Oct 10

In this document I explore the effects of selected web services security policies on SOAP message exchange in the GlassFish ESB v2.1.

This is a work-in-progress document, now at rev 0.3.

To provide early access I intend to release revisions of this document as significant new sections become available.

Rev 0.1: Content
•    Assumptions and Notes
•    Person Service XML Schema and WSDL Interface
•    Common XML Project
•    PersonSvc BPEL Module
•    PersonCli BPEL Module
•    JBI-based Person Service – Plain End-to-End
•    JBI-based Person Service – SSL with Server-side Authentication

Rev 0.2: Additional Content
•    JBI-based Person Service – SSL with Mutual Authentication (broken)
•    EJB-based Person Service – No security
•    EJB-based Person Service – SSL with Server-side Authentication

Rev 0.3: Additional Content
•    EJB-based Person Service – SSL with Mutual Authentication
•    JBI-based Person Service – Exploring WS-Addressing

More in CH05_WSSecurityExploration_r0.3.pdf at https://blogs.czapski.id.au/wp-content/uploads/2010/03/CH05_WSSecurityExploration_r0.3.2.pdf

Sep 18

In this document I explore the effects of selected web services security policies on SOAP message exchange in the GlassFish ESB v2.1.

This is a work-in-progress document, now at rev 0.2.

To provide early access I intend to release revisions of this document as significant new sections become available.

Revision 0.1: Content
* Assumptions and Notes
* Person Service XML Schema and WSDL Interface
* Common XML Project
* PersonSvc BPEL Module
* PersonCli BPEL Modules
* Person Service – Plain End-to-End
* Person Service – SSL with Server-side Authentication

Revision 0.2:Added Content
•    JBI-based Person Service – SSL with Mutual Authentication (broken)
•    EJB-based Person Service – No security
•    EJB-based Person Service – SSL with Server-side Authentication

More in CH05_WSSecurityExploration_r0.2.3.pdf at https://blogs.czapski.id.au/wp-content/uploads/2010/03/CH05_WSSecurityExploration_r0.2.3.pdf.

Sep 16

As a healthcare enterprise looks after patients, information is gathered about various events that take place. Information about notable events, Admissions and Discharges, for example, is recorded in Hospital Information Systems or Patient Administration Systems. These systems typically broadcast event information in a form of HL7 messages for use by other enterprise systems, for example laboratory or diagnostic imaging. A stream of HL7 messages can be intercepted and processed to derive all sorts of interesting information.

The solution developed in this walkthrough deals with Excessive Length of Stay. Length of stay is defined as the period between patient’s admission to and discharge from the hospital. Statistical average expected length of stay is typically available for different kinds of patients presenting with different kinds of conditions. A significant variation from the average length of stay for specific patients may indicate complications, treatment errors, infections and other kinds of issues that the hospital needs to investigate. Notification of such incidents may help the hospital in addressing these issues and prevent future occurrences.

In this solution the Intelligent Event Processor is used to calculate the continuously updated average length of stay over a period of time and use it to compare against each event’s length of stay. It passes, to the downstream component, all events where the length of stay exceeds the average by 1 ½ times and ignores all others.

In the initial iteration, the solution reads a stream of discharge messages, containing admission date, discharge date, length of stay, and a bunch of other fields from a file and passes them to the IEP process. The IEP process keeps the window on the last 10 seconds worth of records and continuously calculates the average length of stay over all records in that window. As records are added to and removed from the window the average is recalculated. As each record is seen its length of stay is compared to the average length of stay of all records in the window at the time. If the length of stay in the current record is less then or equal to 1 ½ times the average at the same time the record is discarded. If the average is greater the record is ejected to the output and ultimately written to a file of exception records.

In a subsequent iteration the solution is modified to accept messages from a JMS Queue. This modification allows the solution to use the stream of discharge messages produced by the HL7 Processor solution, discussed in “HL7 Processor Demonstration – GlassFish ESB v2.1”, https://blogs.czapski.id.au/?p=23.

In a further modification the solution is configured to send notification messages to another JMS Queue. Notification messages are processed by a different solution and sent to an email recipient.

