The relationship between the TrustBuilder Administrator (TBA) and TrustBuilder (TB) is made via the management port. For every export, import and restart operations are called upon via this socket. The port is configured both in the server via the management port input:
There is also the option to download and upload a complete configuration as a zip file to manually distribute to other TBA installations or for manual export.
These are the main elements that can be controlled by the TrustBuilder Administrator:
All of these items can be edited and then exported and deployed to installed TrustBuilder servers.
TrustBuilder servers can be re-started directly from within TBA.
An TrustBuilder server is a representation of an installed TrustBuilder instance. The main purpose of a server is to define the location of the server and how to connect to that server to import and export. One server has one configuration, one or many workflows and none or many scripts, templates and services.
Configurations hold everything needed by the TrustBuilder engine to process an incoming request. This includes: license, workflows, adapters, security and services. A description can also be set. Also the port number that is used for administration purposes such as export, import and restart of the engine. Each configuration can be related to more than one server. When exporting a complete configuration it is exported to all the servers that it is related to. There can be multiple workflows for one configuration. To add/edit/delete workflows related to a configuration first select the configuration from the home page.
Server and Configuration Relationships
A configuration can be related to more than one server. This allows for the configuration to be re-used over multiple installations of TrustBuilder.
Workflows define the steps that an incoming request takes when processed by the TrustBuilder engine.
Each configuration must have one or more workflow(s).
A workflow is comprised of a number of activities or steps. Each activity has a single purpose. There are several types of activity:
The start of the workflow. There must be, and can only be, one initial state in one workflow.
A logical condition or if/else if/else or case statement
Make a call to a configured adapter
Make a call to a sub-workflow from this workflow
Make a call to a configured component
The end of the workflow
Activity defined to handle exceptions thrown by this workflow
Workflows are defined in the TrustBuilder Administrator using layout files which are representations of actual TrustBuilder workflows that are serialized to workflows when saved.
Templates are HTML, TMPL, JSON or TXT files that can be populated by script files and delivered by a workflow. The functions in the scripts are related to activities defined in a workflow. A common template maybe a login page.
Library files are files that will exist in the TB_HOME/lib directory. These might be JAR lib files or files that are used by services for instance.
Property files are PROPERTIES, CONF, CNF, CONFIG or JAAS files that can be used by the TrustBuilder core.
The logging configuration file that the TrustBuilder core uses to log messages. This is a logback configuration file. For details see: http://logback.qos.ch/
The Authorization (AZN) policies are configured in a sub-set of screens from the main configuration. There are a number of elements: RuleSuites, Resources, PiPs, Rules, Conditions, Assertions and Hints. For more details refer to the relevant chapters in this document. The AZN policies use a service that is configured in the core. This is enabled within the AZN screens.
Trust and Key stores can be created or imported and then managed. These actions are currently available.
Create a new, empty, key or trust store secured with a password.
Upload a Certificate
Upload a certificate file to the current store from this computer.
Change the password of the key or trust store. The current password is needed.
Upload a Security Store
Upload a key or trust store file from this computer. The current password of store is needed
Download a Security Store
Download the key or trust store to this computer.
Export Security Store
If configuration is related to one or more servers then export this key or trust store to that/those servers.
Import Security Store
If configuration is related to one or more servers then import the key or trust store from one of the related servers.
Delete Security Store
Delete the current key or trust store.
Delete one or more certificates from the key or trust store.
View Certificate Details
View the details of a certificate including extensions.
Access the certificate as a string that can be copied.
Notification Status Log
Notifications are displayed to the user when there are errors, warnings or an action has been successfully performed. All actions are listed in the Notifications Status Log found at the top right of each screen except for the editors (scripts, templates and properties) and the server logs screen which all open in a different window.
The number of unread notifications is displayed in a counter. This is cleared once the messages have been accessed.
To view the notification status log click the Notifications button:
The notifications are listed in order that they occurred the latest is listed first.
To cope with a large list the messages can be filtered to show just Errors or Warnings by clicking the relevant buttons at the top of the Notifications Status Log.
To clear the list click the Clear all notifications button. To close the Notification Status Log either click anywhere outside the list or click the X button.
When an action is started a loading icon is displayed and access to the main screen is blocked. If a request is taking too long it can be cancelled by hitting the escape, Esc, key. This will return control to the main screen.
Using the Administrator
The normal process initially taken in the TrustBuilder Administrator (TBA) is the following:
Create a configuration
Edit the configuration
Create an instance pointing to a TrustBuilder installation
Export the configuration and restart the TrustBuilder server.
If there is a TrustBuilder server that has already been installed and populated with configurations, workflows, scripts etc. Then a configuration can be created by importing from this TB server by following these steps.
Create a TrustBuilder server with the correct host name and management port or the installed TrustBuilder
Click the option > import button
Work on your configuration
Export and restart to the server when required.
If there are no files or the TB_HOME does not exist then a blank configuration file is created in TBA for that server.
A configuration can also be uploaded from the current computer. If a valid configuration zip file is supplied click the Upload Config Zip button on the Administration screen and upload the file.