Title: MOVE-1: Progress Dynamics
1MOVE-1 Progress Dynamics on Steroids
Anthony D Swindells
Engineering Fellow
2Agenda
- Dynamics Roadmap Overview
- Dynamics as a Trusted Authentication Domain
- Integrating OpenEdge Auditing
- OpenEdge Reference Architecture Compliant Logic
- Achieving a Competitive UI
This presentation includes annotations with
additional complementary information
3Under Development
- This talk includes information about potential
future products and/or product enhancements. - What I am going to say reflects our current
thinking, but the information contained herein is
preliminary and subject to change. Any future
products we ultimately deliver may be materially
different from what is described here.
4Progress Dynamics Today a fresh look
In a single slide!
- Integral part of OpenEdge Studio Development
Environment - In the box Framework for rapid development of
Stateless n-tier rich client GUI applications - Leverages ADM2 and ABL
- Defined approach to UI development using
Repository - Optional use of UI definitions at runtime
- Managers to provide common infrastructure
- Security, Context, Localization, Personalization,
etc. - Productivity Tools for development and deployment
5Progress Dynamics Product Status
Dynamics is alive and well!
- Fully supported, evolving and shipping as a part
of OpenEdge Studio - Latest active version is 10.1A01
- Upgrade path from 2.1B01 or 10.0B03 (via 10.1A)
- Primary focus on stability and performance
- New features and functionality provided to
Dynamics by core OpenEdge platform capabilities - Optional tools / framework support for new
platform capabilities where relevant - ProDataSet
- XP manifest
6Progress Dynamics Roadmap
Functionality specific to Dynamics
- Latest maintenance releases for previous versions
- 10.0B04
- 2.1B02
- No current plans for additional service packs
- Planned next major release 10.1B
- Bug fixes
- Dataview completeness (dynamic treeview, caching)
- Deployment automation
- int64 data-type support
- Browse view-as support
- Browse column sort indicator support
- Support in OpenEdge Architect?
7Progress Dynamics Roadmap
A natural evolution
8Moving Forward with Progress Dynamics
Excellent starting point for 10.1A feature
adoption
9Moving forward with Progress Dynamics
Steroid Prescription OpenEdge 10.1A
- Take advantage of core platform capabilities
- Enhanced security
- Secure and non-repudiable audit trails
- OERA compliant logic through DataViews and
ProDataSets - Modern XP look and feel
- Object Orientated Language Extensions
- OpenEdge Architect
Upgrade to the latest release of 10.1A01
10Agenda
- Dynamics Roadmap Overview
- Dynamics as a Trusted Authentication Domain
- Integrating OpenEdge Auditing
- OpenEdge Reference Architecture Compliant Logic
- Achieving a Competitive UI
11Dynamics as a Trusted Authentication Domain
The Goals
- Register Dynamics as a
- Trusted Authentication System
- Automate maintenance of default
- Dynamics Application Domain
- Assert Dynamics user as identity for OpenEdge
Auditing and DB Security - Leverage existing Context Manager
- Support re-authentication functionality
- Ensure clean session shutdown
12Adopting New 10.1A Security Core Services
- CLIENT-PRINCIPAL handle (ghCP)
- ghCPSEAL (your-domain-password)
- rawVar ghCPEXPORT-PRINCIPAL ()
- ghCPIMPORT-PRINCIPAL (rawVar)
- ghCPLOGOUT ()
- Trusted Domain Registry
- Runtime Permission Checking Option
- SECURITY-POLICY
- REGISTER-DOMAIN
- LOCK-REGISTRATION
- SET-CLIENT (ghCP)
Common Infrastructure
13Dynamics as a Trusted Authentication Domain
Preparation
- Upgrade ICFDB to 10.1A
- Add Type II Storage Areas for Auditing
- prostrct add ICFDB addaudit.st
- Enable Auditing
d "Audit_Data"20,32512 . f 40960 d
"Audit_Data"20,32512 . d "Audit_Index"21,164
. f 5120 d "Audit_Index"21,164 .
