|
|
The Security Sample Application
This topic includes the following sections:
Refer to Readme.txt in the \security directory for troubleshooting information and the latest information about using the Security sample application. For a full discussion of implementing security in a WebLogic Enterprise application, see Using Security.
How the Security Sample Application Works
The Security sample application enhances the Basic sample application by adding application-level security to the WebLogic Enterprise (WLE) application. Application-level security requires each student to have an ID and a password. Therefore, the concept of a Student is added to the Security sample application.
The following functionality is added to the Basic sample application:
Figure 4-1 illustrates how the Security sample application works.
Figure 4-1 The Security Sample Application
The Development Process for the Security Sample Application
This section describes the development process required when adding security to WebLogic Enterprise client and server applications. These steps are in addition to the development steps outlined in The Basic Sample Application.
Note: The steps in this section have been done for you and are included in the Security sample application.
OMG IDL
During the development process, you would define the StudentDetails struct and the get_student_details()operation in Object Management Group (OMG) Interface Definition Language (IDL).
The Client Application
During the development process, you would add the following code to your client application:
For the Security sample application, this code has already been added for you.For information about adding security to client applications, see Using Security.
The Server Application
During the development process, you would write the method implementation for the get_student_details()operation. For information about writing method implementations, see Creating C++ Server Applications.
The UBBCONFIG File
In the WebLogic Enterprise software, security levels are defined for the configuration by the system administrator. The system administrator defines the security for the WebLogic Enterprise domain by setting the SECURITY parameter RESOURSES section of the UBBCONFIG file to the desired security level. In the Security sample application, the SECURITY parameter is set to APP_PW for application-level security. For information about adding security to a WebLogic Enterprise domain, see Administration Guide and Using Security.
The ICF File
No changes to the Implementation Configuration File (ICF) are required.
Building the Security Sample Application
To build the Security sample application, complete the following steps:
The following sections describe these steps.
Note: Before you can build or run the Security sample application, you need to perform the steps in Setting Up Your Environment.
Copying the Files for the Security Sample Application into a Work Directory
The files for the Security sample application are located in the following directories:
Windows NT
drive:\WLEdir\samples\corba\university\security
UNIX
/usr/WLEdir/samples/corba/university/security
In addition, you need to copy the utils directory into your work directory. The utils directory contains files that set up logging, tracing, and access to the University database.
You will use the files listed in Table 4-1 to create the Security sample application.
File |
Description |
---|---|
univs.idl |
The OMG IDL that declares the CourseSynopsisEnumerator, Registrar, and RegistrarFactory interfaces. |
univss.cpp |
The C++ source code for the University server application in the Security sample application. |
univs_i.h |
The C++ source code for method implementations of the CourseSynopsisEnumerator, Registrar, and RegistrarFactory interfaces. |
univsc.cpp |
The C++ source code for the CORBA C++ client application in the Security sample application. |
frmBrowser.frm |
The Visual Basic source code for the ActiveX client application in the Security sample application. |
frmOpen.frm |
The Visual Basic source code for the ActiveX client application in the Security sample application. |
University.vbp |
The Visual Basic project file for the ActiveX client application in the Security sample application. |
University.vbw |
The Visual Basic workspace file for the ActiveX client application in the Security sample application. |
modPublicDeclarations.bas |
A Visual Basic file that contains the declarations for variables used in the sample applications. |
frmTracing.frm |
The files that provide tracing capabilities to the ActiveX client application. |
frmLogon.frm |
The Visual Basic file that performs the security logon for the ActiveX client application. |
UnivSApplet.java |
The Java source code for the CORBA Java client application in the Security sample application. |
univs_utils.h |
The files that define database access functions for the CORBA C++ client application. |
univs.icf |
The Implementation Configuration File (ICF) for the Security sample application. |
setenvs.sh |
A UNIX script that sets the environment variables needed to build and run the Security sample application. |
setenvs.cmd |
An MS-DOS command procedure that sets the environment variables needed to build and run the Security sample application. |
ubb_s.mk |
The UBBCONFIG file for the UNIX operating system. |
ubb_s.nt |
The UBBCONFIG file for the Windows NT operating system. |
makefiles.mk |
The makefile for the Security sample application on the UNIX operating system. |
makefiles.nt |
The makefile for the Security sample application on the Windows NT operating system. |
log.cpp, log.h, log_client.cpp, and log_server.cpp |
The client and server applications that provide logging and tracing functions for the sample applications. These files are located in the \utils directory. |
oradbconn.cpp and oranoconn.cpp |
The files that provide access to an Oracle SQL database instance. These files are located in the \utils directory. |
samplesdb.cpp and samplesdb.h |
The files that provide print functions for the database exceptions in the sample applications.These files are located in the \utils directory. |
unique_id.cpp and unique_id.h |
C++ Unique ID class routines for the sample applications.These files are located in the \utils directory. |
samplesdbsql.h and samplesdbsql.pc |
C++ class methods that implement access to the SQL database. These files are located in the \utils directory. |
university.sql |
The SQL for the University database. This file is located in the \utils directory. |
Changing the Protection on the Files for the Security Sample Application
During the installation of the WebLogic Enterprise software, the sample application files are marked read-only. Before you can edit the files or build the files in the Security sample application, you need to change the protection of the files you copied into your work directory, as follows:
Windows NT
prompt>attrib -r drive:\workdirectory\*.*
UNIX
prompt>chmod u+rw /workdirectory/*.*
Setting the Environment Variables
Use the following command to set the environment variables used to build the client and server applications in the Security sample applications:
Windows NT
prompt>setenvs
UNIX
prompt>/bin/ksh
prompt>. ./setenvs.sh
Initializing the University Database
Use the following command to initialize the University database used with the Security sample application:
Windows NT
prompt>nmake -f makefiles.nt initdb
UNIX
prompt>make -f makefiles.mk initdb
Loading the UBBCONFIG File
Use the following command to load the UBBCONFIG file:
Windows NT
prompt>tmloadcf -y ubb_s.nt
UNIX
prompt>tmloadcf -y ubb_s.mk
The build process for the UBBCONFIG file prompts you for an application password. This password will be used to log on to the client applications. Enter the password and press Enter. You are then prompted to verify the password by entering it again.
