Replace the entire CMS with your own

Thisdocumentdoesnotdescribehow tocreateaservlet,butthefollowingare resources availabletohelpyou:

v IBMWebsphere StudioApplication Developer:IBMWebsphereStudio

ApplicationDeveloperisthecoredevelopment environmentfromIBM.Ithelps youoptimizeandsimplifyJ2EEandWebservicesdevelopment byoffering best practices,templates,codegeneration,andthemostcomprehensivedevelopment environmentinitsclass.For moreinformation,refertohttp://www.ibm.com/

software/awdtools/studioappdev/.

v IBMdeveloperWorks:IBMdeveloperWorksisyourone-stop developersource.

Itofferstutorials,training,samplecode,CDsand downloads,and more.For moreinformation,refertohttp://www.ibm.com/developerworks/.

IfyoudecidetoreplacetheentireCMSprovidedwith HostOn-Demand,youwill need touseanHTTPparameterforrequestsandXML-formatteddatafor

responses.ParametersaresuppliedtotheCMSservletviaanHTTPrequest,and theresponseinformationisencapsulated intoanXML-formattedobjectand returnedtothecaller.

HTTP request parameters

WhenHostOn-Demandmakesa requestoftheCMS,it appliestheappropriate HTTPparameterstothisrequest.Thishelpsdeterminetheneedsoftherequest.

Sinceitmust beanHTTPrequest,theCMSrequestinterface isbuiltarounda standardHTTP-stylequery.FollowingtheHTTPSprotocolandserveraddressis thequerycharacter,a questionmark,andthena listofkeysandvalues.These keys andvaluesareseparatedbytheampersandsymbol. Withineachkeyand value pair,thekeyandvalue areseparatedbythesymbolfor equality.Asample querymaylooklikethefollowingexample:

https://www.ibm.com/authserver/servlet/cms?operation=1

&destination=www.ibm.com/somehost&appid=tpf

&authtype=AuthType_3270Host

Table 5isalistofavailable keys:

Table8.Availablekeysandvalues

Key Possiblevalue

operation ’1’—CredentialMappingRequest

destination Thisisthedestinationforwhichthe

credentialsarebeingrequested.

appid ThisisthehostapplicationIDforwhichthe

credentialsarebeingrequested.

authtype Thisisthetypeofauthenticationcredentials

beingrequested(availableauthentication typesaredefinedinTable2onpage30).

localid Thisoptionalvaluewillsupplytheuser’s

identification,basedonthelocaloperating systemorthePortaluserID.Fornow,the localIDsolutionissupportedonlyonthe Windowsoperatingsystem.

XML data response object

The CMSreturnsitsresponsetotheclientinXMLformatinanefforttomakethe responseinformationstructuredand extensible.ThisXMLformatprovidesagood base forallowingstructuredaccesstothereturndatatodayand flexibilityfor expansionandimprovementinthefuture. ThefollowingXMLschemadefinesthe formatoftheXMLdocument:

<schema targetNamespace=""

xmlns="http://www.w3.org/2001/XMLSchema">

<element name="hod-sso-credential" type="hod-sso-credentialType" />

<complexType name="hod-sso-credentialType">

<sequence>

<element name="userid" type="string" />

<element name="password" type="string" />

<element name="status" type="string" />

</sequence>

<attribute name="version" type="string" />

</complexType>

</schema>

Based ontheaboveschema,thefollowingcodeisasampleoftheXMLreturn documentthatisstreamedovertheHTTPSconnection:

<?xml version="1.0"?>

<hod-sso-credential version="1.0" >

<userid>&^$#^&</userid>

<password>&^$#^&</password>

<status>0</status>

</hod-sso-credential>

Intheabovecode,theuserIDandpasswordelementsreturngarbagecharacters because theyareencrypted.HostOn-Demandincludesanobjectcalled

com.ibm.eNetwork.security.sso.PasswordCipher toaccomplishthis.Itcontainsthe followingtwomethods:

publicstaticString encrypt(StringplainText)

Thismethodreturnsanencryptedstringpassed asaparameter.

publicstaticString decrypt(StringcipherText)

Thismethodreversestheencryptionprocessbyreturningadecrypted string. IfthecipherText wasnotencryptedusingtheencryptmethod,it returnstheoriginalinputstring

Thestatuselementprovidesthestatusofthereturnvalue.Ifthecredential mapperqueryfailsfor anyreason,this fieldreportsthatfailuretotheclient.

Failure codesaredefinedintheSSOConstantsclass,whichserves asastatic repositoryof relatedSSO staticinformation.Thefollowingtablecontainsthestatus code definitions:

Table9.Statuscodedefinitions

Statuscode Description

0 Success

1 Unknownstatuscode

2 SuitableHCMplug-innotfound

3 InvalidnetworkuserID

4 InvalidapplicationID

5 Invalidserveraddress

6 Databaseconnectionerror

7 UserIDnotfoundindatabase

8 Exception

9 InvaliduserID

10 Passticketerror

11 Timeout

12 UnexpectedDCASreturncode

13 APInotsupported

14 BadURL

15 Unabletoparseresponse

16 LocaluserIDnotavailable

17 DuplicateXMLtags

18 Anexceptionoccurredwhileprocessingthe credentialrequest

19 NetworkSecurityplug-inisnotdefinedto theCMS

20 PortalIDnotavailable

Table9.Statuscodedefinitions (continued)

21 AmatchinguserIDnotfoundinPortal

Vault

Approach 2: Customize the existing CMS provided with Host