1 / 62

WebSphere Application Server for z/OS V5: Introduction

WebSphere Application Server for z/OS V5: Introduction. Unit Objectives. After completing this unit, you should be able to prepare a conceptual base for the rest of the class in these areas: Java programming and OO concepts The role of Enterprise Java Beans in distributed Java applications

jburton
Télécharger la présentation

WebSphere Application Server for z/OS V5: Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WebSphere Application Server for z/OS V5:Introduction

  2. Unit Objectives After completing this unit, you should be able to prepare a conceptual base for the rest of the class in these areas: • Java programming and OO concepts • The role of Enterprise Java Beans in distributed Java applications • The original Java application functionality provided by WebSphere V3.5SE and WebSphere V4.0x • The Java application architecture described by the JavaSoft J2EE J1.3 specification • The WebSphere for z/OS Version 5 (WebSphere V5) runtime environment, and the functional support provided by other products for WebSphere V5 applications • How applications are developed and deployed into a WebSphere V5 cell • e-business scenarios for WebSphere V5

  3. What Is WebSphere Version 5.1? • WebSphere V5.1 is an infrastructure for open e-business applications supported on all IBM hardware servers • WebSphere V5.1 for z/OS applies to zSeries only • WebSphere V5.1 for distributed platforms applies to other IBM servers • Provides a platform for deployment and execution of Java applications and web services • Consists of two separate products: • WebSphere Application Server Version 5.1 • WebSphere Business Integration Server Foundation Version 5.1 • WebSphere Application Server V5.1 for z/OS • Required base platform for executing J2EE applications - installed first • WebSphere Business Integration Server Foundation V5.1 for z/OS (often called WBISF for z/OS) • Optional - installed on top of WebSphere Application Server V5.1 • Adds support for Java business processes and IBM J2EE programming extensions

  4. WebSphere 5.1: Major Themes (1 of 2) • WebSphere Application Server V5.1 for z/OS • J2EE 1.3 Compliance • EJB 2.0, servlet 2.3, JSP 1.2 • Integrated, built-in JMS provider • Interoperable naming service • J2EE 1.3 security: Java 2 security, JAAS, enhanced pluggable authentication • Extended Web services support • Enhanced SOAP support, private UDDI registry, UDDI utilities • Web services gateway • Open, flexible administration model • Based on Java Management Extensions (JMX) • Provides improved failover capability and high availability • User interface enhancements and application management • Standard programming model extensions (coming on z/OS)

  5. WebSphere 5.1: Major Themes (2 of 2) WebSphere Application Server V5.1 for z/OS (cont) • Family Programming Model Convergence • Common architecture for z/OS and Distributed editions • Common code base (some differences that exploit z/OS QoS) • Common administration model - GUI and scripting • Common terminology and topology (still continue to exploit z/OS Sysplex) • One set of development tooling: WebSphere Studio Application Developer WebSphere Business Integration Server Foundation V5.1 for z/OS • Supports WebSphere Business Process Choreography • Tools and functions to construct new business applications by reusing existing services packaged as J2EE components • Uses GUI type interface and workflow approach to connect existing services • Provides enhanced business objects for J2EE applications • Advanced application enablement functions for J2EE

  6. EJBs JSPs, servlets JSPs EJBs servlets MDBs Enterprise Edition 3.02 Standard Edition 3.02 and 3.5 WebSphere Application Server for z/OS &OS/390 V4.01 WebSphere Application Server for z/OS V5.0 WebSphere Transport Handler WebSphere Transport Handler IBM HTTP Server for z/OS WebSphere V4 and V5 on OS/390 and z/OS WebSphere Application Server for OS/390 and z/OS • WebSphere Application Server V3.02 and 3.5 Standard Edition for OS/390 • WebSphere Application Server V3.02 Enterprise Edition for OS/390 • WebSphere Application Server V4.01 for z/OS and OS/390 • WebSphere Application Server for z/OS V5.0 (only supports OS/390 V2R10)

