Use case descriptions

Table of Contents:



Displaying the Plan query form:

The user requests a Plan query form (via link or whatever).

  1. The WebUI servlet authenticates the user. If no authentication information is available, then it prompts for a username/password.
  2. If we don't yet have a user ID available, then WebUI retrieves a reference to the TaskHeapUINode, and calls its queryReaderManagerNode method with a ReaderQuery message. Since all registered users are Readers, this will get us a valid userID. The ReaderQuery has the match information for the username and password, and specifies zero as the sandTransmitAuthID.
  3. The AuthWeb Authorizer allows the qualified ReaderQuery with sandTransmitAuthID=0 as a special case. It then encrypts and wraps the message for transmission to AuthDB (the authorizer for DBMgr). AuthDB also lets the qualified message through as a special case.
  4. The DBMgr processes the query and returns a ReaderCollection (with a single Reader in it if this is a valid user).
  5. AuthDB sets the sandTransmitAuthID on the response to the uniqueID of the Reader. It then retrieves the AuthUser for this ID by calling the getUserForID method of DBMgr. This direct callback is possible because DBMgr implements AuthUserLookup, and DBMgr is configured as the lookup for AuthDB.
  6. DBMgr.getUserForID checks the node IDCache for the specified ID. If not found, it retrieves an AuthUser instance through the TaskHeapUserLookup class. TaskHeapUserLookup factors the AuthUser lookup processing using the calling node directly for query processing. It first issues a ResourceQuery (using the specified ID as both the Resource uniqueID and as the sandTransmitAuthID). If nothing matches, then it does the same with a ReaderQuery. The retrieved Resource or Reader is returned as the AuthUser instance.
  7. DBMgr adds the result to its cache and returns it.
  8. AuthDB scrubs the ReaderCollection data using the AuthUser instance and the AuthFilterTaskHeap AuthFilter. The ReaderCollection is then wrapped and returned to AuthWeb.
  9. AuthWeb receives the wrapped ReaderCollection, unwraps it, and passes it on to TaskHeapUINode, whose query method was called directly by WebUI. WebUI now has ReaderCollection and the user is authenticated (provided the collection wasn't empty).
  10. Using the ID from the returned Reader instance, WebUI calls the getUserForID method of TaskHeapUINode (TaskHeapUINode implements AuthUserLookup). TaskHeapUINode checks its IDCache for the ID, if not found then the AuthUser is retrieved via TaskHeapUserLookup, added to the cache and returned.
  11. WebUI checks whether this AuthUser instance is authorized for a PlanQuery message by calling AuthFilterTaskHeap. If not, it displays an authorization error.
  12. WebUI creates a UIFormContext with the PlanQuery, specifying the authenticated sandTransmitAuthID in the message. The Plan query form is filtered for display by passing the AuthUser instance and the AuthFilterTaskHeap into the FormAdaptor. The form is displayed after cosmetic changes via XSL transform.

At completion, both TaskHeapUINode and DBMgr have the AuthUser cached for retrieval based on the ID. That means all the info for subsequent authorization is available in cache at both the webserver and dbserver machines.

TOC


Processing the Plan query:

The authenticated user submits a Plan query form:

  1. WebUI retrieves the UIFormContext via the FormAdaptor. It then extracts the PlanQuery message from the UIFormContext and calls the queryPlanManagerNode method of the TaskHeapUINode.
  2. AuthWeb adds any addition match specifications to the query. So if the AuthUser is a Reader, then visibility!=HIDDEN will be added to the match criteria.
  3. AuthDB verifies the additional match criteria are present.
  4. DBMgr processes the PlanQuery, returning a PlanCollection result.
  5. AuthDB scrubs the PlanCollection data according to the AuthUser info.
  6. AuthWeb passes the PlanCollection on to TaskHeapUINode, which returns it to WebUI.
  7. WebUI creates a UIFormContext with the resulting PlanCollection and calls the FormAdaptor, passing the AuthUser and AuthFilterTaskHeap to filter the display appropriately. The form is displayed after cosmetic changes via XSL transform.

TOC










© 2003 SAND Services Inc.
All Rights Reserved.