BigBank Demo ============ This application is made of 3 modules that represent the different aspects of a fictitious banking application. Please see bigbank.png for a diagram of this demo. To run the bigbank demo you need to first run bigbank-calculator and bigbank-stockquote composites. This will bring up Tuscany runtime and load the two applications and make them available as services. Bigbank-account is dependent on these services. To run this demo you need to use ant to compile and run the application. Start Bigbank-calculator composite ---------------------------------- Bigbank-calculator is a calculator application which handles add, subtract, multiply and divide operations. Each of these operations is implemented in a different language, including JavaScript, groovy, Ruby and Python. To run the bigbank-calculator composite and make it available as a service for this demo do the following: cd bigbank-calculator ant run .. Leave the server running Start Bigbank-stockquote ------------------------ A very simple web services based stock quote application which returns random stock quotes on request. Please note that the stockquote service is not live and is implemented instead to allow for this application to always run without dependency on the availability of a webservice. cd bigbank-stockquote ant run .. Leave the server running Start Bigbank ------------- The BigBank comprises of two subsystems that are built from two distinct contributions coming from ... 1) bigbank This contains all artifacts that make up the bigbank application. This is the application that the end user interacts with 2) bigbank-account This contains all artifacts that deal with the account management within the bigbank. The services offered by the bigbank-account module are used by the bigbank. The end user never gets to directly interact with bigbank account Besides the bigbank-account the bigbank composite application calls into bigbank-stockquote and bigbank-calculator services. Start bigbank application in the following way: cd bigbank ant run .. Leave the server running Bigbank and the SCA Policies ---------------------------- The Bigbank demo uses the Tuscany PolicyFramework to enforce security in the following ways: Authentication -------------- The bigbank-account subsystem enforces authentication as a required security characteristic for all interactions with its CheckingAccountService. Hence the 'bigbank' application which is a client to this service authenticates itself for every interaction with the CheckingAccountService. The interaction between the bigbank and the CheckingAccountService is over the ws binding. Integrity --------- All interactions of the bigbank application with the StockQuoteService are guarded with message integrity. These interactions use the ws binding. Authorization ------------- Within the bigbank-account subsystem the CheckingAccountService implementation enforces authorization on its operations. This is an instance of a custom policy enforcement i.e. the CheckingAccountService component's implementation has defined its own customized way of authorizing access to its services. Demonstrated features --------------------- This demo is to illustrate the following : - - composition of an application using artifacts belonging to multiple contributions (here two) - usage of sca policies in composite definitions with specific emphasis on enabling security Run the demo ------------- The front end of this demo application is a web app which users Json/RPC to communicate with the backend for retrieving account information. To try the app out point you browser at: http://localhost:8085/AccountJSON.html This should display an interface with a single button that goes and retrieves a single set of account details exercising services across the three running SCA applications. If you press on getAccountReport, you'll see a response posted, but the detail of the data will be displayed in the console where you started bigbank. Among other things you will note messages that confirm the enforecement of AUTHENTICATION, AUTHORIZATION and SIGNING of messages exchaged. On the console where you have started the StockQuote Service you should again be able to see messages that confirm the signing of messages exchanged. Stop the demo ------------- Go to each of the corresponding command line screens and hit 'enter'. This will stop each of the applications.