  7. WebSphere Business Integration Server Foundation (WBISF) for z/OS V5.1 JSPs EJBs servlets MDBs Programming extensions Business processes WebSphere Application Server for z/OS V5.1 WebSphere Transport Handler IBM HTTP Server for z/OS WebSphere V5.1 on z/OS • WebSphere for z/OS V5.1 requires z/OS V1R2 or higher • WBISF V5.1 is installed on top of WebSphere for z/OS • Java 1.4.1 SDK is shipped with WebSphere V5.1

  8. Java Components: JavaBeans Java beans are ... • The software component model for the Java language, • Architecture and platform-neutral API, • Written entirely in Java. • write once and run everywhere, • Simple (easy to learn) and compact (distribution) • Assembled withApplication builder tools. Enterprise JavaBeans (EJBs) are a special kind of Java beans • Transactional • Multi-user Secure • Scalable

  9. The J2EE Application Model • Components • The key focus of application developers - these are the EJBs, servlets, JSPs, and clients. • Many component behaviors can be specified at deployment time, rather than in program code. • Containers • Provide services to components transparently, including transaction support and resource pooling. • Containers and connectors conceal complexity and promote portability. • Connectors • Sit under the J2EE platform, defining portable service APIs to plug into existing enterprise vendor offerings. • Connectors promote flexibility by enabling a variety of implementations of specific services.

  10. EJB Server • "Server" is a very overloaded term: • System, Server Application, Server Address Space, Server Instance, Generic Server. . . EJB Server • Server manages the EJB environment • Naming • Transaction • Persistence • . . . Session Bean Container Entity Bean Container Session Bean Entity Bean • Container • Provides a home for EJBs • Required for transactions • Manages session beans or entity beans Persistence Naming Transaction

  11. EJB Module/Container EJB Container EJB Module Manifest • WAS/390 supports 2 container types: • EJBs • Web components install Bean Bean deploy Deployment Descriptor • Coordinates transactions • Controls entire bean life cycle • create • activate • deactivate (passivate) • persist • destroy • Security • Contains one or more beans of the same type Java ARchive Format JAR (.class files)

  12. Session Beans and Entity Beans Session Bean Entity Bean • Properties • Methods • Events • Properties • Methods • Events • Most of the business logic in these methods • Property values are not rolled back following an abort • Represents long-term data • Container stores properties in database between usage • Recalls bean when requested EJB Server Container Container Entity Bean Home Session Bean Home DB2 Entity Bean Session Bean Client

  13. Session Beans • Session beans have no persistent state • Contain business logic - extensions of the client • Can connect to EIS resources (DB2, CICS) • Stateful session beans maintain "conversational state" • Can be passivated • In memory if possible, in DB2 if necessary • Can move from one server instance to another if necessary • Example: shopping cart • Stateless session beans do not maintain conversational state • Can be pooled and reused by any client • Workload-balanced across replicated servers • Example: calculator with no memory Session Bean • Properties • Methods • Events

  14. Entity Beans • Entity beans are persistent • Represent an instance of data (within a collection) • Identified by a Primary Key • Backed by a database or back-end application • Container-ManagedPersistence (CMP) • Standard WAS V5.1 base: DB2 via JDBC • (no connectors to CICS, IMS, ...) • With WBISF V5.1: extended to include web services, stored procedures, and JCA adapters • Bean-ManagedPersistence (BMP) • DB2 via JDBC or SQLJ • CICS • IMS • Other .... Entity Bean • Properties • Methods • Events

  15. EJB Architecture • Home Interface provides methods for creating, destroying, and locating EJB EJB Server Container Deployment Descriptor EJBHome EmployeeHome Web Client Enterprise Bean EmployeeBean EJBObject Employee EJB Context Persistence Naming Transaction • Remote Interface defines the business methods offered by an EJB