Compiling the Security Sample Application
During the development process, you would use the buildobjclient and buildobjserver commands to build the client and server applications. However, for the Security sample application, this step has been done for you.
The directory for the Security sample application contains a makefile that builds the client and server sample applications.
Use the following commands to build the CORBA C++ client and server applications in the Security sample application:
Windows NT
prompt>nmake -f makefiles.nt
UNIX
prompt>make -f makefiles.mk
To build the CORBA Java client application:
Windows NT
prompt>nmake -f makefiles.nt javaclient
UNIX
prompt>make -f makefiles.mk javaclient
For information about starting the ActiveX client application, see Starting the ActiveX Client Application.
For more information about the buildobjclient and buildobjserver commands, Commands, System Processes, and MIB Reference.
Running the Security Sample Application
To run the Security sample application, complete the following steps:
These steps are explained in the following sections.
Starting the University Server Application
Start the system and sample application server applications in the Security sample application by entering the following command:
prompt>tmboot -y
This command starts the following server processes:
The BEA Tuxedo system event broker.
The transaction management services, including the NameManager and the FactoryFinder services.
The Interface Repository server process. This server process is used only by ActiveX client applications.
The University server process.
The IIOP Listener/Handler process.
Before using another sample application, enter the following command to stop the system and sample application server processes:
prompt>tmshutdown
Starting the CORBA C++ Client Application
Start the CORBA C++ client application in the Security sample application by completing the following steps:
prompt>univs_client
Starting the CORBA Java Client Application
To start the CORBA Java client application in the Security sample application, complete the following steps:
code="UnivSApplet.class"
codebase=.
to read as follows:
code="UnivSApplet"
archive="UnivSApplet.jar,m3envobj.jar"
Copy the class files in the Security sample application directory that were generated by the makefile into the tmp directory, set the directory (cd) to the tmp directory, and issue one of the following commands to create a jar file that contains all the Security sample application classes:
jar -cf ..\UnivSApplet.jar *.* (Microsoft Windows NT systems)
jar -cf ../UnivSApplet.jar * (UNIX systems)
Note: On Microsoft Windows NT systems, the node name needs to be in all uppercase characters. For example, if the node is specified as SERVER in the UBBCONFIG file and in the UnivSApplet.html file, set your browser to http://SERVER/UnivSApplet.html.
Starting the ActiveX Client Application
Note: For the University sample applications, the task of loading the OMG IDL for the CORBA interfaces into the Interface Repository is automated by the makefile.
Before you can start the ActiveX client application, you must use the Application Builder to create ActiveX bindings for the CORBA interfaces.
To create an ActiveX binding for a CORBA interface, complete the following steps:
The IIOP Listener window appears.
The Logon window appears.
The Application Builder window appears. All the CORBA interfaces loaded in the Interface Repository appear in the Services window of the Application Builder.
A confirmation window appears.
The Application Builder creates the following:
The type library file is named DImodulename_interfacename.tlb.
To run the ActiveX client application, complete the following steps:
The IIOP Listener window appears.
The Logon window appears.
Using the Client Applications in the Security Sample Application
The following sections briefly explain how to use the client applications in the Security sample application.
The CORBA C++ Client Application
The CORBA C++ client application in the Security sample application has the following additional option:
<L> List your registered courses
This option displays the list of courses registered under the student ID that was used to log on to the CORBA C++ client application.
The CORBA Java Client Application
No additional functionality is added to the CORBA Java client application in the Security sample application.
The ActiveX Client Application
No additional functionality is added to the ActiveX client application in the Security sample application.
|
Copyright © 2000 BEA Systems, Inc. All rights reserved.
|