Presentation is loading. Please wait.

Presentation is loading. Please wait.

OCLC SiteSearch User Group Meeting Understanding and Using the Access Component.

Published byJewel Shields Modified over 8 years ago

Similar presentations

Presentation on theme: "OCLC SiteSearch User Group Meeting Understanding and Using the Access Component."— Presentation transcript:

1 OCLC SiteSearch User Group Meeting Understanding and Using the Access Component

2 OCLC SiteSearch User Group Meeting Understanding and Using the Access Component-Workshop Agenda 1)Purposes of authorization in WebZ 2)Overview of the Access Component base functionality 3)States of authorization and available types of authentication 4)Trace the process of authorization in the WebZ system 5)Configuring the Access Component with the mSQL system 6)Modifying the authorization data in the mSQL system 7)Connecting a non-mSQL database 8)Customized solutions for authorization 1)Purposes of authorization in WebZ 2)Overview of the Access Component base functionality 3)States of authorization and available types of authentication 4)Trace the process of authorization in the WebZ system 5)Configuring the Access Component with the mSQL system 6)Modifying the authorization data in the mSQL system 7)Connecting a non-mSQL database 8)Customized solutions for authorization

3 OCLC SiteSearch User Group Meeting Definitions Authorization –The act of granting authority or power to; to give permission to act Authentication –To establish the authenticity of; prove genuine Authorization –The act of granting authority or power to; to give permission to act Authentication –To establish the authenticity of; prove genuine

4 OCLC SiteSearch User Group Meeting Authorization Purpose Authentication –Determine if the patron is valid Access Control –Define the databases and authentication information for the patron/user type SiteSearch Initialization –Set the patron’s interface style Authentication –Determine if the patron is valid Access Control –Define the databases and authentication information for the patron/user type SiteSearch Initialization –Set the patron’s interface style

5 OCLC SiteSearch User Group Meeting Base Functionality Process Flow SQLServerSQLServer JDBC Driver AccessServerAccessServer User with a web browser HTTP HTTP Standard Server WebZWebZ JaSSI Access Client AuthenticationAuthentication Access ControlAccess Control InitializationInitialization RemoteZ39.50ServerRemoteZ39.50Server Remote Databases SQL database Contains tables with Authentication (authos)Authentication (authos) Access (available dbs)Access (available dbs) Initialization (style)Initialization (style) ZBase Access Client AuthenticationAuthentication Access ControlAccess Control

6 OCLC SiteSearch User Group Meeting A look at the Access Classes ORG.oclc.access.AccessClient –Interface class that defines all methods that must be implemented by all classes designed to perform access control in the SiteSearch system. ORG.oclc.access.AccessConnectInfo –The AccessConnectInfo class maintains configuration for connecting to a SiteSearch Access Server. It reads the input configuration file and provides methods to retrieve the information. ORG.oclc.access.AccessClient –Interface class that defines all methods that must be implemented by all classes designed to perform access control in the SiteSearch system. ORG.oclc.access.AccessConnectInfo –The AccessConnectInfo class maintains configuration for connecting to a SiteSearch Access Server. It reads the input configuration file and provides methods to retrieve the information.

7 OCLC SiteSearch User Group Meeting Configuration Files ini/JaSSIServer.ini –Loads the Access Servers in [ServerMngr] ini/AccessServer.ini –Configuration for the WebZ Access Server read on startup. ini/servers/Access.ini –Defines the levels of authentication and the client classes to use. ini/JaSSIServer.ini –Loads the Access Servers in [ServerMngr] ini/AccessServer.ini –Configuration for the WebZ Access Server read on startup. ini/servers/Access.ini –Defines the levels of authentication and the client classes to use.

8 OCLC SiteSearch User Group Meeting Base Functionality Options Types of Authentication –Name/autho –IP Address –Domain Name Server States of Authorization –Session Login –Login Anywhere (Optional and Required) –Combination Types of Authentication –Name/autho –IP Address –Domain Name Server States of Authorization –Session Login –Login Anywhere (Optional and Required) –Combination

9 OCLC SiteSearch User Group Meeting Understanding the Database Structure mSQL database based on the following tables: authos authos userdb userdb dbs dbs userresources userresources resources resources inst inst

10 OCLC SiteSearch User Group Meeting Understanding the Database Structure cont.

11 OCLC SiteSearch User Group Meeting The Institution Table Purpose: Used during ISOILL with OCLC InterLibrary Loan Service. Also allows you to provide association with an institution, if needed for other logic. “Required” Fields instsym (primary key) - OCLC institution symbol or a unique way for you to identify the patron’s institution. Purpose: Used during ISOILL with OCLC InterLibrary Loan Service. Also allows you to provide association with an institution, if needed for other logic. “Required” Fields instsym (primary key) - OCLC institution symbol or a unique way for you to identify the patron’s institution.