  16. EJB Local Interface - EJB 2.0 EJB Server EJB Server JVM 1 JVM 2 Session or Entity Remote Interface ORB EJB Client (Servlet/EJB) Remote Interface EJB 2.0 ORB Session or Entity LOCAL Interface New Session or Entity • Local interface: Target EJB and client located in same JVM • Most of the EJB clients in a typical application reside in the same JVM • EJB can provide both remote and local interface

  17. JMS and MDB Support in J2EE 1.3 • JMS/XA support mandatory in J2EE 1.3 specification • Message processing becomes part of an extended transaction • However, transaction context does not flow with the message itself • Message production and consumption is part of two separate transactions • Message-driven beans • Part of EJB 2.0 spec • Special EJB type • Oriented to processing messages • Provides asynchronous processing model • Listens on JMS destinations Inbound MDBListener Message GET Message PUT Client Program MDB Business Bean Message GET Message PUT EJB Container Outbound J2EE Server Core

  18. Contents of IBM for z/OS SDK 1.4.1 Development Tools and APIs Java Compiler Java Debugger Javadoc JPDA Deployment Technologies JavaTM Web Start JavaTM Plug-in JavaTM Plug-in JavaTM Plug-in Swing AWT AWT User Interface Toolkits Sound Input Methods Java 2DTM Accessibility J2SE APIs RMI JDBCTM JNDITM CORBA SDK Integration APIs XML Logging Beans Locale Support Preferences Collections JNI Security JRE Core APIs Lang Util New I/O Networking Java HotspotTM Client Compiler Java HotspotTM Java HotspotTM Java HotspotTM Server Compiler Java Virtual Machine Java HotspotTM VM Runtime Java HotspotTM Java HotspotTM VM Runtime z/OS UNIXes Windows Other System platforms SDK conforms to Java 2 Platform, Standard Edition (J2SE) 1.4.1 specification

  19. How Java Standards Affect WebSphere EJB Container Web Container J2EE standards EJB Servlet JSP J2EE APPLICATION PLATFORM J2EE standards J2SE APIs JTA/JTS JAXP JMS Servlets JSP JDBC EJB JAAS Connectors JavaMail J2EE + Web services APIs J2SE runtime WebSphere classes SDK for z/OS V1.4 J2EE runtime J2SE JVM J2EE Product Provider WebSphere for z/OS Application threads, container, extended runtime JDBC SPI J2EE standards Connector SPI • DB2 • CloudScape • .... • CICS • IMS • .... Relational Database Managers Enterprise Information Managers

  20. WebSphere 5.1: J2EE Standards Checklist J2EE Standard Level WebSphere V5.1 J2SE 1.4.1 Standard Level WebSphere V5.1 J2EE Fully certified and part of Sun's JCEE list RMI-IIOP RMI protocol 1.3.1 1.4.1 JIDL/CORBA ORB support 1.4.1 J2SE Only the core APIs 1.4.1 JNDI Naming service 1.4.1 HTTP/S Client access 1.1 Security 1.4.1 JGSS, JCE, JSSE, CertPath EJB EJB 2.0, 1.1 support 2.0 Servlet Servlet 2.3 2.3 JSP JSP 1.2 1.2 JTS/JTA with distributed transactions 1.0 JMS With Native Provider, and MQ plug-in 1.0.2 Web Services Standards Level WebSphere V5.1 JDBC 2PC across hetero- geneous databases 2.0 Javamail,JAF Plus Domino support 1.2 JAX-RPC XML RPC (JSR 101) 1.0 J2C Bean, container mgmt 1.0 UDDI WS directory 2.0 JAXP XML in EJBs 1.0 SOAP XML message protocol 2.3 JAAS authentication service 1.0 Web services for J2EE WS infrastructure in J2EE (JSR 109) 1.1 JMX 1.0 (pending)

