![]() |
iPlanet Delegated Administrator 4.5 Deployment and Customization Guide |
Chapter 15 Extending Servlets
A servlet is a server-side program that gives Java-enabled servers additional features. This chapter describes how iPlanet Delegated Administrator 4.5 uses servlets and tells you how to extend the capabilities of those servlets to meet the needs of your enterprise. It assumes a basic knowledge of Java servlet programming.The chapter contains the following sections:
iPlanet Delegated Administrator 4.5 Servlets
In addition to the information contained in this chapter, full documentation (in javadocs) for the public iPlanet Delegated Administrator 4.5 Java classes is available at http://docs.iplanet.com/docs/manuals/deladmin/45/utility_scripts.
iPlanet Delegated Administrator 4.5 Servlets
iPlanet Delegated Administrator 4.5 functionality is defined by Java class files called servlets. These servlets control how users are authenticated, how HTML pages are generated and displayed, and how tasks (such as creating users or groups) are executed. You can extend and customize some servlets to meet the specific needs of your enterprise.This section describes the architecture of Delegated Administrator's servlets, lists the elements of iPlanet Delegated Administrator 4.5 that you can extend and customize, and explains the basics of extending and customizing servlets. The rest of this chapter covers the details of servlet customization.
Servlet Architecture
Most iPlanet Delegated Administrator 4.5 servlets fall into one of four categories: authentication, logout, task, or page generation. The differences between these categories are as follows:
When users or administrators log in to iPlanet Delegated Administrator 4.5, authentication servlets look them up in the user directory, confirm their identity, and then determine what level of access they have to the directory.
iPlanet Delegated Administrator 4.5 servlets inherit their basic functionality from a class called NDAServlet. Two special servlets manage task and page generation operations: NDATaskManager and NDAGetPage. NDATaskManager determines which task servlets handle which operation requests. NDAGetPage handles all page generation requests.When users or administrators log out of iPlanet Delegated Administrator 4.5, a logout servlet closes their connections, and performs any other logout procedures.
When users or administrators perform operations, such as creating groups or deleting mailing lists, task servlets carry out the backend actions.
When users or administrators click buttons or links, page-generation servlets dynamically determine what pages should appear based on access level and task results and then pass the HTML code for those pages to the Web Server.
NDAServlet
The NDAServlet class is the foundation of all iPlanet Delegated Administrator 4.5 servlets. It inherits its functionality from a core Java class called HTTPServlet. NDAServlet implements doGet and doPost as final methods. The doGet method calls the doPost method that, in turn, invokes the following three methods:Any classes that extend NDAServlet must implement the execute method. In addition, these classes may also implement the preprocess and postprocess methods.
preprocess
The preprocess method is a hook for adding a preprocessing function to an existing servlet in iPlanet Delegated Administrator 4.5. It has the following syntax:
The preprocess method takes the following parameters:
s, which is the HttpSession object from the servlet engine
req, which is the HttpServletRequest object from the servlet engine
res, which is the HttpServletResponse object from the servlet engine
execute
execute is the primary method for servlets that extend NDAServlet. All servlets in iPlanet Delegated Administrator 4.5 must implement this method. The execute method has the following syntax:
The execute method takes the following parameters:
s, which is the HttpSession object from the servlet engine
req, which is the HttpServletRequest object from the servlet engine
res, which is the HttpServletResponse object from the servlet engine
postprocess
The postprocess method is a hook for adding a postprocessing function to an existing servlet in iPlanet Delegated Administrator 4.5. It has the following syntax:
The postprocess method takes the following parameters:
s, which is the HttpSession object from the servlet engine
req, which is the HttpServletRequest object from the servlet engine
res, which is the HttpServletResponse object from the servlet engine
NDATaskManager
When a user or administrator performs a task using iPlanet Delegated Administrator 4.5's HTML forms, a hidden tag containing the name of the task is passed to NDATaskManager. When NDATaskManager receives this request, it opens a file called resource.properties, looks up the name of the class that corresponds to the task name (from the hidden tag), executes the task by running the class, and then returns information about the result to the user.Each class that contains a task must contain a method called doIt that defines the actions required to complete the task. The doIt method has the following syntax:
public void doIt(TaskData td)
throws java.lang.ExceptionThe doIt method takes the following parameter:
td - the task input data
For more information on the relationships between NDATaskManager, resource.properties, and task classes, see "Extending Task Servlets."
NDAGetPage
When a user or administrator clicks a link or selects an option that leads to another screen, a hidden tag containing the name of the page generation operation is passed to NDAGetPage. When NDAGetPage receives this request, it looks up the operation name in the configuration directory, and then dynamically generates the page that the user or administrator sees. For more information on NDAGetPage, NDAGetPage Servlet.
