IDAPI-Wrapper OpenSecurityCacheUpdater: How do I get it to work?

We use iHub 16.2 and are evaluating the RSSE web service (the sample RSSE Implementation, no modifications made). In order to update the users and their roles etc. on iHub with the changed information from the remote system (which is retrieved by the RSSE service, in case of the sample implementation by reading the SampleRSSE.json file), I compiled the IDAPI-Wrapper OpenSecurityCacheUpdater from https://github.com/robmurphy/idapi-wrapper and ran:

     OpenSecurityCacheUpdater o 
              = new OpenSecurityCacheUpdater("http://localhost:8000/", "Administrator", "",  "DEFAULT VOLUME");
     o.invalidateCache();    //retrieves iHub User data from remote system via RSSE web service

If I run this, unfortunately in the Adminstrator’s view there are no changes visible on new login (Only if I stop the iHub service, restart the Tomcat with the web service and start iHub again, the changed users/user properties like roles etc. will appear in the Administrator’s view of iHub).
To figure out, why running the OpenSecurityCacheUpdater IDAPI Wrapper does not show the expected results, I checked the log4j output:

     There are 3 Exceptions of the same type:
     java.lang.NoSuchMethodException: org.apache.axis.encoding.ser.ArraySerializerFactory.create(
     java.lang.Class, javax.xml.namespace.QName)

which I guess are debug messages only. There are 3 SOAP messages in the log:

    One which contains
    <Login xmlns="http://schemas.actuate.com/actuate11"><User>Administrator</User><Password></Password></Login>
    and 2 others that contain
    <AdminOperation><UpdateOpenSecurityCache/></AdminOperation>

I cannot see what’s wrong in the log4j output.
Also, I checked the iHub log file. In the iHub log file, the only RSSE thing that appears on running the OpenSecurityCacheUpdater is the following command:

    CONFIG: Start RSSE purging for volume "default volume"

(What does RSSE purging mean?)

I use the Sample RSSE implementation from OpenText with no modifications. In the provided SampleRSSE.json file, the name of the default volume is “DEFAULT VOLUME”.

The idapi wrapper uses Axis 1.2.1 while the RSSE service seems to use Axis 2 v1.6.2.
Is the OpenSecurityCacheUpdater compatible with iHub 16.2?

Since I have no experience with SOAP, I have no idea how to figure out why the Update OpenSecurityCache command does not work.
Therefore I would like to ask if someone can give me a hint or guidance on how to proceed. Thanking you in anticipation.

Best Answer

  • Accepted Answer

    In the following I will explain my solution (see code in posting before):
    I wrote a short piece of code to call the IDAPI functionality to send a passthrough message to iHub.
    Passthrough means that the message will not be interpreted by iHub. Instead, it will be passed unchanged
    to the RSSE web service. Therefore we don't need to send a SOAP message directly to the RSSE web service.
    This approach has the following advantages:

    1) Using the Information Delivery API is quite easy.
    2) Astonishingly, this makes iHub refresh its user cache afterwards so that no call to refresh the
    iHub user cache is necessary! Therefore, you don't need to call the invalidateCache() method in
    the code below.
    3) While calling invalidateCache() only refreshes the major user information like users and roles,
    this approach also refreshes all minor information like email addresses etc..

    The code below is based on the github project on

    https://github.com/robmurphy/idapi-wrapper

    (which was written by Actuate/OpenText employees), and I modified/extended it for the purpose described here.
    To compile it, you will need to download the project from that website and add the 2 classes posted here.

    It consists of 2 main methods:

    1) RSSE_Refresher.runPassThroughRefresh() to tell the RSSE web service to reload data from the remote source
    (in case of the RSSE sample implementation the SampleRSSE.json file)
    and
    2) RSSE_Refresher.invalidateCache() to tell iHub to update its user cache

    So the new user information has to be propagated in 2 steps from the JSON-file to the RSSE web service and from
    the RSSE web service to iHub. If you don't send messages to propagate the information, you would have to stop
    iHub, stop and start again the Tomcat hosting the RSSE web service and then start iHub again.This is necessary
    because (in general) the user information is loaded on startup only both in the RSSE web service and in iHub.

