Home » IBM Manuals » Computer Software » IBM BJ0NJML » Manual Viewer

IBM BJ0NJML Integration Guide - Page 199

Interface Table Security, Outbound Router Handler Security, Object-Level Authorization

Add to My Manuals
Save this manual to your list of manuals

Page 199 highlights

Interface Table Security T processObjectStructure(..) T routeData(..) To run these methods, the caller must retrieve a valid UserInfo object and pass it to the method to gain access to the secure layer. A UserInfo object is a serialized object that contains user details (user, password, locale, language, and time zone information). The system uses the UserInfo object for security purposes. The system uses Java RMI/JRMP. You can communicate to the system services by using a secure version of JRMP protocol using SSL. Interface Table Security Interface tables use the default database authentication and authorization. If authentication and authorization are in effect, external programs that read or write to the interface tables must provide proper authorization. To read from and write to the interface tables, the USERNAME and PASSWORD values are configured for the endpoint that implements the interface table handler. Outbound Router Handler Security The outbound router handlers have support for authorization and confidentiality. The enterprise bean, HTTP, JMS, Web service, and interface table handlers have support for security. Object-Level Authorization The system provides object-level authorization based on the security configuration set within the system. If an object or attribute is marked as readonly or hidden, then inbound message data processing is limited to data object queries. You cannot insert, update, or delete data in that object. The authorization level for a business object and object attribute can be configured in the Data Restrictions tab in the Security Groups application. Except for standard services, integration messages are not processed according to application-level authorization. The authorization that is used for system users controls the standard service authorization. A signature option can be assigned to a standard service to limit authorization to the users or groups that have authorization for a selected option. Security 185