The document, “Excessive length of Stay Healthcare IEP Demonstration”, can be found at https://blogs.czapski.id.au/wp-content/uploads/2010/03/Combinned_Intelligent_Event_Processor_Demonstration_v1.0.pdf

The pre-built projects in the “Excessive length of Stay Healthcare IEP Demo Companion Archive” can be found at https://blogs.czapski.id.au/wp-content/uploads/2010/03/Healthcare_Demo_Combined_v1.0.zip

Sep 07

In this document I explore the effects of selected web services security policies on SOAP message exchange in the GlassFish ESB v2.1.

This is a work-in-progress document.

To provide early access I intend to release revisions of this document as significant new sections become available.

Revision 0.1: Content

  • Assumptions and Notes
  • Person Service XML Schema and WSDL Interface
  • Common XML Project
  • PersonSvc BPEL Module
  • PersonCli BPEL Modules
  • Person Service – Plain End-to-End
  • Person Service – SSL with Server-side Authentication

More in CH05_WSSecurityExploration_r0.1.pdf, at https://blogs.czapski.id.au/wp-content/uploads/2010/03/CH05_WSSecurityExploration_r0.1.pdf

Sep 04

Way back, when the Web was young and the number of World Wide Web sites in the whole World was counted in thousands, I built Australia’s first Web-based Diagnostic Results Reporting application. St.Vincent’s Hospital in Sydney, where I worked then, had the benefit of it for a bunch of years after I left for greener pastures. It has long since been superseded by something better, slicker and more modern. Today’s state of the art is tomorrow’s museum piece …

While I am not usually given to bragging, I am proud of the application all the same, when I remember that it happened, which is not very often at all. It was recalled to me by a couple of people whom I met after a very long time, in the last couple of weeks, so I though I will see if the conference paper I submitted to the First Asia-Pacific World Wide Web Conference, held in Sydney in 1995, is still on line. Alas, Charles Sturt University, which, until about 6 months ago, hosted the conference papers, no longer hosts them. I am still amazed that it hosted them for so many years – more then 10 – and only now retired the site.

To preserve the paper for a bit longer, and show what the state of the art in web design looked like in 1995, I uploaded the paper to the blog site. Here it is, “St.Vincent’s Hospital Sydney – WebResults Project”: https://blogs.czapski.id.au/wp-content/uploads/2010/03/for_blog_mczapski1.html. Some pictures are irretrievably gone – I don’t have the original material so some links are broken.

For these who are too young to remember, in 1993, when I started the project

  • The only way to design web pages was using a text editor and typing HTML (which graduated to version 2.0 half way through the project)
  • There was no such thing as Internet Explorer – in fact Microsoft was in the middle of creating “The Microsoft Network” in competition to the Internet – it never went very far
  • There was no such thing a Netscape Navigator – the only graphical web browser in existence was the Mosaic Browser from the National Center for Suppercomputing Applications (NCSA). A couple of the guys who built the Mosaic browser left to start Netscape and made a mint on it
  • There were two kinds of web servers – the CERN httpd and the NCSA httpd. The NCSA httpd eventually became the Appache Web Server
  • The only way for a Windows machine to connect to the Internet was to install the Trumpet Winsock TCP/IP stack, which Peter Tattam from Tasmania released to the World
  • There was no commercial anything on the Internet, no sites, no adds, no cookies,…
  • It was in 1995 at the First Asia-Apcific World Wide Web Conference in Sydney that I first saw Java and the HotJava Browser – while Java is still with us the HotJava Browser never go very far.

These were interesting days …

Sep 04

This Note walks the reader through development of a GlassFish ESB v2.1based solution that addresses a Healthcare-related business problem. The Note elaborates on the healthcare background necessary to get a notion of what is being done and why, and provides detailed steps required to implement and exercise the solution to the business problem.

We will use the HL7 Binding Component, the File Binding Component, the JMS Binding Component, the SOAP/HTTP Binding Component, the BPEL 2.0 Service Engine, the JavaEE Service Engine, the HL7 Encoder and EJB-based Web Services in a JBI-based solution.