The Session Object
Often, servlets require information about a user's iPlanet Delegated Administrator 4.5 session in order to execute properly. For instance, a servlet that modifies a user's personal information must know the user's distinguished name (DN) in order to make changes in the user directory. To make it easy to obtain this kind of information, Delegated Administrator uses a Session object. The Session object is a collection of name-value pairs that contain user DNs, Lightweight Directory Access Protocol (LDAP) connection values, and other session information.For more information on Delegated Administrator's session object, see "Accessing the Session Object."
Servlets and iPlanet Web Server
In order to make servlets easy to manage and use, iPlanet Web Server uses two properties files. The first file, called rules.properties, maps paths (such as /servlet/TaskManager) to simple names (such as TaskManager). The second file, servlets.properties, maps simple names to actual servlet classes and, if necessary, can include initial arguments and class path information.By default, iPlanet Delegated Administrator 4.5 creates an iPlanet Web Server document root called /servlets. This document root maps to /nda/classes, the subdirectory of your server root containing the JAR files in which Delegated Administrator's servlets are stored.
What You Can Customize
Although you can extend or customize almost any iPlanet Delegated Administrator 4.5 servlet, the code for some servlets is quite complex and involved. The following are the most typically customized types of servlets:
Authentication servlets
Authentication and logout servlets are discussed in "Extending Authentication and Logout Servlets."Task servlets for the creation, modification, and deletion of directory entries
Task servlets are discussed in "Extending Task Servlets."
Accessing the Session Object
The iPlanet Delegated Administrator 4.5 Session object contains information about a user or administrator's interactions with Delegated Administrator. Servlets can use the information in this object to analyze data or to determine what operations to perform. For instance, a servlet that logs a user out of Delegated Administrator may check the Session object to determine when the user first logged in, and then record the total length of time that the user spent within the application. Another servlet might accept a user's request to change his or her password, and then check the Session object to obtain the user's DN.
Methods and Keys
In order to access the contents of the Session object, you use two methods, getAttribute and setAttribute. The getAttribute method is used to retrieve data from the Session object. The setAttribute method is used to set new values for data in the Session object. The data in the Session object is stored as pairs of keys and values. A key is a string that identifies a type of data while a value is the data itself.The getAttribute and setAttribute methods are defined in the javax.servlet.http.HttpSession interface and then extended by netscape.nda.util.TempHttpSession. The methods have the following syntax:
getAttribute
public java.lang.Object getAttribute(java.lang.String name)where name is the name of a key in the Session object. All keys for the Session object are listed in Table 15-1.
setAttribute
public void setAttribute(java.lang.String name, java.lang.Object value)where name is the name of a key in the Session object and value is the new value for the key. All keys for the Session object are listed in Table 15-1.
Keys
The data in the Session object is referred to by keys, individual strings that specify types of values. The different keys in the Session object are specified in the SessionConstants interface. Table 15-1 describes the keys that are stored in the Session object.
Accessing the TaskData Object
The TaskData object contains information about a task that is currently running within a given session. Task servlets can use the information in this object when performing operations. For example, a servlet that creates a user may look up the distinguished name (DN) information for the new user in the TaskData object. Another servlet might accept a user's request to delete a group, and then check the TaskData object's response field to determine the result of the operation.
Constructor and Fields
To create a TaskData object that will contain the input for a task, use the following constructor method:
where req, res, config, resource, charSetEnc, and di are the fields in which the TaskData object stores information. Table 15-2 lists these fields and what they contain.
Extending Authentication and Logout Servlets
This section tells you how to extend NDAServlet by customizing two NDAServlet subclasses, NDABasicAuth, which handles basic authentication, and NDALogout, which handles logout. You can apply the principles discussed in this section when extending NDAServlet for use in different applications.
What Extending NDAServlet Involves
When extending NDAServlet, you must do five things:
Create a Java source file that extends the NDAServlet class.
The following section, "Creating a Java Source File," tells you how to create a Java source file that extends the NDAServlet class. "Compiling and Packaging Your Java Classes," tells you how to compile classes, copy files, and change servlets.properties.Compile the Java source file into a class file.
Copy the class file to the correct location.
Creating a Java Source File
The first step in extending NDAServlet is to create a Java source file for your custom class. This section explains how to do this using two example classes, CustomBasicAuth, which performs a customized version of basic authentication, and CustomLogout, which performs a customized logout procedure.