Section	Page
Integration Guide	1
Contents	3
About This Publication	13
Intended Audience	13
Section I: Using the Integration Framework	15
Chapter 1: What is the Integration Framework?	17
Chapter 2: Integration Framework Architecture	19
Integration Framework Overview	20
Integration Framework for Data Exchange	22
Object Structures	22
Publish Channels	23
Invocation Channels	24
Enterprise Services	25
External Systems	25
Web Services	26
Data Import and Data Export	27
Content	27
Integration Framework for Operational Management Product Integration	27
Process Management Products	27
Action	28
Logical Management Operations	28
Integration Modules	28
Operational Management Products	29
Integration Framework for User Interface Integration	29
Launch Entries	29
Land in Context	30
Chapter 3: Inbound Integration Processing	33
Asynchronous Inbound Integration Processing	34
Enterprise Services	34
Inbound Integration Process Initiation	35
Messages in the Inbound Queues	35
Inbound Queue Message Retrieval	38
Object Structure Identification	38
User Exit Preprocessing	39
Enterprise Service Class Processing	40
User Exit Postprocessing	41
XSL Map	41
Object Structure Multiplication	42
Object Structure Processing Rules	43
Object Creation	43
Object Processing Rules	43
Object Structure Processing Class	44
User Exit Object Processing	44
Object Processing	45
Synchronous Inbound Integration Processing	46
Enterprise Services	46
Inbound Integration Process Initiation	46
Object Structure Identification	47
User Exit Preprocessing	48
Enterprise Service Class Processing	49
User Exit Postprocessing	49
XSL Map	50
Object Structure Multiplication	50
Object Structure Processing Rules	51
Object Creation	52
Object Processing Rules	52
Object Structure Processing Class	52
User Exit Object Processing	53
Object Processing	53
Enterprise Service Response Processing	53
Enterprise Service Web Services	54
Object Structure Services	55
Inbound Integration Process Initiation	55
Object Structure Identification	56
Object Creation	56
Object Structure Processing Class	56
Object Processing	57
Object Structure Web Services	57
Standard Services	58
Inbound Integration Process Initiation	58
Object Processing	59
Standard Web Services	59
Chapter 4: Outbound Integration Processing	61
Asynchronous Outbound Integration Processing	62
Publish Channels	62
Outbound Integration Process Initiation	63
Object Structure Identification	64
Object Structure Processing Rules	64
Object Structure Multiplication	65
User Exit Preprocessing	66
Publish Channel Class Processing	66
User Exit Postprocessing	67
XSL Map	68
Send the Publish Channel Data to the External System	68
Synchronous Outbound Integration Processing	69
Invocation Channels	69
Outbound Integration Process Initiation	70
Request Object Structure Definition	70
Request Class Processing	71
Request User Exit Preprocessing	71
Request XSL Map	72
Send the Invocation Channel Data to the Endpoint	72
Response Class Processing	73
Response User Exit Preprocessing	73
Response XSL Mapping	74
Object Processing	74
Chapter 5: Integration XML and Schemas	75
Integration XML Structure	76
Integration XML Content	76
Root Element	77
Object Structure Element	81
Key Fields	81
Field Attributes	82
The changed Attribute	82
The glorder Attribute	82
The langenabled Attribute	83
The maxvalue Attribute	84
The maxencrypted Attribute	84
The action Attribute	84
Additional Considerations	90
Boolean columns	90
Encrypted fields	90
Character encoding	90
Date format	90
Null columns	90
Number format	90
Viewing XML	91
Integration Schemas	91
Key Fields	91
XML Validation	92
Namespace Property	92
Generating a Schema	92
Schema Directory and Files	93
Metadata Schema	93
Schema Attributes	93
Attribute Groups	93
Content, Query Data, and Supporting Data Types	94
Object Structure Schemas	96
Schema Name	96
Schema Generation	96
Schema Content	96
Object Schemas	98
Schema Name	98
Schema Generation	99
Schema Content	99
Service Level Schemas	100
Schema Name	100
Schema Generation	100
Service Level Schema Elements	100
Standard Services	101
Object Structure and Enterprise Services	102
Object Structure and Enterprise Services Schema Content	102
Chapter 6: Interface Tables	109
Location of Interface Tables	110
Names of Interface Tables	110
Interface Queue Tables	110
Creation of Interface Tables	111
Regeneration of Interface Tables	112
Deletion of Interface Tables and Records	112
Format of Interface Tables	113
Key Columns	113
Duplicate Columns and Aliases	113
Column Name Lengths and Aliases	113
Restricted Columns	114
Integration Processing Columns	114
IFACENAME Column	114
TRANSID Column	114
TRANSSEQ Column	116
EXTSYSNAME Column	117
ACTION Column	117
IMPORTMESSAGE Column	118
TRANSLANGUAGE Column	118
MESSAGEID Column	118
IFACETBNAME Column	118
Long Description Columns in Oracle Databases	118
Interface Table Polling	119
Configuring External Systems	120
Chapter 7: Message Tracking	123
Message Details	124
Message Tracking Configuration	125
External Message ID	125
Multi-noun Message and External Message ID	126
Search ID	126
Multi-noun Message and Search ID	126
Stored Messages	126
Message Statuses	127
Inbound Message Statuses	127
Outbound Message Statuses	127
Message Events	127
Tracked Inbound and Outbound Events	128
Chapter 8: Error Management	129
Queue Error Management	130
Interface Table Error Management	131
Error Management Configuration	132
System Properties Configuration	132
External Systems Configuration Properties	133
Error Notification	134
Message Reprocessing	135
Message Statuses	135
Error Correction	136
Error Details	136
Process Message	137
Save Message	137
Cancel Message	137
Message Deletion	138
Critical Errors	138
Common Causes of Errors	138
Error Research	139
Non-queue Error Management	141
Chapter 9: Basic Configuration	143
Predefined Components and Queues	144
Prerequisite Activities	144
Integration Framework Administration	145
JMS Queues	146
Configuring JMS Queues	146
Queue Properties	147
Cron Task for the Sequential Queues	147
Asynchronous Cron Task Inbound Processing	147
XMLFILECONSUMER Cron Task Parameters	147
XMLFILECONSUMER Cron Task Processing Properties	148
FLATFILECONSUMER Cron Task Parameters	149
FLATFILECONSUMER Cron Task Processing Properties	149
Integration Components	150
Configuring External Systems	150
Endpoints	151
Configuring Object Structures	151
Configuring Enterprise Services	151
Configuring Publish Channels	152
Configuring Invocation Channels	153
Section II: Advanced Topics	155
Chapter 10: Endpoints and Handlers	157
Endpoints	158
Configuring Endpoints	158
Handlers	159
Enterprise Bean Handler	159
FLATFILE Handler	161
Flat File Naming Convention	161
Flat File Formatting	162
Flat File Properties	162
HTTP Handler	162
IFACETABLE Handler	164
JMS Handler	165
WEBSERVICE Handler	167
XMLFILE Handler	168
CMDLINE Handler	169
Writing Custom Handlers	170
