MOVE-1: Progress Dynamics® on Steroids Anthony D Swindells Engineering Fellow.

MOVE-1: Progress Dynamics® on Steroids

Anthony D SwindellsEngineering Fellow

© 2006 Progress Software Corporation2MOVE-1 Progress Dynamics on Steroids

Agenda

Dynamics Roadmap Overview Dynamics as a Trusted Authentication

Domain Integrating OpenEdge Auditing OpenEdge Reference Architecture

Compliant Logic Achieving a Competitive UI

This presentation includes annotations with additional complementary information


D I S C L A I M E R

Under Development

This talk includes information about potential future products and/or product enhancements.

What I am going to say reflects our current thinking, but the information contained herein is preliminary and subject to change. Any future products we ultimately deliver may be materially different from what is described here.

D I S C L A I M E R


Progress Dynamics Today – a fresh look

Integral part of OpenEdge® Studio Development Environment

“In the box” Framework for rapid development of Stateless n-tier rich client GUI applications• Leverages ADM2 and ABL

Defined approach to UI development using Repository• Optional use of UI definitions at runtime

Managers to provide common infrastructure• Security, Context, Localization, Personalization, etc.

Productivity Tools for development and deployment

In a single slide!


Progress Dynamics Product Status

Fully supported, evolving and shipping as a part of OpenEdge Studio• Latest active version is 10.1A01• Upgrade path from 2.1B01 or 10.0B03 (via 10.1A)

Primary focus on stability and performance New features and functionality provided to Dynamics

by core OpenEdge platform capabilities Optional tools / framework support for new platform

capabilities where relevant• ProDataSet• XP manifest

Dynamics is alive and well!


Progress Dynamics Roadmap

Latest maintenance releases for previous versions• 10.0B04• 2.1B02• No current plans for additional service packs

Planned next major release 10.1B• Bug fixes• Dataview completeness (dynamic treeview, caching)• Deployment automation• int64 data-type support• Browse view-as support• Browse column sort indicator support• Support in OpenEdge Architect?

Functionality specific to Dynamics


Progress Dynamics Roadmap

A natural evolution

OpenEdge Core Platform

Dynamics Framework

ApplicationLogic


Framework

ApplicationLogic


Dynamics Framework

ApplicationLogic


Framework

ApplicationLogic


Moving Forward with Progress Dynamics

Excellent starting point for 10.1A feature adoption

Ho

st B

ased

CH

UI

C/S

GU

I (n

o A

DM

)

C/S

GU

I (A

DM

)

n-T

ier

GU

I (n

o A

DM

)

n-T

ier

GU

I (A

DM

)

Dyn

amic

s

Starting Point

Re

lativ

e E

ffort

More

Less Ho

st B

ased

CH

UI

C/S

GU

I (n

o A

DM

)

C/S

GU

I (A

DM

)

n-T

ier

GU

I (n

o A

DM

)

n-T

ier

GU

I (A

DM

)

Dyn

amic

s

Starting Point

Re

lativ

e E

ffort

Ho

st B

ased

CH

UI

C/S

GU

I (n

o A

DM

)

C/S

GU

I (A

DM

)

n-T

ier

GU

I (n

o A

DM

)

n-T

ier

GU

I (A

DM

)

Dyn

amic

s

Starting Point

Re

lativ

e E

ffort

More

Less


Moving forward with Progress Dynamics

Take advantage of core platform capabilities• Enhanced security

• Secure and non-repudiable audit trails

• OERA compliant logic through DataViews and ProDataSets

• Modern XP look and feel

• Object Orientated Language Extensions

• OpenEdge Architect

Steroid Prescription: OpenEdge 10.1A

Upgrade to the latest release of 10.1A01


Agenda





Dynamics as a Trusted Authentication Domain

Register Dynamics as a “Trusted Authentication System”

Automate maintenance of default “Dynamics Application Domain”

Assert Dynamics user as identity for OpenEdge Auditing and DB Security• Leverage existing Context Manager

Support re-authentication functionality Ensure clean session shutdown

The Goals


Adopting New 10.1A Security Core Services

CLIENT-PRINCIPAL handle (ghCP)• ghCP:SEAL (your-domain-password)• rawVar = ghCP:EXPORT-PRINCIPAL ()• ghCP:IMPORT-PRINCIPAL (rawVar)• ghCP:LOGOUT ()

