Web Applications with CA 2E and WebsydianExpress

Transcription

1 Web Applications with CA 2E and WebsydianExpress Develop and Deploy Søren Madsen Anne-Marie Arnvig

2 Websydian A/S Founded in 1985 Headquarters in Copenhagen, Denmark Using CA 2E since 1989 Using CA Plex since % dedicated to model-based development working smarter not harder More than 200 customers in 35 countries worldwide First version of Websydian was released 1998 First version of WebsydianExpress was released 2005

3 Websydian A/S CA and Websydian A/S are strategic t partners in delivering complete solutions since The goal is to handle the challenges of quick and reliable development of robust and secure Web, Wireless and Web Service Applications. Websydian target the Java, Windows and IBM System i (the former AS400) platforms

4 Slide 3 OHH1 Websydian now has more than 200 customers in more than 30 countries and still growing Punktum efter 2001 Ole Høegh Hansen, 4/15/2005

5 Agenda Websydian focus A flatter, smaller and faster world What are you up against 2E and web what you need A closer look at security and usability Making faster concrete Websydian benefits out-of-the-box of the Live demo: linking 2E and WebsydianExpress

6 Websydian focus: work smarter We have been involved with CA 2E from the start We know the needs of 2E developers We build WebsydianExpress based on experience and feedback We extracted the best of all and put it into WE

7 A flatter, smaller and faster world Web casts, remote connections, e-conferences Non-stop change is the new normal Demand for speed and adjustment to change

8 What are you up against? What does it take to transform your 2E applications into web applications if you start from scratch? What do you need to learn? What options do you need to consider, evaluate and choose between? What do you need to develop yourselves?

9 2E and web what you need URL Web site design Menus Login User interface Security User management Administration 2E system functionality

10 A closer look at two issues Security Usability

11 Security Back-ends: You control access Web applications: Access is difficult to control

12 Usability Everyone everywhere is a potential user of your system and of your competitors! Make it easy for them to come to you. Make it easy for yourself to invite them.

13 Must haves Security User management system - web Login and roles Session control Usability (Customers) Understandable menus, work flow and activators Usability (for you) Easy admin and maintenance of your web application

14 Making faster concrete How long will it take to before you can focus on the functionality of your web site if you don t use Websydian to web front your 2E application? 1000 hours? 2000 hours? or more? How long will take if you use WebsydianExpress? 50 hours? 20 hours? or less?

15 Websydian benefits out-of-the-box What you get out-of-the-box is an entire infrastructure and a ready site which means that: You don t have to use time collecting and evaluating information about how to go about creating a web solution before starting we have done it for you You can reuse the application you already have You can focus on the business functionality right after installation You don t have to use time setting up security measures it s already done Genric features: menu, login, user management, language support Web based user administration Years of experience

16 You get Usability: Web site out of the box Installation Service Administration module Message log User management Custom Fields (you can grow your needs) Page Modeler generates HTML code Language support for multiple language sites Interface between your back-end apps and the web (APIs)

17 You get Security: Session control User management system Login facility Role system compliant with J2EE

18 Websydian Security Model

19 OWASP OWASP (Open Web Application Security Project) Non-profit organization Community for sharing information about web application security The OWASP Top Ten The 10 most critical web application security flaws How to avoid the security flaws httt://

20 OWASP 2006 Top Ten 1. Un-validated Parameters 2. Broken Access Control 3. Broken Account and Session Management 4. Cross-Site Scripting Flaws 5. Buffer Overflows 6. Command Injection Flaws 7. Error Handling Problems 8. Insecure Storage - Insecure Use of Cryptography 9. Application i Denial of Service 10. Insecure Configuration Management- Server mis- configuration

21 OWASP 2006 Top Ten and Websydian Un-validated Parameters Broken Access Control Broken Account and Session Management Cross-Site Scripting Flaws Buffer Overflows Command Injection Flaws Error Handling Problems Insecure storage - Insecure Use of Cryptography Application Denial of Service! Insecure Configuration Management- Server mis- configuration

22 Role based Security Model Role e.g. SalesRep, Accountant, Customer Role-based security obtained through a combination of two security methods: Security by Declaration Access privileges declared ed by role oerse access the declarations to obtain Programmatic security If <user> in <role> then If <user> equal to <user_ id> then

23

24

25

26

27 End Part 1

28 WebsydianExpress for CA 2E Soren Madsen

29 Biography Søren Madsen Soft Design A/S Chief Consultant Worked with CA 2E since 1990 CA Plex since 1996 Speaker at: CA WORLD and Plex/2E user conferences since 2004 COMMON US since 2007

30 Søren Madsen Softdesign since 1990 Senior Consultant, Project manager Synon 8 years 2e PLEX 8-9 years KT Obsydian Cool:Plex Jasmin:Plex Advantage:Plex AllFusion:Plex

31 Developing e for Websydian Express AllFusion 2E iseries, ILE RPG iseries AllFusion Plex iseries, Windows You choose!

32 Similarities between ee 2E and Web 2E Websydian/2E Display Record Display Horse EXCEXTFUN RPG DDS RPG HTML

33 Similarities between 2E and Web Scr/rpt design = Page modeler

34 Page Modeler: Easy creation of HTML

35 Run-time Page Generation RPG The RPG Program Loads the DDS via the definition as an externally described file. Assigns s the variables ab and writes to 5250

36 Run-time Page Generatione RPG The RPG Program reads the HTML file as an external file. Assigns the variables and writes to the browser

37 Run-time Page Generatione Substitution at run-time of fields in Details region Values of Details-fields set by SetOutput function Result is generated HTML Page HTML Document Template as input to WritePage Function

38 Live Demo

39 Websydian for 2E Demo

40 Websydian for 2E Demo

41 Websydian for 2E Demo

42 The Websydian Express 2E API (43)

43 Application flow - GetInput(field name) (Get values from input fields, one call per field) - Execute business logic (E.g. database update etc.) - SetOutput(field name, field value) (Set output values, one call per field) - SetParm(Eventid, field name, field value) (Set hidden values, one call per field) - WritePage(html template)

44 Show horse Functions cto

45 Show horse Functions cto

46 Show horse Functions cto

47 Show horse Functions cto

48 Show horse Functions cto

49 Show horse Functions cto

50 Show horse Functions cto

51 Show horse Functions cto

52 Show horse Functions cto

53 Show horse Functions cto

54 Show horse Functions cto

55 Show horse Functions cto

56 Show horse Functions cto

57 Show horse Functions cto

58 Show horse Functions cto

59 Show horse Functions cto

60 Websydian for 2E Demo

61 Show horse Functions cto

62 Show horse Functions cto

63 Show horse Functions cto

64 Show horse Functions cto

65 Show horse Functions cto

66 Show horse Functions cto

67 Show horse Functions cto

68 Show horse Functions cto

69 Websydian for 2E Demo

70

71 What now? The 2E model you can download contains all the AD code to view, position, create, update and delete data in the Horse entity. And you can build any web functionality using your own 2E entities and functions. This can be tried out for free! More information at:

72 WebsydianExpress ess summary WebsydianExpress saves you hours of work Provides web site out-of-the-box Internet profiles handled by Websydian Express Batch processing (reduces number of interactive users) Handles user management Provides session management out-of-the-boxof the Provides the necessary APIs for developing web using 2E Easy installation Provides a tool for modeling the web pages Enables efficient use of different development skills

73