Core and Administrator Relationship
The relationship between the TrustBuilder Administrator (TBA) and TrustBuilder (TB) is made via the management port. For every export, import and restart operations are called upon via this socket. The port is configured both in the server via the management port input:
There is also the option to download and upload a complete configuration as a zip file to manually distribute to other TBA installations or for manual export.
These are the main elements that can be controlled by the TrustBuilder Administrator:
servers
configurations
workflows
services
workflow tests
scripts
library files
templates
properties
logging
authorization policies
security stores
All of these items can be edited and then exported and deployed to installed TrustBuilder servers.
TrustBuilder servers can be re-started directly from within TBA.
Servers
An TrustBuilder server is a representation of an installed TrustBuilder instance. The main purpose of a server is to define the location of the server and how to connect to that server to import and export. One server has one configuration, one or many workflows and none or many scripts, templates and services.
Configurations
Configurations hold everything needed by the TrustBuilder engine to process an incoming request. This includes: license, workflows, adapters, security and services. A description can also be set. Also the port number that is used for administration purposes such as export, import and restart of the engine. Each configuration can be related to more than one server. When exporting a complete configuration it is exported to all the servers that it is related to. There can be multiple workflows for one configuration. To add/edit/delete workflows related to a configuration first select the configuration from the home page.
Server and Configuration Relationships
A configuration can be related to more than one server. This allows for the configuration to be re-used over multiple installations of TrustBuilder.
Workflows
Workflows define the steps that an incoming request takes when processed by the TrustBuilder engine.
Each configuration must have one or more workflow(s).
A workflow is comprised of a number of activities or steps. Each activity has a single purpose. There are several types of activity:
Activity Name | Description |
|---|---|
Initial State | The start of the workflow. There must be, and can only be, one initial state in one workflow. |
Condition | A logical condition or if/else if/else or case statement |
Script | Run a function from a Javascript |
Adapter | Make a call to a configured adapter |
Workflow | Make a call to a sub-workflow from this workflow |
Component | Make a call to a configured component |
Final State | The end of the workflow |
Error State | Activity defined to handle exceptions thrown by this workflow |
Workflows are defined in the TrustBuilder Administrator using layout files which are representations of actual TrustBuilder workflows that are serialized to workflows when saved.
Scripts
Scripts are Javascript files that perform processing during a workflow. The functions in the scripts are related to activities defined in a workflow. Some common use cases of functions are to extract data from the incoming request, process data before calling an adapter, processing the response from an adapter or create the eventual response from the workflow. Scripts are related to workflows a workflow can have more than one script and a script can be referenced by more than one workflow. Scripts can also call services defined in the configuration
Templates
Templates are HTML, TMPL, JSON or TXT files that can be populated by script files and delivered by a workflow. The functions in the scripts are related to activities defined in a workflow. A common template maybe a login page.
Library Files
Library files are files that will exist in the TB_HOME/lib directory. These might be JAR lib files or files that are used by services for instance.
Properties
Property files are PROPERTIES, CONF, CNF, CONFIG or JAAS files that can be used by the TrustBuilder core.
Logging
The logging configuration file that the TrustBuilder core uses to log messages. This is a logback configuration file. For details see: http://logback.qos.ch/
Authorization Policies
The Authorization (AZN) policies are configured in a sub-set of screens from the main configuration. There are a number of elements: RuleSuites, Resources, PiPs, Rules, Conditions, Assertions and Hints. For more details refer to the relevant chapters in this document. The AZN policies use a service that is configured in the core. This is enabled within the AZN screens.
Security Stores
Trust and Key stores can be created or imported and then managed. These actions are currently available.
Store Action | Description |
|---|---|
New Store | Create a new, empty, key or trust store secured with a password. |
Upload a Certificate | Upload a certificate file to the current store from this computer. |
Change Password | Change the password of the key or trust store. The current password is needed. |
Upload a Security Store | Upload a key or trust store file from this computer. The current password of store is needed |
Download a Security Store | Download the key or trust store to this computer. |
Export Security Store | If configuration is related to one or more servers then export this key or trust store to that/those servers. |
Import Security Store | If configuration is related to one or more servers then import the key or trust store from one of the related servers. |
Delete Security Store | Delete the current key or trust store. |
Delete Certificate | Delete one or more certificates from the key or trust store. |
View Certificate Details | View the details of a certificate including extensions. |
PEM | Access the certificate as a string that can be copied. |
Interface Elements
Notification Status Log
Notifications are displayed to the user when there are errors, warnings or an action has been successfully performed. All actions are listed in the Notifications Status Log found at the top right of each screen except for the editors (scripts, templates and properties) and the server logs screen which all open in a different window.
The number of unread notifications is displayed in a counter. This is cleared once the messages have been accessed.
To view the notification status log click the Notifications button:
The notifications are listed in order that they occurred the latest is listed first.
To cope with a large list the messages can be filtered to show just Errors or Warnings by clicking the relevant buttons at the top of the Notifications Status Log.
To clear the list click the Clear all notifications button. To close the Notification Status Log either click anywhere outside the list or click the X button.
Cancelling Requests
When an action is started a loading icon is displayed and access to the main screen is blocked. If a request is taking too long it can be cancelled by hitting the escape, Esc, key. This will return control to the main screen.
Using the Administrator
The normal process initially taken in the TrustBuilder Administrator (TBA) is the following:
Create a configuration
Edit the configuration
Create an instance pointing to a TrustBuilder installation
Export the configuration and restart the TrustBuilder server.
If there is a TrustBuilder server that has already been installed and populated with configurations, workflows, scripts etc. Then a configuration can be created by importing from this TB server by following these steps.
Create a TrustBuilder server with the correct host name and management port or the installed TrustBuilder
Click the option > import button
Work on your configuration
Export and restart to the server when required.
If there are no files or the TB_HOME does not exist then a blank configuration file is created in TBA for that server.
A configuration can also be uploaded from the current computer. If a valid configuration zip file is supplied click the Upload Config Zip button on the Administration screen and upload the file.