Release 2.0 of Project OpenPTK builds on the success of
Release 1.x. The goal ...
enable developers to create custom interfaces to a variety of repositories ... has not changed.
Release 2.0 gives the developer more choices for how they want to create custom interfaces.
Release 2.0 also supports more back-end repositories. The "core"
Framework Tier has also been enhanced to include "models", authentication, authorization, pre-actions, post-actions.
Following features, enhancements and resolved issues are new in Release 2.0:
Servlet-Based (Engine Architecture)
Problem
Release 1.x was a monolithic design. The OpenPTK architecture was "packaged" with the application and deployed as a single unit. This made it difficult and near impossible to separate the OpenPTK Framework and Services from the application and maintain and manage them as separate components from the developers application or client.
Solution
A client-server design ... OpenPTK Release 2.0 user a client-server design allowing the "client" to communicate to the "server" as an "Engine" taking client requests, applying the proper authentication, authorization, encryption, etc and fulfilling these requests with back-end services. The new "Engine", is made up from the architecture components below from the:
- Server Tier
- Framework Tier
- Service Tier
RESTful-based Web Service
Problem
Web 2.0 Developers are leveraging a variety of tools and languages to build end-user interfaces. Solutions are being built (such as AJAX) which require a standardized mechanism to access information. These types of applications typically use a RESTful Web Service which supports standard JSON/XML data structures.
Solution
In
Release 2.0, OpenPTK's "
Server Tier" provides the RESTful Web Service (supporting JSON and XML). The RESTful Web Service offers multiple ways to "represent" the data between the Server and the applications. Bi-directional data can be represented using either JSON or XML syntax.
Service / Operation Level Configuration
Problem
In Release 1.x, OpenPTK's Service architecture is used to define
and implement access to a provisioning backing-store (SPML, JNDI,
LDAP). A Service provided an implementation of some or all of the
OpenPTK Framework "operations" (Create, Read, Update, Delete, ...). All
"operations" when to the same backing-store.
Solution
In
Release 2.0, OpenPTK's Service architecture separates the
definition and implementation of access to the various provisioning
backing-stores. A
Service can be configured where each
Operation could reference a different backing-store. For example, a
Service, related to a
Context could have its CREATE, UPDATE, and DELETE Operations use SPML, while its READ and SEARCH Operations use JNDI.
Client-Side Java API
Problem
Release 1.x had little in the way of a Client-side Java API.
Solution
Release 2.0 includes a fully documented
Client-Side Java API that includes only those classes necessary for a client to connect over REST to the OpenPTK Server Tier implementing all connection, encryption, conversion of the contents to/from the OpenPTK Server. The
Client-Side Java API can always be reached at:
Authentication
Problem
Release 1.x didn't include authentication to the OpenPTK framework or services. It was up to the implementer to include their own authentication framework.
Solution
Refer to the
detailed design and implementation notes on Release 2.0 Authentication.
Authorization
Problem
Release 1.x didn't include authentication to the OpenPTK framework or services. It was up to the implementer to include their own authentication framework.
Solution
Refer to the
detailed design and implementation notes on Release 2.0 Authorization.
Models, Views and Relationships
Problem
Release 1.x didn't include any ability to connect up back end services to one another resulting in a model made up of views and relationships between these services. It was up to the implementor to do create and implement their own connections.
Solution
Refer to the
detailed design and implementation notes on Release 2.0 Models, Views and Relationships.
Actions
Problem
In Release 1.x, OpenPTK was focused on performing basic operations within Contexts such as basic CRUD operations (Create, Read, Update and Delete) and few more around passwords. Outside of performing these basic data tasks, there was no facility to perform other actions, such as sending an email.
Solution
Release 2.0 includes the ability to define
pre and
post actions to a particular
operation. An example action might be the sending of an email:
This simple action is contained as part of the
create operation of a context within the
OpenPTK config file.