This note is an update, for GlassFish ESB v2.1, of the original note  “HL7 Processor Demonstration – Java CAPS 6/JBI and OpenESB”, to be found at https://blogs.czapski.id.au/wp-content/uploads/2010/03/00_HL7_Example_Development_Instructions_Final.pdf.

Updated note is available at https://blogs.czapski.id.au/wp-content/uploads/2010/03/00_HL7_Example_Development_Instructions_Final_1.1.2.pdf

Aug 05

This document discusses how the SOAP/HTTP Binding Component can be configured, in a service provider and in a service consumer, to use WS-Security 1.0 (2004) Username Token Profile support. WS-Security 1.0 (2004) provided support for the Username Token, which could be sent over the wire in the clear. This was insecure but Sun JAX-RPC libraries allowed this, since the standard allowed this. Through Project Metro release 1.4 it was impossibly to formulate a WS-Security policy that decorated a SOAP message with the Username Token headers, without requiring to also encrypt parts of the message. This prevented solutions built on top Metro 1.4, or earlier, from supporting cleartext Username Token. Metro 1.5 relaxed this requirement. The WS-Security policy configured using the GlassFish ESB NetBeans WS-Security wizard will be modified to require and provide a Plain text Username Token.

The document is here: 02_Configuring_HTTP_BC_for_WS-Security_UsernameToken.pdf

The companion archive containing all projects is here: WSSecPolicies_PersonUsernamePlain.zip

Aug 01

In this walkthrough I will add a Google Map showing a Route between patient’s home address location and the location of patient’s facility of record, as well as directions to follow along this route, to the Visual Web JSF Portlet developed in “Patient Lookup Visual Web JSF Portlet with a nicer looking Google Map”.

The walkthrough document is here: 02_PatienLookup_VWJSFPortletGooRoute.pdf

The comnpanion archive with NetBeans project artifacts is here: PatientLookupGooRouteVWJSFP.zip

Jul 31

The previous blog, walked through development and deployment of the Patient Lookup Portlet with a basic Google Map centered at the location identified by patient address, if any. It was a fairly basic Google Map, as Google maps go. In this document I will add a better looking Google Map to the Patient Lookup Portlet, explicitly using Google Maps APIs to construct the map.

The walkthrough is here: 02_PatienLookup_VWJSFPortletGooMapFancy.pdf

The companion archive, containing the NetBeans project, is here: PatientLookupGooMapBetterVWJSFP.zip

Jul 30

Every now and then there arises a need to carry out-of-band information alongside the business payload but without disturbing or modifying it. Message Envelope Pattern is the Enterprise Integration Pattern label that is typically applied to solutions that address this issue. How the issue is addressed in practice varies depending on the technology in use. For JMS, for example, JMS Message Properties could be used to carry out-of-band information while the payload would be carried as the JMS payload. Web Services, typically using SOAP over HTTP, can address this requirement through the SOAP Header Extension Mechanism, whereby custom headers can be added to the SOAP Header while the payload is carried in the SOAP Body.

This document discusses construction of a WSDL that supports custom SOAP Header element and BPEL processes that are used to set and get custom header values in JBI and in eInsight. This mechanism is known to work in Java CAPS 5.x, Java CAPS 6 Classic and OpenESB / GlassFish ESB.

It is assumed that the reader is sufficiently familiar with the GlassFish ESB / OpenESB BPEL Service Engine and the SOAP/HTTP Binding Component, and / or Java CAPS Classic eInsight Business Process Manager and eDesigner IDE to be able to build projects without a step-by-step pictorial document.

The document is available here: 01_Handling_SOAP_Headers_in_BPEL_.pdf
The companion archive, containing WSDLs and projects, is available here: 01_Handling_SOAP_Headers_in_BPEL.zip

While the method discussed in this entry is still valid there is now a different treatment of the topic, using NM Properties, “GlassFish ESB v2.x – Reading and Writing arbitrary SOAP Headers in BPEL 2.0 using NMProperties“.

Tagged with:
preload preload preload