run the ActiveX client application:

Open the University.vbw file in Visual Basic.
From the Run menu, click Start.
The IIOP Listener window appears.
In the IIOP Listener window, enter the host name and port number that you specified in the ISL parameter in the UBBCONFIG file. You must match exactly the capitalization used in the UBBCONFIG file.
The Logon window appears.
In the Logon window, enter a student ID between 100001 and 100010 for the user name and the password you defined when you loaded the UBBCONFIG file.

Using the Client Applications in the Security Sample Application

The following sections briefly explain how to use the client applications in the Security sample application.

The CORBA C++ Client Application

The CORBA C++ client application in the Security sample application has the following additional option:

<L>    List your registered courses

This option displays the list of courses registered under the student ID that was used to log on to the CORBA C++ client application.

The CORBA Java Client Application

No additional functionality is added to the CORBA Java client application in the Security sample application.

The ActiveX Client Application

No additional functionality is added to the ActiveX client application in the Security sample application.

Copyright © 1999 BEA Systems, Inc. All rights reserved.
Required browser: Netscape 4.0 or higher, or Microsoft Internet Explorer 4.0 or higher.