Web Portal Not An IBM i Modernization Bit Player
January 25, 2016 Dan Burger
The portal piece of modernization projects seldom gets top billing. All eyes are on the graphical user interface and efforts to scour the green screen out of sight from those who believe it is the work of the devil. But dagnabbit, it’s the portal that unifies information and applications from a galaxy of diverse sources and displays it in an orderly fashion. It’s the key to proprietary information that’s shared among authorized users.
“We see a lot of B2B companies building portals,” says Marcel Sarrasin, vice president of marketing at Quadrant Software, the parent company of BCD Software, one of the leading IBM i application tool vendors and the makers of the Web portal software called Nexus. “The partners and customers of those companies are using the portal to do things like place orders and check inventory. The portal is used to authenticate them and give them access to the applications they need.”
In the BCD version of application development and application modernization environments the portal serves two primary purposes: a framework for content and application integration, and a point of lockdown security.
BCD’s application development, business intelligence and document distribution products are closely integrated with Nexus portal, so customers will often bundle the WebSmart IDE, the Clover reporting tool, and the Catapult spool-file conversion tool with the purchase of the portal. With the recent integration of Quadrant Formtastic spool-file modernization tool, additional functionality is added.
Sarrasin says BCD is developing APIs that will facilitate the integration and support of software from outside the BCD/Quadrant product mix. He noted that Nexus was enhanced to be more API-based several years ago. Without the use of APIs, the integration with other software has to take place at the code level. Currently that requires BCD services to assist customers with integrations outside the BCD family. BCD services, a growing aspect related to the interest in modernization, are also available to set up single sign on capabilities, which are useful in portal environments where multiple applications are available. SSO is a convenience that is heard of more often than it is seen, but where it’s in place it seems to be greatly appreciated.
Tight integration with IBM i is one of the strengths of a portal that runs on i. For instance, it provides the capability to authenticate users using IBM i profiles. The capability to convert spool files and put them on the IFS or in the portal is another well-received benefit. In instances where Microsoft SharePoint portals already exist in IBM i shops have shown their integration weaknesses, Sarrasin says.
Security awareness should be a priority when it comes to Web and portal development. Sarrasin offered advice on several security fronts.
SSL at the highest level is the starting point. It would be used when setting up a port in the firewall. When possible, having the login be an IBM i profile is preferred. Exceptions occur when users come from non-IBM i sources. Customers and partners may fit into that category.
Nexus includes an Apache security module extension–a cross-reference table identifying who is authorized for what information. The BCD development team wrote this so content could be locked down. Like the IBM i itself, security is dependent on the operator staying on top of the situation and not becoming sloppy with authorities. Plus, the programmers creating the applications need to code against known vulnerabilities.
Part of the portal planning process includes considerations about whether users are accessing documents or applications, whether users have an IBM i profile or a profile in LDAP, and will users be asked to create their own profiles in the portal.
Apache Web Server
Nexus is configured to use the Apache Web server, which is built into the IBM i operating system. In terms of resources weighing heavy on IBM i, the Web applications run in batch and have little effect on the operating system.
It’s worth noting that according the 2016 IBM i Marketplace Survey, 40 percent of survey participants use the Apache Web server (and 32 percent are running a different Web server on i). That’s an encouraging number of IBM i pros who are getting onboard the Web development train, especially considering the number of executives that brand IBM i with the legacy kiss of death.
The truth of the matter is that the majority of IBM i professionals have come to trust the Apache Web server (and other alternatives) to securely open the IBM i to the Web. And it’s fair to generalize by saying familiarity with Web technology has increased as users looked into modernizing green-screen applications. Of course, some people still believe it’s unsafe to access IBM i content and applications via the Web, but for the majority conscientious users, it’s not an obstacle anymore.
Login and Menu Trees
As green-screen developers move into Web development, one of the first things they will notice is that the login and menu system is not automatically taken care of as they are in 5250. Authenticating incoming users with their IBM i user IDs and passwords is the best way (the green-screen way) of establishing credentials for accessing the IBM i server.
“IBM programmers know very well how to do this on a green screen,” Sarrasin says, “but the Web development paradigm is a challenge for many of those programmers.”
The portal, among other benefits noted above, provides a method for creating a secure login and navigational menus.
Remember easy access to proprietary information is the reason for paying attention when building a portal.