Core and Administrator Relationship

Core and Administrator Relationship

The relationship between the TrustBuilder Administrator (TBA) and TrustBuilder (TB) is made via the management port. For every export, import and restart operations are called upon via this socket. The port is configured both in the server via the management port input:

There is also the option to download and upload a complete configuration as a zip file to manually distribute to other TBA installations or for manual export.

TrustBuilder Administrator (TBA)

TBA Overview

These are the main elements that can be controlled by the TrustBuilder Administrator:

  • servers
  • configurations
  • workflows
  • services
  • workflow tests
  • scripts
  • library files
  • templates
  • properties
  • logging
  • authorization policies
  • security stores

All of these items can be edited and then exported and deployed to installed TrustBuilder servers.
TrustBuilder servers can be re-started directly from within TBA.

Servers

An TrustBuilder server is a representation of an installed TrustBuilder instance. The main purpose of a server is to define the location of the server and how to connect to that server to import and export. One server has one configuration, one or many workflows and none or many scripts, templates and services.

Configurations

Configurations hold everything needed by the TrustBuilder engine to process an incoming request. This includes: license, workflows, adapters, security and services. A description can also be set. Also the port number that is used for administration purposes such as export, import and restart of the engine. Each configuration can be related to more than one server. When exporting a complete configuration it is exported to all the servers that it is related to. There can be multiple workflows for one configuration. To add/edit/delete workflows related to a configuration first select the configuration from the home page.

Server and Configuration Relationships

A configuration can be related to more than one server. This allows for the configuration to be re-used over multiple installations of TrustBuilder.

Workflows

Workflows define the steps that an incoming request takes when processed by the TrustBuilder engine.

Each configuration must have one or more workflow(s).

A workflow is comprised of a number of activities or steps. Each activity has a single purpose. There are six types of activity:

Activity Name Description
Initial State The start of the workflow. There must be, and can only be, one initial state in one workflow.
Condition A logical condition or if/else if/else or case statement
Script Run a function from a Javascript
Adapter Make a call to a configured adapter
Workflow Make a call to a sub-workflow from this workflow
Component Make a call to a configured component
Final State The end of the workflow
Error State Activity defined to handle exceptions thrown by this workflow

Workflows are defined in the TrustBuilder Administrator using layout files which are representations of actual TrustBuilder workflows that are serialized to workflows when saved.

Scripts

Scripts are Javascript files that perform processing during a workflow. The functions in the scripts are related to activities defined in a workflow. Some common use cases of functions are to extract data from the incoming request, process data before calling an adapter, processing the response from an adapter or create the eventual response from the workflow. Scripts are related to workflows a workflow can have more than one script and a script can be referenced by more than one workflow. Scripts can also call services defined in the configuration

Templates

Templates are HTML, TMPL, JSON or TXT files that can be populated by script files and delivered by a workflow. The functions in the scripts are related to activities defined in a workflow. A common template maybe a login page.

Library Files

Library files are files that will exist in the TB_HOME/lib directory. These might be JAR lib files or files that are used by services for instance.

Properties

Property files are PROPERTIES, CONF, CNF, CONFIG or JAAS files that can be used by the TrustBuilder core.

Logging

The logging configuration file that the TrustBuilder core uses to log messages. This is a logback configuration file. For details see: http://logback.qos.ch/

Authorization Policies

The Authorization (AZN) policies are configured in a sub-set of screens from the main configuration. There are a number of elements: RuleSuites, Resources, PiPs, Rules, Conditions, Assertions and Hints. For more details refer to the relevant chapters in this document. The AZN policies use a service that is configured in the core. This is enabled within the AZN screens.

Security Stores

Trust and Key stores can be created or imported and then managed. These actions are currently available.

Store Action Description
New Store Create a new, empty, key or trust store secured with a password.
Upload a Certificate Upload a certificate file to the current store from this computer.
Change Password Change the password of the key or trust store. The current password is needed.
Upload a Security Store Upload a key or trust store file from this computer. The current password of store is needed
Download a Security Store Download the key or trust store to this computer.
Export Security Store If configuration is related to one or more servers then export this key or trust store to that/those servers.
Import Security Store If configuration is related to one or more servers then import the key or trust store from one of the related servers.
Delete Security Store Delete the current key or trust store.
Delete Certificate Delete one or more certificates from the key or trust store.
View Certificate Details View the details of a certificate including extensions.
PEM Access the certificate as a string that can be copied.

Interface Elements

Notification Status Log

Notifications are displayed to the user when there are errors, warnings or an action has been successfully performed. All actions are listed in the Notifications Status Log found at the top right of each screen except for the editors (scripts, templates and properties) and the server logs screen which all open in a different window.

The number of unread notifications is displayed in a counter. This is cleared once the messages have been accessed.

To view the notification status log click the Notifications button:

The notifications are listed in order that they occurred the latest is listed first.

To cope with a large list the messages can be filtered to show just Errors or Warnings by clicking the relevant buttons at the top of the Notifications Status Log.

To clear the list click the Clear all notifiactions button. To close the Notification Status Log either click anywhere outside the list or click the X button.

Cancelling Requests

When an action is started a loading icon is displayed and access to the main screen is blocked. If a request is taking too long it can be cancelled by hitting the escape, Esc, key. This will return control to the main screen.

Accessing Documentation

The documentation for TrustBuilder can now be accessed directly from the TrustBuilder Administrator from the Help button in the main navigation. This will open the documentation in a new window.

Using the Administrator

Initial Working Process

The normal process initially taken in the TrustBuilder Administrator (TBA) is the following:

  • Create a configuration
  • Edit the configuration
  • Create an instance pointing to a TrustBuilder installation
  • Export the configuration and restart the TrustBuilder server.

If there is a TrustBuilder server that has already been installed and populated with configurations, workflows, scripts etc. Then a configuration can be created by importing from this TB server by following these steps.

  • Create a TrustBuilder server with the correct host name and management port or the installed TrustBuilder
  • Click the option > import button
  • Work on your configuration
  • Export and restart to the server when required.

If there are no files or the TB_HOME does not exist then a blank configuration file is created in TBA for that server.

A configuration can also be uploaded from the current computer. If a valid configuration zip file is supplied click the Upload Config Zip button on the Administration screen and upload the file.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.