12 OCLC SiteSearch User Group Meeting The Databases Table Purpose: One entry per database available in the system. “Required” Fields dbid (primary key) - unique numeric identifier dbname - the database name as defined in the individual database configuration files. Purpose: One entry per database available in the system. “Required” Fields dbid (primary key) - unique numeric identifier dbname - the database name as defined in the individual database configuration files.

13 OCLC SiteSearch User Group Meeting The Resources Table Purpose: Allows SiteSearch to provide different authorization information to Z39.50 servers based on the user. “Required” Fields resourceid (primary key) - unique numeric identifier resourcename - name of the remote server resourceautho/resourcepwd - autho and password to be used for assigned user Purpose: Allows SiteSearch to provide different authorization information to Z39.50 servers based on the user. “Required” Fields resourceid (primary key) - unique numeric identifier resourcename - name of the remote server resourceautho/resourcepwd - autho and password to be used for assigned user

14 OCLC SiteSearch User Group Meeting The User Database Table Purpose: Allows the defining of user types to associate a user with specific databases “Required” Fields userdbkey (primary key) - identifier for the user type e.g. faculty dbkey (primary key) - associates the user type with a database listed in the database table Purpose: Allows the defining of user types to associate a user with specific databases “Required” Fields userdbkey (primary key) - identifier for the user type e.g. faculty dbkey (primary key) - associates the user type with a database listed in the database table

15 OCLC SiteSearch User Group Meeting The User Resource Table Purpose: Allows the association of users with unique identifiers to remote servers. “Required” Fields userresourcekey (primary key) - identify for a user resource type e.g. econdept resourceid (primary key) - associates the user resource type with a resource defined in the resource table Purpose: Allows the association of users with unique identifiers to remote servers. “Required” Fields userresourcekey (primary key) - identify for a user resource type e.g. econdept resourceid (primary key) - associates the user resource type with a resource defined in the resource table

16 OCLC SiteSearch User Group Meeting The Authorization Table Purpose: Defines individual authorization information. “Required” Fields autho (primary key) - defines name, IP, or DNS userdbkey - assigns a user type and list of databases for autho Suggested Fields userresourcekey, instsym, style, sessesions Purpose: Defines individual authorization information. “Required” Fields autho (primary key) - defines name, IP, or DNS userdbkey - assigns a user type and list of databases for autho Suggested Fields userresourcekey, instsym, style, sessesions

17 OCLC SiteSearch User Group Meeting The Sample miniSQL Database msql/bin/accessdb.dump –an example schema that demonstrates the different ways you can populate the database msql/templates –template files provided for fresh database creation or additions to individual tables msql/bin/accessdb.dump –an example schema that demonstrates the different ways you can populate the database msql/templates –template files provided for fresh database creation or additions to individual tables

18 OCLC SiteSearch User Group Meeting Creating the Sample Database Create the database from msql/bin/ msqladmin -f../msql.conf create accessdb Import the sample database file msql -f../msql.conf accessdb < accessdb.dump Create the database from msql/bin/ msqladmin -f../msql.conf create accessdb Import the sample database file msql -f../msql.conf accessdb < accessdb.dump

19 OCLC SiteSearch User Group Meeting miniSQL Utilities msqlimport –add information to existing database msqlexport –export information from an existing database msqlimport –add information to existing database msqlexport –export information from an existing database

20 OCLC SiteSearch User Group Meeting Starting the Access Component Modify ini/servers/Access.ini [JaSSI] CheckNameAuthos = true CheckIPAuthos = true [Zbase] CheckNameAuthos = true In scripts/ –msql start –apache start –ssadmin Modify ini/servers/Access.ini [JaSSI] CheckNameAuthos = true CheckIPAuthos = true [Zbase] CheckNameAuthos = true In scripts/ –msql start –apache start –ssadmin

