Secure BigBank Demo
===================

This is a copy of the big-bank demo with modifications to demonstrate the use of policies to enforce
certain security aspects.  We hope to evolve this further adding more flavours of security.   Here
is an overview of how this copy of the big-bank demo differs from the original...


*) The AccountDataServiceComponent which used to return a customers savings, checkings and stock account
data has been replaced with three independent components for savings, checkings and stock accounts.  These 
components provide services related to obtaining a customer balance etc.  
        -  Out of these three, the Checkings and  Stock service components are bound to the big-bank 
        thro webservices while the Savings Account service component uses the SCA Binding.
        -  The Chekings Account webservice enforces authentication as a security reqiurement.  Hence all
        service requests between the bigbank and the Checkings Account service are authenticated
        -  Additionally the Checkings Account Implementation enforce authorization checks that ensure that
        only the owner of accounts access their details.  
        - Here we demonstrate how the 'authenticated' user token credentials are passed from the CheckingsAccount
        webservice over to the CheckingsAccount implementation for authorization checks.   
        
*) The StockQuote webservice is adorned with 'integrity' i.e. all communications between the bigbank and
the StockQuote webservice and signed to ensure integrity of data exchanged. To honour this requirement the 
StockQuote reference of the big-bank is also adorned with 'integrity' as a security requirement. 

The overall picture is that when the Customer is requesting account details from the bigbank, the bigbank seeks
the services of the Savings, Checkings and Stock Account Components. In seeking the service of the Checkings 
Account compoent the the big-bank compoent authenticates itself.  The Checkings Account component further checks
if the athenticated user token passed by the bigbank is authorized to access the account in question.  This is one 
lap where security has been enforced.  Another lap is when the bigbank component refers to the StockQuote webservice
to compute the stock value for a customer.  Here all communications are signed to ensure integrity of data exchanged
between the bigbank and StockQuote webservice.

When you run this demo you will observe various console messages that reflect the enforcement of authentication
and authorization and integrity at varoius points of this application.


Bigbank - General Information
-----------------------------

The application is made of 3 modules that represent the different aspects 
of a fictitious banking application. Please see bigbank.png in the secure-bigbank-account 
directory for a diagram of this demo.

To run the secure-bigbank-account demo you need to first run secure-bigbank-calculator and 
secure-bigbank-stockquote application. This will bring up Tuscany runtime and load the two 
applications and make them available as services. Secure-bigbank-account is dependent on these 
services.

This demo uses ant. This is just one way of running this demo. 

Start secure-bigbank-calculator composite
-----------------------------------------

Secure-bigbank-calculator is a calculator application which handles add, subtract, multiply and 
divide operations. Each of these operations is implemented in a different language, 
including JavaScript, groovy, Ruby and Python.

To run the secure-bigbank-calculator composite and make it available as a service for this 
demo do the following:

cd secure-bigbank-calculator
ant compile  
ant run

.. Leave the server running

Note that 'ant compile' needs to be done the first time you run this demo out of the 
binary distribution. No need to do 'ant compile' from there on.

Start secure-bigbank-stockquote
-------------------------------

A very simple web services based stock quote application which returns random 
stock quotes on request. Please note that the stockquote service is not live and is 
implemented instead to allow for this application to always run without dependency on the 
availability of a webservice.

cd secure-bigbank-stockquote
ant compile  
ant run

.. Leave the server running

Note that 'ant compile' needs to be done the first time you run this demo out of the 
binary distribution. No need to do 'ant compile' from there on.

Start secure-bigbank-account 
---------------------
  
Secure-bigbank-account is entry point to this application running on Tuscany. 
Secure-bigbank-account composite calls into secure-bigbank-stockquote and 
secure-bigbank-calculator services. Start secure-bigbank-account in the following way:

cd secure-bigbank-account
ant compile 
ant run

.. Leave the server running

Note that 'ant compile' needs to be done the first time you run this demo out of the  
binary distribution. No need to do 'ant compile' from there on.

Run the demo
------------- 
The front end of this demo application is a web app which users Json/RPC to communicate 
with the backend for retrieving account information. 

To try the app out point you browser at:

http://localhost:8080/AccountJSON.html

This should display an interface with a single button that goes and retrieves 
a single set of account details exercising services across the three running 
SCA applications. 

If you press on getAccountReport, you'll see a response posted, but the detail of the 
data will be displayed in the screen where you started secure-bigbank-account.


Stop the demo
-------------
Go to each of the corresponding command line screens and hit 'enter'. This will stop each 
of the applications.