CustomBasicAuth
One example of a class that extends NDAServlet is NDAAuth. This class provides basic authentication services for iPlanet Delegated Administrator 4.5. Any authentication classes that iPlanet Delegated Administrator 4.5 uses are extensions of NDAAuth.For example, a class called NDABasicAuth handles basic user ID and password authentication. In addition, a class called NDACertAuth handles certificate-based authentication, and a class called NDASSOAuth handles single sign-on authentication.
If you want to write your own authentication servlet, you can do so by extending NDAAuth and its subclasses (NDABasicAuth, NDACertAuth, and NDASSOAuth).
For example, suppose you want your enterprise to use the authentication mechanism in NDABasicAuth, but you want to extend the authentication servlet to also log details about each newly authenticated session. To do this, you can create a class called CustomBasicAuth that implements the postprocess method. Once authentication is complete, postprocess records information about the session and notes the current time for retrieval when the user logs out. The code for CustomBasicAuth looks like this:
In order to store the login time for later retrieval, CustomBasicAuth uses the setAttribute method to store a value called CUSTOM_LOGIN_TIME_KEY in a class called CustomSessionConstants. The CustomSessionConstants class is simply a Java interface that is defined as follows:
package mycom.auth;public interface CustomSessionConstants { public static final String CUSTOM_LOGIN_TIME_KEY = "customlogintime"; }
CustomLogout
When a user logs out, you might use an extended version of NDALogout to record the times when his or her session began and ended. To do this, you would write a class called CustomLogout that implements the execute method. The code for CustomLogout looks like this:
CustomLogout uses the getAttribute method to retrieve the value for CUSTOM_LOGIN_TIME_KEY from the CustomSessionConstants class.
Extending Task Servlets
In iPlanet Delegated Administrator 4.5, a task is any operation that creates, modifies, or deletes a directory entry. Delegated Administrator uses the methods in the netscape.nda.util.Task class to perform tasks. Subclasses of Task define specific operations involving objects. For example, CreateUser contains the code necessary to create a new user object. Similarly, ModifyUser contains the code necessary to modify a user object.iPlanet Delegated Administrator 4.5 uses the NDATaskManager servlet to manage tasks. Any HTML form that calls this servlet must contain a hidden value that specifies the type of task to perform. When a user or administrator submits the form, NDATaskManager interprets the hidden value and then invokes the appropriate Task subclass for the requested operation.
To determine the correct Task subclass to invoke, NDATaskManager consults the resource.properties file. Once it identifies and invokes the correct subclass, NDATaskManager calls the subclass's doIt method. This method processes the operation. You can extend a Task subclass and override its doIt method to create customized behavior.
The doIt method has the following syntax:
public void doIt(TaskData td) throws java.lang.Exception
where td is the task input data contained in netscape.nda.servlet.TaskData.
What Extending a Task Servlet Involves
When extending a subclass of Task, you must do five things:
Create a Java source file that extends the Task subclass.
The following section, "Creating a Java Source File," tells you how to create a Java source file that extends a Task subclass. "Compiling and Packaging Your Java Classes," tells you how to compile classes, change servlets.properties and resource.properties, and copy files.Compile the Java source file into a class file.
Change the servlets.properties file or resource.properties file.
Creating a Java Source File
The first step in extending a Task subclass is to create a Java source file for your custom class. This section explains how to do this using two examples, CustomCreateUser and CustomModifyUser.
CustomCreateUser
The CustomCreateUser class extends iPlanet Delegated Administrator 4.5's default CreateUser class by adding some additional attributes. The class's doIt method first performs any operations in CreateUser and then adds additional attributes. The code for the class is as follows:
CustomModifyUser
The CustomModifyUser class extends iPlanet Delegated Administrator 4.5's default ModifyUser class by modifying additional attributes. The class's doIt method first performs any operations in ModifyUser and then modifies the additional attributes. The code for the class is as follows:
Compiling and Packaging Your Java Classes
Once you have written the Java source code for your custom servlets, you are ready to compile and package them. This process involves doing the following:
Compiling your source files.
This section tells you how to perform these steps.Modifying servlets.properties or resource.properties.
Compiling Your Source Files
Compiling your Java source files into classes for use with iPlanet Delegated Administrator 4.5 is a four-part process that involves understanding Delegated Administrator's Java Development Kit (JDK) and system requirements, setting your classpath, writing a makefile, and compiling your source.
JDK and System Requirements
In order for your servlets to work with iPlanet Delegated Administrator 4.5, you must compile them using version 1.2.2 of the JDK compiler (or a compatible product). If you are compiling on a Sun workstation, make sure you are running Solaris 2.6.