Trusted Domain Registry Runtime Permission Checking Option

SECURITY-POLICY:• REGISTER-DOMAIN• LOCK-REGISTRATION• SET-CLIENT (ghCP)

Co

mm

on

Infrastru

cture



Upgrade ICFDB to 10.1A Add Type II Storage Areas for Auditing

• prostrct add ICFDB addaudit.st

Enable Auditing

Preparation

d "Audit_Data":20,32;512 . f 40960

d "Audit_Data":20,32;512 .

d "Audit_Index":21,1;64 . f 5120

d "Audit_Index":21,1;64 .

proutil ICFDB -C enableauditing area “Audit_Data” indexarea “Audit_Index” [deactivateidx]



Preparation


Client

ProcessesContext

Data

Application Server

Login Credentials Create CLIENT-PRINCIPAL

EXPORT

Session-id

Session-idRetrieve

CLIENT-PRINCIPAL IMPORTReset User identity

Logout requestSession-id

Retrieve CLIENT-PRINCIPAL

hCp:LOGOUT

IMPORT

Application ServerShutdown

Purge

Asserting the Trusted User Identity (who)

Re-establishing identity

ContextSub-system


Customize Dynamics Framework to adopt new Security Core Services

PROCEDURE establishSession• For Appserver roundtrips via as_activate.p

FUNCTION setPropertyList (currentuserlogin)• At session startup and user re-logon

Intercept session activity that changes the user identity

Modify Session Manager af/app/afsesmngrp.i

RUN assertUserIdentity in Security Manager (see next slide)


Customize Dynamics Framework to adopt new Security Core Services

1. Define global variables for trusted domain and register via new setupTrustedDomain

2. Setup global handle for CLIENT-PRINCIPAL

3. Subscribe to session shutdown to cleanly logout user via new ICFCFM_StartSessionShutdown and new logoutUserIdentity (proxy af/app/afseclogoutp.p)

4. Add new PROCEDURE assertUserIdentity called when user changes

5. Add new FUNCTION getClientPrincipal to expose object

Manage CLIENT-PRINCIPAL in Security Manager

Modify Security Manager af/app/afsecmngrp.i


Dynamics Field Security

Setup DB field CAN-* permissions using Data Administration• Use Dynamics user id’s

Always checked• Non-Dynamics

Access

Use Combined

approach for

maximum security

and flexibility

Enhance Security with DB Runtime Permission Checking


Agenda





Existing Dynamics Auditing4G

L C

lien

t

EntityMaintenance

Application Code

ICFDB

SchemaTriggers

gst_audit

af/app/afauditlgp.p

Entity SDOAP

I

gsc_entity_mnemonic

Ses

sion

Man

ager

(cu

rren

t u

ser,

etc

.)

Gen

eric

Au

dit

Dat

a Q

uer

y T

ools

AuditReport


To Auditing in OpenEdge 10.1AA

BL

Clie

nt

Database Tools and Utilities

Open Tools

Audit Policy Tools (APMT)

Application Code

SQ

L C

lien

t

Application Code

Audit Data A

pp

lica

tio

n

Dat

a

Policy Data

App DB

Audit Data

Archive DB

Audit EventSubsystem

Dat

abas

e

Inte

rnal

Ap

pli

cati

on

Sec

uri

ty S

ub

syst

emAudit Data Subsystem

Audit Policy SubsystemA

PI

ArchiveDaemon A

rch

ivin

g S

ub

syst

em

Rep

ort

ing

Su

bsy

stem

AuditReport

OfflineAuditData


Customize Dynamics Framework to adopt new Auditing Core Service

Leverage new OpenEdge Auditing• Satisfy Regulatory Compliance

• Guarantee non-repudiation

• Improve security

• Improve performance

• Improve scalability

• Leverage application auditing for framework events (in addition to DB events)

The Goals

Retain existing Dynamics Auditing as an option



Upgraded ICDFB to 10.1AEnabled OpenEdge AuditingSetup new Security OptionsRegistered Dynamics as a Trusted