proutil ICFDB -C enableauditing area Audit_Data
indexarea Audit_Index deactivateidx
14Dynamics as a Trusted Authentication Domain
Preparation
15Asserting the Trusted User Identity (who)
Re-establishing identity
Client Processes
Application Server
Create CLIENT-PRINCIPAL
Retrieve CLIENT-PRINCIPAL
ContextData
Reset User identity
Retrieve CLIENT-PRINCIPAL
Context Sub-system
hCpLOGOUT
Application ServerShutdown
16Customize Dynamics Framework to adopt new
Security Core Services
Intercept session activity that changes the user
identity
- PROCEDURE establishSession
- For Appserver roundtrips via as_activate.p
- FUNCTION setPropertyList (currentuserlogin)
- At session startup and user re-logon
- RUN assertUserIdentity in Security Manager (see
next slide)
Modify Session Manager af/app/afsesmngrp.i
17Customize Dynamics Framework to adopt new
Security Core Services
Manage CLIENT-PRINCIPAL in Security Manager
- Define global variables for trusted domain and
register via new setupTrustedDomain - Setup global handle for CLIENT-PRINCIPAL
- Subscribe to session shutdown to cleanly logout
user via new ICFCFM_StartSessionShutdown and new
logoutUserIdentity (proxy af/app/afseclogoutp.p) - Add new PROCEDURE assertUserIdentity called when
user changes - Add new FUNCTION getClientPrincipal to expose
object
Modify Security Manager af/app/afsecmngrp.i
18Dynamics Field Security
Enhance Security with DB Runtime Permission
Checking
- Setup DB field CAN- permissions using Data
Administration - Use Dynamics user ids
- Always checked
- Non-Dynamics
- Access
- Use Combined
- approach for
- maximum security
- and flexibility
19Agenda
- Dynamics Roadmap Overview
- Dynamics as a Trusted Authentication Domain
- Integrating OpenEdge Auditing
- OpenEdge Reference Architecture Compliant Logic
- Achieving a Competitive UI
20Existing Dynamics Auditing
Entity Maintenance
API
ICFDB
gsc_entity_ mnemonic
Schema Triggers
af/app/ afauditlgp.p
4GL Client
Application Code
gst_audit
Session Manager (current user, etc.)
Generic Audit Data Query Tools
AuditReport
21To Auditing in OpenEdge 10.1A
Audit Policy Subsystem
API
App DB
Policy Data
Audit Event Subsystem
Audit Data Subsystem
Application Data
Audit Data
Security Subsystem
Database
Internal
Application
Archive DB
Application Code
Archiving Subsystem
Reporting Subsystem
Archive Daemon
SQL Client
Audit Data
OfflineAuditData
AuditReport
22Customize Dynamics Framework to adopt new
Auditing Core Service
The Goals
- Leverage new OpenEdge Auditing
- Satisfy Regulatory Compliance
- Guarantee non-repudiation
- Improve security
- Improve performance
- Improve scalability
- Leverage application auditing for framework
events (in addition to DB events)
Retain existing Dynamics Auditing as an option
23Customize Dynamics Framework to adopt new
Auditing Core Service
We are part of the way there already
- Upgraded ICDFB to 10.1A
- Enabled OpenEdge Auditing
- Setup new Security Options
- Registered Dynamics as a Trusted Authentication
System - Modified framework code to assert Dynamics user
as trusted identity to use for Auditing
24Customize Dynamics Framework to adopt new
Auditing Core Service
Define Audit Permissions
25Customize Dynamics Framework to adopt new
Auditing Core Service
Administer Audit Policies
- Leverage shipped Audit Policy Maintenance Tool
auditing/_apmt.p - Run from outside of Dynamics application due to
ADM2 customizations - Beware audit permissions run via new
auditing/setclient.w to do a SET-CLIENT - Alternatively use APMT public API
- Load shipped policies auditing/policies.xml
- Define custom Dynamics events and policies
- Deploy custom Dynamics audit policies
26Disable Existing Dynamics Auditing and Check Key
Fields
Ensure key fields match audit policy
Audit Enabled Flag
27Imported Shipped Audit Policies / Define
Dynamics Audit Policies
auditing/setclient.w
Import shipped policies
Import sample Dynamics policies
28Add New Product Module for Auditing Objects
29Register New Auditing Manager in Repository
auditing/audmngrclntp.p and auditing/audmngrservp.