Chapter 11: Advanced Interface Table Polling	173
Cron Tasks	174
Configuring Cron Tasks	174
Selectors	174
Defining Selectors	174
Queue Tables	175
Chapter 12: JMS Queue Configuration	177
Creating and Configuring a Queue	178
Sequential Queues	179
Continuous Queue	179
Enabling Message Beans	180
Continuous Queue Performance	181
Configuring Message Beans	181
WebSphere Application Server	181
WebLogic Server	182
Message Caching	182
Continuous Queue Errors	183
WebSphere Application Server	183
WebLogic Server	184
Queue Message Format	185
Message Header	185
Message Properties	185
Message Body	186
Queue Selectors	186
Queue Utilities	187
IBM WebSphere MQ	188
Configuring JMS Endpoints and Handlers	188
Configuring the Integration Queues and WebSphere MQ Provider	189
Chapter 13: Security	191
Integration Queue	192
Configuring J2EE Restrictions	192
Enterprise Bean Access	193
Securing Enterprise Bean Access	193
HTTP Servlet	195
Securing the HTTP Servlet	195
Web Services	197
Securing Web Services	197
Remote Integration APIs (MicService)	198
Interface Table Security	199
Outbound Router Handler Security	199
Object-Level Authorization	199
Chapter 14: Cluster Configuration	201
Configuring the Cron Task	202
JMS Queues	203
WebSphere Application Server Continuous Queue Cluster	204
WebSphere Application Server Sequential Queue Cluster	206
WebLogic Server Continuous Queue Cluster	207
WebLogic Server Sequential Queue Cluster	208
Dedicated Message Processing Servers	209
Server Cluster Configuration	209
Global Directory	209
Inbound Message Receipt	209
Enterprise Beans	210
HTTP Servlet	210
Integration Web Services	210
Chapter 15: Integration Framework Customization with Processing Rules	213
Objects and Records	214
Object Rule Definitions	214
Processing Rule Definitions	215
Processing Rule Initiation	215
Processing Rule Action	215
Message Processing Actions	215
Field Transformation Actions	216
Processing Sequence	218
Conditions and Evaluations	219
Condition Specifications	219
Evaluation Category Specifications	219
Field to Evaluate	220
Type of Evaluation	220
When to Evaluate the Field	221
Comparison Field Specifications	221
Integration Controls	223
Control Levels	223
Control Types	224
Boolean Controls	224
List Controls	224
Value Controls	224
Cross-reference Controls	224
New Control Creations	225
Chapter 16: Integration Framework Customization with Java and XSL	227
Outbound Customization	228
Publish Channel	228
Invocation Channel	228
Processing Rules	229
Java Exits	230
User Exit Preprocessing	230
Processing Class	231
User Exit Postprocessing	231
XSL Mapping	232
Handler Exits	232
The Enterprise Bean Processing Exit Class	234
The Java Message Service Processing Exit Class	235
The Web Service Processing Exit Class	235
Inbound Customization	237
Interface Table User Exit	237
Java Exits	239
User Exit Preprocessing	239
Enterprise Service Processing Class	240
User Exit Postprocessing	240
XSL Mapping	241
Object Structure and Object Processing Rules	242
Business Object User Exit Processing	242
Chapter 17: Integration Component Additions and Modifications	243
Object Structure Creations	244
Required Object Determinations	244
Building the Object Structure	244
Alternate Keys	245
Required Fields	245
Interface Table and Flat File Considerations	246
Predefined Object Structure Modifications	246
Endpoint Creations	246
Predefined Endpoint Modifications	247
Adapter, Service, and Channel Creations	247
Adapters	247
Services	247
Enterprise Services	247
Object Structure Services	248
Standard Services	248
Web Services	248
Channel Creations	249
Publish Channels	249
Invocation Channels	249
Predefined Service and Channel Modifications	250
Creating an External System	250
Queues	251
Working with Enterprise Services	251
Working with Publish Channels	251
Predefined External System Modifications	251
Chapter 18: Integration Queries	253
Query Services	254
Creating an Enterprise Service Query	254
Query Root Element	254
Query Operator	257
Object Structure Element	259
Field Evaluation	259
Field Selection	260
Range Selection	261
Web Service Queries	262
Chapter 19: Integration Web Services	265
Object Structure Web Services	266
Enterprise Web Services	266
Standard Web Services	267
Web Service Deployment Actions	267
XML Schema Generation	268
Web Service Definition Language Generation	269
UDDI Registration	270
Integration Web Service Invocations	270
Chapter 20: Multiple Language Support	273
Default Processing for Translatable Columns	274
Language Tables	274
Multilanguage Attributes	275
The baseLanguage Attribute	275
The languageEnabled Attribute	275
The transLanguage Attribute	275
Chapter 21: Integration Modules	277
Integration Module Components	278
Operational Management Products	278
Logical Management Operations	279
Logical Management Operation Properties	279
Integration Module Prerequisites	280
Logical Management Operation Associations	280
Operational Management Product Associations	280
Logical Management Operation Enablement	281
Integration Module Implementation Properties	281
Integration Module Parameters	281
Integration Module Tasks	282
Integration Modules and Endpoints	282
Java Class and Invocation Channel Usage	283
Java Class Implementation	285
Invocation Channel Implementation	286
Java Methods for Inbound and Outbound Processing	286
Integration Module Invocation	287
Step 1: Identify the Logical Management Operation	288
Step 2: Identify the Operational Management Product and Integration Module	288
Service Utility Methods	288
Step 3: Invoke the Integration Module	289
getServiceInvoker Property Map	289
Invoke Method	290
Operational Management Product Service Method	291
Get Service Invoker Utility Methods	292
Step 4: Process the Integration Module Response	292
Chapter 22: Launch-in-Context Feature	295
External Application Preparations	296
Defining Launch Entries	296
Launch Entry Properties	296
Operational Management Product-specific Properties	298
Associating the Launch Entry with a Signature Option	299
Associating a Signature Option with a User Interface Control or a Toolbar Menu Item	299
Associating a Signature Option with a Push Button	300
Signature Option Conditions	300
Associating a Condition with a Signature Option	301
Appendix: Collaboration Switches	303
Format of Collaboration Switches	303
Process Control ID	303
System ID 1 and System ID 2	304
Process Control Value	304
Default Collaboration Switches	304
Collaboration Switch Retrieval	305
View Collaboration Switches	306
Collaboration Switch Modification	307
Collaboration Switch Additions	307
Modifying the MXCOLLAB Table	308
Inventory Collaboration Switches	310
Invoice Collaboration Switches	312
Labor Transaction Collaboration Switches	314
Purchase Order Collaboration Switches	314
Purchase Requisition Collaboration Switches	316
Receipt Collaboration Switches	318
Work Order Collaboration Switches	319
Notices	321

