The electronic Logbook @ the TTF VUV-FEL Making the next step R. Kammering -MVP- DESY in Hamburg Overview Introduction The TTF e-logbook The basic technology How does it look like? Changes since the first version E-logs @ XYZ Security: Authentication, authorization, Conclusions / The next step 1
Introduction The days before the electronic log [Encyclopædia Britannica] also called maritime log instrument for measuring the speed of a ship through water. The first practical log, developed about 1600, consisted of a pie-shaped log chip with a lead weight on its curved edge that caused it to float upright and resist towing. When the log was tossed overboard, it remained more or less stationary while an attached line (marked off with equally spaced knots) was let out behind Introduction The 20'th century 2002 - The year of the XML hype 20 - the elog got standard Today Year 20XX? 2
The TTF e-logbooke Classic client server architecture: User program client Web browser client Print Text + images Upload, typing Text + images HTML + JPEG or PDF Combined content e-logbook Web server The TTF e-logbooke User program client Web browser client 1. Print 1. Request 5. Response e.g. PS HTML PDF UNIX pipe - script XSLT / XSL FO 2. Store convert create PS JPEG XML e-logbook folder JAVA servlets 2. Read 3. Create Web server servlet engine e-logbook server 4. Combine content layout XML XML XSL 3
The TTF e-logbooke Let s have a look: External: https://ttfinfo.desy.de/ttfelog-secure Internal: http://ttfinfo.desy.de/ttfelog The TTF e-logbooke Main window Navigation Status info. Powerful search Integrated shift summary Create new entry Generate PDF Automatic hyper linking Edit entry 4
The TTF e-logbooke Edit window Set of (configurable) standard information Spellchecker Mail to an expert File upload The TTF e-logbooke Natural integration of documentation Complex tree structures possible Many supported data formats Short abstract (gets indexed) 5
The TTF e-logbooke TTF VUV-FEL document tree: > 600 entries > 200 Mb (mostly) PDF documents fully integrated into elog (fast access) support for MS/Open Office formats underway The TTF e-logbooke Changes since the first version: all HTML code ported to JSP (Java Server Pages) to allow: 1. parameterization of e-logbook specific values 2. one central (XML) conf. file per e-logbook 3. access this values via JSTL (Java Server Pages Standard Tag Library) from within every JSP files 6
The TTF e-logbooke Central e-logbook configuration file <!-- define the name of the logbook, displayed on each page --> <name>daq elogbook</name> shift period <!-- period to create a new shift --> <!-- formats are: Y = year, M = month, W = week, D = day, 3 = 3 shifts a day --> <new_shift>m</new_shift> <!-- language code, possible values: en, de --> <lang_code>en</lang_code> <!-- date formatting, posssible formats are: --> <!-- date_fmt>mm/dd/yyyy</date_fmt --> <!-- date_fmt>yyyy-mm-dd</date_fmt --> <date_fmt>dd.mm.yyyy</date_fmt> logbook name language setting date format date title format <!-- title string for each shift in strftime(3c) format --> <title_date>%b %Y</title_date> text layout <!-- Shall text be 'above' or 'beside' the images --> <!-- text_pos>above</text_pos --> background color <text_pos>beside</text_pos> <!-- Background color for overall style of the HTML pages (standard rgb notation)--> <bgcolor>ffffff</bgcolor> The TTF e-logbooke per e-logbook conf. file allows modular XSL architecture: XML XSL elog.xsl imports work.xml + conf.xml HTML keywords get data from conf. parse spellchecker include rules ORACLE include oracle.xsl include oracle.xsl final XSL 7
The TTF e-logbooke Further changes: Interoperability Storing of shift data to ORACLE DB (JDBC Java Database Connectivity) Acquisition of machine statistics (ORACLE) Beam statistics Down times The TTF e-logbooke Further changes: Bold to emphasize Markup functionality (Wiki style) Tables are more readable Links Lists to order things Lines to comment 8
E-log @ XYZ E-log @ XYZ the mother of all these elogs The TTF elog got popular Thanks: S. Karstensen, D. Sertore, P. Krejcik and J. Tsai for the snapshots 9
E-log @ XYZ Some statistics: TTF elog is in operation since: Oct. 2001 > 41000 entries have been made ~ 18Gb graphical data / ~25Mb ASCII text Today >30 TTF like e-logbooks are running on ~12 servers E-log @ XYZ ttfinfo.desy.de - Number of unique visitors 1200 1000 Trend? # of visitors 800 600 400 rebuilding of TTF to VUV-FEL shutdown shutdown First SASE 200 All users Secure access 0 Nov- 02 Dec- 02 Jan- Feb- Mar- Apr- May- Jun- Jul- Aug- Sep- Oct- Nov- Dec- Date Jan- 04 Feb- 04 Mar- 04 Apr- 04 May- 04 Jun- 04 Jul- Aug- Sep- Oct- Nov- Dec- Jan- Feb- 04 04 04 04 04 04 05 05 10
Security: Authenti., authori. Stepwise integration of security: 0. No authentication (2002 version) 1. (multiple-) sign on (since 2005) 2. Single sign on (SSO) 3. Cross domain SSO (CDSSO) Security: Authenti., authori. Today's security architecture Synchronization NIS-LDAP Internet ext. elog user LDAP server Workstation Workstation Workstation Firewall Elogbook server NIS server Workstation Workstation DESY Intranet User requests page (https) Authentication on LDAP server 11
Security: Authenti., authori. User 1. https request The DIT 3. set session (directory information tree) Login.jsp 2. authenticate (via JNDI) LDAP c=de Authentication 4. redirect o=desy Protected application ou=ttf e-logbook Login procedure ou=people ou=group ou=tomcatrole uid=rehlich uid=kammer uid=xyz cn=ttfbudget cn=ttfelog cn=xyzrole Security: Authenti., authori. SSO - possible architecture Internet ext. elog user Policy Agent Elogbook server X Firewall Identity server LDAP server Policy Agent Elogbook server Y DESY Intranet User requests two secured pages Policy agent redirects to identity server Identity server authenticates on LDAP server 12
Conclusions Conclusions Acceptance of e-logbook is overwhelming Ease for cloning was/is high priority World wide accessibility is very important e-logbook is a must for any kind of remote operation Still much could be done (collaborations?) The next step Security Implement SSO authorization schema Extend authorization to DOOCS Elog-core Extend configurable parameters Harden automated elog installation 13
Thanks for your attention! Online resources: The TTF e-logbook technology: http://tesla.desy.de/doocs/elogbook e-logbook for testing: http://gan.desy.de/guestelog the central TTF e-logbook server: https://ttfinfo.desy.de 14