    You can test the invalidateCache() method by editing the SampleRSSE.json file manually. Then restart the Tomcat
    (which will load the updated user information into the RSSE web service cache) and call the invalidateCache() method.
    Afterwards you can log in into iHub as Administrator and open the "iHub Administration" entry in the menu in the
    right upper corner. Then you can verify that the updated information is available in iHub.
    As stated in

    https://communities.opentext.com/forums/discussion/comment/219787

    minor user information like email addresses etc. is not refreshed in iHub this way.

    Next, edit the SampleRSSE.json file again and run UserCacheRefresh.main(). Now, no more stopping and starting of
    iHub and the RSSE web service is necessary. The call will update the RSSE web service's user cache and iHub's
    user cache consecutively.

    I hope, the code and explanation are helpful to you. I'm an iHub beginner. If I wrote anything wrong, please
    correct me. If you have additional information on this topic, please add it here.

Answers

  • OK, the IDAPI wrapper ran perfectly and did what it should, but I did not understand what it is supposed to do.
    Now I understand what OpenSecurityCacheUpdate does: It checks the users and roles in the iHub RSSE Cache against the RSSE module. Unfortunately, the RSSE web service module is not requested to update its data before iHub does this check. So for example an iHub IDAPI RSSE passthrough Request CallOpenSecurityLibrary with Parameter "refresh" (like configured in the SampleRSSEconst.java) is needed.

    I still have the following 2 questions:
    1) Is there a sample java Program for the CallOpenSecurityLibrary IDAPI request with parameter "refresh"?
    Next, the OpenSecurityCacheUpdate IDAPI request has to be run.
    2) After that, will the iHub RSSE cache be completely synchronized with the RSSE module's cache?
    Will new users be visible in iHub then?
    What about other user attributes besiedes users and roles: Will email addresses, folders etc. also be updated in the iHub RSSE cache
    or does the OpenSecurityCacheUpdate only care about users and roles? If so, what has to be done to achieve complete synchronization
    of all data between the RSSE web service and the iHub RSSE cache?

  • Fortunately I found solutions for the problems I posted here. Please allow some time and I will post the solutions here.

  • Thank you, Reinhard_5555, for reporting back to the community on your solution to the problem. We look forward to your posted solution.

    David Sciuto

  • package com.actuate.aces.idapi;
    
    import java.net.MalformedURLException;
    import java.rmi.RemoteException;
    
    import javax.xml.rpc.ServiceException;
    
    import com.actuate.aces.idapi.control.ActuateException;
    import com.actuate.schemas.AdminOperation;
    import com.actuate.schemas.Administrate;
    import com.actuate.schemas.ArrayOfString;
    import com.actuate.schemas.CallOpenSecurityLibrary;
    import com.actuate.schemas.CallOpenSecurityLibraryResponse;
    import com.actuate.schemas.UpdateOpenSecurityCache;
    
    public class RSSE_Refresher extends BaseController {
    
        private String[] users, userGroups;
        private final static String PASSTHROUGH_OPERATION         = "operation";
        private final static String PASSTHROUGH_OPERATION_REFRESH = "refresh";
    
        public RSSE_Refresher(BaseController controller) {
            super(controller);
        }
    
        public RSSE_Refresher(String host, String authenticationId) 
                          throws MalformedURLException, ServiceException {
            super(host, authenticationId);
        }
    
        public RSSE_Refresher(String host, String authenticationId, String volume) 
                          throws MalformedURLException, ServiceException {
            super(host, authenticationId, volume);
        }
    
        public RSSE_Refresher(String host, String username, String password, String volume) 
                          throws ServiceException, MalformedURLException, ActuateException {
            super(host, username, password, volume);
        }
    
        public RSSE_Refresher(String host, String username, String password, String volume, 
                              byte[] extendedCredentials) 
                          throws ServiceException, ActuateException, MalformedURLException {
            super(host, username, password, volume, extendedCredentials);
        }
    
        /**
         * Invalidate cached user properties for specified users and/or userGroups
         * @param userNames Names of users to invalidate;
         * @param roleNames Names of user groups to invalidate
         * @throws RemoteException 
         */
        public void invalidateCachedUsers(String[] userNames, String [] userGroupNames) throws RemoteException {
            this.users = userNames;
            this.userGroups = userGroupNames;
            doInvalidate();
        }
    
