Appboard/2.6/builder/shim reference: Difference between revisions
imported>Jason.nicholls (Created page with '{{DISPLAYTITLE:SHIM Reference}} Category:AppBoard 2.6 This section provides a reference for SHIM: a language that allows runtime context information to be referenced when pro…') |
imported>Mike.berman m (1 revision: updates for 2.6.3 release) |
||
(2 intermediate revisions by 2 users not shown) | |||
Line 1,011: | Line 1,011: | ||
|} | |} | ||
==CyberArk Password Vault== | |||
Edge integrates with CyberArk's Password Vault using their Java SDK. This provides a clean solution that manages password rotation and reduces administrative challenges where an account might be locked when the passwords are changed on the backend systems but not the access information in AppBoard / enPortal. When using the Password Vault you will need to install the CyberArk Credential Provider on the AppBoard / enPortal server. The CyberArk PAS Solution: 'AIM' includes the CyberArk Application Password Provider, and SDKs for the different supported interfaces. | |||
Download "Credential Provider & OPM-Rls-9.6.zip" from the “Root\v9.6\PAS Components\AIM & OPM CD Image” Folder. Within the compressed ZIP file you will find the different distributions of the Credential Provider. Pick the installation you need based on your OS environment. The required library is found on Windows installations at ''C:\Program Files (x86)\CyberArk\ApplicationPasswordSDK\JavaPasswordSDK.jar''. Please refer to CyberArk's installation and configuration manuals when configuring it in your environment. | |||
===CyberArk Expressions=== | |||
''Syntax and Sample Results' | |||
{|class="wikitable" | |||
!Named Sub-Element | |||
!Field Name | |||
!Syntax | |||
!Sample Result | |||
|- | |||
|rowspan="2"|get | |||
| | |||
|${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,object=AIMTest').content} | |||
|password1 | |||
|- | |||
| | |||
|${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,address=server2.company.com,username=root').content} | |||
|password2 | |||
|- | |||
| | |||
| | |||
|${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,object=AIMTest').policyid} | |||
|edgePolicy | |||
|- | |||
| | |||
| | |||
|${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,object=AIMTest').address} | |||
|edgeServer | |||
|- | |||
| | |||
| | |||
|${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,object=AIMTest').database} | |||
|edgeDB | |||
|- | |||
| | |||
| | |||
|${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,address=server2.company.com,username=root').username} | |||
|root | |||
|- | |||
|} | |||
==AppBoard specific== | ==AppBoard specific== |
Latest revision as of 12:44, 20 October 2016
This section provides a reference for SHIM: a language that allows runtime context information to be referenced when processing channels for delivery to Web clients.
Introduction
The Symbolic Hierarchical Information Model (SHIM) is a language construct that allows execution context information to be referenced in property fields and other locations where only literal strings were previously supported. The execution context information that is provided by SHIM has been accessible to portal designers writing Java and JSP code before. However, now this dynamic information is accessible in non-programming locations. For example, the property fields of channels (which can be changed using the channel editor) can have values defined in the SHIM language in order to reference a "symbolic value" rather than a "literal value".
SHIM is an object-oriented language. A set of object types are supported, each of which is comprised of one or more named sub-elements or symbolic names These sub-elements are either properties or methods. In either case the type of the named sub-element can be a primitive type (String, etc.) or another SHIM object.
SHIM is available for use in several execution contexts within the portal system. The SHIM object type details (sub-elements) are consistent across all contexts. The only difference between the contexts is the set of objects exposed at the root level of the SHIM namespace.
Usage Syntax
References to elements of SHIM objects conform to the following syntax:
${shim:path to shim object.primitive element}
where path to shim object is a . separated set of symbols that traverse a series of related SHIM objects, and primitive element refers to a named sub-element of a SHIM object which is a primitive type.
Examples
Table E190 provides some examples of SHIM expressions.
Table E190: Examples of SHIM Expressions
SHIM Expression | Description |
---|---|
${shim:session.actor.user.name} | The user for whom the current processing is being performed. |
${shim:channel.field.myField} | The value of the field called 'myField' that is stored in the current active
channel. |
${shim:now.secs} | The current time in seconds since 1/1/1970 for the current processing
context. |
Contexts For Use
SHIM syntax is available for use in several execution contexts within the portal system. This section identifies these contexts and identifies the root level symbols available in each context. These symbols provide a handle to the SHIM information appropriate for the specified context. From these root level symbols, the SHIM namespace can be traversed according to the types of SHIM objects exposed at the root level.
