Novell Portal Services v1.5: Advanced Concepts Matt Brooks Senior Software Engineer Novell, Inc. mgbrooks@novell.com Guy Lunardi NPS Evangelist glunardi@novell.com
Vision…one Net Mission A world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries Mission To solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world
Agenda Agenda Administration Demonstration Basics: Page Hierarchy, Page Sets, Page Overlays Distributed Administration Communities Portal Groups / Dynamic Groups Portal Object: Contextless Login, … Advanced Properties on Objects Language detection Device detection Services NPSDump Demonstration All along—Walkthrough
Novell Products—Open Standards? Novell Portal Services is THE Novell Product that illustrates the adoption of Open Standards Application 100% Java based Access 100% LDAP based 100% HTTP based Files 100% Java based (CIFS or Local) Look and Feel 100% XML and XSL based (XSLT using JAXP)
Pages and Themes Pages Themes Page Sets Supersedes Object Scheme Can now be accessed as a service Themes Supersedes Branding Scheme Page Sets Simplifies Novell Portal Services (NPS) assignments Pages and Themes can be assigned to a Page Set Recommended way of assigning content
Legacy Scheme Migration Why is it working that way? After an NPS 1.0x upgrades, existing Object Schemes and Branding Schemes will remain untouched (and functional) Create Page Object from Object Scheme Create Theme Object from Branding Scheme
Hierarchy What is its role? Organizes the Pages navigation Rename Simply manages Page names Supports NPS macros Location Defines parents Position Manages Priorities Manually or automatically
Hierarchy (cont.) How it works? Part of the XML stream The hierarchy information is sent as part of the XML stream, it then used by the skin (Portal Look) to build the navigation Can be HTML based (plain html) Or can be DHTML (using JavaScript) Each of the standards skins provided with NPS 1.5 include a different to deal with the hierarchy (Navigation) The NPS 1.0 way of dealing with hierarchy will still work
Page Overlays What it does? Allows Portal Administrators to combined general content (gadget assignments) with specialized content(gadget assignments) Each Page can have multiple layers (Pages Overlays) Page Overlays assignments are independent from parent page assignment Administration interface will show integrated layout with parent page gadget assignments
Page Overlays (cont.) Page Overlay assigned Gadgets
Distributed Administration What does it mean? NPS 1.5 introduces delegated (distributed) administration Owners of Pages and Themes Can modify layout and content but not assignment Rights assignments are automatically handled Requires access to PageAdmin gadget Can be assigned to any Pages Another approach to Distributed Administration is to leverage Communities
Communities What they are? Communities are central locations in NPS where users can exchange information Self-Provisioned Information Sharing focused Administrator can modify and customize layout and gadgets Membership is restricted to User objects only
Communities (cont.) Type Services Public—anyone can join Restricted—owners approve membership Private—owners invite members Services Calendar—Share common events Chat—Chat with members of the community that are currently online Discussion—Create / reply to message threads File—Share files with community members Links—Share common URLs with other members News—Place for common information to the community
Communities (cont.) Centralized Administration Portal Administrators can define if users are allowed to create Communities (by default, they can) Community file share Defines where community gadgets store persistent information (files) Used by the Calendar, Discussions and File Share gadgets Required in Multi-Server environment (CIFS share) Container for community objects Defines where the community objects and pages will be created
Communities (cont.) Communities include hierarchy by default NPS System Macro (%*communitypagename%) defines the page name of the parent page of all communities Owners / Members Owners can modify the community configuration Members can only contribute to the community Communities ordering Communities are sorted by names by default (because they all have the same priority) Community priorities can be modified Non-community gadgets can be added to the community page Community page administration
NPS Portal Groups How great is this? NPS specific implementation of LDAP Groups Allows you to build associations based on LDAP attributes values Rfc2254—The String Representation of LDAP Search Filters The LDAP query string match defines the membership of the group Example: Portal Group is (ou=*financ*)
NPS Portal Groups (cont.) No back links? Portal Groups do not maintain membership list, no security association It’s a pure LDAP request The logged in user DN is used as the LDAP BaseDN Will test attributes only on that user object Check for group membership at login time
NPS Portal Groups (cont.) How to ensure the query will work? Trustee Rights The Admin Gadget will assign the proper rights on the attributes used in the Query filter string The rights will be granted to the Portal Object The rights will be assigned on each Portal container Be aware of Inherited Rights Filters
NPS Portal Groups (cont.) Need to query another directory? Portal Groups allow you to specify the LDAP host to query against Will use the combination of host/user/password specified by the Portal Administrator to login (user passwords don’t have to match) Rights will have to be manually granted in that directory User DNs will have to be identical in both directories Not available in Novell eDirectory™ Dynamic Groups
eDirectory Dynamic Groups Even better, why? Same as Portal Groups, only better, here is why: New feature in eDirectory 8.6.1 Unlike Portal Group, you can specify a container (LDAP baseDN of the search) Based on the same LDAP Query filter string standards as Portal groups
