Vitria businessware: storage and access security

In fact, businessware uses LDAP as a storage and security mechanism.

1. Storage Mechanism

All data that will not be modified during running, including various integrated models, process models, automatically generated code, metadata, configuration information during running, user password roles, etc, all stored in LDAP

Because it is not modified during runtime, you do not need to consider problems such as transaction.

Generally, the information can be modified in the following ways:

• BME, that is, the modeling environment of businessware

• WebAdmin console and businessware web management tools

• Vtadmin and businessware command line management tools

• LDAP management tools, after you are quite familiar with businessware, you can directly use the tools provided by the LDAP server to modify

Note: Data that needs to be modified during runtime, such as business flow object BPO and Data Object do, is stored in traditional relational databases.

　

2. Security Mechanism

The security mechanism mentioned here refers to the security when accessing businessware (businessware uses Transport Layer Security mechanisms such as SSL in addition to LDAP)

Businessware user information, including user name, password, role, and user group, are all mapped to the organizationunit (OU) in LDAP. Access Control and Permission allocation are also controlled by LDAP, you can only perform authorized operations, such as running businessware, starting the integration model, and managing and modifying configuration data.

　

3. Configure LDAP for businessware

Businessware uses an environment variable called "vtparams" to specify the configuration file of LDAP service information. This environment variable is usually in the following form:

File = "C:/progra ~ 1/Vitria/bw43/. vtparams"

There are several ways to configure the LDAP service for businessware

1. Use the businessware installation program, graphical or command line interface. After the installation program is completed, the. vtparams file is automatically generated and environment variables are configured.

2. The. vtparams file already exists. You can manually modify its content and configure the "vtparams" environment variable to point to the file.

3. Use the vtsetup utility (provided with businessware) with vtsetup. properties to configure LDAP Information

Fllowing is the script to set up bserv on LDAP: 1. Modify $ Vitria/data/install/vtsetup. Properties Server. Host = localhost Server. Port = 389 Server. Encryption = none Server. admin. DN = Cn/= Directory Manager Server. admin. Pwd = directory Server. namespace. basedn = Dc/= Vitria, DC/= AD, DC/= vitriacorp, DC/= com 2. Run "vtsetup add namespace-server-developer-user user123 passwd123-root sailing_bw" 3. Deploy projects: bwproject4.jar and vtafcommon. Jar

Vtsetup can also directly add users and namespaces:

You must specify the existingvtparamsFile as described below so that a new one can be created with the new users. 1, to add connect-as users: vtsetup add administrator -root -user User_name User_password -param Vtparams_file. Example: vtsetup add administrator -root bw43 -user bwadmin bwadmin -param bw43/data/install/vtpararms.txt 2, to add run-as users: vtsetup add administrator -root -admin Admin_name Admin_password -param Vtparams_file. Example: vtsetup add administrator -root bw43 -admin bwadmin bwadmin -param bw43/data/install/vtpararms.txt 3, to add a namespace on a shared Server: Vtsetup add namespace-ServerServer_type HOST: Port admin_password -user User Password -root Bw_root . Example: vtsetup add namespace -server sunone server1.company.com:389 bwadminpass -user bwuser bwuser -root server1_bw The following options are available for-server Parameter (LDAP server supported by businessware ): AD-Active Directory ADAM-Active Directory Application Mode Adunsafe- IBMDIR-IBM Directory Server IP50,IP51, IP52—Sun ONE Directory Server