Match case Limit results 1 per page

Interface Table Security

Security

185

processObjectStructure(..)

routeData(..)

To run these methods, the caller must retrieve a valid UserInfo object and pass it

to the method to gain access to the secure layer.

A UserInfo object is a serialized object that contains user details (user, password,

locale, language, and time zone information). The system uses the UserInfo object

for security purposes.

The system uses Java RMI/JRMP. You can communicate to the system services by

using a secure version of JRMP protocol using SSL.

Interface Table Security

Interface tables use the default database authentication and authorization. If

authentication and authorization are in effect, external programs that read or

write to the interface tables must provide proper authorization. To read from and

write to the interface tables, the USERNAME and PASSWORD values are

configured for the endpoint that implements the interface table handler.

Outbound Router Handler Security

The outbound router handlers have support for authorization and confidentiality.

The enterprise bean, HTTP, JMS, Web service, and interface table handlers have

support for security.

Object-Level Authorization

The system provides object-level authorization based on the security

configuration set within the system. If an object or attribute is marked as read-

only or hidden, then inbound message data processing is limited to data object

queries. You cannot insert, update, or delete data in that object. The authorization

level for a business object and object attribute can be configured in the Data

Restrictions tab in the Security Groups application.

Except for standard services, integration messages are not processed according to

application-level authorization.

The authorization that is used for system users controls the standard service

authorization. A signature option can be assigned to a standard service to limit

authorization to the users or groups that have authorization for a selected option.