Download uPortal 2.6 Brownbag I

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
Document related concepts

Remote Desktop Services wikipedia , lookup

Cross-site scripting wikipedia , lookup

Semantic Web wikipedia , lookup

Proxy server wikipedia , lookup

Transcript 
Web Proxy Channel
and Portlet
Andrew Petro
JA-SIG Denver
26 June 2007
© Copyright Unicon, Inc., 2007. Some rights reserved.
http://creativecommons.org/licenses/by-nc/3.0/us/ Portions borrowed from
previous JA-SIG presentations by Andrew and others.
Meet your speaker
• Andrew Petro
• Unicon, Inc.
• Software developer, cooperative support
uPortal lead, and occasional uPortal
consultant
• Previously with Yale University ITS
Technology & Planning
This presentation
• Web proxy generally
• The CWebProxy channel that’s included in
uPortal, originally developed by Memorial
University Newfoundland
• The Web Proxy Portlet open source project
spearheaded by University of WisconsinMadison
Web proxy generally
Inline frames
Browser
Portal
<iframe />
<iframe />
External web server
• Browser performs
aggregation
Web proxies
Browser
Portal
External web server
• Portal performs aggregation
Advantages of each
Inline frame
Web proxy
• Simple
• Portal (and firewalls,
etc.) can insulate the
backing server
• Fast (potentially)
• Transparent handling of
backing css, javascript
• Transformation of
content
• Portal services (authN,
attributes, permission)
• Caching
JSR-168 portlets
• JSR-168 portlets run inside the portal JVM
– Possibly with some classloader isolation
• Action vs. Render distinction
• Easy preferences
• … Cf. Matt Young’s talk, e.g.
JSR-168 portlets
Browser
Portal
?
• Portal performs aggregation
What if Something Goes Wrong?
Browser
Portal
?!
What if Something Goes REALLY Wrong?
Browser
Portal
?!
Doctor, it hurts when I do this…
• Well, don’t do that
– Memory leaks / abuse
– Lock thrash
– Infinite recursion
• Web proxy as way to share inside-portal
codebase across many outside-portal proxied
applications
Service windows
• Upgrading proxied applications without
restarting the portal – independent service
windows
Arbitrary backing web technology
• Spring, and Spring PortletMVC are excellent
• But you might want to use, or have existing expertise
in:
• PHP
• ASP
• Perl
• …
• Ruby (On Rails)
• ColdFusion
• Plain Old HTML
Exposing Portal Views
• Maybe you have a well-functioning Spring
WebMVC application
– Portal views as just additional elements in the
view layer
– Re-use existing DataSources, services, hosting,
development
– Just expose a few more URLs and associated
portal-appropriate views
Web Proxy channel
Traditional web proxy
• Proxied application produces XHTML
• WebProxy proxies it
• simple
Web Proxy of Tomcat’s Number Guessing
http://localhost:8080/jspexamples/num/numguess.jsp
Channel Markup
<form method="get"
action="tag.9ebcc3d6be8e1c38.render.userLayoutRo
otNode.target.n23.uP#n23">
What's your guess?
<input type="text" name="guess" />
<input type="submit" value="Submit" />
</form>
Web Proxy Channel Config
Pass-through type
• What renders will “pass through” the channel,
the little box on the screen?
– All
– Application – just those sharing URI prefix with the
initial XML URI
– Marked – just URLs with special attributes in their
HTML elements will be rendered inside the portal
– None
Publishing a new web proxy
Lots of options
Tidy?
• Brad Johnson’s suggestion of moving to more
accomodating “TagSoup” library
You can proxy markup other than HTML!
• This is just one selection of XSLTs you can
use
• Can use CWebProxy as a CGenericXSLT on
steroids
Passing uPortal user attributes
• Show up as request attributes to the remote
application
• Useful for passing username, identifiers