21 OCLC SiteSearch User Group Meeting Exercise - Turning on the Access Component Open your out of the box interface in a web browser and view the database list Build the sample database Turn on Authentication Using the WebZGuest login, review the database list in your out of the box interface Open your out of the box interface in a web browser and view the database list Build the sample database Turn on Authentication Using the WebZGuest login, review the database list in your out of the box interface

22 OCLC SiteSearch User Group Meeting Types of Authentication Name Authorization Syntax –requires values for autho and pwd in authos table Process –submitted from html form –Authorize VERB –autho and password widgets Syntax –requires values for autho and pwd in authos table Process –submitted from html form –Authorize VERB –autho and password widgets

23 OCLC SiteSearch User Group Meeting Types of Authentication IP Authorization Syntax –requires value for autho in authos table –ip:132.174.*.* –subnet masking available Process –requires that CheckIPAuthos is set to true in JaSSIServer.ini and that autho/password is not sent in with HTML form and Authorize VERB. Syntax –requires value for autho in authos table –ip:132.174.*.* –subnet masking available Process –requires that CheckIPAuthos is set to true in JaSSIServer.ini and that autho/password is not sent in with HTML form and Authorize VERB.

24 OCLC SiteSearch User Group Meeting Types of Authentication DNS Authorization Syntax –requires value for autho in authos table –dn:*.oclc.org –subnet masking available Process –requires: CheckDNSAuthos is set to true in JaSSIServer.ini, autho/password not sent in with HTML form and Authorize VERB DNS lookup is configured on host system Syntax –requires value for autho in authos table –dn:*.oclc.org –subnet masking available Process –requires: CheckDNSAuthos is set to true in JaSSIServer.ini, autho/password not sent in with HTML form and Authorize VERB DNS lookup is configured on host system

25 OCLC SiteSearch User Group Meeting Adding Name Authorization and providing access to a new database Use templates to: –enter new autho value of userdbtype all –add access to EconLit database for userdbtype all Use templates to: –enter new autho value of userdbtype all –add access to EconLit database for userdbtype all

26 OCLC SiteSearch User Group Meeting States of Authorization Session Login Purpose –Allows up front authorization to determine access and profile setting VERBS and widgets –Authorize –autho and password see index.html Purpose –Allows up front authorization to determine access and profile setting VERBS and widgets –Authorize –autho and password see index.html

27 OCLC SiteSearch User Group Meeting States of Authorization Login Anywhere Purpose –Allows general access to the system and then when additional information is required (ILL) or desired (additional databases), they will login during a session. Example Purpose –Allows general access to the system and then when additional information is required (ILL) or desired (additional databases), they will login during a session. Example

28 OCLC SiteSearch User Group Meeting Adding IP Authorization to from index.html Add an IP link to the index.html Set CheckIPAuthos = true Test IP Authentication Add an IP link to the index.html Set CheckIPAuthos = true Test IP Authentication

29 OCLC SiteSearch User Group Meeting Customized Authorization Solutions Rewrite existing Access Components for non-SQL database system Use an external authentication system –Kerberos –standard based systems (e.g. 3M, X.500) –existing patron database (e.g. Ameritech, III, DRA) Rewrite existing Access Components for non-SQL database system Use an external authentication system –Kerberos –standard based systems (e.g. 3M, X.500) –existing patron database (e.g. Ameritech, III, DRA)

30 OCLC SiteSearch User Group Meeting Custom Functionality Process Flow WebZWebZ RemoteZ39.50ServerRemoteZ39.50Server Remote Databases User with a web browser Custom Access Client AuthenticationAuthentication ExternalAuthenticationSystem Authenticates user and sends a key identifier like user type for use in Access and Initialization HTTP HTTP Standard Server AccessServerAccessServer JaSSI Access Client Access ControlAccess Control InitializationInitialization key identifier SQLServerSQLServer JDBC Driver SQL database Contains tables with Key from external authoKey from external autho Access (available dbs)Access (available dbs) Initialization (style)Initialization (style)

31 OCLC SiteSearch User Group Meeting Customized Authorization Requirements Programming Resources Understanding of the protocol standard being used (e.g. 3M, X.500) Access to and understanding of API of local patron database system Programming Resources Understanding of the protocol standard being used (e.g. 3M, X.500) Access to and understanding of API of local patron database system