  21. What about CICS TS 2.2 and EJBs? • CICS TS Version 2 supports EJB session beans • Supports servers that exploit existing and new CICS applications • Good way for CICS installations to add Java 2 EE applications • CICS provides J2EE services for core transactional servers • Session beans can drive CICS J2C connectors • No services for a broad web-application server • No runtime for Java servlets, JSPs, or entity beans • CICS and WebSphere work together • CICS session beans drive EJBs in WebSphere. • WebSphere JSPs, EJBs drive CICS session beans

  22. What about WebSphere on Linux? • Linux and z/OS benefit from zSeries hardware - example IEEE H/W assist • z/OS highly optimized for zSeries hardware compared to Linux for z/Series • WebSphere for z/OS V5 explicitly uses z/OS QoS capabilities, unlike Linux Portable Java Components Portable Java Components Portable Java Components WebSphere AE WebSphere for z/OS WebSphere AE Fully exploit zSeries, z/OS No differentiation Provides z/OS functionality and availability Linux for zSeries No differentiation z/OS Linux Relative HW advantage Relative HW advantage RISC/Intel zSeries zSeries "Traditional" S/390 customers requiring high QoS and integration with CICS, IMS or DB2 will be best served by WebSphere for z/OS. "New" S/390 customers requiring speedy deployment with less stringent requirements will be attracted to WebSphere on Linux for zSeries.

  23. WebSphere for z/OS V5.0 On z/OS V1Rx, OS390 V2R10 • Evolutionary change for J2EE apps, revolutionary for WebSphere administration • Uses standard (distributed) WebSphere admin GUI, scripting API, admin security and system management data model • Uses a single HFS data set for configuration repository, application storage and Java namespace - again conforms with distributed product WebSphere V5.0 J2EE Containers HTTP(S) IMS Trans. HTTP Transport Handler Web Container EJB Container S JMS Server HTTP server w/ redirection IIOP E HTTP(S) M Firewall J IIOP enterprise information systems SOAP IBM HTTP Server J2EE 1.3 platform CICS Trans. plugin (includes SDK 1.3.1) HTTP(S)

  24. WebSphere for z/OS V5.1 z/OS V1R2 and upwards • Optional Web Services Gateway provides fully scalable web service support • Migration utility can migrate WAS V5.0 configuration to WAS V5.1 • Very close conformity to distributed product - SDK level is 1.4.1, now using the WSAD based Assembly Toolkit instead of the AAT WebSphere V5.1 HTTP(S) J2EE Containers HTTP Transport Handler IMS Trans. Web Container EJB Container S Web Services Gatway HTTP server w/ redirection IIOP E HTTP(S) Firewall JMS Server J IIOP enterprise information systems M SOAP IBM HTTP Server J2EE 1.3 platform CICS Trans. plugin (includes SDK 1.4.1) HTTP(S)

  25. Packaging Modules - WebSphere V5.1 Distributed Node Agent App Server Deployment Manager Network Deployment Base App Server • Two product packages - can be ordered and installed separately • "WebSphere V5 Enterprise Edition" V5.0 has been replaced by "WebSphere Business Integration Server Foundation" V5.1 z/OS Node Agent Deployment Manager App Server • Single product package " WebSphere Application Server for z/OS"

  26. Targets Sysplex environment Focus is on scalability, availability, and performance Clustering and failover support Web Services functions Full JSR101/JSR109 support Contains private UDDI Registry Web Services Gateway Full J2EE 1.3 support Uses IBM SDK 1.4.1 Administrative model Based on Java Management Extensions (JMX) framework Browser-based administration console XML-based configuration repository Role based administration security Scripting interface based on BSF, JACL Security Java 2, JAAS, CSIv2, JCE, JSSE Test database product Ships Cloudscape for samples Uses Assembly Toolkit to assemble applications Enhanced migration tooling V4.0.1 to V5.1, V5.0 to V5.1 Coexists with any of z/OS products V3.5SE, V4.0x, and V5.0 Supports mixed V5.0 and V5.1 cell WebSphere Application Server for z/OS V5 Node Agent Deployment Manager App Server WebSphere Application Server for z/OS

