New XI Security in Service pack 08052009 for Ebase V3.4.0

Check for important announcements such as version, service packs and patch releases, event dates, etc

Moderators: Dave, Jon, Steve, Ian, civanderputt

Posts: 184
Joined: Tue Sep 11, 2007 8:58 am

New XI Security in Service pack 08052009 for Ebase V3.4.0


Postby Hovik » Tue May 19, 2009 3:59 pm

Service pack 08052009 for Ebase V3.4.0 includes a new security component called XI Security, which makes it much easier to implement security on an Ebase system, particularly when security data is held externally e.g. Active Directory. XI Security allows you to implement the logic of authenticating users and performing workflow assignment using FPL scripts. Up until now, this had to be implemented using pluggable system exits written in Java.

XI Security works by calling System Services. These are new entities that you will see in the designer tree, and they are very similar to existing integration services. The main difference is that System Services are always available and do not require a separate licence for the Integration Server component. This service pack introduces support for System Services in general and includes two services:

Authentication: this service returns a validated userid, and can optionally associate additional information with the user e.g. roles and user credentials. This additional information can be used by forms executed by the user for security authorization checks or for any other purposes e.g. you could use this to get a user’s email etc. This information can also be used by the Workflow Assignment system service. Input to the system service can be a userid/password entered by the user, or it can be any other piece of information that can be extracted from the input request e.g. you can extract information from a URL parameter, a request header variable or a cookie. This can be useful when implementing single sign-on solutions or automated signon using domain userids.

Workflow Assignment: this supports assignment of workflow tasks based on combinations of roles, credentials and named users. These assignment criteria can be mixed in different combinations. It also supports dynamic assignment e.g. you can decide at runtime which role is required.

Both the system services are very flexible and should be able to support the vast majority of requirements. They have been designed to work together, but can also be used separately.

For more information, download the 08052009 service pack and see the XISecurity Readme file.
0 x

Who is online

Users browsing this forum: No registered users and 1 guest