Proxied Channel Properties
This context refers to the portal server's processing of HTTPProxy channel requests. SHIM symbols that use this context can be used to specify the properties of HTTPProxy channels.
The symbols listed in Table E191 provide a handle to the root level SHIM objects that are available when processing HTTPProxy channels.
Table E191: SHIM Symbols (HTTPProxy Channels)
Named Sub-Element | Type | Description |
---|---|---|
session | SHIM:Session | The session that is associated with the currently processing request. |
channel | SHIM:Component | The proxy channel containing properties defined using the SHIM syntax. |
time | SHIM:Date | Reference for accessing time related functions. |
now | SHIM:Date | Quick access to the current time (as determined at expression evaluation
time on the server). |
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
name | ${shim:channel.name} | ||
location | ${shim:channel.location} | /test/google | |
title | ${shim:channel.title} | ||
desc | ${shim:channel.desc} | An%20instance%20of%20PWTHTTPProxyChannel
%20class | |
protocol | ${shim:channel.protocol} | ||
host | ${shim:channel.host} | ||
port | ${shim:channel.port} | ||
url | ${shim:channel.url} | ||
uri | ${shim:channel.uri} | ||
querystring | ${shim:channel.querystring} | ||
baseurl | ${shim:channel.baseurl} | ||
path | ${shim:channel.path} | ||
field | ${shim:channel.field.p} | ||
proxyCB | call the proxied app | ${shim:channel.proxyCB('http://www.google.com')} | /codedenportalurl/test/google/starturl/http/colon
/slash/slashwww.google.com/colon80/crsFakeRoot |
2nd is a proxied app's url | ${shim:channel.proxyCB(,'http://www.google.com',"/test/yahoo')} | /codedenportalurl/test/yahoo/starturl/http/colon
/slash/slashwww.google.com/colon80/crsFakeRoot | |
3rd is component | ${shim:channel.proxyCB('/azb','http:/show','/direct')} | /codedenportalurl/direct/starturl/http/colon
/slash/slash/colon80/crsFakeRoot/show/azb | |
selfCB | calling itself | ${shim:channel.selfCB()} | /enportal/servlet/pd/vdir/test/google |
${shim:channel.selfCB('test')} | /enportal/servlet/pd/vdir/test/google?requestType=test | ||
relativeCB | |||
absoluteCB | call the specified component | ${shim:channel.absoluteCB('/azb')} | /enportal/servlet/pd/vdir/azb |
${shim:channel.absoluteCB('/azb','edit')} | /enportal/servlet/pd/vdir/azb?requestType=edit | ||
${shim:channel.absoluteCB('/azb','show','param=direct')} | /enportal/servlet/pd/vdir/azb?requestType=show¶m=direct | ||
target | name | ${shim:channel.target.name} | |
host | ${shim:channel.target.host} | ||
port | ${shim:channel.target.port} | ||
protocol | ${shim:channel.target.protocol} | ||
baseurl | ${shim:channel.target.baseurl} | ||
uri | ${shim:channel.target.uri} |
Proxy CRS Rules
This context refers to the portal server's processing of Proxy XML rules. SHIM symbols that use this context can be used to enhance the CRS proxy rules (XML) associated with proxied channels.
The symbols listed in Table E192 provide a handle to the root level SHIM objects that are available when processing Proxy XML rule files.
Table E192: SHIM Symbols (XML Rule Files)
Named Sub-Element | Type | Description |
---|---|---|
config | SHIM:Config | Reference for accessing global system configuration properties. |
session | SHIM:Session | The session that is associated with the currently processing CRS rules. |
channel | SHIM:Component | The component that is associated with the currently processing CRS rules. |
time | SHIM:Date | Reference for accessing time related functions. |
now | SHIM:Date | Quick access to the current time (as determined at expression evaluation
time on the server). |
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
var | ${shim:crs.var. | ||
get | (${shim:crs.var.get(VAR_TEST)} | ||
${shim:crs.var.get(width,channel)} | To get the width of a channel | ||
${shim:crs.var.get(height,channel)} | To get the height of a channel | ||
scope: request, channel, session | |||
set | (${shim:crs.var.set(VAR_TEST, "value')} |
Object Types
This section provides a listing of the SHIM Object Types and their sub-elements.
Actor
Table E193 provides information about the Actor object.
Table E193: Actor Object
Named Sub-Element | Type | Description |
---|---|---|
var(key1,key2,..,key7) | SHIM:Object | The value of a meta property of this Actor.