  27. WebSphere V5 - Basic Architecture • Application Server (Instance) • A server process for deploying J2EE applications • Contains a Web container, EJB Container, naming services • Node • Grouping of servers for configuration and operational management • Cannot span the scope of a machine/LPAR • Cell • Network of multiple nodes • Single point of administration Cell (1..n Nodes) Node (1..n Servers) Purchase Order Server Policy Server Server Instance Server Instance

  28. More on Cells and Nodes Admin Console Cell Z z/OS Node z1 z/OS S Node z3 Linux Node z2 S S Cell A Node a1 S S S Cluster Windows Node a2 AIX • z/OS cells cannot span the scope of a sysplex • z/OS and non-z/OS systems cannot participate in same cell • z/OS and non-z/OS cells can be managed with a single tool S S Node a3 S S Cluster • Cluster • Set of application servers with the same applications installed • Grouped logically for workload management and failover • Can span multiple nodes within a cell BUT cannot span cell boundaries • An application server which is part of a cluster is called a cluster member

  29. Configuration Management Topologies Check-out, Check-in Cell-wide configuration repository Cell Manager Node B Node A Node Agent Node Agent Process B Process A (App Server) Process A Process B Node configuration repositories (JMS Server) (App Server) (App Server) • Cell manager • Manages distributed topology in the cell • Communicates with Node Agents • Contains the administrative application for a cell • Manages files in a central configuration repository • Node Agent • Manages servers which are part of the node • Manages configuration files for the node • Communicates with Deployment Manager and application servers situated on the same node

  30. Topology - WebSphere for z/OS V5 Cell (WebSphere Cell can span z/OS LPARs) WebSphere Node Instance Daemon CR = Controller Region SR = Servant Region Message Broker Application Server Instances System Server Instance Naming Service Node Agent Naming Service Cell Mgr Queue Manager Server instance CR SR HTTP TH Node Repository Cell Repository HFS HFS • Repositories contain configuration, naming information, and applications • Entry level WebSphere V5 configuration = Base Application Server • Single z/OS, single node - Daemon and 1-n application servers, uses node repository • Multi-node configuration = Network Deployment environment • Multiple nodes, 1-n z/OS systems, in same z/OS sysplex • Ordinary node - daemon, node agent, 1-n application servers, use node repository • Deployment manager node - cell manager, use cell repository

  31. WebSphere for z/OS Configuration Types Base Application Server Network Deployment Configuration Cell Cell Cell Repository HFS Daemon Daemon Z/OS Admin Console Node JMS Server Node Deployment Manager Daemon App Server #1 JMS Server JMS Server Node Node App Server Node Agent App Servers Node Agent App Servers HFS Cell Repository Admin Console Node Repositories HFS HFS • Servers are called unmanaged application servers • Servers are called managed application servers

  32. WebSphere V5 Multi-System Structure • Infrastructure • CFs • DB2 data sharing • IMS, CICS (VSAM) data sharing for clustered application servers • TCPIP DNS or Network Dispatcher • WebSphere for z/OS • Location service daemon is replicated across all systems • Application servers may be replicated • Supports Transaction Mgrs • Supports CICS and IMS access on local or remote instances • Security • One RACF DB WebSphere V5 WebSphere V5 Cell sysplex WebSphere V5 WebSphere V5 A WebSphere for z/OS cell can include nodes resident on one or more z/OS systems in a sysplex, sharing work across all LPARs

  33. WebSphere for z/OS System Structure • Infrastructure • WLM goal mode • RRS (LOGR) • TCPIP • WebSphere for z/OS • Location service daemon • Application servers • Supporting transaction Mgrs • CICS TS V1.3 or CICS TS V2.2 - local or remote • IMS V8 - local or remote • Users - local • Fat C++ clients • Servlets / JAVA clients • Users - remote (not shown) • Security • RACF/SAF - local • SSL, Kerberos ZOS1 Cell D CR SR HFS optional Base infra- structure tcp rrs wlm