Authentication SystemModified framework code to assert Dynamics

user as trusted identity to use for Auditing

We are part of the way there already…



Define Audit Permissions



Leverage shipped Audit Policy Maintenance Tool auditing/_apmt.p• Run from outside of Dynamics application due

to ADM2 customizations• Beware audit permissions – run via new

auditing/setclient.w to do a SET-CLIENT• Alternatively use APMT public API…

Load shipped policies auditing/policies.xml Define custom Dynamics events and policies Deploy custom Dynamics audit policies

Administer Audit Policies


Disable Existing Dynamics Auditing and Check Key Fields

Audit Enabled Flag

Ensure key fields match audit policy


Imported Shipped Audit Policies / Define Dynamics Audit Policies

Import shipped policies

auditing/setclient.w

Import sample Dynamics policies


Add New Product & Module for Auditing Objects


Register New Auditing Manager in Repository

auditing/audmngrclntp.p and auditing/audmngrservp.p

Client

Version

Server

Version


Add New Auditing Manager Type to All Sessions


Modify Session Startup

Modify ICFCFM_InitializedServices to create the AUDIT-DB alias for ICFDB• Used to prefix any _aud* table references in

code

• Used to compile sample Audit Data Access Object

Modify Startup Procedure dynamics/icfstart.p


Add Application Audit Events

checkUser in af/app/afsecmngrp.i

launchProcedure in af/app/afsesmngrp.i

launchContainer in af/app/afsesmngrp.i


Ensure Audit Toolbar Button is always Enabled

Delete the AuditEnabled

check


Modify all CAN-FINDs on gst_audit to use APIs in new Audit Manager• checkAuditDataExists• checkAuditDataForTable

PROCEDURE cacheEntityMapping• Called from cacheEntity

• PROXY af\app\afgencchentmapp.i

• PROXY af\app\afgencchentmapp.p

Modify General Manager Audit Data Checks

Fix Audit Filter Tick Checking

Modify General Manager af/app/afgenmngrp.i

PROCEDURE getRecordUserProp• Called from src/adm2/entityfields.i used in

adm2/query.p for transferDBRow and transferRowsFromDB


Replace Audit Data Query Window

Integrate new Dynamics Query Window for Auditing dynauditquery

1.Register new object into repository

2.Add to transaction menu ICFAF-Tran Modify adm2/datavis.p PROCEDURE toolbar

• WHEN 'Audit':U THEN runs launchcontainer for gstadobjcw

– change to launch dynauditquery


Add Audit Data Query Window to Menu


Add Audit Application Events &Optionally Migrate existing Audit Data

Optionally• Set / clear audit context at appropriate points• Insert application events as required, e.g.

– launchContainer in Session Manager

– launchProcedure in SessionManager– sessionShutdown in Config Manager– Etc.

Optionally write migration for old audit data• See sample auditing/migrateaudit.p


Let’s see all this in Action


Agenda





Monolithic data provider

ADM2 & OpenEdge Reference Architecture

SmartDataObject

• Presentation logic

• Business logic

• Data access logic

PresentationPresentation

Business ServicesBusiness Services

Data AccessData Access

Data SourcesData Sources

Co

mm

on

Infrastru

cture

Co

mm

on

Infrastru

cture

Enterprise ServicesEnterprise ServicesADM2 UI Sm

art D

ata

Ob

ject


Service Interface

Introducing the new DataView

Service Interface

Data container

Dataset

Temp-table

Temp-tableSmartWindow

VisualObjects

DataView

SmartWindow Service Adapter

Business Entities Business Tasks Business Workflow

ADM Dataset Object


OERA compliant logic with a Dynamics GUI

1. Implement Service Adapter adm2/serviceadapter.p• retrieveData • submitData

2. Develop Business Entities and Data Access Objects• Use OpenEdge Architect T4BL• Optionally migrate existing logic from SDOs

3. Build viewers and browsers4. Build Window

• Add Dynamic DataView object (in place of SDO)– Specify BusinessEntity property– Specify DataTable property

• Add visual objects and create links as usual

The Steps


New OERA Compliant Audit Query Window

Provided sample service adapter / client proxy implementation• adm2/serviceadapter.p

Provided sample server gateway• auditing/proSIgateway.p

Provided Audit Data DataSet (plus supporting temp-table includes)• auditing/ds_aud-audit-data.i

