May 03

Producing Free, Private X.509 Certificates for use with PKI-based Solutions

By Michael Czapski Sun 2 Comments »

When working with PKI-based security solutions one typically requires one or more X.509 Certificates and related private keys. X.509 Certificates are typically purchased from well known Certification Authorities, such Verisign, for a fair amount of money and are valid for 1 or 2 years. It is not perhaps widely known that one can create a perfectly functional X.509 Certificate and use it in PKI-based solutions by oneself, free of charge and valid for an arbitrary amount of time. While tools are available to both generate key pairs and create X.509 Certificates, the how of it is somewhat obscure.  This document discusses the use of the OpenSSL software in creation of private PKI objects such as Key Pairs and X.509 Certificates and PKCS#12 Keystores. It discusses the use of Windows-based scripts, developed by the author, that make the process painless and quick.

This document discusses the use of cryptographic software and manipulation of cryptographic objects.  Using or discussing cryptography software is illegal in some parts of the world. It is you responsibility to ensure that you comply with any import/export and use laws that apply to you.

SettingUpCryptoToolsAndObjects.pdf

The document references the artifact archive, “PKI_Scripts_Windows“.

Tagged with:
Mar 13

Use Subversion with GlassFishESB, OpenESB or Java CAPS 6 for version control

By Michael Czapski Sun No Comments »

Java CAPS 5.x came with its own, built-in version control system, which many people liked and many despised. Java CAPS 6 Repository still has that version control system. Unlike the repository-based components standard NetBeans components, EJBs, and the JBI-based components, developed through the OpenESB Project and supported, for a fee, in the GlassFishESB product, must use an external version control system, if they are to be placed under version control.

This note discusses how a Subversion VCS can be installed on a Windows platform and used to provide version control for non-Repository components in Java CAPS 6 product and for projects in the GlassFishESB product and OpenESB project.

Clearly, non-Windows platforms can be similarly configured to support Subversion.

This Note, Subversion_with_OpenESB_GlassFishESB_or_JavaCAPS6, is a step-by-step guide to getting Subversion installed and configured to work with NetBeans 6.1. It is not a tutorial on version control.

Tagged with:
Feb 28

Java CAPS Quick Note 002 – JCA Transform HL7 Delimited to Custom XML

By Michael Czapski Sun 8 Comments »

This Quick Note discusses a solution to the use case provided by Marcus Davies.

I am trying to read HL7 from JMS (preferably stcms) and populate an outbound XML data structure (different to the XML generated by the decoder).
I have been thinking of doing one of the following […]:
1.    Use a Concrete JMS WS using the HL7 encoders to unmarshal the HL7 and use JAXB to populate the outbound XML.  Unfortunately this does not appear to connect to the stcms queue as I can not see any receivers
2.    Use a JCA MDB to read from the stcms JMS queue – this works but I don’t think I can use the HL7 encoder like this
3.    Use and MDB to read from JMS, manually unmarshal the HL7 and use JAXB to populate the data structure
Ideally I would like to use the HL7 encoders.  Do you think the first approach should work?

Number 1 will not work as at end of February 2009 because the JMS BC does not properly decode the HL7 delimited message. This is a know issue. I don’t know what the status of this is. The only BCs that know how to deal with HL7 delimited, that I know of, are the File BC and the HL7 BC.

Number 2 should work. I did not personally try it. You can invoke an encoder library from Java. Have a look at http://wiki.open-esb.java.net/Wiki.jsp?page=UseEncodersInJavaSE.

Number 3 should work but it will be very laborious.

I have a Number 4, which uses a HL7 OTD and a custom XSD-based OTD in a JCA EJB. You may or may not like it but it’s the best thing to do if you can not use BPEL 2.0 to do the mapping and you don’t want to build a repository-based solution (which would be the best for your case anyway).

The solution involves the use of:
1.    HL7 2.3.1 OTD Library (Java CAPS 6 Repository)
2.    JMS JCA to trigger a MDB with a HL7 Delimited message
3.    JMS JCA to write result message out
4.    JCA MDB to do the processing
5.    OTDImporter to provide HL7 2.3.1 OTD and custom XSD-based OTD to the EJB for “convenient” mapping

Brief steps to implement this solution are given in Quick Note 002 at QuickNote002_For_Marcus_Davies.pdf. Archive containing project exports and sample data is provided at QuickNote002.zip. The code will work in Java CAPS 6 Update 1.

Tagged with:
Feb 27

Java CAPS Quick Note 001 – Split file into multiple files

By Michael Czapski Sun 2 Comments »

This Quick Note discusses a solution to the use case provided by Richard Kuiter.

