| |
 BCD @ Spring COMMON in Anaheim, CA
This year's Spring COMMON Conference and Expo will be held in California, from April 29 to May 3, at the Anaheim Convention Center. As always, BCD will have a strong contingent there, ready to answer your questions and talk with you all about where we're heading with our various product lines. We'll also have at least one exciting announcement about a new project we've been working on for some time now. There are also a few other interesting ideas churning here, and if you want to hear about those, make sure you come by the booth for a visit and a demo; you'll find us at booth 510.
We also highly recommend signing up for either (or both) of Duncan Kenzie's events. You can count on Duncan to have an informative and lively presentation, as well as to discourse knowledgeably on any other topics as you wish to engage him on. And he's always happy to stick around after the formal presentation for a chat.
WebSmart Lab & Session
Duncan Kenzie, President and CTO of ExcelSystems Software Development, Inc. will be leading a Lab entitled Rapid iSeries Web Application Development with WebSmart, on Monday, April 30th from 11:00 am to 1:45 pm, in room 201B. In his lab you will get a hands-on introduction to building ILE RPG CGI programs using WebSmart, listed on IBM's iSeries Developer Roadmap. Duncan will also introduce you to the advantages of web deployment using the Apache web server which ships as a standard component of OS/400. This lab (as taught by Kevin Cronin) has twice won the 'Best Traditional Lab' award at COMMON and fills up quickly, so sign up soon.
Duncan will also be delivering a session on WebSmart - Simplifying iSeries Web App Development (ILE RPG CGI) on Tuesday May 1st from 9:30-10:45 am in the Grand Blrm Salon G. In that session he will introduce the WebSmart development tool and demonstrate how browser-based applications can be developed using the WebSmart templates and design wizard. Duncan will focus on using the WebSmart Integrated Development Environment (IDE) and also review the report design facilities of Clover, which is incorporated into WebSmart. He will also discuss the benefits of deploying CGI applications using the Apache Web Server and highlight advantages of a true browser-based model using CGI vs. alternatives that capture and convert the 5250 data stream.
If you have any questions about these events, please drop us a note.
ProGen Plus 9 Training Course in Victoria, BC
At the request of the registered participants, our upcoming 4-day ProGen Plus 9 Fundamentals training course has been shifted to the week of June 11. We will be hosting the class at our Sidney location (just outside Victoria, BC). If you are interested in attending this class, please submit a training request via our website.
This class is intended primarily for new users of the software, though even ProGen Plus veterans of many years have found these courses useful. The class moves quickly and is packed with useful tips and techniques, collected from thousands of developer and support hours over the years. Most of your time is spent working through more than a dozen hands-on exercises, to illustrate and cement concepts. The labs are always enjoyable, and they'll give you the opportunity to thoroughly acquaint yourself with the product under the watchful eye of our trainer.
If you have any questions about the course content, or whether the level will be appropriate for you, give us a call at (250) 655-1766. Our Sidney, BC site is just a 5-minute drive from Victoria International Airport (YYJ) and three blocks from a beautiful oceanfront walkway with panoramic views of Mt. Baker and the San Juan Islands. Late spring is a great time to visit southern Vancouver Island, and this area abounds with recreational options.
Using Nexus Protections to Secure CGI Applications (Part 1)
As a matter of historical interest, one of the main reasons that Nexus came into being was in response to the security challenge faced by many of our new WebSmart customers as they made the transition from green-screen to online applications. In this article we will begin a brief survey of a lengthy topic: securing CGI applications with Nexus. In this first article we will look particularly at the advantages of using Nexus groups and users with link protections.
 |
|
 |
Business Computer Development Co., Ltd., Thailand
www.bcdthailand.com
BCD would like to welcome another new international dealer to our organization: Thailand's Business Computer Development Co., Ltd.
Krisada Jotidilok, Company Director, writes the following about BCD Thailand: "Business Computer Development Co., Ltd. is focused on delivering the best and most cost-effective solutions to our clients in areas such as Manufacturing and Industrial Systems, Insurance Systems, and Finance. Our teams have more than 15 years experience, and are veterans in the adoption of flexible business systems based on the changing trends in IT. Our business concept is to provide software business solutions through a range of products and services to help you to make the best decision for your business requirements."
BCD Thailand has created an excellent site in support of their marketing push, and has recently sold WebSmart to The Siam Industrial Credit Public Company Ltd (SICCO). BCD International, Inc. is looking forward to a long and mutually profitable relationship with our new partner in this rapidly growing market.