Provided Business Entity (BE) and Data Access Object (DAO) to query audit data• auditing/beauditdata.p• auditing/da_aud-audit-data2.p

Uses sample CLASS to manipulate query in DAO• ADMClass\DSQueryString.cls

Dynamic Object: DynAuditQuery


Agenda





Use Case: Achieving a competitive UI

Use XP manifest Review colors / icons Use left-align labels Implement MDI ActiveX container / menu Replace dynamic objects with ActiveX’s e.g. new grid

control• Codejock ActiveX Controls

See PSDN for more details• http://www.psdn.com/library/entry.jspa?externalID

=1244&categoryID=77

The Steps

http://www.psdn.com/library/entry.jspa?externalID=1244&categoryID=77




Use Case: Achieving a competitive UI


Connecting OERA compliant logic with a Competitive Dynamics GUI


In Summary

Dynamics is still alive and well• Existing users well positioned to adopt new

10.x functionality• No requirement to do anything

Upgrade to the latest release 10.1A01• Achieve a competitive UI• Move to OERA compliant logic• Leverage secure non-repudiable audit trails• Leverage new security capabilities• Leverage OpenEdge Architect• Leverage OO extensions to ABL

OpenEdge 10.1A provides the Steroids!


Relevant Exchange Sessions

DB-4: Who does What and When regarding Auditing?

DEV-4: Extending Progress Dynamics DEV-17: Effective Design and Deployment of OpenEdge

Audit Policies

MOVE-5: Improving the look and feel of your Application MOVE-9: Audit enable your application the easy way MOVE-14: Migrating Your Authentication System to

OpenEdge 10.1A and Beyond MOVE-15: Leveraging Business Entities, Data Access

Objects and ProDataSets with a Progress Dynamics or ADM2 GUI

Where to get more detail


Questions?


Thank you foryour time

Bonus Slides for Reference Only

Not part of actual presentation – included to help explain how to use sample code referenced in the presentation


Notes about Demo Code

Code is sample only and is incomplete• shortcuts taken for simplicity (but commented)

Does not cater fully for internationalization, e.g. assumes American format in some places

Sample serviceadapter.p is massively simplified and only caters for AuditData Business Entity

There is no support for batching implemented Code assumes Dynamics 10.1A01 Customizations are made in actual Dynamics and

ADM2 source rather than in custom supers for simplicity – issues for future upgrades

Code makes use of 10.1A01 core functionality, e.g. OOABL.


Using the Demo Code

Unzip contents of auditdemo.zip into your working directory• Be sure to keep folder names

Need to add additional PROPATH entries• dynui\src• dynui\src\adm2• dynui\src\dynamics

Audit enable ICFDB and any application databases as explained in slides

Load audit policies as explained in slides Load sample ADO’s using dataset import – see next

slide Regenerate your icfconfig.xml to include the new

Audit Manager in all Dynamics sessions


Using the Demo CodeImporting the sample ADO files


REFERENCE: Other ADM2 Customizations

Fix limitation preventing containers with dataviews being run from non dataview containers

Fix will be part of a future service pack / release of ADM2

Modified Container Super adm2/containr.p

FUNCTION getRequestHandle



Get Dynamics / ADM2 windows to dock into the Appbuilder perspective when launched from inside OpenEdge Architect• NB: Also need to bootstrap Dynamics session

when open a project in OpenEdge Architect– For now can be done by manually running

icfstart.p from the Appbuilder perspective OR– Adding RUN icfstart.p to _idestartup.p and

ensure it is in your project PROPATH

Modified Container Super adm2/containr.p

FUNCTION initializeVisualContainer



To support passing application data from contained objects through to business entity using application context• Need to link objects from the dataview with a link type

of appcontext

• Add internal procedure to object called getApplicationContext that outputs a single character string

• Delimit context values in string with CHR(7) and CHR(8), e.g.

name + CHR(7) + value + CHR(8) …

Modified DataView Super adm2/dataview.p

FUNCTION obtainContextForServer

MOVE-1: Progress Dynamics® on Steroids Anthony D Swindells Engineering Fellow.

Documents

Transcript of MOVE-1: Progress Dynamics® on Steroids Anthony D Swindells Engineering Fellow.