p
Client Version
Server Version
30Add New Auditing Manager Type to All Sessions
31Modify Session Startup
- Modify ICFCFM_InitializedServices to create the
AUDIT-DB alias for ICFDB - Used to prefix any _aud table references in code
- Used to compile sample Audit Data Access Object
Modify Startup Procedure dynamics/icfstart.p
32Add Application Audit Events
checkUser in af/app/afsecmngrp.i
launchProcedure in af/app/afsesmngrp.i
launchContainer in af/app/afsesmngrp.i
33Manage Application Context
Sample scoping to UI Container (ADM2)
- PROCEDURE initializeVisualContainer
- Set Application Context
- PROCEDURE destroyObject
- Clear Application Context
- Each runs af/app/auditcontextp.p on Appserver if
no local ICFDB
Modify adm2/containr.p
34Ensure Audit Toolbar Button is always Enabled
Delete the AuditEnabled check
35Modify General Manager Audit Data Checks
Fix Audit Filter Tick Checking ?
- Modify all CAN-FINDs on gst_audit to use APIs in
new Audit Manager - checkAuditDataExists
- checkAuditDataForTable
- PROCEDURE cacheEntityMapping
- Called from cacheEntity
- PROXY af\app\afgencchentmapp.i
- PROXY af\app\afgencchentmapp.p
- PROCEDURE getRecordUserProp
- Called from src/adm2/entityfields.i used in
adm2/query.p for transferDBRow and
transferRowsFromDB
Modify General Manager af/app/afgenmngrp.i
36Replace Audit Data Query Window
- Integrate new Dynamics Query Window for Auditing
dynauditquery - Register new object into repository
- Add to transaction menu ICFAF-Tran
- Modify adm2/datavis.p PROCEDURE toolbar
- WHEN 'Audit'U THEN runs launchcontainer for
gstadobjcw - change to launch dynauditquery
37Add Audit Data Query Window to Menu
38Add Audit Application Events Optionally Migrate
existing Audit Data
- Optionally
- Set / clear audit context at appropriate points
- Insert application events as required, e.g.
- launchContainer in Session Manager
- launchProcedure in SessionManager
- sessionShutdown in Config Manager
- Etc.
- Optionally write migration for old audit data
- See sample auditing/migrateaudit.p
39Lets see all this in Action
40Agenda
- Dynamics Roadmap Overview
- Dynamics as a Trusted Authentication Domain
- Integrating OpenEdge Auditing
- OpenEdge Reference Architecture Compliant Logic
- Achieving a Competitive UI
41ADM2 OpenEdge Reference Architecture
- SmartDataObject
- Presentation logic
- Business logic
- Data access logic
ADM2 UI
Smart Data Object
Presentation
Enterprise Services
Business Services
Common Infrastructure
Data Access
Data Sources
Monolithic data provider
42Introducing the new DataView
SmartWindow
VisualObjects
DataView
Data container
Dataset
Temp-table
ADM Dataset Object
Temp-table
SmartWindow
Service Adapter
Service Interface
Service Interface
Business Entities
Business Tasks
Business Workflow
43OERA compliant logic with a Dynamics GUI
The Steps
- Implement Service Adapter adm2/serviceadapter.p
- retrieveData
- submitData
- Develop Business Entities and Data Access Objects
- Use OpenEdge Architect T4BL
- Optionally migrate existing logic from SDOs
- Build viewers and browsers
- Build Window
- Add Dynamic DataView object (in place of SDO)
- Specify BusinessEntity property
- Specify DataTable property
- Add visual objects and create links as usual
44New OERA Compliant Audit Query Window
Dynamic Object DynAuditQuery
- Provided sample service adapter / client proxy
implementation - adm2/serviceadapter.p
- Provided sample server gateway
- auditing/proSIgateway.p
- Provided Audit Data DataSet (plus supporting
temp-table includes) - auditing/ds_aud-audit-data.i
- Provided Business Entity (BE) and Data Access
Object (DAO) to query audit data - auditing/beauditdata.p
- auditing/da_aud-audit-data2.p
- Uses sample CLASS to manipulate query in DAO
- ADMClass\DSQueryString.cls
45Moving to Session Free Appserver (statefree)
Longer Term (no sample code provided yet)
- No automatic CLIENT-CONNECTION-ID and
SERVER-CONNECTION-ID matching - Must supply Session ID with EVERY request
- From client use a GUID for the Session ID
- Modified ry/app/rysessnidp.p and
af/sup2/afsessnidp.p to use new GUID rather than
seq_session_id - Push client session info into context DB at time
of authentication keyed on above Session ID - Implement re-establishing session in Service
Interface rather than as_activate.p using
passed in Session ID - Push correct session ID into gscSessionId so rest
of code works as is.
