Service Configuration Manager
The Service Configuration Manager module is used to configure the various service types, service clients, and service items for various pasUNITY Enterprise Suite components for communication with the system.
This module functions outside the realm of the normal permissions hierarchy. It can be viewed by any user with membership in Site Administrators or Security Administrators site-level roles with no regard to permissions assigned to the tab on which the module is placed. For more information on the roles referenced in this section please see the role based security topic. Administrative users can configure additional module settings by clicking the button.
To manage Service Type objects, the user must first select the Service Type radio button. Upon selection the user will be presented with a list of the service types configured for communication by the system. New service types may be created by clicking the button, existing service types may be edited by clicking the button, and from within the edit template existing items may be removed by clicking the button.
•Service Type Name: This is the display friendly name of the type and should include product, service, and version.
•Service Type: This is the fully-qualified namespace name of service contract interface type name as defined in the reference assembly.
•Configuration Control Path: Optional. This is the application relative path to the ASCX user control used to configure service clients in the legacy portal. Obsolete.
•Configuration Type: Optional. This is the fully-qualified namespace name of the controller class used to configure service clients in the modern portal.
To manage Service Client objects the user must first select the Service Client radio button. Upon selection the user will be presented with a drop down list of the service types configured for communication by the system. Upon selecting one of these service types a list of previously configured service clients will be displayed. New service clients may be created by clicking the button, existing service clients may be edited by clicking the button, and from within the edit template existing items may be removed by clicking the button.
•Service Client Name: This is the display friendly name of the type and should include product and customer name if available. This name is unique by service type and cannot be blank.
•Configuration: This is often the XML <Configuration/> element that contains the endpoint definition overrides for the remote service.
The Endpoint element is designed to override the address and identity values of an endpoint that already exists on the pasPortal application servers with the name provided. The address needs to be loaded into the Security Service Manager module along with an address certificate name as detailed in that help topic and must be an EXACT match including the casing, host name, and protocol. The address combined with the X.509 certificate is used to establish a connection to the remote endpoint and encrypt communications. The identity attribute is the DNS name of the remote service endpoint as will be validated against what is contained in the X.509 certificate as a Subject Alternative Name. If the Subject Alternative Name of the remote endpoint reports itself as something different than what is found in the certificate communication with the remote endpoint will not be allowed.
To manage Service Item objects the user must first select the Service Item radio button. Upon selection the user will be presented with a drop down list of the service types configured for communication by the system and required to make a selection. Upon selecting one of these service types a list of previously configured service clients will be displayed in an additional drop down list and the user must make a selection. Finally, a list of previously configured service items (if any) will appear. New service items may be created by clicking the button which will provide the user with a list of actual service items from the remote service client that can be added to the system. NOTE: not all service types support the creation of Service Items and may not enumerate any remote items when the add button is pressed. Existing service items may be edited by clicking the button, and from within the edit template existing items may be removed by clicking the button.
•Remote Key: This is the unique name or key of the remote service item as defined in the remote system. The name may not be edited or otherwise manipulated and if changed in the remote system will effectively sever the communications link to that object.
•Configuration: This is often an XML element that contains service type specific information and varies wide by service type.
A commonly used configuration element for pasUnity Matrix services is as follows:
<Form controlPath="../Folder/Control.ascx" displayName="Entry Form Name" />
Usage permissions are assigned directly on Service Items by clicking the editor button. It is important to note that the permissions assigned here are solely for use within the pasPortal application framework for purposes of configuration and delegation and additional permission management may be required within the remote product endpoints as determined using local product documentation.
•None: Assigning this permission to a role removes any previously granted permissions.
•Use: Roles granted this permission enable their users to interact with the service item but additional permission configuration may be required elsewhere.
•Security: Roles granted this permission enable their users to delegate and manage security to the service item proxy from within the portal system.
•Full: Users granted this permission are permitted to delegate security and use the full module feature set.
To assign new permissions select a role in the Available Security Roles drop down list and a permission value in the permission drop down list and click the to assign the permission. Existing permissions can be removed by pressing the button next to the permission assignment to remove.
Copyright © 2023 pasUNITY, Inc.
Send comments on this topic.