        /**
         * Invalidate entire cache
         * @throws RemoteException 
         */
        public void invalidateCache() throws RemoteException {
            doInvalidate();
        }
    
        private void doInvalidate() throws RemoteException {
    
            UpdateOpenSecurityCache op = new UpdateOpenSecurityCache();
            if (users != null && users.length > 0)
                op.setUserNameList(new ArrayOfString(users));
            if (userGroups != null && userGroups.length > 0) 
                op.setUserGroupList(new ArrayOfString(userGroups));
    
            AdminOperation adminOperation = new AdminOperation();
            adminOperation.setUpdateOpenSecurityCache(op);
    
            Administrate administrate = new Administrate();
            administrate.setAdminOperation(new AdminOperation[]{adminOperation});
    
            acxControl.proxy.administrate(administrate);
        }
    
        /**
         * Call RSSE passthrough method "refresh"
         * @throws RemoteException 
         */
        public String runPassThroughRefresh() throws RemoteException {
            return passthroughRefresh();
        }
    
        private String passthroughRefresh() throws RemoteException {
    
            String oper = "{ \"" + PASSTHROUGH_OPERATION + "\": \"" + PASSTHROUGH_OPERATION_REFRESH + "\" }";
            CallOpenSecurityLibrary         cosl  = new CallOpenSecurityLibrary(oper);
            CallOpenSecurityLibraryResponse resp;   
    
            resp=acxControl.proxy.callOpenSecurityLibrary(cosl);
            String ReturnString = resp.getOutputParameter();
            int    ReturnCode   = resp.getReturnCode();             
    
            return "Output passThroughRefresh: "+ReturnString +", "+new Integer(ReturnCode).toString();
        }
    }
    
    
    
    
    package com.actuate.aces.idapi.my_sample;
    
    import com.actuate.aces.idapi.*;
    import com.actuate.aces.idapi.control.ActuateException;
    import javax.xml.rpc.ServiceException;
    import java.net.MalformedURLException;
    import java.rmi.RemoteException;
    
    public class UserCacheRefresh {
    
    
        private static String do_Refresh() throws MalformedURLException, ServiceException, ActuateException, 
                                                  RemoteException {
    
            String targetHost   = "http://localhost:8000/";
            String targetUser   = "Administrator";
            String targetPwd    = "";
            String targetVolume = "DEFAULT VOLUME";
    
            /*-------------------------------------------------*/
            //org.apache.log4j.BasicConfigurator.configure();
            /*-------------------------------------------------*/
    
            RSSE_Refresher o = new RSSE_Refresher(targetHost, targetUser, targetPwd, targetVolume); 
    
            //Refresh user data cache in RSSE web service
            String resultStr=o.runPassThroughRefresh();
    
            //Refresh user data cache in iHub 
            //Omitting this call did not show a difference!
    
            //o.invalidateCache();
    
            return resultStr;
        }
    
    
        public static void main(String[] args)
        {
            try{
                String resultStr=do_Refresh();
            }
            catch (MalformedURLException | RemoteException | ServiceException | ActuateException e) {
                e.printStackTrace();
            }    
        }
    
    }
    
  • In the following I will explain my solution (see code in posting before):
    I wrote a short piece of code to call the IDAPI functionality to send a passthrough message to iHub.
    Passthrough means that the message will not be interpreted by iHub. Instead, it will be passed unchanged
    to the RSSE web service. Therefore we don't need to send a SOAP message directly to the RSSE web service.
    This approach has the following advantages:

    1) Using the Information Delivery API is quite easy.
    2) Astonishingly, this makes iHub refresh its user cache afterwards so that no call to refresh the
    iHub user cache is necessary! Therefore, you don't need to call the invalidateCache() method in
    the code below.
    3) While calling invalidateCache() only refreshes the major user information like users and roles,
    this approach also refreshes all minor information like email addresses etc..

    The code below is based on the github project on

    https://github.com/robmurphy/idapi-wrapper

    (which was written by Actuate/OpenText employees), and I modified/extended it for the purpose described here.
    To compile it, you will need to download the project from that website and add the 2 classes posted here.