<Action id="notify" mode="post"> <Properties>
<Property name="sendemail.subject" value="Your Account has been created"/>
<Property name="sendemail.fromaddress" value="%{email.fromaddress}" />
<Property name="sendemail.toaddress.attribute" value="email" />
<Property name="template.document" value="EmailTemplate-AccountCreated" />
</Properties>
</Action>
The
Operation Actions define the
notify action. <OperationActions>
<Action id="notify" classname="org.openptk.context.actions.Notify"> <Properties>
<Property name="plugin.template" value="template"/>
<Property name="plugin.email" value="sendemail"/>
</Properties>
</Action>
...
</OperationActions>
The
Plugins define the
sendmail and template plugins. <Plugins>
<Plugin id="sendemail" ... classname="org.openptk.plugin.sendemail.SendEmailPlugin"> <Properties>
...
</Properties>
</Plugin>
<Plugin id="template" ... classname="org.openptk.plugin.template.TemplatePlugin">
<Properties>
...
</Properties>
</Plugin>
</Plugins>
Encryption
Problem
What is the basic problem being solved from Release 1.x
Solution
What is the solution implemented in Release 2.x
Templates
Problem
What is the basic problem being solved from Release 1.x
Solution
What is the solution implemented in Release 2.x
Definition Functions
Problem
What is the basic problem being solved from Release 1.x
Solution
What is the solution implemented in Release 2.x
Enhanced Search
Problem
What is the basic problem being solved from Release 1.x
Solution
What is the solution implemented in Release 2.x
Services
Problem
What is the basic problem being solved from Release 1.x
Solution
Release 2.0 implemented the following
new services:
Starting with 2.0 the
following services will stop being enhanced, tested and included in binary distributions, and are candidates to be removed from the repository at anytime. The code and projects will be left around for example and experimental use going forward.
Release 2.0
Resolved Issues
| Issue
|
Description |
| OPENPTK-166 |
Support quoted arguments/values in CLI |
| OPENPTK-182 |
Handle unsuccessful deletes in CLI with better return message |
| OPENPTK-187 |
HTTP Response Codes for no content results |
| OPENPTK-188 |
JNDI doDelete() should return a SUCCESS when uniqueId not found |
| OPENPTK-193 |
Invalid connection uri causes NullPointer |
| OPENPTK-194 |
CLI continues after USER session expires |
| OPENPTK-195 |
CLI handling offline services |
| OPENPTK-206 |
ReAuthenticating after closing connection fails |
| OPENPTK-216 |
CLI Search Output causes extra data in header |
| OPENPTK-219 |
OIM 11g Service returns an error when no search arguments are provided |
| OPENPTK-247 |
Need to remove stale openptk.tld's in Server, IdentityCentral, UML, Register |
| OPENPTK-249 |
Long values are processed as generic Objects |
| OPENPTK-258 |
JDBC Primary Key using integer with a Context fails to return correct uniqueid on read and search operations |
| OPENPTK-264 |
No symbol or space is allowed in the context key or uniqueid |
| OPENPTK-266 |
uniqueid can not contain space |
| OPENPTK-271 |
Removal/Cleanup of passwords from any logging |
| OPENPTK-272 |
Subject
uniqueid's are being lost when both the Connection
getStructureFromInput and SubjectRepresentation processSubjectInput run |
| OPENPTK-274 |
ptkadmin utility is not generating encrypted values |
| OPENPTK-275 |
Incompatible oimclient.jar file |
| OPENPTK-281 |
ServerAuthFilter doesn't use cookie from request headers |
| OPENPTK-282 |
CLI: unclear error message for UPDATE operation |
| OPENPTK-292 |
LDAP Search is broken when query string has space in it |