Setting Your Classpath
In order to successfully compile your classes, you must install iPlanet Delegated Administrator 4.5 and set your classpath to include its Java classes.On UNIX, this involves setting the CLASSPATH environment variable to include the nda/classes subdirectory of your server root. On Windows NT, you set the classpath by opening the System Control Panel, selecting the Environment tab, and then adding the nda/classes subdirectory of your server root to the CLASSPATH system variable.
For more information on setting your classpath, see your system and JDK documentation.
Writing a Makefile
A makefile is a set of instructions that the make program uses to turn source files into executable code. The contents of a makefile vary depending on what you are compiling, but typically include a set of directives that specify which compiler to use, what flags to pass to the compiler, and how to process different source files.A makefile for the CustomBasicAuth, CustomLogout, CustomCreateUser, and CustomModifyUser classes discussed earlier in this chapter might look like this:
When you run make from within the directory that contains your source files, it looks for a file called Makefile (you can also specify a makefile by using the -f flag). When it finds the makefile, make executes the all command.
In the makefile example just shown, the first seven lines specify constants that make uses to compile source files. The final five lines contain the all command, which first compiles all Java source files using the -d flag and then creates javadocs for the compiled classes.
For more information on makefiles and the make program, see your compiler documentation or your system man pages for make.
Compiling Your Source Files
Once you have written your makefile, you are ready to compile your Java source files into Java class files. To do this, make sure that your makefile is in the correct directory (typically the same directory as your source files) and then run make.
Modifying Properties Files
Once you have compiled your source files into Java classes, you are ready to modify iPlanet Delegated Administrator 4.5 so that it will use your custom servlets by changing its properties files. Delegated Administrator uses two properties files when working with servlets: servlets.properties and resource.properties.
servlets.properties
The servlets.properties file is used by iPlanet Delegated Administrator 4.5 to execute non-task servlets. It is stored in the https-yourServerIdentifier/config subdirectory of the folder where your instance of Netscape Enterprise Server or iPlanet Web Server is installed (where yourServerIdentifier is the name of your web server instance). The servlets.properties file maps servlet names to classes and specifies any classpath information or initial arguments for specific servlets. It has the following syntax:
servlet.servletName.code=servletClassName [servlet.servletName.classpath=classpath]
servlet.servletName.initArgs=[initArgs]
Variables in the servlets.properties file are defined as follows:
servletName is the name of the servlet that you are mapping
The classpath line of servlets.properties is optional. If your class does not take any initial arguments, just enter the following:servletClassName is the complete class name for the servlet (such as netscape.nda.servlet.myservlet)
classpath is the path to the directory in which the class is located (using forward slashes only, such as /ida/idaclasses)
resource.properties
The resource.properties file is used by iPlanet Delegated Administrator 4.5 to execute tasks. It is stored in the nda/classes/netscape/nda/servlet subdirectory of your iPlanet Delegated Administrator 4.5 installation root directory. The file maps servlet names (as specified in servlets.properties) to Java classes. It has the following syntax:
class-servletName=servletClassName Variables in the resource.properties file are defined as follows:
servletName is the name of the servlet that you are mapping.
servletClassName is the complete class name for the servlet (such as netscape.nda.servlet.myservlet).
Examples
The following parts of servlets.properties and resource.properties files show how you might map the CustomBasicAuth, CustomLogout, CustomCreateUser, and CustomModifyUser classes described earlier in this chapter. Code Example 1 shows part of a sample servlets.properties file. Code Example 2 shows part of a sample resource.properties file.
Code Example 1    Part of a sample servlets.properties file. #
# Custom logout servlet
#
servlet.logout.code=mycom.auth.CustomLogout
servlet.logout.initArgs=
Code Example 2    Part of a sample resource.properties file. class-ModifyUser=mycom.tasks.CustomModifyUser
Packaging and Copying Your Classes
When you have finished modifying servlets.properties and resource.properties, you are ready to package your files in a Java Archive (JAR) and then copy them to the appropriate directory.
To Package Your Files In a JAR
Navigate to the folder where your class files are located.
From the command line execute the following:
- jar -c jarFileName.jar sourceFileNames
- where jarFileName.jar is the destination JAR file (such as myclasses.jar) and sourceFileNames are the names of your class files.
Navigate to the directory where your JAR file is stored.
Copy the file to the /nda/classes subdirectory of your iPlanet Delegated Administrator 4.5 server root.
Restarting the Web Server
When you have finished packaging your files in a JAR and copying them to the nda/classes directory, you must restart the Web Server. For more information on how to do this, see the documentation that came with your web server software.
Previous Contents Index Next
Copyright © 2000 Sun Microsystems, Inc. Some preexisting portions Copyright © 2000 Netscape Communications Corp. All rights reserved.
Last Updated May 24, 2001