  34. Why USS HFS? • WebSphere V5 SMP/E Installation target: • WebSphere distribution files in /usr/lpp/zWebSphere/V5R1M0 • Java component in /usr/lpp/java/IBM/J1.4 • Integrated JMS code in /usr/lpp/mqm/V5R3M1 • Server and application configuration and run-time data kept on a separate file system • Default mount point for configuration files - /WebSphere/V5R1M0... • HFS file sharing not required in a sysplex - administration tool ensures data integrity over concurrent system updates / (root) WebSphere etc u tmp usr lpp sysadm1 user1 V5R1M0 IBM code java/IBM mqm zWebSphere J1.4 V5R3M1 V5R1M0 Configuration Data

  35. Why LOGR? ZOS1 • LOGR services required for merged logstreams • WebSphere for z/OS • RRS • (CICS, IMS, and so on) • DASD versus Coupling Facility: • DASD okay for sandbox & monoplex • CF required for: • Best performance • Multi-system logs Cell D CR SR LOGR HFS optional Base infra- structure tcp rrs wlm

  36. Why RRS? • Required for running 2-phase commit: • Supports different & multiple resource managers: WebSphere, DB2, IMS, CICS, APPC • This differentiates WebSphere for z/OS from other Web application servers • Subsystem use varies by product: • Optionally use RRS if it is active when they initialize: APPC, IMS, MQ, DB2 • Need be told to use RRS when they initialize: CICS • Require RRS to be active when they initialize: WebSphere for z/OS ZOS1 Cell D CR SR RRS HFS optional Base infra- structure tcp rrs wlm

  37. Why WLM Goal Mode? • Control Region • Receives request • Classifies request • Queues Request • WLM • Manages queued requests • Starts/stops Server Regions as necessary • Monitors system resources • Manages to installation goals • Server Region • Selects work for given Service Class • Application code executes here ZOS1 Cell D WAS Servant Region CR SR WAS Control Region WAS Servant Region WLM Q HFS "WebSphere Server" WAS Servant Region optional Base infra- structure tcp rrs wlm

  38. Hardware Prerequisites • WebSphere for z/OS requires: • Processors that support z/OS V1R2 or higher • zSeries, Multiprise, 9672 G2 and up • Strongly recommended: • IEEE floating point hardware • Need G5 or later • IP network attachment • For connectivity to servers

  39. SSL TCP/IP RACF USS WLM RRS SDK Software Prerequisites • Release z/OS V1R2 and up • Security Server (RACF or equivalent) • TCP/IP • UNIX System Services with HFS • RRS • System Logger • WLM Goal Mode • Language Environment (LE) • Languages • Java 2 SDK 1.4.1 or higher

  40. The Install Challenge • So many names (300+), so many tasks (40+ jobs). . . UNIX sysprog SysProg System Parmlib System Loadlibs Appl. Asm. HFS files System Proclib Error logstream Application executables WebSphere V5 Install & Customize RRS logstream DBA Application tables TCP/IP ports Comm. Spec. ARM policy RACF database Security Admin. WLM policy Perform. Analyst

  41. Overall Implementation Flow • Set up Infrastructure • Basic system parms, TCP/IP, and so on • Logger, RRS • WLM application environments* • Error log stream • RACF definitions • USS, HFS • Set up WebSphere V5 Base Application Server • Configuration HFS data set • HFS files • Base application server configuration files • Tailor procedures and parameters • Customize server start Only necessary with back-level z/OS V1R2 system *

  42. WebSphere V5 Customization Dialog • An ISPF application used for • Customization of WebSphere security environment • Initial installation of first base application server • Installation of new WebSphere V5 nodes • Installation of integrated Java Messaging System provider • Installation of initial Network Deployment structure (deployment manager) • Federation of base node into an existing Network Deployment-capable cell • --------------+ Websphere for z/OS Customization +----------------- • Option ===>__ • Use this dialog to customize WebSphere Application Server for z/OS.. • 1 Configure security domain • 2 Configure base Application Server node. • 3 Configure integral JMS provider • 4 Configure Deployment Manager node • 5 Federate base Application Server node Saved dialog variables • All dialog options provide capability to • Save customization variables for the active dialog to a file • Restore customization variables from the file into an active dialog

