|    |
|
|||||
|
|
|||||
| Back to > Overview > Developers Guide |
| Authors: | |
| Szabo Csaba <crow@nolimits.ro> | |
| Antal Attila <atech@nolimits.ro> |
| 1. BEEP server
1.1. Profiles 1.2. Security connection 1.3. Authenticate users 1.4. Data flow controll 2. XML-RPC server |
The best solution for data transmission in Datastore is the use of BEEP server from the beepcore-java project. The BEEP server communication language is based on XML and can use many profiles ( the profile is like a handler in other servers )
Datastore uses four profiles these are the following:
You have two types of security connection. One of them is JSSE. You can use it only if you have the JSSE 1.0.2 package ( you can download it from java.sun.com ). When using the JSSE you don't need private/public keys or certificates, but it is important to know that this security connection uses only the following anonymous cipher suite: TLS_DH_anon_WITH_RC4_128_MD5
The other one is the PureTLS. When using this security connection you need to have in datastore_home directory the followings:
When using this profile you need to add supplimentary configurations for beepserver, where you specify the keys and the certificates. Use the pem section in the config.xml.
Datastore uses the SASL authentication. The BEEP One Time Password (OTP) system generates authentication files in both sides of connection and put it into the directory from where you started the framework or the client. This file contains the coded password, the hash method ( can be MD5 or SHA1 ), the remained sequence for entrance, the seed string for password codification. Every time, when the client connects to the server, the server side authentication file will be updated and the authentication will be valid always. On the client side this file will get the user's name with the otp extension (eg. guest.otp). On the server side this file will get the used database name plus an underscore followed by the user's name with the otp extension (eg. XMLDB_guest.otp).
Datastore has users stored in a datatabase to which the client requests the connection. When you start the framework, the beepserver will syncronize the otp files ( will look for which users in the database don't have this file, and create it ). When you administer users, this file will be created or updated. In the database the user password has stored on predigested mode. This means that nobody can obtain the stored password and every password has the 16 char. length. This is in agreement with BEEP's min. 10 char. password length criteria.
The Anonymous profile was implemented, but it is not used yet by the client programs. It can be disactivated from the configuration file.
For control the data flow Datastore uses the SEP profile. This profile gets the data from client, calls the SEP engine to execute the received commands and sends back the results. The BEEP server has some problems when transmitting large data and that's why Datastore's SEP profile ( that profile is responsable for dataflow ) breaks down into smaller chunks ( default 1024 byte but can use up to 4048 byte ).
The Datastore has Xml-Rpc server not only for Java users. The server can be configured to load many handlers. Each handler will be placed in the xmlrpcserver/handlers directory. The existent handler can take a local BEEP connection and can be used for almost every client application. In the examples directory you have a few examples that show how to use the Xml-Rpc in a few other languages. Each example has hardcoded the needed SEP command for Datastore engine and calls the existing handler method.