For additional information about BCD Thailand please contact Krisada by email, or phone (66) 0-2939-5920.
|
|
 |
| 
| |
Introduction
When you install WebSmart and Clover an Apache HTTP server instance is installed. This instance, named WEBSMART, includes directives providing unfettered access to programs in the library XL_WEBAPPS (WebSmart's default object library). These directives look like this:
# Programs in directory /webapps use XL_WEBAPPS.
ScriptAliasMatch ^/webapps/(.*)\.pgm$ /QSYS.LIB/XL_WEBAPPS.LIB/$1.pgm
<Directory /QSYS.LIB/XL_WEBAPPS.LIB/>
Order Allow,Deny
Allow From All
</Directory>
These lines grant unrestricted access to programs in XL_WEBAPPS. Having just this, anyone with access to your server can theoretically execute any of your WebSmart CGI programs by typing in the right URL.
To impose user profile protection over the programs in the library XL_WEBAPPS, you could add protection directives similar to these:
<LocationMatch ^/webapps>
AuthType Basic
AuthName SecureArea
PasswdFile %%SYSTEM%%
UserID %%CLIENT%%
</LocationMatch>
With the addition of this block, any time someone attempts to run a program in XL_WEBAPPS they are presented with a challenge box requiring them to log on to the system using an iSeries user profile and password.
While this approach is relatively simple to implement, it's also simplistic in its execution, and any type of more complex grouping of authorities is very tricky to set up, technical issues aside (and we'll discuss those in more detail next month).
Consider the layers and complexity of authorities within your organization, and add to that the possibility that you may wish to allow other, new external users access to some applications and resources. Now think of setting all this up, using the rudimentary tools available via the server configuration. There's clearly a need for a better solution.
New Media, New Needs... and New Possibilities
In subsequent articles we will discuss a few of the more technical advantages of using Nexus to secure your site, as well as the ease-of-use factor that is important to your end users. But for the moment, let's just look at how easy it is to create multiple, complex layers of authorities and apply them to CGI applications.
Bringing your CGI Application Under Nexus Protections
The process of bringing your CGI application under the umbrella of Nexus group and user protections is simple:
1. You'll begin by adding ScriptAliasMatch directives in the Nexus Apache HTTP server configuration, which includes your Nexus site name, like so:
ScriptAliasMatch ^/nexus/webapps/(.*)\.pgm$ /QSYS.LIB/XL_WEBAPPS.LIB/$1.pgm
By adding our Nexus site name to this path, we let the server instance know that the Nexus site-level authorities can be applied to these requests. This is a one-time change; all further fine-tuning is done via Nexus directly, without requiring a restart of your server instance. Notice also that we haven't had to change our object libraries at all, we only had to adjusted the mapping used in the URL to get to the programs. Keep in mind however, that until the original server instance is stopped or changed, users will still be able to access programs that way.
2. The next step is to set up our Nexus group structure. For the applications we intend to put online, we have determined that we'll need to distinguish between the following types of users:
In the illustration above, we have created a new Nexus group (a 10 second process) for each set of users. For this example, our first objective is to grant the users in the group 'Residents' access to the programs in library XL_WEBAPPS where the program names begin with the letters 'RES'. Here is the link protection we would add:
This rule is of type Include, and it allows all members of the group named 'Residents' to access CGI programs in the path '/webapps/' that begin with the letters 'RES' and end with the extension '.pgm'. With this rule in place, we can easily manage the users in this group and any changes (members added or removed) are instantly applied.
3. After adding this first Link Protection we do need to add two more supporting entries. First of all, we need a second rule that sets a universal exclude for all programs in XL_WEBAPPS, followed by a final rule to allow our users to access all other unsecured site resources. In both of these cases, the rule is applied to the group called 'Everyone'.
Here is an illustration of our completed set of Link Protections:
In the next few issues of this newsletter we'll revisit this topic and examine other advantages to the Nexus authorities model. For more information on this topic, or to get a draft copy (PDF) of the new link protections tutorial chapter in the Nexus 3.3 guide, please contact Technical Support. The Nexus User Guide also includes extensive sections addressing group and user management, site design and login options.
Page Translation using JavaScript and Custom APIs
Do you have web pages where you need to display multiple languages? One of our developers recently created some programs where the users were able to click a button to toggle the language used in the form instructions and button text. The page was set up to initially display in English, with buttons to toggle the page content to Spanish or French:
We have created example programs illustrating a couple of different techniques that you can use to do this. The examples use the multi-language capabilities of a JavaScript function we have created called ESDIAPI.JS. This file (which has a sister file, ESDIFLASHOBJECT.JS) contains functions that you can use in your Web applications, making it very easy to encapsulate/instantiate the following otherwise complex JavaScript Web development techniques: AJAX, SmartCharts, Flash objects, cookie functions, encoding functions, attach event handlers and date functions.