  43. Enter Your Installation Data... • 12-15 panels to fill in Installation-specific names and values • You will need to consult with specialists in your installation. • Variables validity-checked, and tracked for completeness. ----------------- WebSphere for z/OS Customization ------------------ Option ===> 1 Define Variables to configure base Application Server node Specify a number and press ENTER to define the WebSphere variables. You should review all of the variables in each of the sections, even if you are using all of the IBM-supplied defaults. Once you complete all sections, press PF3 to return to the main menu. Completed? 1 - System Locations (directories, HLQs, etc) Y 2 - System Environment Customization Y 3 - Server Customization Y 4 - Security Customization Y

  44. Generate Installation Jobs, and so on • Input parameters checked for validity and consistency • Job streams and data written to user-specified PDS • Customized instruction document created to guide the installation • Manual Configuration Instructions • WLM application environments • Parmlib updates (SCHED, PROG, SMFPRM, BPXPRM, TCPIP, CFRM) • Automation updates • Configuration jobs, description, userid required for submission, and check-off Jobname Description & Instructions BBOMSGC Userid required: SYSxxx authority BBOERRLG This job creates the error logstream BBORRSLS Note: Check xxx BBOCBRAC Verify the output with your security administrator . . . (start-up) Enter these commands . . . IVT

  45. WebSphere V5 Security Mechanisms • Security in WebSphere V5 server infrastructure • RACF profiles and permissions • HFS file/directory permission and ownership • Administrator tool security • Security for application deployment • SSL • Kerberos • EJB roles and RunAs support • Cryptographic support • JAAS • CSIv2 "EJBs are multi-user secure."

  46. The Security Challenge • Authorize servers to infrastructure services • z/OS constructs, database managers, transaction • Distinguish between control regions versus servant regions • Distinguish between system servers and application servers • Authorize users to servers, and objects within servers • Local users versus remote users • Authenticated users versus unauthenticated users • Web applications versus EJBs • Map other credentials into RACF userids • Kerberos • SSL • Access control to RACF classes

  47. EJB Architecture "Roles" • Enterprise Bean Provider • Application Developer • Application Assembler • Combines EJBs into deployable applications • Deployer • Installs ear files in runtime environment • Product Server, Container and Tool Provider • OS, database, or middleware vendor • Provides deployment tools and runtime support • System Administrator • Configures and manages systems and networks

  48. Development/Unit test Environments WebSphere Studio Application Developer (WSAD) V5.1.1 WebSphere Studio Application Developer Integration Edition (WSAD-IE) V5.1 Assembler Toolkit Deployment/Runtime Environments: z/OS platform - availability, QOS, clustering, resources WebSphere for z/OS provides full J2EE 1.3 (no local development tools) Development - Deployment "Best of Both Worlds"

  49. Win2K/XP z/OS WSAD IE V5.1 "develop" Server Instance DD RAR App DD DD SR CR WAR JAR "load" 5 1 2 config HFS temporary HFS Assembly Toolkit RAR JAR EAR DD DD 3 DD WAR 2 EAR "copy" "assemble" "deploy" WebSphere V5 Administration Application Admin Client wsadmin.sh 4 4 "deploy" WebSphere V5 Application Deployment

  50. Application Server Toolkit • Install the Application Server Toolkit (ASTK) • The ASTK contains • Assembly Toolkit • Client Configuration • Things you can do with the Assembly Toolkit: • Create/Edit J2EE modules • Create/Edit J2EE Applications (EARs) from J2EE modules • Modify the Deployment Descriptor information • Modify the JNDI binding information attributes • Resolve references, links to other beans, and resources

More Related