Moving 2E to the Web - in a Straightforward and Secure manner using AllFusion® Plex and Websydian

watermelonroachdaleInternet and Web Development

Jul 30, 2012 (5 years and 18 days ago)

220 views

Moving 2E to the Web

-

in a Straightforward and Secure
manner using AllFusion
®

Plex and
Websydian


Ole Høegh Hansen, Director of Development

Websydian A/S

Denmark

Session
3J


Session Abstract


Learn how AllFusion Plex and Websydian can
extend your AllFusion 2E applications with
cutting
-
edge secure e
-
Business.

Websydian A/S


Founded in 1985


Headquarters in Copenhagen, Denmark


100% dedicated to Model
-
Based
Development


Worked with AllFusion 2E since 1989


Worked with AllFusion Plex since 1994

Websydian A/S


E
-
Business Tool Vendor


Websydian


Released the first version of Websydian in 1998


Websydian has now more than 200 customers in more than
30 countries and is still growing


CA and Websydian A/S are strategic partners in
delivering complete solutions to the Enterprise since
2001. The goal is to handle the challenge of quickly
and reliably developing robust and secure Web,
Wireless and Web Service Applications for the
Enterprise


AllFusion Plex and Websydian target the Java,
Windows, i5 (the former AS400) platforms

Websydian’s mission




“To develop and market innovative
products and services, which enable
customers to realize market
-
leading
value in their transactional business
processes utilizing I
-
technologies”


Speaker Bio

Ole Høegh Hansen

Websydian A/S

Director, Development

M.Sc. in Computer Science

Ten years of hands
-
on experience
planning and developing E
-
Business applications

Presenter at Edge Europe and US
2002
-
2004, CA World 2003,
2004



Agenda


What is Websydian


Websydian security


Reliable, scalable and flexible


Web services


WebSphere/J2EE


Integrating AllFusion Plex and AllFusion
2E


Learning a new tool

What is Websydian

WEBSYDIAN Enterprise functionality

Websydian
Architecture

Individual
Desktop
User

Web +
WebShop
Developer

Individual
Mobile
User

Wireless
Developer


Corporate
Business
Partner

TransacXML

Developer


Customized Solutions at Predictable Prices


e
-
Business solutions based on proven

pattern
technology



Patterns can be adjusted as much as necessary


Patterns encapsulates typical needed behaviour.
Adjustments are only needed where solutions differ!


All Patterns are constructed for full integration with
existing applications
-

across platforms!


All patterns are born with full security, scalability and
performance


When developing web
-
applications, the
developer needs Patterns that for instance:

-
Displays a page with information to the user

-
Displays a page with a list of data to the user

-
Updates data on the server at user’s

request

-
Handles Security when data is sent to the Internet

-
Handles Company design style

…and many others


-
Standard operations can be adjusted to specific
business needs

Web
-
enabling and Patterns

Websydian Patterns Example

1.

Inherit from
WebEditDialog pattern

2.

Creates list, insert and
update pages

Websydian User Management Patterns


Many web sites allow web users to create their
own accounts


Creating hundreds of user accounts on the IBM
eServer i5 for Internet users poses a significant
security challenge


Websydian provides complete toolset for secure
management of Internet users


Websydian provides Internet user profiles
independent of IBM eServer i5 user accounts

Login and “change password”
-
screens


ready to use


Complete ready
-
to
-
use user management
with customizable user attributes

Websydian Session Management


Websydian session management patterns
provide full
-
featured secure session
functionality


Runs as IBM eServer i5 batch processes
-

saving expensive interactive sessions


Multiple web sessions share IBM eServer
i5 batch sessions for efficient resource
utilization


Session module provides high security and
detailed log files


AllFusion 2E/Websydian Customer Example

All Data Fetched
from 2E application

Agenda


What is Websydian


Websydian security


Reliable, scalable and flexible


Web services


WebSphere/J2EE


Integrating AllFusion Plex and AllFusion
2E


Learning a new tool

Websydian Security Model

Top Ten Security Vulnerabilities

1.
Un
-
validated Parameters

2.
Broken Access Control

3.
Broken Account and Session Management

4.
Cross
-
Site Scripting Flaws

5.
Buffer Overflows

6.
Command Injection Flaws

7.
Error Handling Problems

8.
Insecure Use of Cryptography

9.
Remote Administration Flaws

10.
Server Misconfiguration


Top Ten Security Vulnerabilities cont.