LocalConnectionContext
• Applies context to the request from portal to
backing application
• Can be based on Security Context
• E.g., CAS proxy ticket
LocalConnectionContext uses
• Authentication
– Proxy CAS
– BASIC authentication
• Modify URLs to take advantage of an proxy
server for performance
YaleInfo Recent Email
• Uses Proxy CAS * 2
• Links to message in IMP
• Not a full e-mail client in uPortal
HTTPS
Request
portal
XML
response
Recent
E-mail
Channel
servlet
IMAP
Protocol
IMAP
Server
YaleInfo Network Registration
Building applications to be proxied
Choose a link scheme
• All in channel?
• Application?
• Marked?
Take care in HTML production
• Performs better if CWebProxy doesn’t need
to tidy the output
Choose an authentication scheme
• Proxy CAS is compelling
HTTPS
Request
portal
XML
response
Recent
E-mail
Channel
servlet
IMAP
Protocol
IMAP
Server
Use uPortal CSS styles
• Or add new styles to your portal
• New in default theme/skin:
– channels.css , a designated place for you to add
your extra CSS styles
Securing Web Proxies
Blocking Proxying of Local Files
• Web proxy
– Convenient
– Simple
– Powerful
• But can be too much so
What if I’m clever yet mean
• And tell the web proxy channel to proxy a
file:// on the portal server?
• Or some other resource the portal can get to
that I’m not intended to get to?
Additional configuration
How this works
• Blocked URI prefixes – if blocked, X
• Allowed URI prefixes – if not allowed, X
• Control whether initial URL should be subject
to these rules
– Allows end-user-setting-ChannelStaticData CPDs
to be secured
– E.g., RSS reader via XSLT
University of Wisconsin-Madison
Web Proxy Portlet
Fortunately, Eric is right here
• And has designs for refactoring it
• So maybe he can say a few words on that
topic…
• http://my.wisc.edu/
Example: Lost and Found service
URLs adjust the web proxy configuration
• https://mydemo.doit.wisc.edu/portal/tag.ac784df01d3c8
0be.render.userLayoutRootNode.target.u21l1
n100.uP?uP_portlet_action=true&uP_window
_state=normal&edu.wisc.my.webproxy.URL=
http%3A%2F%2Fwww.doit.wisc.edu%2Fport
al%2Fdemo%2Flostandfound%2Fviewfound.
html#u21l1n100
Next steps for uPortal
Ship UW Web Proxy Portlet with uPortal
• It’s been out for review more than long
enough
• UW-Wisc has exercised it
• With Eric’s additional refactoring it will be
especially ready for wide use
Continue to ship CWebProxy
• Adopters have written applications designed
especially to work with it
• Marked URL features and all
• Begin exploring whether these can be
accomodated in Web Proxy Portlet
Converge on Web Proxy Portlet
• If/When Web Proxy Portlet takes hold like
CWebProxy
• And backwards compatibility or migration
path is in place
• Consider deprecating CWebProxy
– But no immediate plans for this
– CWebProxy remains a viable channel to use and
build against
Questions?
Andrew Petro
[email protected]
Related documents
iPod-Touch
iPod-Touch
07-Servers - dolinski.co.uk | home
07-Servers - dolinski.co.uk | home
Free Response Questions Climate Change Science
Free Response Questions Climate Change Science
Proxy Videos Net
Proxy Videos Net
Proxy servers - WordPress.com
Proxy servers - WordPress.com
The Nilai University College Library Proxy Server allows accessing
The Nilai University College Library Proxy Server allows accessing
Youtube Proxy Qawali
Youtube Proxy Qawali
The Hepatic Portal System
The Hepatic Portal System
The Great Firewall of China
The Great Firewall of China
Configuring Your Web Browser to Use the University of Otago Staff
Configuring Your Web Browser to Use the University of Otago Staff
Teppies 2009 - Български Институт за
Teppies 2009 - Български Институт за
IT Applications Theory Slideshows
IT Applications Theory Slideshows