    It consists of 2 main methods:

    1) RSSE_Refresher.runPassThroughRefresh() to tell the RSSE web service to reload data from the remote source
    (in case of the RSSE sample implementation the SampleRSSE.json file)
    and
    2) RSSE_Refresher.invalidateCache() to tell iHub to update its user cache

    So the new user information has to be propagated in 2 steps from the JSON-file to the RSSE web service and from
    the RSSE web service to iHub. If you don't send messages to propagate the information, you would have to stop
    iHub, stop and start again the Tomcat hosting the RSSE web service and then start iHub again.This is necessary
    because (in general) the user information is loaded on startup only both in the RSSE web service and in iHub.

    You can test the invalidateCache() method by editing the SampleRSSE.json file manually. Then restart the Tomcat
    (which will load the updated user information into the RSSE web service cache) and call the invalidateCache() method.
    Afterwards you can log in into iHub as Administrator and open the "iHub Administration" entry in the menu in the
    right upper corner. Then you can verify that the updated information is available in iHub.
    As stated in

    https://communities.opentext.com/forums/discussion/comment/219787

    minor user information like email addresses etc. is not refreshed in iHub this way.

    Next, edit the SampleRSSE.json file again and run UserCacheRefresh.main(). Now, no more stopping and starting of
    iHub and the RSSE web service is necessary. The call will update the RSSE web service's user cache and iHub's
    user cache consecutively.

    I hope, the code and explanation are helpful to you. I'm an iHub beginner. If I wrote anything wrong, please
    correct me. If you have additional information on this topic, please add it here.

  • In the following I will explain my solution (see code in posting before):
    I wrote a short piece of code to call the IDAPI functionality to send a passthrough message to iHub.
    Passthrough means that the message will not be interpreted by iHub. Instead, it will be passed unchanged
    to the RSSE web service. Therefore we don't need to send a SOAP message directly to the RSSE web service.
    This approach has the following advantages:

    1) Using the Information Delivery API is quite easy.
    2) Astonishingly, this makes iHub refresh its user cache afterwards so that no call to refresh the
    iHub user cache is necessary! Therefore, you don't need to call the invalidateCache() method in
    the code below.
    3) While calling invalidateCache() only refreshes the major user information like users and roles,
    this approach also refreshes all minor information like email addresses etc..

    The code below is based on the github project on

    https://github.com/robmurphy/idapi-wrapper

    (which was written by Actuate/OpenText employees), and I modified/extended it for the purpose described here.
    To compile it, you will need to download the project from that website and add the 2 classes posted here.

    It consists of 2 main methods:

    1) RSSE_Refresher.runPassThroughRefresh() to tell the RSSE web service to reload data from the remote source
    (in case of the RSSE sample implementation the SampleRSSE.json file)
    and
    2) RSSE_Refresher.invalidateCache() to tell iHub to update its user cache

    So the new user information has to be propagated in 2 steps from the JSON-file to the RSSE web service and from
    the RSSE web service to iHub. If you don't send messages to propagate the information, you would have to stop
    iHub, stop and start again the Tomcat hosting the RSSE web service and then start iHub again.This is necessary
    because (in general) the user information is loaded on startup only both in the RSSE web service and in iHub.

    You can test the invalidateCache() method by editing the SampleRSSE.json file manually. Then restart the Tomcat
    (which will load the updated user information into the RSSE web service cache) and call the invalidateCache() method.
    Afterwards you can log in into iHub as Administrator and open the "iHub Administration" entry in the menu in the
    right upper corner. Then you can verify that the updated information is available in iHub.
    As stated in

    https://communities.opentext.com/forums/discussion/comment/219787

    minor user information like email addresses etc. is not refreshed in iHub this way.

    Next, edit the SampleRSSE.json file again and run UserCacheRefresh.main(). Now, no more stopping and starting of
    iHub and the RSSE web service is necessary. The call will update the RSSE web service's user cache and iHub's
    user cache consecutively.

    I hope, the code and explanation are helpful to you. I'm an iHub beginner. If I wrote anything wrong, please
    correct me. If you have additional information on this topic, please add it here.

Sign In or Register to comment.