This method accepts 1 to 7 keys to qualify the meta property that is desired. |
user | SHIM:User | The User associated with this Actor. |
name | primitive:String | The string representation of this Actor. |
role | SHIM:Role | The Role associated with this Actor. |
Collection
Table E194 provides information about the Collection object.
Table E194: Collection Object
Named Sub-Element | Type | Description |
---|---|---|
size | primitive:Integer | Number of items maintained in the Collection. |
index.i | SHIM:Object | The object located at index i of this Collection. |
Config
Table E195 provides information about the Config object.
Table E195: Config Object
Named Sub-Element | Type | Description |
---|---|---|
<configproperty> | primitive:String | The value for the Config property. |
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
${shim:config.logger.config.file} | C:\EdgeCM\programs\eportal\deploy\root/config/
logger-portal.properties |
||
${shim:config.jsp.cookiesexpire} | 604800 |
Component
Table E196 provides information about the Component object.
Table E196: Component Object
Named Sub-Element | Type | Description |
---|---|---|
name | primitive:String | Name of this Component. |
location | primitive:String | Virtual directory location of this Component. |
title | primitive:String | Title of this Component. |
desc | primitive:String | Description of this Component. |
field.fieldname | primitive:String | The value of a named field (property) of this
Component. |
target | SHIM:Target | The target utilized by this Component. |
protocol | primitive:String | Protocol of this Component. (Applies only to
PWTChannel components). |
host | primitive:String | host of this Component. (Applies only to
PWTChannel components). |
port | primitive:String | port of this Component. (Applies only to
PWTChannel components). |
querystring | primitive:String | query string of this Component. (Applies only to
PWTChannel components). |
uri | primitive:String | URI of this Component. (Applies only to PWTChannel
components). |
url | primitive:String | Fully qualified URL of this Component. (Applies only
to PWTChannel components). |
baseurl | primitive:String | baseurl attribute of the Component. |
path | primitive:String | path component of the uri |
proxyCB(requestToEncode)
proxyCB(requestToEncode),current Request proxyCB(requestToEncode,current Request,component) |
primitive:String | Generates an HTTP GET callback request string that
refers proxy encoded URL for the request arguments. |
selfCB()
selfCB(handler) selfCB'handler,params) |
primitive:String | Generates an HTTP GET callback request string that
refers the web client back to this same component. |
relativeCB(relativePath,handler,
params) |
primitive:String | Generates an HTTP GET callback request string that
refers web clients back to a peer component that is located at a relativePath in the virtual directory. |
absoluteCB(absolutePath)
absoluteCB(absolutePath,handler) absoluteCB(absolutePath,handler, params) |
primitive:String | Generates an HTTP GET callback request string that
refers web clients back to a peer component that is located at an absolutePath in the virtual directory. |
Now
Table E197 provides information about the Now date object.
Table E197: Date Object
Named Sub-Element | Type | Description |
---|---|---|
datestr | primitive:String | The date represented by this Date object. Equivalent to
format('MM/dd/yyyy'). Example: ${shim:now.datestr}. |
datetimestr | primitive:String | The date and time string represented by this Date object.
Equivalent to format('hh:mm:ss MM/dd/yyyy'). Example: ${shim:now.datetimestr}. |
format | primitive:String | Formats this Date object according to the formatting
convention defined by the java.text.SimpleDateFormatted class. See the Java API documentation reference for details. Example: ${shim:now.format(’dd.MM.yy’)}. |
msecs | primitive:Long | Milliseconds elapsed since 1/1/1970.
Example: ${shim:now.msecs}. |
offset(numsecs)
offset(offset,offsetunits) |
primitive:Long | Offsets this date by the specified offset in the units
specified. Returns a new Date object. Valid values of numsecs and offset are integers. Valid values for offsetunits are {'sec','msec','hour','minute','month','day','year'}. Example: ${shim:now.offset(200000)}. |
prior | primitive:Long | Parameter must be a valid day of the week. Returns the
last date before Now of the day of week provided. Example: ${shim:now.prior(’Mon’)}. |
secs | primitive:Long | Seconds elapsed since 1/1/1970.
Example: ${shim:now.secs}. |
timestr | primitive:String | The time represented by this Date object. Equivalent to
format('hh:mm:ss'). Example: ${shim:now.timestr}. |
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
${shim:now.format(“dd.MM.yy”)} |
Domain
Table E198 provides information about the Domain object.
