Administering the Publishing Framework |
The publication administrator must define a subscriber for each user before the user can receive information from a channel or use the subscription manager applet to configure their subscriptions. A subscriber must have a SASperson object (containing a name and a delivery transport) defined for them when they are created.
It is important to understand how the level of authentication being used by the LDAP server affects the creation of subscribers. The administrator application and the subscription manager applet will view and interact with the LDAP server and the subscriber in different ways depending on the authentication setting. Authentication is configured in the site.cfg file.
If LDAP server authentication is set to "none", the publication administrator must create a subscriber with the administration application for each user. This creates a subscriber object in the publication framework. The information in this entry is not used by the LDAP server for authentication (since authentication is set to "none"), but the information is used by the subscription manager applet to identify a particular subscriber at login so that the information particular to that subscriber can be retrieved.
If the LDAP server authentication is set to "simple", the publication administrator should create a subscriber only for those users who have an identity defined on the LDAP server outside of the Publish/Subscribe framework. The LDAP administrator must create these identities with a valid user name and password. The name of the subscriber created by the publication administrator in the publication framework must match exactly the name of the identity on the LDAP server created by the LDAP administrator.
When configured properly for simple authentication, the subscription manager applet will prompt a user for a user name and password which will then be used to authenticate the user against the LDAP server. After the user has been authenticated against the LDAP server, the applet attempts to retrieve the user's subscription information using the same name. The applet expects the name in the identity defined on the LDAP server outside the publication framework to be identical to the name of the subscriber created by the publication administrator.
The delivery transport defines how information is delivered to a subscriber. Information can be provided via an e-mail message or a message queue. The publication administrator can configure subscriptions for any type of subscriber, regardless of whether the subscriber is a person or a program. Most human users will want information delivered to them through e-mail, while subscribers that are programs will likely be configured to receive information in a queue for further processing.
For example, SAS Integration Technologies provides support for message queues like MQ SERIES and MSMQ. A SAS program could be written to wait for information to be delivered on a message queue and then consume that information. While the program would be defined as a subscriber and the delivery mechanism would be a message queue, the identity of such a subscriber is not used for LDAP server authentication. Subscribers that are programs are administered by the publications administrator and do not use the subscription manager applet.
If you has create a subscription for a person, that subscriber can deactivate (remove) the subscription or change the delivery mechanism.
If you create a subscription for a group, you must also make sure that every member of that group is defined as a subscriber. Group members that are not defined as subscribers will not receive published content.
The SAS Integration Technologies Administrator provides a graphical user interface that allows you to create a subscriber. When you create a subscriber via the administrator application, the subscriber object with the specified attributes is stored on the LDAP server. For general instructions, see Using IT Administrator
To create a new subscriber using IT Administrator:
Open IT Administrator.
Subscriber names must be unique, and are limited to 40 characters. They cannot contain a comma (,) or a forward slash (/). The name of the subscriber is used by the publication framework to reference the subscriber, including the association of subscribers to channels.
Select the Select button to display the Person Index window. This window displays all of the person reference entries in the LDAP directory, organized under a set of alphabetic tabs. Select the person reference and select OK to display the person reference in the New Subscriber window.
A person reference points to an LDAP object that describes the subscriber in more detail (such as password, phone number and room number).
Although defined, the new subscriber is not yet subscribed to a channel or part of a group. See Creating Subscriptions for more information.
Administering the Publishing Framework |