eDirectory Dynamic Groups (cont.) What’s coming next? Will include “exceptions” support Will support static include memberships Will support static exclusions Multiple filter strings per Dynamic group object
Portal Object What it does? Portal Object is the ‘heart’ of a Portal Configuration Portal Locations Critical configuration setting Portal events Portal refreshes com.novell.nps.directHttpPort Portal version Portal Administrators are invited to use the Portal Version configuration setting to keep track of changes There is a hard coded Portal version stored in the NPS.JAR (for support purposes) Display on the front page of the Administration gadgets
Portal Directory Objects bhObjectClasses PortalObject Pages Themes Gadgets PortalGroups PageSets Communities … Auxiliary classes to objects All thru Lightweight Directory Access Protocol Directory address configured specifically for each NPS server in PortalServlet.properties
PortalServlet.Properties Why is it critical? This file contains server specific information Which directory server to talk to Which Portal Object to use Can contain server specific settings Examples: Custom refresh time for a staging server Disable client side rendering for a production server Etc…
PortalServlet.properties /nps/WEB-INF/PortalServlet.Properties Comments in a properties file: line ignored is starting with anything else but uppercase letter. System.DirectoryAddress=127.0.0.1:389 System.PortalConfigurationObjectDN=cn=PO-Server1,ou=nps15,o=novell System.GUID={AEE1507E-0000-00EC-72D8-16218941956D} System.Password=novell System.Logging=false change to: ‘true’ to enable logging System.Logging.Priority=high change to: ‘medium’ or ‘low’ to enable logging System.Logging.Output=err add: ‘,file’ to write to screen and Debug.XML System.DirectorySSL=false !System.SessionManager.Render=true !System.SessionManager.RenderOverride=true Custom_Backend_Renderer_Portal_Location=http://10.10.10.1/nps Logging configurable from admin interface
NPS Macros What are they? Gives you access to directory (or system) based information Two kinds: System Macros or Directory Macros System Macros are listed in the documentation Directory Macros could be any directory attribute %o=Novell;ou% (syntax is: %ObjectDN;Attribute% %surname% (if the ObjectDN is not set, the user DN will be used) If a value isn’t found for the queried attribute, the query will be left unchanged
Custom Session Data What it does? Allows you to easily access directory information Custom Session Data gets included in the XML stream Any LDAP attributes could be used here (just like in NPS Macros) Useful to print out the user full name (or email address) in the Branding
Custom Session Data (cont.) How to set it? In the PCO configuration setting <Fullname>%fullname%</Fullname> <Email>%mail%</Email> In the PortalServlet.properties file Custom_Session_Data= Fullname,% fullname %,Email,%mail%
Contextless Login How it works? Contextless Login Attribute configuration setting Indexing used attributes Limit the amount of attributes used Trustees Rights Portal Container configuration setting Sub-container LDAP requests Limit the amount of containers used Public user Role
Advanced Properties What can be done? Directory Flags Reports Controls inheritance for the object Exists on: Users/containers (tree walking) Public User (flagged by default) Reports Inheritance report (available on user) Shows inheritances (from where and how) Customization report (available on container/user) (new feature) Portal Administrators can delete user customizations Can’t view the actual data Compact Settings (available on container) (new feature) Remove orphaned data
Locale (Language) Detection How it works? Locale detection ensures that the Portal will be replying with the right language (NPS is leveraging a technology standard, XLIFF) Directory based strategy (Directory Locale) Uses the ‘language’ LDAP attribute Values are NetWare® heritage (ENGLISH, ESPANOL, FRANCAIS,…) Browser based strategy (Browser Locale) Uses the Browser defined language Values are ISO defined (en, es, es-mx, fr,…) Portal Administrators can specify which strategies to use and the order (Locale lookup order) Also, they can define the default portal Locale (using an ISO language value)
Device (User-Agent) Detection How it works? Device detection ensures that the Portal will be replying with the right look. NPS is leveraging the user-agent string. http://<server_Address>/nps/user-agent.jsp Identify device real estate
Device (User-Agent) Detection (cont.) Configuration Settings required Names of all web devices (PDAs) accessing the portal Portal Administrators defined names for devices (default being implicit) The devices don’t have to be PDAs (you could test for Microsoft InternetExplorer or Mozilla browsers for example) Example: PDAtype1 Web devices (PDAs) that should only show one gadget at a time For real-estate purposes, NPS will only send one gadget back at a time
Device (User-Agent) Detection (cont.) Configuration Settings required Web devices (PDAs) that should use the special devices stylesheet Will specify if the device type has its own style sheets <web device name>DetectionStrings Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; T312461; Q312461) Mozilla/2.0 (compatible; MSIE 3.02; Windows CE; 240x320)
Services What it does? Direct URL access to resources Authenticated Services Can become Human Readable “Name to access via a service URL” Object GUID Public Services No authentication required (uses the Public User) Configurable
Services (cont.) What services are? Need some more? portal service xmlservice portalservice xmlportalservice xmldataservice fullpageservice xmlfullpageservice customcontentservice normalfullpageservice xmlnormalfullpageservice Need some more?
NPSDump What’s this Where to get it Standalone application 100% LDAP and Java based Backup and Restore your NPS configuration Move setup from pilot directory to production directory Extends the schema Any many more things… Where to get it http://support.novell.com/servlet/tidfinder/2961814