Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Eclipse Scout » How to,,,,(Important requirements for business adoption)
How to,,,, [message #1224427] Thu, 26 December 2013 18:03 Go to next message
Walter Mising name is currently offline Walter Mising nameFriend
Messages: 128
Registered: July 2009
Senior Member
I love scout.... However to be adopted in big organizations, few critical aspects should be enhanced.

1. Passwords must be encrypted - config.ini, sql service. UI to key in the password - dual custodians.
2. Environment specific values should be externalized - database in UAT & PROD are different - sql service, root filesystem path -RemoteFile, log levels turning on or off dynamically, masking of confidential data in sql log output. Having entries in config.ini and bundling it for prod env by dev team is not a best practice. Env specific configuration should not leave the server.
3. Authentication SSO integration out of the box - siteminder
4. Incremental deployments - deploy only changed plugins
5. Rollback changes
6. Reusability of scout applications. App1 is an app meeting a specific business requirement. Admin app is another app to manage users & entitlements. How can both apps be combined to provide complete solution without adding any app specific details in admin app. Admin app will also be used in App2. The UI or entitlement structure will not change, though the underlining data will be app specific.
7. Show outline based on user entitlements



Re: How to,,,, [message #1224638 is a reply to message #1224427] Fri, 27 December 2013 10:10 Go to previous messageGo to next message
Jeremie Bresson is currently offline Jeremie BressonFriend
Messages: 1252
Registered: October 2011
Senior Member
Thanks a lot for your interest in Scout and your feedback.

I appreciate reading such a list... It makes me think about security and operations. I have taken your list as an ordered list (kind of priority ranking).

A commercial product I know based on Eclipse Scout has disabled and changed some of the Eclipse Scout default mechanisms. This is probably to match some of your expectations.

What does your list means for the project? Should we change some of the default in Eclipse Scout? We should consider other approaches to match the state of the art of the industry?
Is really something missing in Eclipse Scout? Runtime / SDK? Some of your points depend on how you want to use Eclipse Scout, and on how you are deploying it. Can we at framework or platform level define something that will be valid, useful and good for every use-case?

Who is ready to invest in the framework to add the missing parts? We would welcome any kind of contributions (detailed information on what we need to change: architecture level or code level; code contribution; documentation...)
Re: How to,,,, [message #1229476 is a reply to message #1224427] Thu, 09 January 2014 14:22 Go to previous message
Matthias Villiger is currently offline Matthias VilligerFriend
Messages: 232
Registered: September 2011
Senior Member
Hi Walter,

We are happy that you like Scout! Smile
And sorry for the late reply!

Here some comments to your aspects:

1.
I agree. And we have done that for some customers as well. We store the encrypted password as a base64 encoded string in the config.ini.
This value is then passed to the setPassword method in your sql service. By overwriting this method you can decrypt the input first by using the algorithm you prefer.
Refer to the javax.crypto package for more details on how to use cryptography in Java.
If you want to use strong cryptography you may need the Java Cryptography Extensions (see JCE)
To encrypt a new password we created a small java application that requests the new password and then answers with the encrypted version (base64 encoded) so that it can be stored in the config.ini

2.
All environment specific values should be configured in the config.ini file. There you may also use placeholders (e.g. @@DB_SERVER_NAME@@) to create an environment unspecific package. Before deploying the package to a specific instance you then just have to replace all the placeholders (using a build/deployment tool, shell script, application, by hand, ...).
You can always change the log levels of a running scout application by accessing the process servlet (e.g. .../myApp/process). You can also configure the default log levels in the config.ini file.
To mask log entries you must provide your own log manager. There is a howto that explains this using log4j as example. In your own logger you then can apply all your filtering rules.

3.
Scout already includes support for authenticating against a LDAP server. See the corresponding howto to setup a LDAP security filter.

4.
There is an updater released on the eclipse marketplace called F2. This updater is capable to do incremental deployments for the clients. It even can update only changed files within an archive (like a .jar) to minimize the data download for clients. There is a tutorial that explains how to integrate F2 in your project.

5.
Which changes do you want to rollback? If you mean after upgrading the client installations then F2 may also solve this. Please see the concept page for a detailed description of the F2 updater.

6.
A Scout application can be dived into several modules. There is also a tutorial with a small example how a module can contribute content to a main application. Such modules can be used by several applications. So in your example the Admin app may be such a module.

7.
You can show/hide a lot of entities based on user permissions. Please see the mini-crm-tutorial for more details on how to deal with permissions.
To hide e.g. an outline for some users you can set the visible permission:
@Override
protected void execInitTree() throws ProcessingException {
  setVisiblePermission(new MyAdminPermission());
}

Only users having the necessary permissions will see the Outline. Please see here to learn how to load all permissions for a user.
These permissions can be set for lots of elements (form fields, forms, outlines, pages, etc.) and modes (visible, enabled/disabled).


I hope this helps and covers the aspects you are missing. If you have any further questions or are missing any features, please don't hesitate to ask!

kind regards,
matthias
Previous Topic:Usage statistics
Next Topic:Scout .war not working correctly
Goto Forum:
  


Current Time: Tue Mar 19 05:29:50 GMT 2024

Powered by FUDForum. Page generated in 0.01960 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top