Web Applications with CA 2E and WebsydianExpress Develop and Deploy Søren Madsen Anne-Marie Arnvig
Websydian A/S Founded in 1985 Headquarters in Copenhagen, Denmark Using CA 2E since 1989 Using CA Plex since 1994 100% dedicated to model-based development working smarter not harder More than 200 customers in 35 countries worldwide First version of Websydian was released 1998 First version of WebsydianExpress was released 2005
Websydian A/S CA and Websydian A/S are strategic t partners in delivering complete solutions since 2000. The goal is to handle the challenges of quick and reliable development of robust and secure Web, Wireless and Web Service Applications. Websydian target the Java, Windows and IBM System i (the former AS400) platforms
Slide 3 OHH1 Websydian now has more than 200 customers in more than 30 countries and still growing Punktum efter 2001 Ole Høegh Hansen, 4/15/2005
Agenda Websydian focus A flatter, smaller and faster world What are you up against 2E and web what you need A closer look at security and usability Making faster concrete Websydian benefits out-of-the-box of the Live demo: linking 2E and WebsydianExpress
Websydian focus: work smarter We have been involved with CA 2E from the start We know the needs of 2E developers We build WebsydianExpress based on experience and feedback We extracted the best of all and put it into WE
A flatter, smaller and faster world Web casts, remote connections, e-conferences Non-stop change is the new normal Demand for speed and adjustment to change
What are you up against? What does it take to transform your 2E applications into web applications if you start from scratch? What do you need to learn? What options do you need to consider, evaluate and choose between? What do you need to develop yourselves?
2E and web what you need URL Web site design Menus Login User interface Security User management Administration 2E system functionality
A closer look at two issues Security Usability
Security Back-ends: You control access Web applications: Access is difficult to control
Usability Everyone everywhere is a potential user of your system and of your competitors! Make it easy for them to come to you. Make it easy for yourself to invite them.
Must haves Security User management system - web Login and roles Session control Usability (Customers) Understandable menus, work flow and activators Usability (for you) Easy admin and maintenance of your web application
Making faster concrete How long will it take to before you can focus on the functionality of your web site if you don t use Websydian to web front your 2E application? 1000 hours? 2000 hours? or more? How long will take if you use WebsydianExpress? 50 hours? 20 hours? or less?
Websydian benefits out-of-the-box What you get out-of-the-box is an entire infrastructure and a ready site which means that: You don t have to use time collecting and evaluating information about how to go about creating a web solution before starting we have done it for you You can reuse the application you already have You can focus on the business functionality right after installation You don t have to use time setting up security measures it s already done Genric features: menu, login, user management, language support Web based user administration Years of experience
You get Usability: Web site out of the box Installation Service Administration module Message log User management Custom Fields (you can grow your needs) Page Modeler generates HTML code Language support for multiple language sites Interface between your back-end apps and the web (APIs)
You get Security: Session control User management system Login facility Role system compliant with J2EE
Websydian Security Model
OWASP OWASP (Open Web Application Security Project) Non-profit organization Community for sharing information about web application security The OWASP Top Ten The 10 most critical web application security flaws How to avoid the security flaws httt://www.owasp.org
OWASP 2006 Top Ten 1. Un-validated Parameters 2. Broken Access Control 3. Broken Account and Session Management 4. Cross-Site Scripting Flaws 5. Buffer Overflows 6. Command Injection Flaws 7. Error Handling Problems 8. Insecure Storage - Insecure Use of Cryptography 9. Application i Denial of Service 10. Insecure Configuration Management- Server mis- configuration
OWASP 2006 Top Ten and Websydian Un-validated Parameters Broken Access Control Broken Account and Session Management Cross-Site Scripting Flaws Buffer Overflows Command Injection Flaws Error Handling Problems Insecure storage - Insecure Use of Cryptography Application Denial of Service! Insecure Configuration Management- Server mis- configuration
Role based Security Model Role e.g. SalesRep, Accountant, Customer Role-based security obtained through a combination of two security methods: Security by Declaration Access privileges declared ed by role oerse access the declarations to obtain Programmatic security If <user> in <role> then If <user> equal to <user_ id> then
End Part 1
WebsydianExpress for CA 2E Soren Madsen
Biography Søren Madsen Soft Design A/S Chief Consultant Worked with CA 2E since 1990 CA Plex since 1996 Speaker at: CA WORLD and Plex/2E user conferences since 2004 COMMON US since 2007
Søren Madsen Softdesign since 1990 Senior Consultant, Project manager Synon 8 years 2e PLEX 8-9 years KT Obsydian Cool:Plex Jasmin:Plex Advantage:Plex AllFusion:Plex
Developing e for Websydian Express AllFusion 2E iseries, ILE RPG iseries AllFusion Plex iseries, Windows You choose!
Similarities between ee 2E and Web 2E Websydian/2E Display Record Display Horse EXCEXTFUN RPG DDS RPG HTML
Similarities between 2E and Web Scr/rpt design = Page modeler
Page Modeler: Easy creation of HTML
Run-time Page Generation RPG The RPG Program Loads the DDS via the definition as an externally described file. Assigns s the variables ab and writes to 5250
Run-time Page Generatione RPG The RPG Program reads the HTML file as an external file. Assigns the variables and writes to the browser
Run-time Page Generatione Substitution at run-time of fields in Details region Values of Details-fields set by SetOutput function Result is generated HTML Page HTML Document Template as input to WritePage Function
Live Demo
Websydian for 2E Demo
Websydian for 2E Demo
Websydian for 2E Demo
The Websydian Express 2E API (43)
Application flow - GetInput(field name) (Get values from input fields, one call per field) - Execute business logic (E.g. database update etc.) - SetOutput(field name, field value) (Set output values, one call per field) - SetParm(Eventid, field name, field value) (Set hidden values, one call per field) - WritePage(html template)
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Websydian for 2E Demo
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Show horse Functions cto
Websydian for 2E Demo
What now? The 2E model you can download contains all the AD code to view, position, create, update and delete data in the Horse entity. And you can build any web functionality using your own 2E entities and functions. This can be tried out for free! More information at: www.websydian.comwebsydian
WebsydianExpress ess summary WebsydianExpress saves you hours of work Provides web site out-of-the-box Internet profiles handled by Websydian Express Batch processing (reduces number of interactive users) Handles user management Provides session management out-of-the-boxof the Provides the necessary APIs for developing web using 2E Easy installation Provides a tool for modeling the web pages Enables efficient use of different development skills