For further information about these example programs, the two techniques used to switch the text, and our custom APIs, please log in to myBCDsoftware and go to the Developer Resources page. This technique can also readily be used for other situations that require being able to alternate between text variations on a page.
If you don't yet have a myBCDsoftware.com profile, you can request one online or drop us an email.
Nexus Tip: Enabling the Mocha Emulator's Auto-Login Feature
Among it's many portlet classes, Nexus includes a Mochasoft TN5250 Terminal Emulator portlet that, despite its usefulness, has been undeservedly languishing in a state of relative obscurity. We hope to here redress the lack of attention it has so far received!
What is the Mocha Terminal Emulation Portlet?
The Mocha terminal emulator allows you pop up an iSeries session from within the framework of your Nexus site. If you remember that Nexus is in turn accessed via a Web browser, what this means is that once you configure a terminal emulation session portlet and save your personal preferences, you can instantly (and securely) fire up an iSeries browser session from your office, home or yacht.
Here is an illustration of a terminal emulation portlet, unobtrusively placed on a Nexus ECM page just above the ECM navigator:
This portlet instance has been configured to open the session manually. When you click the spawn button, the portlet pops up a new window that instantly connects to the iSeries, and optionally logs you in.
Setting up the Auto-Login Option
The portlet has many selling points which you can read about in the Nexus User Guide and at the Mochasoft website. But let's focus for the moment on the auto-login feature. To illustrate this, we'll walk through the process of adding the terminal emulation portlet to our pages, and then point out the Auto-Login option. – Note that your Nexus profile needs to have site administrator authority to implement this feature. –
To begin, log in to Nexus and go to the page where you want to add your portlet. You can add either a manually loading session to an existing page (as illustrated above), or create a new page with an automatically loading window; it's just a matter of preference. At that page click the Edit My Pages link in the portal header, and when the page reload, click the Add Portlet option. Select the Terminal Emulation for iSeries Access portlet class and the *New Portlet option. Type a portlet name and description, and choose where on your page you want to place the instance.
At this point, your portlet instance will look something like this:
Click the Configure button (indicated above), and set the following Portlet Options:
- At the Advanced Options tab, select the Local Save check box.
- At the Connection tab, select the Auto Connect check box.
- Enter your Host (iSeries) IP address or Name.
- Select the Auto Login check box.
Then click the Apply and Close buttons to save your changes.
The next step is to click the spawn button to launch the session, and at the window presented, click the Menu button:
From the menu select the Auto-login menu option and enter your User ID and Password. Confirm that the “Enable Auto Login” check box is checked, and click OK to save your changes. Finally, select the Save Configuration menu item. Exit the portlet, and try re-launching it. This time it should fire up and immediately log you in.
And Now, For an Even Better Solution...
As we were going to press one of our developers shared his preferred way of setting this up: after configuring his portlet instance, he copied the URL of the window that pops up to a new ECM Favorites link. Now, regardless of where he is in Nexus, he can fire up a new session without first having to go to a page with the terminal emulation instance.
Nexus ships with a trial version of the Mochasoft emulator, and you can contact them directly to purchase an inexpensive site license. If you have any questions about this article, please drop Technical Support a note.
New Example Programs: PML Auto-Incrementing, Clover Filters
We have published a couple of new WebSmart example programs this month, adding to the more than 125 examples already available:
- Example 129 - Clover Graph and Filter Options. This example illustrates how you can create a Clover program that gives your users a choice of several different graph styles to display, as well as additional options for filtering your data, such as date ranges using popup calendars.
- Example 128 - Auto-incrementing a Key Value on Add. Example 128 is a program where we have added code in the PML to auto-increment a key value when you create new records.
If you have any questions about any of the examples posted, please drop a note to Technical Support.
Summary List of Recent Updates
ProGen Plus 9.02
A new ProGen Plus 9 install was prepared this month. ProGen Plus 9.02 includes new versions of your program shells.
For additional information on this and other updates, please visit the ProGen Plus Updates page.
File-Flash Plus 4.02
The following File-Flash Plus update was recently made available:
- FFP40011 - 2007/03/12 - A new command, FILDFT, has been added to the software. This allows you to alter your display defaults. The command is available from a command line, as well as from the GO FFPLUS menu.
Please visit the File-Flash Plus Updates page for further information on the available updates.
© 2007 ExcelSystems Software Development, Inc.
ProGen WebSmart and ProGen Plus are Registered Trademarks in the US and Canada, and Trademarks in all other countries.
|
 |
|