32 OCLC SiteSearch User Group Meeting Creating a new Access Client WebZWebZ RemoteZ39.50ServerRemoteZ39.50Server Remote Databases User with a web browser HTTP HTTP Standard Server AccessServerAccessServer JaSSI Access Client Access ControlAccess Control InitializationInitialization key identifier SQLServerSQLServer JDBC Driver SQL database Contains tables with Key from external authoKey from external autho Access (available dbs)Access (available dbs) Initialization (style)Initialization (style) Custom Access Client AuthenticationAuthentication Profile file [lisa] password = lisa profile = grad [132.174.211.108] profile = faculty

33 OCLC SiteSearch User Group Meeting Framework for creating a new Access Client The Data Bracketed data is autho and profile is the key identifier sent into the WebZ Access Server to set access and the user profile. The Data Bracketed data is autho and profile is the key identifier sent into the WebZ Access Server to set access and the user profile. Profile file [lisa] password = lisa profile = grad [132.174.211.108] profile = faculty

34 OCLC SiteSearch User Group Meeting Framework for creating a new Access Client The Custom Access Client must implement the two interface classes. For Example: PatronIniInfo implements ORG.oclc.serverconnect.AccessServerConnect - initializes class for server and PatronIniAccessClient implements ORG.oclc.access.AccessClient - initializes methods to get info from Inifile object The Custom Access Client must implement the two interface classes. For Example: PatronIniInfo implements ORG.oclc.serverconnect.AccessServerConnect - initializes class for server and PatronIniAccessClient implements ORG.oclc.access.AccessClient - initializes methods to get info from Inifile object WebZWebZ Custom Access Client AuthenticationAuthentication Profile file [lisa] password = lisa profile = grad [132.174.211.108] profile = faculty

35 OCLC SiteSearch User Group Meeting Process for creating a new Access Client Configuration - JaSSIServer.ini [ServerMngr] server1 = ZBase server2 = AccessServer server3 = AccessIniServer server4 = IsoILLServer # The "Local" Access Server. PatronIniInfo # initializes the "Local" Server. [AccessIniServer] inifile = servers/AccessIni.ini InitClass = EDU.bgu.access.PatronIniInfo Configuration - JaSSIServer.ini [ServerMngr] server1 = ZBase server2 = AccessServer server3 = AccessIniServer server4 = IsoILLServer # The "Local" Access Server. PatronIniInfo # initializes the "Local" Server. [AccessIniServer] inifile = servers/AccessIni.ini InitClass = EDU.bgu.access.PatronIniInfo

36 OCLC SiteSearch User Group Meeting Process for creating a new Access Client Configuration - AccessIni.ini # [AccessIniServer] Section name must not change. [AccessIniServer] #port = 0 #host = localhost serverType = IniAccess [JaSSI] CheckNameAuthos = true CheckIPAuthos = true CheckDNSAuthos = false clientClass = EDU.bgu.jassi.access.PatronIniAccessClient patronIni = patron.ini [Counters] AuthorizationRetries = 0 Configuration - AccessIni.ini # [AccessIniServer] Section name must not change. [AccessIniServer] #port = 0 #host = localhost serverType = IniAccess [JaSSI] CheckNameAuthos = true CheckIPAuthos = true CheckDNSAuthos = false clientClass = EDU.bgu.jassi.access.PatronIniAccessClient patronIni = patron.ini [Counters] AuthorizationRetries = 0

37 OCLC SiteSearch User Group Meeting Process for creating a new Access Client Because we are using a new client, we need to modify the Authorize class. In order to access this class the JaSSIServer.ini package order must be modified. # Package Order for Java class loading [PackageOrder] package1 = EDU.bgu.obi package2 = ORG.oclc.obi package3 = ORG.oclc.obi.extverb package4 = ORG.oclc.webz package5 = ORG.oclc.jassi Because we are using a new client, we need to modify the Authorize class. In order to access this class the JaSSIServer.ini package order must be modified. # Package Order for Java class loading [PackageOrder] package1 = EDU.bgu.obi package2 = ORG.oclc.obi package3 = ORG.oclc.obi.extverb package4 = ORG.oclc.webz package5 = ORG.oclc.jassi