Table E198: Domain Object
Named Sub-Element | Type | Description |
---|---|---|
var(key1,key2,..,key7) | SHIM:Object | The value of a meta property of this Domain.
This method accepts 1 to 7 keys to qualify the meta property that is desired. |
name | primitive:String | The name of this Domain (i.e. System). |
Map
Table E199 provides information about the Map object.
Table E199: Map Object
Named Sub-Element | Type | Description |
---|---|---|
size | primitive:Integer | Number of items maintained in the Collection. |
key.key | SHIM:Object | The value of the key named key in this Map. |
Primitives
The primitives supported by Shim are String,Number,Boolean,Character. The value returned on these object types is the toString() function.
Role
Table E200 provides information about the Role object.
Table E200: Role Object
Named Sub-Element | Type | Description |
---|---|---|
var(key1,key2,..,key7) | SHIM:Object | The value of a meta property of this Role.
This method accepts 1 to 7 keys to qualify the meta property that is desired. |
name | primitive:String | The name of this Role (i.e. portalAdministrator). |
ref | primitive:String | The string representation of this Role (i.e. /portalAdministrator). |
Session
Table E201 provides information about the Session object.
Table E201: Session Object
Named Sub-Element | Type | Description |
---|---|---|
id | primitive:String | The string representation of the Session identifier. |
var(varName) | SHIM:Object | The value of the named variable from this session's properties table. |
actor | SHIM:Actor | The Actor that owns this Session. |
credentials | SHIM:Credentials | The Credentials used to login to the portal for the current Session. |
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
id | ${shim:session.id} | 5d1e6e72491408e | |
actor | user | ${shim:session.actor.user} | System?administrator |
name | ${shim:session.actor.name} | /portalAdministration:System?administrator | |
role | ${shim:session.actor.role} | /portalAdministration | |
role.name | ${shim:session.actor.role.name} | portalAdministration | |
var(key1,key2,...,key7) | ${shim:session.actor.var(key1,…key7)} | ||
credentials | username | ${shim:session.credentials.username} | administrator |
password | ${shim:session.credentials.password} | administrator | |
domain | ${shim:session.credentials.domain} | System | |
host | ${shim:session.credentials.host} | 127.0.0.1 | |
useragent | ${shim:session.credentials.useragent} | Mozilla/5.0%20(Windows;%20U;%20Windows
%20NT%205.1;%20en-US;%20rv:1.7.12)% 20Gecko/20050915%20Firefox/1.0.7 | |
get | ${shim:session.credentials.get('password')} | administrator | |
var | get | ${shim:session.var.get('TEST_VAR')} | ${shim:session.var.get(currentView)} |
<var_name> | ${shim:session.var.TEST_VAR} | ${shim:session.var.currentView} | |
[var of Map type] | ${shim:session.var.testMap.size} | ||
${shim:session.var.testMap.key.item1.key.customer} | |||
set | ${shim:session.var.set('TEST_VAR',value)} | ||
delete | ${shim:session.var.delete('TEST_VAR')} |
Target
A Target identifies the location parameters of a HTTP accessible resource.
Table E202: Target Object
Named Sub-Element | Type | Description |
---|---|---|
name | primitive:String | Name of this Target. |
host | primitive:String | IP Host defined in this Target. |
port | primitive:String | IP Port defined in this Target. |
protocol | primitive:String | IP protocol defined in this Target. |
baseurl | primitive:String | baseurl (protocol://host:port) defined in this Target. |
uri | primitive:String | uri defined in this Target. |
User
Table E203 provides information about the User object.
Table E203: User Object
Named Sub-Element | Type | Description |
---|---|---|
var(key1,key2,..,key7) | SHIM:Object | The value of a meta property of this User.
This method accepts 1 to 7 keys to qualify the meta property that is desired. |
name | primitive:String | The name of this User (i.e. guest). |
ref | primitive:String | The string representation of this User (i.e. System?guest). |
domain | SHIM:Domain | The Domain to which this User belongs. |
Utility
Table E204 provides information about the Utility object.