46Agenda
- Dynamics Roadmap Overview
- Dynamics as a Trusted Authentication Domain
- Integrating OpenEdge Auditing
- OpenEdge Reference Architecture Compliant Logic
- Achieving a Competitive UI
47Use Case Achieving a competitive UI
The Steps
- Use XP manifest
- Review colors / icons
- Use left-align labels
- Implement MDI ActiveX container / menu
- Replace dynamic objects with ActiveXs e.g. new
grid control - Codejock ActiveX Controls
- See PSDN for more details
- http//www.psdn.com/library/entry.jspa?externalID
1244categoryID77
48Use Case Achieving a competitive UI
49Connecting OERA compliant logic with a
Competitive Dynamics GUI
50In Summary
OpenEdge 10.1A provides the Steroids!
- Dynamics is still alive and well
- Existing users well positioned to adopt new 10.x
functionality - No requirement to do anything
- Upgrade to the latest release 10.1A01
- Achieve a competitive UI
- Move to OERA compliant logic
- Leverage secure non-repudiable audit trails
- Leverage new security capabilities
- Leverage OpenEdge Architect
- Leverage OO extensions to ABL
51Relevant Exchange Sessions
Where to get more detail
- DB-4 Who does What and When regarding Auditing?
- DEV-4 Extending Progress Dynamics
- DEV-17 Effective Design and Deployment of
OpenEdge Audit Policies - MOVE-5 Improving the look and feel of your
Application - MOVE-9 Audit enable your application the easy
way - MOVE-14 Migrating Your Authentication System to
OpenEdge 10.1A and Beyond - MOVE-15 Leveraging Business Entities, Data
Access Objects and ProDataSets with a Progress
Dynamics or ADM2 GUI
52Questions?
53Thank you foryour time
54(No Transcript)
55Bonus Slides for Reference Only
- Not part of actual presentation included to
help explain how to use sample code referenced in
the presentation
56Notes about Demo Code
- Code is sample only and is incomplete
- shortcuts taken for simplicity (but commented)
- Does not cater fully for internationalization,
e.g. assumes American format in some places - Sample serviceadapter.p is massively simplified
and only caters for AuditData Business Entity - There is no support for batching implemented
- Code assumes Dynamics 10.1A01
- Customizations are made in actual Dynamics and
ADM2 source rather than in custom supers for
simplicity issues for future upgrades - Code makes use of 10.1A01 core functionality,
e.g. OOABL.
57Using the Demo Code
- Unzip contents of auditdemo.zip into your working
directory - Be sure to keep folder names
- Need to add additional PROPATH entries
- dynui\src
- dynui\src\adm2
- dynui\src\dynamics
- Audit enable ICFDB and any application databases
as explained in slides - Load audit policies as explained in slides
- Load sample ADOs using dataset import see next
slide - Regenerate your icfconfig.xml to include the new
Audit Manager in all Dynamics sessions
58Using the Demo CodeImporting the sample ADO files
59REFERENCE Other ADM2 Customizations
FUNCTION getRequestHandle
- Fix limitation preventing containers with
dataviews being run from non dataview containers - Fix will be part of a future service pack /
release of ADM2
Modified Container Super adm2/containr.p
60REFERENCE Other ADM2 Customizations
FUNCTION initializeVisualContainer
- Get Dynamics / ADM2 windows to dock into the
Appbuilder perspective when launched from inside
OpenEdge Architect - NB Also need to bootstrap Dynamics session when
open a project in OpenEdge Architect - For now can be done by manually running
icfstart.p from the Appbuilder perspective OR - Adding RUN icfstart.p to _idestartup.p and ensure
it is in your project PROPATH
Modified Container Super adm2/containr.p
61REFERENCE Other ADM2 Customizations
FUNCTION obtainContextForServer
- To support passing application data from
contained objects through to business entity
using application context - Need to link objects from the dataview with a
link type of appcontext - Add internal procedure to object called
getApplicationContext that outputs a single
character string - Delimit context values in string with CHR(7) and
CHR(8), e.g. - name CHR(7) value CHR(8)
Modified DataView Super adm2/dataview.p