Service Configuration Manager

 

 

 

The Service Configuration Manager module is used to configure the various service types, service clients, and service items for various pasUNITY Enterprise Suite components for communication with the system.

 

This module functions outside the realm of the normal permissions hierarchy.  It can be viewed by any user with membership in Site Administrators or Security Administrators site-level roles with no regard to permissions assigned to the tab on which the module is placed.  For more information on the roles referenced in this section please see the role based security topic.  Administrative users can configure additional module settings by clicking the  button.

 

Service Types are the bindings between the system and service contracts as defined in interface types found in compiled reference assemblies.  Service Clients are the specific implementation of a Service Type to include details used to connect, secure, and validate web service connections.  Service Items are proxy representations of items stored in the remote Service Clients for purposes of storing server-side configuration and permissions.

 

Configuring Service Types

 

Only members of the Site Administrators role may configure service types.

 

To manage Service Type objects, the user must first select the Service Type radio button.  Upon selection the user will be presented with a list of the service types configured for communication by the system.  New service types may be created by clicking the  button, existing service types may be edited by clicking the  button, and from within the edit template existing items may be removed by clicking the  button.

 

Attributes of Service Types are as follows:

 

Service Type Name: This is the display friendly name of the type and should include product, service, and version.

Service Type: This is the fully-qualified namespace name of service contract interface type name as defined in the reference assembly.

Configuration Control Path: Optional. This is the application relative path to the ASCX user control used to configure service clients in the legacy portal.  Obsolete.

Configuration Type: Optional.  This is the fully-qualified namespace name of the controller class used to configure service clients in the modern portal.

 

Configuring Service Clients

 

To manage Service Client objects the user must first select the Service Client radio button.  Upon selection the user will be presented with a drop down list of the service types configured for communication by the system.  Upon selecting one of these service types a list of previously configured service clients will be displayed.  New service clients may be created by clicking the  button, existing service clients may be edited by clicking the  button, and from within the edit template existing items may be removed by clicking the  button.

 

Attributes of Service Clients will vary by service type but the core attributes are as follows:

 

Service Client Name: This is the display friendly name of the type and should include product and customer name if available.  This name is unique by service type and cannot be blank.

Configuration: This is often the XML <Configuration/> element that contains the endpoint definition overrides for the remote service.

 

Configuration elements often take the following form:

 

<Configuration>

          <Endpoint

                    name="PAS.Unity.ServiceLibrary.Matrix.V2012a.Federated"

                    address="http://host.domain.com:7080/pasUnity/2012a/MatrixService/Federated"

                    identity="host.pasportal.com"

          />

</Configuration>

 

The Endpoint element is designed to override the address and identity values of an endpoint that already exists on the pasPortal application servers with the name provided.  The address needs to be loaded into the Security Service Manager module along with an address certificate name as detailed in that help topic and must be an EXACT match including the casing, host name, and protocol.  The address combined with the X.509 certificate is used to establish a connection to the remote endpoint and encrypt communications.  The identity attribute is the DNS name of the remote service endpoint as will be validated against what is contained in the X.509 certificate as a Subject Alternative Name.  If the Subject Alternative Name of the remote endpoint reports itself as something different than what is found in the certificate communication with the remote endpoint will not be allowed.

 

Configuring Service Items

 

To manage Service Item objects the user must first select the Service Item radio button.  Upon selection the user will be presented with a drop down list of the service types configured for communication by the system and required to make a selection.  Upon selecting one of these service types a list of previously configured service clients will be displayed in an additional drop down list and the user must make a selection.  Finally, a list of previously configured service items (if any) will appear.  New service items may be created by clicking the  button which will provide the user with a list of actual service items from the remote service client that can be added to the system.   NOTE: not all service types support the creation of Service Items and may not enumerate any remote items when the add button is pressed.  Existing service items may be edited by clicking the  button, and from within the edit template existing items may be removed by clicking the  button.

 

Attributes of Service Items will vary widely by service type but the core attributes are as follows:

 

Remote Key: This is the unique name or key of the remote service item as defined in the remote system.  The name may not be edited or otherwise manipulated and if changed in the remote system will effectively sever the communications link to that object.

Configuration: This is often an XML element that contains service type specific information and varies wide by service type.

 

A commonly used configuration element for pasUnity Matrix services is as follows:

 

<Forms>

          <Form controlPath="../Folder/Control.ascx" displayName="Entry Form Name" />

</Forms>

 

Service Item configuration varies widely by service type, service client, and service item.  Additional details for service item configuration can often be found in local product documentation.

 

Managing Permissions

 

Usage permissions are assigned directly on Service Items by clicking the  editor button.  It is important to note that the permissions assigned here are solely for use within the pasPortal application framework for purposes of configuration and delegation and additional permission management may be required within the remote product endpoints as determined using local product documentation.

 

The permissions that can be granted for Service Items are as follows:

 

None: Assigning this permission to a role removes any previously granted permissions.

Use: Roles granted this permission enable their users to interact with the service item but additional permission configuration may be required elsewhere.

Security: Roles granted this permission enable their users to delegate and manage security to the service item proxy from within the portal system.

Full: Users granted this permission are permitted to delegate security and use the full module feature set.

 

To assign new permissions select a role in the Available Security Roles drop down list and a permission value in the permission drop down list and click the  to assign the permission.  Existing permissions can be removed by pressing the  button next to the permission assignment to remove.

 

Copyright © 2024 pasUNITY, Inc.

 

Send comments on this topic.