Using SAS Foundation Services With the Portal

SAS Foundation Services is a set of infrastructure and extension services that support the development of integrated, scalable, and secure applications that are developed using Java. The design model for SAS Foundation Services supports both local and remote resource deployment and promotes resource sharing among applications. Sharing can occur for a specific session, for a specific user, or globally, as appropriate. At the same time, the model controls access to protected resources based on privileged-user status and group membership.

For a list and description of each service, refer to SAS Foundation Services in the SAS Integration Technologies: Developer's Guide.

The SAS Web Infrastructure Kit includes the SAS Foundation Services Facade API, which is a set of convenience classes that developers can use to obtain references to the most commonly used foundation services. The foundation services facade should provide all of the necessary functionality to integrate your applications with the portal Web application. The foundation services facade is part of the Portlet API. For detailed information about the facade classes, select com.sas.services.webapp in the Portlet API class documentation.

You can also choose to use the SAS Foundation Services classes directly.

Local and Remote Service Deployment

You can deploy the SAS Foundation Services on the same machine as the portal Web application (default installation) or on a remote machine.

Using Locally Deployed SAS Foundation Services

When SAS Foundation Services is deployed locally, the core local services stack is used, as follows:

1. com.sas.services.security.AuthenticationService
2. com.sas.services.user.UserService
3. com.sas.services.logging.LoggingService
4. com.sas.services.information.InformationService
5. com.sas.services.session.SessionService

Using Remotely Deployed SAS Foundation Services

In the portal Web application architecture, an application called SAS Services (SASServices) is used to remotely deploy SAS Foundation Services. This application enables secure information sharing among applications. Through SAS Services, you can implement remotely deployed content viewers, remote portlets, and stand-alone Web applications that are called by the portal Web application and invoked with the portal Web application user's credentials. The user does not need to log on again, and user and session information can be shared as needed.

The SAS Services application makes the following stack available to applications that are enabled by SAS Foundation Services:

1. com.sas.services.security.AuthenticationService
2. com.sas.services.user.UserService
3. com.sas.services.logging.LoggingService
4. com.sas.services.information.InformationService
5. com.sas.services.session.SessionService

The SAS Services application must be up and running on a machine that is accessible to the remote Web application. In addition, the remote Web application must include a properties file that points to the definition of the remote services.

The portal Web application provides the SAS Services application with session context information for each authenticated user who is logged on. If the portal Web application passes a unique session ID to a remote Web application, then the remote Web application can obtain the appropriate user's session context information from the SAS Services session. The remote Web application should use the following steps to accomplish this:

• Retrieve the session ID from the portal Web application request and use it to obtain a reference to the SAS Services session. This is done by creating a new WebappContextParams object, as follows.

UserContextInterface privilegedUser = 
     ServletUtil.getPrivilegedUser("portalprivilege");
WebappContextParams params = 
     new WebappContextParams(privilegedUser, request);

Note: Replace portalprivilege with the user ID of a privileged user, which is required in order to create the WebappContextParams object. The privileged user must be a member of the SAS System Service group, and it must be specified in the user service of the remote Web application's local service deployment. For an example of how to set up the privileged user, see Step 3: Create a Privileged User in the Sample Web Application (HelloUserWikExample).

• Use the SessionContextInterface to get the remote session, as follows:

sharedSession = params.getSessionContext();
        

• Protect the session with a lock object, as follows:

sessionLock = SharedSession.lock("com.sas.MySessionName");
        

• Call methods from the WebappContextParams class to retrieve data, as in this example:

UserContextInterface userContext = 
     sharedSession.getUserContext();
        

• Unlock the session, as follows:

sharedSession.unlock(sessionLock);
        

For an illustration of the use of SAS Foundation Services to access a SAS Services session, see the Sample Web Application (HelloUserWikExample). For more information about service deployment, see SAS Foundation Service Deployment and Use in the "Foundation Services and WebDAV Server Deployment" chapter in the SAS Intelligence Platform: Web Application Administration Guide.

Configuring Foundation Service Deployments

When you install the Portal Web application, you can choose whether to store the metadata for the local and remote service deployment configurations in XML files, or on the SAS Metadata Server, as follows:

SAS Metadata Server

If you chose to import the metadata for your deployment configurations to the SAS Metadata Server, then the Foundation Services Manager plug-in of SAS Management Console displays the BIP Local Services group and the BIP Remote Services group.

XML Files

If you chose to store the metadata for your deployment configurations in XML files, then the configurations are contained in two files: a local services deployment file, called sas_services_idp_local_omr.xml, and a remote services deployment file, called sas_services_idp_remote_omr.xml.

Note: In SAS 9.1.2 Integration Technologies and subsequent releases, the Web Infrastructure Kit supports the use of either XML files or the SAS Metadata Server to store service deployment configurations. In SAS 9.1 Integration Technologies, the Web Infrastructure Kit supports only the use of XML files to store service deployment configurations.

For more information, see Service Deployment Configurations in the "Foundation Services and WebDAV Server Deployment" chapter in the SAS Intelligence Platform: Web Application Administration Guide.