| OPENPTK-306 |
Double Quoating an attributeKey in the CLI update command causes an invalid exception |
New Features
Issue
|
Description
|
| OPENPTK-28 |
Design authentication features |
| OPENPTK-29 |
Design authorization features |
| OPENPTK-154 |
Configure Context for JavaDB with JDBC Service |
| OPENPTK-199 |
Service for Oracle Id Mgr Registration |
| OPENPTK-200 |
Registration sample application |
| OPENPTK-201 |
Oracle Id Mgr 11g API Service |
| OPENPTK-202 |
Service specific validation of forgotten password data |
| OPENPTK-203 |
Configure and test JDBC Service with Oracle DB |
| OPENPTK-210 |
Shell script to run API tests |
| OPENPTK-211 |
Taglib for getting existing session type and principal information |
| OPENPTK-212 |
Add a tag in the tag library to get client connection property |
| OPENPTK-223 |
Decouple the Web Interface components from OpenPTK Server .war |
| OPENPTK-228 |
Create Oracle Request Service/Operations |
| OPENPTK-250 |
Association table mapping |
| OPENPTK-261 |
Additional JSR-168 Portlet for Registration |
| OPENPTK-268 |
Create Timer utility class for timings |
| OPENPTK-302 |
Frequent service down |
Improvements
Issue
|
Description
|
| OPENPTK-124 |
Create an LDAP Service using UnboundID LDAP SDK |
| OPENPTK-135 |
Identity Central Interface |
| OPENPTK-141 |
Add principal to all log entries |
| OPENPTK-162 |
Document Removal of User Interface from Server |
| OPENPTK-164 |
Extend Client API and Taglibs to support context get/set |
| OPENPTK-167 |
build process update |
| OPENPTK-176 |
Client API does not allow sharing of existing session information |
| OPENPTK-179 |
Update doCreate TAG to return uniqueId |
| OPENPTK-191 |
Add Actions to /resources/engine interface |
| OPENPTK-208 |
Enhance Setup.getConnection() to indicate different types of failures |
| OPENPTK-213 |
Return Un-Authorized Operation Error Code |
| OPENPTK-220 |
Centralize logging |
| OPENPTK-224 |
Enhance the openptkconfig authenticator to use encrypted password |
| OPENPTK-225 |
Create wrapper execution script for ptkadmin utility |
| OPENPTK-226 |
Change the CLI command line binary to "openptk" |
| OPENPTK-227 |
Change Response.results to use ComponentIF interface |
| OPENPTK-230 |
Use existing SessionId to get a Connection via a JSP Tag |
| OPENPTK-241 |
Create OpenPTK-LDAP project |
| OPENPTK-242 |
Add Component setState methods to set default Error flags and message |
| OPENPTK-244 |
Capture operation STATISTICS in the Command Line Interface (CLI) |
| OPENPTK-245 |
Capture operation TIMINGS in the Command Line Interface (CLI) |
| OPENPTK-246 |
Create Global Encryptor Singleton instance |
| OPENPTK-251 |
Enhance UnboundID LDAPSDK to use connection pools |
| OPENPTK-252 |
Improve the OpenPTK Logger to support multiple logging instances for different applications within a single JVM |
| OPENPTK-253 |
Enhance UnboundID LDAPSDK to use In-Memory Directory |
| OPENPTK-257 |
Create OPENPTK HOME |
| OPENPTK-259 |
Add Glassfish Embedded Server into QuickInstall/Demo environment |
| OPENPTK-263 |
Support resource request for oracle OIM 11g |
| OPENPTK-269 |
Improve the confusing env, show and set CLI commands |
| OPENPTK-270 |
Improve the use of the contexts CLI command |
| OPENPTK-277 |
Add OpenPTK prefix to system type logging |
| OPENPTK-285 |
Clean input for JDBC Service |
| OPENPTK-287 |
Release cycle process issues with openptk.xml and openptk_client.properties |
| OPENPTK-290 |
Implement LDAP FailoverServerSet with UnboundID service |
| OPENPTK-295 |
Support encrypted password for plugin.sendemail.authen.password in openptk.xml |
