Presentation is loading. Please wait.

Presentation is loading. Please wait.

ORIS Portal Evaluation Demonstration Paul Prestin Office of Research Information Services.

Published byMarshall Russell Modified over 8 years ago

Similar presentations

Presentation on theme: "ORIS Portal Evaluation Demonstration Paul Prestin Office of Research Information Services."— Presentation transcript:

1 ORIS Portal Evaluation Demonstration Paul Prestin Office of Research Information Services

2 ORIS Objectives Identify ease of implementation for basic client side technologies (html, javascript, css) Identify extent of built in support for AJAX and RIA abilities Establish if external (Cross Domain) sources can be utilized fr “Mashup” abilities

3 ORIS Basic Tests Achieved Have Javascript? Have ability to write to the screen? Have built in Javascript library (jQuery)? Can load external script Can call functions within external script Can request to external service (GET request) Ability to receive response from external service

4 ORIS Limitations Experienced Neither Portal does an equivalent form of content sanitation –uPortal was most flexible in it’s sanitation. Allowing for two alternate forms. Full or None. –Liferay defaults to an auto cleansing and is a poor implementation. Issue where <CDATA tag was not detected and a duplicate will be injected. Breaking the script. –Liferay also auto minimizes all inline JavaScript Makes for a difficult debugging at times Benefit being speedy by default!

5 ORIS Limitations Experienced (Cont.) Could not figure out a way to do a postback/response back through the originating server. May require specialized portlet or additional research Could not figure out how to do a client cert (x509) attachment for service authentication Would require specialized portlet for secured services Built in support within jQuery library for cross domain unsecured service calls done through JSONP (JSON with Padding). Required Service Modification to support JSONP Essentially a callback parameter is specified within the GET request. The service would use this parameter to “wrap” the json in a method call ….callback( { json } ). The client would then auto evaluate based on the response being received and by calling the callback function.

6 ORIS Limitations Experienced (Cont.) HTML or XHTML Cross Domain requests are unsupported by default (browser cross domain sandboxing). JSONP or Script delivery is required. –With a proxy on the originating server (Portal) handling requests and responses between the client and the content server HTML/XHTML services “should” be workable. (Did not get evaluated due to time constraints and possibility of need for portlet via java integration)

7 ORIS Evaluated Functionality (1)Client Request to Portal (2)Portal to Content Server Request (3)Content Server to Portal Response (4)Portal to Client Response (5)Client Script/JSONP call to cross domain Content Server (6)Script/JSONP response to Client Poor Security Configuration Fine For Insecure Content

8 ORIS Most Ideal Scenario (Un-Evaluated) (1)Client Request to Portal (2)Portal to Content Server Request (x509 attached) (3)Content Server to Portal Response (TLS/SSL Secured) (4)Portal to Client Response (5)Client XmlHTTP request to Portal (6)Portal proxied request to Content Server (x509, TLS/SSL (7)Content Server response to Portal (8)Portal XML/HTML/XHTML/JSON/SCRIPT response to client Optimal Security Configuration

9 ORIS Demo uPortal LifeRay

Download ppt "ORIS Portal Evaluation Demonstration Paul Prestin Office of Research Information Services."

Similar presentations

AJAX Development By Gary Mandela December 26, 2006 www.ClevelandDotNet.info.

AJAX Development By Gary Mandela December 26,
Bob German Principal Architect Introduction to Cloud Hosted Apps Your apps here!

Bob German Principal Architect Introduction to Cloud Hosted Apps Your apps here!
By Mark Qian (QUI)(QUI). QUI is a solution to ease RIA development instead of another Javascript framework. QUI is built in Javascript at top of popular.

By Mark Qian (QUI)(QUI). QUI is a solution to ease RIA development instead of another Javascript framework. QUI is built in Javascript at top of popular.
UI Resources API Some context for a discussion.. What Resources? What API?

UI Resources API Some context for a discussion.. What Resources? What API?
JavaScript and AJAX Jonathan Foss University of Warwick

JavaScript and AJAX Jonathan Foss University of Warwick
Attacking and defending Flash Applications. Flash Security I’ll talk about; o RIA, Web 2.0 and Security o What is Crossdomain.xml? Why does it exist?

Attacking and defending Flash Applications. Flash Security I’ll talk about; o RIA, Web 2.0 and Security o What is Crossdomain.xml? Why does it exist?
A really fairly simple guide to: mobile browser-based application development (part 1) Chris Greenhalgh G54UBI / 2011-02-21 1Chris Greenhalgh

A really fairly simple guide to: mobile browser-based application development (part 1) Chris Greenhalgh G54UBI / Chris Greenhalgh
Using JavaScript in Linked Data Applications Oshani Seneviratne Oct 12, 2010.

Using JavaScript in Linked Data Applications Oshani Seneviratne Oct 12, 2010.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
©2009 Justin C. Klein Keane PHP Code Auditing Session 5 XSS & XSRF Justin C. Klein Keane

©2009 Justin C. Klein Keane PHP Code Auditing Session 5 XSS & XSRF Justin C. Klein Keane
AJAX : Technology Evaluation Bryan Jones Philip Lim Fred Lo Warren Wang.

AJAX : Technology Evaluation Bryan Jones Philip Lim Fred Lo Warren Wang.
AJAX Presented by: Dickson Fu Dimas Ariawan Niels Andreassen Ryan Dial Jordan Nielson CMPUT 410 University of Alberta 2006.

AJAX Presented by: Dickson Fu Dimas Ariawan Niels Andreassen Ryan Dial Jordan Nielson CMPUT 410 University of Alberta 2006.
UPortal: A framework for the Personalization of Library Services John Fereira: Programmer/Analyst Cornell University Mann Library.

UPortal: A framework for the Personalization of Library Services John Fereira: Programmer/Analyst Cornell University Mann Library.
Multiple Tiers in Action

Multiple Tiers in Action
It’s always better live. MSDN Events Developing ASP.NET AJAX Controls with Silverlight.

It’s always better live. MSDN Events Developing ASP.NET AJAX Controls with Silverlight.
Inline, Internal, and External FIle

Inline, Internal, and External FIle
Intelligent Tutoring System Mobile Communication Team Drew Boatwright Nakul Dureja Richard Liou.

Intelligent Tutoring System Mobile Communication Team Drew Boatwright Nakul Dureja Richard Liou.
Web Services & Widgets Godmar Back. Mash-Ups Applications that combine information from different sources in one web page Different architectural choices.

Web Services & Widgets Godmar Back. Mash-Ups Applications that combine information from different sources in one web page Different architectural choices.
Agenda What is AJAX? What is jQuery? Demonstration/Tutorial Resources Q&A.

Agenda What is AJAX? What is jQuery? Demonstration/Tutorial Resources Q&A.
Ori Calvo, 2010 “If people want to have maximum reach across *all* devices then HTML will provide the broadest reach” Scott Guthrie,

Ori Calvo, 2010 “If people want to have maximum reach across *all* devices then HTML will provide the broadest reach” Scott Guthrie,

Similar presentations

Ads by Google