All ten must be addressed by developers of
Internet Applications!


Websydian automatically handles nine

of these
challenges
(No. 10 is a management issue!)

making it
easier for developers and reduces risk!

Agenda


What is Websydian


Websydian security


Reliable, scalable and flexible


Web services


WebSphere/J2EE


Integrating AllFusion Plex and AllFusion
2E


Learning a new tool

Distributed Websydian Architecture


Provides an operational infrastructure
for Internet applications with:

-
high performance

-
coherent security model

-
robustness

-
scalability

Web server

Application
Process Host

Application
processes

Relay Service

Database
Server

Websydian
Server

Distributed Websydian Architecture


Performs continuous monitoring and
error recovery


Configurable e
-
mail alerts


Mix and match platforms including IBM
eServer i5, Windows and Java/J2EE


Web server

Application
Process Host

Application
processes

Relay Service

Database
Server

Websydian
Server

Agenda


What is Websydian


Websydian security


Reliable, scalable and flexible


Web services


WebSphere/J2EE


Integrating AllFusion Plex and AllFusion
2E


Learning a new tool

Web Service

Publisher

Web Service

Subscriber

Invoke

Response

Internet

Automated communication
between computers over
the Internet


XML


SOAP


WSDL

Web Services with Websydian

Web Services
Modelling


The XML structure in the document is created in the
model as a hierarchy of entities and functions


Document is then accessed like regular database tables



EJB Web services suited for

-
RPC
-
style Web services (Remote Procedure
Call)

-
Simple interface structure (one level structure)


Websydian Web services suited for

-
Document
-
style Web services

-
Complex interface structures (hierarchical
structures)

-
High productivity through model
-
based
approach and reusable patterns

Websydian vs. AllFusion 2E EJB Web
Services

Agenda


What is Websydian


Websydian security


Reliable, scalable and flexible


Web services


WebSphere/J2EE


Integrating AllFusion Plex and AllFusion
2E


Learning a new tool

Plex, Websydian and J2EE


Ente
r
prise

Information
System

ERP

Database

Business
Logic

EJB container

EJB

EJB from
Advantage
Plex

Legacy

system

Web server

JSP

Servlet

Webs
y
dian
application
as
servlet

Presentation


Layer

EJB

J2EE Security

J2EE

.NET

Platform
-
supported

declarative security

Platform
-
supported

declarative security

Plex t
echnology
enablement

(J2EE, JSP,ASP.NET, C#)

E
-
Business

Plex +Websydian

Coherent e
-
Business security model: Declarative + programmatic

Technology leverage through model
-
based development

Invoice access is limited to users in the
following roles:
Customer, Sales Rep,
Accounting

Invoice access for users in the
customer

role is limited to invoices
belonging to user company

Agenda


What is Websydian


Websydian security


Reliable, scalable and flexible


Web services


WebSphere/J2EE


Integrating AllFusion Plex and
AllFusion 2E


Learning a new tool

Integration


Direct Function Call


Call handwritten or AllFusion 2E
-
generated functions
from AllFusion Plex


Declare as API and call like any AllFusion Plex
generated function

Integration


Direct DB Access


Import existing database
definitions and views in
AllFusion Plex


Used as any AllFusion
Plex
-
generated database
table


AllFusion Plex provides
read, create, update and
delete functions

Agenda


What is Websydian


Websydian security


Reliable, scalable and flexible


Web services


WebSphere/J2EE


Integrating AllFusion Plex and AllFusion
2E


Learning a new tool

Learning a New Tool?


Short Distance AllFusion 2E
-
>AllFusion
Plex

-
Model
-
based

-
Designed specifically for IBM eServer i5
integration


High Productivity!

-
High level patterns provided for fast
application development

-
Focus in business logic


not technology

Learning a New Tool?


Why not J2EE/JSP/EJB

-
Build J2EE applications with AllFusion Plex
and Websydian

-
Model
-
based development keeps data
model, business logic and presentation
layer in sync

-
Security automatically included


eases
responsibility of developers


One skill
-
set covers web, wireless, Web
services, C/S and cross platform
development!

Session Summary


AllFusion Plex with Websydian provides an
attractive strategy for web and Web services
development for AllFusion 2E.


Websydian provides familiar model
-
based
approach for efficiently building web applications
with high security and performance


AllFusion Plex with Websydian complement
AllFusion 2E for advanced e
-
Business
development


Questions & Answers