An input file contains the following records:

H100000000000014099120ASN00507
L1140991200000008261850826185738
L1140991200000008261850826185738
L1140991200000008261850826185738
L1140991200000008261850826185738
L1140991200000008261850826185738
L1140991200000008261850826185738
H100000000000014099126ASN00531
L1140991260000008262690826269662
L1140991260000008262690826269662
L1140991260000008262690826269662
L1140991260000008262690826269662
L1140991260000008262690826269662

It is required that each block of records starting with the H1 (header) record and containing all the following L1 (line) records, be written to a different file.

The solution involves the use of:
1.    Batch Inbound eWay to locate the input file and provide its name and location to a Java Collaboration Definition
2.    Batch Local File eWay to provide an Input Stream to the Batch Record eWay
3.    Batch Record eWay to break up the input stream into records delimited by carriage return+new line
4.    Batch Local File eWay to write each block of records to a file with a distinct name

Brief steps to implement this solution are given in the full Quick Note as QuickNote_001. The collaboration code will work in Java CAPS 5 and 6 Repository.

Tagged with:
Feb 23

Java CAPS 6 – Providing Policy-driven Web Services Security support using a XML Security Gateway

By Michael Czapski Sun No Comments »

Securing web services, to be invoked over the Internet, is both essential and difficult. Using appropriate tools and technologies makes it easier to accomplish the task. Developer-dependent solution, where security is embedded directly into consumers and providers, is inflexible and labour-intensive. Gateway-based solutions are more flexible, more dynamic and easier to manage. In this note Java CAPS 6-based web service consumer and provider pair are developed. The solutions are exercised first without, then with the web services security gateway. This enables demonstration of how web services can be secured, how policies can be developed and propagated and how WS-Security-mandated XML markup can be dealt with outside the development shop. The Layer 7 SecureSpan XML Gateway, and its oft forgotten companion, the SecureSpan VPN Client, are used to explore the topic. The reader should be able to acquire enough knowledge to obtain and deploy the SecureSpan XML Gateway, and to use its basic functionality to implement gateway-mediated secure web services solutions.

The full text of this Note is available from: WS-Security_for_Java_CAPS_the_Gateway_Way_1.0.pdf

Tagged with:
Feb 14

Java CAPS 6 Update 1 – Invoking MTOM Web Service using Java CAPS Classic Web Service Client

By Michael Czapski Sun No Comments »

If we overlook the fact that using web services to transfer large payloads is a very stupid idea, we will be faced with the need to implement the optimisation mechanisms to make transfer of large payloads using web services a little less inefficient from the stand point of the size of the over-the-wire data to be transferred. The standardised, supported mechanism for this is the Message Transmission Optimisation Method (MTOM), http://en.wikipedia.org/wiki/MTOM. Java CAPS Repository-based Web Services don’t offer a convenient mechanism to provide MTOM support.

This note walks through the implementation of a Java CAPS Repository-based, eInsight-based web service consumer and the implementation of the EJB-based Web Service Wrapper Consumer for this service, which provides support for MTOM. The Note discusses how to exercise the wrapper service using the NetBeans web services testing facilities, how to trigger the Java CAPS Repository-based web service invoker and how to observe on-the-wire message exchanges. The invoker implementations discussed in this Note will invoke the web service providers discussed in an earlier Note, “Java CAPS – Exposing MTOM-capable Java CAPS Classic Web Service”, http://blogs.sun.com/javacapsfieldtech/entry/java_caps_exposing_mtom_capable.

The note is available as Invoking_MTOM-WS_using_Java_CAPS_Classic.pdf

Tagged with:
Feb 12

Java CAPS – Exposing MTOM-capable Java CAPS Classic Web Service

By Michael Czapski Sun No Comments »

If we overlook the fact that using web services to transfer large payloads is a very stupid idea, we will be faced with the need to implement the optimisation mechanisms to make transfer of large payloads using web services a little less inefficient from the stand point of the size of the over-the-wire data to be transferred.

The standardised, supported mechanism for this is the Message Transmission Optimisation Method (MTOM), http://en.wikipedia.org/wiki/MTOM. Java CAPS Repository-based Web Services don’t offer a convenient mechanism to provide MTOM support.

This note walks through the implementation of a Java CAPS Repository-based, eInsight-based web service and the implementation of the EJB-based Web Service Wrapper for this service, which provides support for MTOM. The Note discusses how to exercise the services using the NetBeans web services testing facilities and how to observe on-the-wire message exchanges.

The note is available as Exposing_MTOM-capable_Java_CAPS_Classic_Web_Service.pdf

Tagged with:
Jan 23

Tom’s CEC 2008 Java CAPS and GlassFishESB Tutorials are available

By Michael Czapski Sun No Comments »

I have been making references  to Tom Barrett’s tutorials in my blog entries, screencasts, and writeups, but without providing the links to them. Now, courtesy of Tom, I am able to do so. See below for the link and the description of Tom’s tutorials.

