summaryrefslogtreecommitdiffstats
path: root/sandbox/sebastien/java/sca-node/demos/bigbank/README
blob: 5ec796db602af39169bb7a2b4b33264fe9acc847 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
BigBank Demo
============

This application is made of 3 modules that represent the different aspects 
of a fictitious banking application. Please see bigbank.png in the bigbank-account directory for a diagram of this demo.

To run the bigbank-account demo you need to first run bigbank-calculator and bigbank-stockquote composites. This will bring up Tuscany runtime and load the two applications and make them available as services. Bigbank-account is dependent on these services.

This demo uses ant. This is just one way of running this demo. 

Start Bigbank-calculator composite
----------------------------------

Bigbank-calculator is a calculator application which handles add, subtract, multiply and divide operations. Each of these operations is implemented in a different language, including JavaScript, groovy, Ruby and Python.

To run the bigbank-calculator composite and make it available as a service for this demo do the following:

cd bigbank-calculator
ant compile  
ant run

.. Leave the server running

Note that 'ant compile' needs to be done the first time you run this demo out of the binary distribution. No need to do 'ant compile' from there on.

Start Bigbank-stockquote
------------------------

A very simple web services based stock quote application which returns random 
stock quotes on request. Please note that the stockquote service is not live and is implemented instead to allow for this application to always run without dependency on the availability of a webservice.

cd bigbank-stockquote
ant compile  
ant run

.. Leave the server running

Note that 'ant compile' needs to be done the first time you run this demo out of the binary distribution. No need to do 'ant compile' from there on.

Start Bigbank
-------------
The BigBank comprises of two subsystems that are built from two distinct contributions coming from ...
1) bigbank
	This contains all artifacts that make up the bigbank application.  This is the application that the 
	end user interacts with
	
2) bigbank-account
	This contains all artifacts that deal with the account management within the bigbank.  The services 
	offered by the bigbank-account module are used by the bigbank.  The end user never gets to directly 
	interact with bigbank account
	
Besides the bigbank-account the bigbank composite application calls into bigbank-stockquote and 
bigbank-calculator services. 

Start bigbank-account in the following way:

i ) Compile the bigbank-account as follows :
	
	cd bigbank-account					
	ant compile
	
ii) Now start the bigbank service as follows :
	
	cd bigbank
	ant compile 
	ant run

	.. Leave the server running

Note that 'ant compile' needs to be done the first time you run this demo out ofthe  binary distribution. 
No need to do 'ant compile' from there on.

Bigbank and the SCA Policies
----------------------------
The Bigbank demo uses the Tuscany PolicyFramework to enforce security in the following ways:

Authentication
--------------
	The bigbank-account subsystem enforces authentication as a required security characteristic for
	all interactions with its CheckingAccountService.  Hence the 'bigbank' application which is a client
	to this service authenticates itself for every interaction with the CheckingAccountService.  The interaction
	between the bigbank and the CheckingAccountService is over the ws binding.
	
Integrity
---------
	All interactions of the bigbank application with the StockQuoteService are guarded with message integrity.
	These interactions use the ws binding.
	
Authorization
-------------
	Within the bigbank-account subsystem the CheckingAccountService implementation enforces authorization on
	its operations.  This is an instance of a custom policy enforcement i.e. the CheckingAccountService 
	component's implementation has defined its own customized way of authorizing access to its services.
	
Demonstrated features 
---------------------
This demo is to illustrate the following : -
- composition of an application using artifacts belonging to multiple contributions (here two)
- usage of sca policies in composite definitions with specific emphasis on enabling security

	
Run the demo
------------- 
The front end of this demo application is a web app which users Json/RPC to communicate with the backend for retrieving account information. 

To try the app out point you browser at:

http://localhost:8080/AccountJSON.html

This should display an interface with a single button that goes and retrieves 
a single set of account details exercising services across the three running 
SCA applications. 

If you press on getAccountReport, you'll see a response posted, 
but the detail of the data will be displayed in the console where you started bigbank. Among other
things you will note messages that confirm the enforecement of AUTHENTICATION, AUTHORIZATION and
SIGNING of messages exchaged.

On the console where you have started the StockQuote Service you should again be able to see messages
that confirm the signing of messages exchanged.

Stop the demo
-------------
Go to each of the corresponding command line screens and hit 'enter'. 
This will stop each of the applications.