38 OCLC SiteSearch User Group Meeting Process for creating a new Access Client The new Authorize VERB could have two different AccessClient classes: AccessClient accessClient = AccessUserData.get(user); AccessClient localClient = AccessUserData.get(user, "AccessIniServer"); After it checks to see if the autho is in the file, it gets the profile as a unique key and sends it into the WebZ Access Server to set a profile and database list. The new Authorize VERB could have two different AccessClient classes: AccessClient accessClient = AccessUserData.get(user); AccessClient localClient = AccessUserData.get(user, "AccessIniServer"); After it checks to see if the autho is in the file, it gets the profile as a unique key and sends it into the WebZ Access Server to set a profile and database list.

39 OCLC SiteSearch User Group Meeting The Access Component Topics of Interest Use tracing to follow the execution within the system. User panels will provide practical examples of larger external patron authentication models. Use tracing to follow the execution within the system. User panels will provide practical examples of larger external patron authentication models.

40 OCLC SiteSearch User Group Meeting Understanding and Using the Access Component Questions Review Questions Review

Download ppt "OCLC SiteSearch User Group Meeting Understanding and Using the Access Component."

Similar presentations

WaveMaker Visual AJAX Studio 4.0 Training

WaveMaker Visual AJAX Studio 4.0 Training
Tutorial EBSCOadmin User Groups support.ebsco.com.

Tutorial EBSCOadmin User Groups support.ebsco.com.
Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.
1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
Tux2 Database The Architecture of Our System © Juhani Välimäki 2005.

Tux2 Database The Architecture of Our System © Juhani Välimäki 2005.
Implementing Search Spelling Suggestions using the Google Web Services API Dave Costakos Software Developer, Systems Engineering Division May 2nd, 2002.

Implementing Search Spelling Suggestions using the Google Web Services API Dave Costakos Software Developer, Systems Engineering Division May 2nd, 2002.
 2003 Prentice Hall, Inc. All rights reserved. Chapter 21 – Web Servers (IIS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System.

 2003 Prentice Hall, Inc. All rights reserved. Chapter 21 – Web Servers (IIS and Apache) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Accounting & Billing System for the WEB Centre GDP 19 Donna Crawford (dc899) Chris O’Neill (ckjon101) Amit Shah (ams401) David Newman (drn101) Supervisor.

Accounting & Billing System for the WEB Centre GDP 19 Donna Crawford (dc899) Chris O’Neill (ckjon101) Amit Shah (ams401) David Newman (drn101) Supervisor.
Computer Science 101 Web Access to Databases Overview of Web Access to Databases.

Computer Science 101 Web Access to Databases Overview of Web Access to Databases.
APACHE SERVER By Innovationframes.com »

APACHE SERVER By Innovationframes.com »
Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.

Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.
Web Development & Design Foundations with XHTML Chapter 9 Key Concepts.

Web Development & Design Foundations with XHTML Chapter 9 Key Concepts.
Snippet Management The following screens demonstrate how to: 1. Access and view snippets 2. Create a local standard snippet, or a local class snippet 3.

Snippet Management The following screens demonstrate how to: 1. Access and view snippets 2. Create a local standard snippet, or a local class snippet 3.
Linux Operations and Administration

Linux Operations and Administration
2001 User Meeting OCLC SiteSearch Update Doug Loynes SiteSearch Product Manager.

2001 User Meeting OCLC SiteSearch Update Doug Loynes SiteSearch Product Manager.
1 Web Servers (IIS and Apache) Outline 9.1 Introduction 9.2 HTTP Request Types 9.3 System Architecture 9.4 Client-Side Scripting versus Server-Side Scripting.

1 Web Servers (IIS and Apache) Outline 9.1 Introduction 9.2 HTTP Request Types 9.3 System Architecture 9.4 Client-Side Scripting versus Server-Side Scripting.
QC 9.2 Prepared By  Sriraman K. 2 Objectives Test Management Tool – What, Why, Benefits etc To make participants aware of Test Process and controlling.

QC 9.2 Prepared By  Sriraman K. 2 Objectives Test Management Tool – What, Why, Benefits etc To make participants aware of Test Process and controlling.
1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.

1 Web Developer & Design Foundations with XHTML Chapter 6 Key Concepts.

Similar presentations

Ads by Google