++++
The three tutorial documents from CEC 2008 are posted at:
http://wikis.sun.com/display/OpenESBTutor/Tom+Barrett%27s+Open+ESB+and+Mural+Tutorials

See the following section:

Sun Customer Engineering Conference (CEC) – Three Tutorials
The following three tutorials were developed for customer-facing systems engineers at Sun and at Sun partners. They were delivered at CEC 2008 held in Las Vegas in November, 2008. The goal of these three tutorials is to document the steps necessary to create, from scratch, three demonstrations that were delivered in Java CAPS/GlassFish ESB/Open ESB-related sessions at CEC 2008.

1. Exploring GlassFish ESB (V 1.1) – 90 pages – November 6, 2008 This tutorial is based upon an Internet store front scenario where customers purchase items and purchase orders (POs) are generated and forwarded to the “backend” Purchaser. The Purchaser, in turn, collaborates with the Supplier which coordinates shipping and generates a delivery notices (DNs). DNs are returned to the Purchaser and the Purchaser matches up DNs with POs before forwarding instructions to Finance for further processing.

Specific technical topics include:

Custom encoder to marshal XML to delimited records and unmarshal delimited records to XML
BPEL: looping, predicates and correlation
Service Engines: BPEL
Binding Components: HTTP, File, JMS

2. Exploring Sun ESB Suite: Open ESB Technology (V 1.1) – 51 pages – November 18, 2008
This tutorial explores a health care scenario that analyzes HL7 ADT (Admission Discharge Transfer) records to identity patient length of stays that have exceeded an average threshold set by management.  The Intelligent Event Processor (IEP) computes a moving average and identifies ADT records that note an exceptional patient length of stay.  IEP generates an alert for each excessive length of stay detected.

Specific technical topics include:

Intelligent Event Processor (IEP) (Time-Based Window, Relation Aggregator, Correlator / Filter)
BPEL orchestration
File BC for ADT record input
BPEL process invokes IEP via HTTP binding component
IEP uses File BC for output
Service Engines: BPEL, IEP
Binding Components: HTTP, File

3. Exploring Sun MDM Suite: Open ESB and Mural Technology (V 1.0) – 111 pages – November 6, 2008
This tutorial explores a health care scenario where multiple patient master databases exist containing duplicate and inconsistent patient information. A patient master index is defined and a patient application is generated that stores its master index in MySQL, provides a web-based interface to maintain index records, surfaces web services that can be called by other applications to do programmatic access to the index records and supports a JMS topic to broadcast master index changes to other hospital applications.

Specific technical topics include:

Defining patient data model
Establishing MySQL tables
BPEL process feeding index via web service call
BPEL process “listening” on JMS topic for index updates
Using Master Index Data Manager web app
Service Engines: BPEL
Binding Components: File, JMS

Errata:  If you have trouble with this version of the tutorial, please see these errata notes.  Thanks to all who have provided feedback. I’ll address these issues/comments in the next version of the tutorial.

— Tom Barrett

Tagged with:
Jan 08

Java CAPS Basics Book – Project Exports Archive

By Michael Czapski Sun 4 Comments »

The Archive, “__Book_20061221_1320_512_with_Env.zip“, contains all (I think) projects featured in the book “Java CAPS Basics – Implementing Common EAI Patterns”, ISBN-13 978-0-13-713071-9, whether in Part I or in Part II (which is on the CD that accompanies the hardcopy book).

See Note JavaCAPSBasics_ProjectExports_Archive.pdf for additional details, including project hierarchy and prerequisite Java CAPS components.

Tagged with:
Jan 08

HL7 Processor Example – Development Screencast

By Michael Czapski Sun 2 Comments »

The Note “HL7 Processor Demonstration – Java CAPS 6/JBI and OpenESB” walks the reader through development of a Java CAPS 6/JBI-based / OpenESB-based solution that addresses a Healthcare-related business problem. The Note elaborates on the healthcare background necessary to get a notion of what is being done and why, and provides detailed steps required to implement and exercise the solution.

I recorded a screencast of a session during which I discuss the business side of the Note, then discuss, implement, deploy and exercise all components of the solution documented in the Note.

The screencast is here: HL7Processor_Exercise_Screencast.avi. The associated archive, 00_HL7Processor_example_screencast_companion.zip, contains code fragments and other bits and pieces which are used, or referred to, in the screencast. Of some interest are the Note itself, in documents/00_HL7_Example_Development_Instructions_Final.pdf, and the brief example implementation instructions, in documents/00_HL7_ExampleBrief.pdf. I followed the brief instructions while I was building the projects when recording the screencast.

The screencast, which is over 320 Mb in size and takes 2 hours and 50 minutes to play, may require a TechSmith Compression Codec on your machine to allow your player to play the media. You can get one from the TechSmith site: http://www.techsmith.com/download/codecs.asp. Information on the codec can also be found here: http://www.movavi.com/codec/TSCC.html. If you prefer, and you are on Windows, you can get the CamPlay.exe from here: CamPlay.zip and use it instead.

Tagged with:
Previous Entries Next Entries
preload preload preload