Table E204: Utility Object
Named Sub-Element | Type | Description |
---|---|---|
auth | primitive:String | The authentication tag is the interface between the CRS and the Login
Proxy Service (LPS). This tag allows a user to set, get, remove, or check for login tokens for a particular user, component, or resource. |
cryptor | primitive:String | Includes several utilities for encoding and decoding strings:
Example: ${shim:utility.cryptor.hex.encode(ABCDEF)}. |
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
auth | |||
cryptor | base64 | encode | ${shim:utility.cryptor.base64.encode
(base64 shim crypto utility test)} |
decode | ${shim:utility.cryptor.base64.decode
(YmFzZTY0IHNoaW0gY3J5cHRvIHV0aWxpdHkgdGVzdA==)} | ||
url | encode | ${shim:utility.cryptor.url.encode(p=url&q=
shim&r=crypto&s=utility&t=test)} | |
decode | ${shim:utility.cryptor.url.decode(p%3Durl%26q
%3Dshim%26r%3Dcrypto%26s%3Dutility%26t%3Dtest)} | ||
md5 | hash | ${shim:utility.cryptor.md5.hash(${shim:utility
.cryptor.base64.encode(password)},base64)} | |
hex | encode | ||
decode | |||
utf8 | |||
hexunicode | |||
system | out | ${shim:utility.system.out.println('abc')} | |
system | err | ${shim:utility.system.err.println('abc')} | |
vdir | get | ${shim:utility.vdir.get([path])} |
Other Evaluation
Reflection
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
${reflection:com.edgetech.eportal.redirection.replacement.
SubstituterDataUtil.replace((CRSData) globalData,'COOKIE_VAL','${0}')}${0} |
|||
${reflection:java.lang.Integer.toHexString((int)10)} | |||
Need to enable this class by specifying this line | crs.reflection.class.pattern.Integer=java.lang.Integer |
Vdir
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
get | ${shim:vdir.get([path])} |
Cookie
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
get | ${shim:cookie.get()} | ||
${shim:cookie.get([Cookie Name])} | |||
set | ${shim:cookie.set([Cookie Definition])} | ||
remove | ${shim:cookie.remove([Cookie Name]} |
CyberArk Password Vault
Edge integrates with CyberArk's Password Vault using their Java SDK. This provides a clean solution that manages password rotation and reduces administrative challenges where an account might be locked when the passwords are changed on the backend systems but not the access information in AppBoard / enPortal. When using the Password Vault you will need to install the CyberArk Credential Provider on the AppBoard / enPortal server. The CyberArk PAS Solution: 'AIM' includes the CyberArk Application Password Provider, and SDKs for the different supported interfaces. Download "Credential Provider & OPM-Rls-9.6.zip" from the “Root\v9.6\PAS Components\AIM & OPM CD Image” Folder. Within the compressed ZIP file you will find the different distributions of the Credential Provider. Pick the installation you need based on your OS environment. The required library is found on Windows installations at C:\Program Files (x86)\CyberArk\ApplicationPasswordSDK\JavaPasswordSDK.jar. Please refer to CyberArk's installation and configuration manuals when configuring it in your environment.
CyberArk Expressions
Syntax and Sample Results'
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
get | ${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,object=AIMTest').content} | password1 | |
${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,address=server2.company.com,username=root').content} | password2 | ||
${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,object=AIMTest').policyid} | edgePolicy | ||
${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,object=AIMTest').address} | edgeServer | ||
${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,object=AIMTest').database} | edgeDB | ||
${shim:cyberark.get('appid=EdgeApp,safe=Edge,folder=Root,address=server2.company.com,username=root').username} | root |
AppBoard specific
The following keywords are supported only in AppBoard.
Setting
Table E301 provides information about the AppBoard adapter's Setting object.
Table E301: Setting Object
Named Sub-Element | Type | Description |
---|---|---|
setting | SHIM:Object | The setting object of the AppBoard adapter. |
<attributeName> | primitive:String | An attribute of an AppBoard adapter. |
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
<attributeName> | jdbc:sybase:Tds:${shim:setting.host}:${shim:setting.port}/${shim:setting.dbname};charset=iso_1 | jdbc:sybase:Tds:10.130.6.225:4100/NCOMS;charset=iso_1 |
Query
Table E302 provides information about the AppBoard adapter's Query object.
Table E302: Query Object
Named Sub-Element | Type | Description |
---|---|---|
query | SHIM:Object | The query object of an AppBoard service request. |
<attributeName>(<defaultValue>) | primitive:String | An attribute in an entity associated with an AppBoard service request. The defaultValue is a possible value for the specified attribute. |
Syntax and Sample Results
Named Sub-Element | Field Name | Syntax | Sample Result |
---|---|---|---|
<attributeName>(<defaultValue>) | ${shim:query.state('Maryland')} | Virginia |