 





















                    ALL-IN-1_Web_Interface______________________________
                    Setting Up and Customizing




                    Revision/Update Information:  New for Version 1.0

                    Operating system:             Digital UNIX Version
                                                  3.2C, Windows NT
                                                  Version 3.51, OpenVMS
                                                  VAX or OpenVMS Alpha
                                                  Version 6.1 or higher.

                    Software version:             Version 1.0













                    Digital Equipment Corporation
                    Maynard, Massachusetts

 






          ________________________________________________________________
          March 1996

          Possession, use, or copying of the software described in
          this documentation is authorized only pursuant to a valid
          written license from Digital or an authorized sublicensor.

          While Digital believes the information included in this
          publication is correct as of the date of publication, it is
          subject to change without notice.

          Digital Equipment Corporation makes no representations
          that the use of its products in the manner described in
          this publication will not infringe on existing or future
          patent rights, nor do the descriptions contained in this
          publication imply the granting of licenses to make, use,
          or sell equipment or software in accordance with the
          description.

           Digital Equipment Corporation 1996.

          All Rights Reserved.

          The following are trademarks of Digital Equipment
          Corporation: ALL-IN-1, Digital UNIX, OpenVMS, TeamLinks,
          VAX, and the DIGITAL logo

          Windows NT is a trademark of Microsoft Corporation.
          UNIX is a registered trademark in the US and other
          countries, licensed exclusively through X/Open Company
          Ltd.

          This document was prepared using VAX DOCUMENT, Version 2.1.

 














  _________________________________________________________________

                                                           Contents



  Preface...................................................      v

  1  Setting Up the ALL-IN-1 Web Interface

        1.1   Configuring the Web Server....................    1-1
        1.2   Installing the Distributed Sharing Option
              (DSO) License.................................    1-2
        1.3   Setting up Web Access on Your ALL-IN-1
              System........................................    1-2
        1.3.1     Setting Up AWI Access on ALL-IN-1 Version
                  3.2.......................................    1-3
        1.3.2     Setting Up Web Access on a ALL-IN-1
                  Version 3.1 System........................    1-4
        1.4   Setting up the Drawers You Want to Make
              Available.....................................    1-5
        1.5   Checking the Default Display..................    1-5

  2  Customizing the ALL-IN-1 Web Interface

        2.1   Customizing the Configuration File Settings...    2-2
        2.2   Customizing the Configuration File
              Boilerplates..................................    2-3
        2.3   Using the AWI Boilerplate Directives..........    2-6
        2.4   Using the AWI Special Directives..............    2-8
        2.4.1     Special Directives for the Missing
                  Boilerplate...............................    2-8
        2.4.2     Special Directives for the Folders and
                  Documents Boilerplates ...................    2-9
        2.5   Customizing the MIME Types Mapping File.......   2-10
        2.6   Setting Up Indirect (Brokered) Connections....   2-10
        2.7   Hiding Your System's Node Name................   2-11
        2.8   Creating URLs for File Cabinet Objects........   2-12


                                                                iii

 







    3  Security Implications

          3.1    ALL-IN-1 Version 3.1 Systems.................    3-1
          3.2    ALL-IN-1 Version 3.2 Systems.................    3-1
          3.2.1     Disabling Access to the ALL-IN-1
                    Account...................................    3-2
          3.2.2     Disabling Access to the OpenVMS Account...    3-2

    Index


    Tables

          1-1       AWI Setup Tasks...........................    1-1

          2-1       Settings You May Want to Customize........    2-2

          2-2       Boilerplate Elements......................    2-4

          2-3       AWI Boilerplate Directives................    2-7

          2-4       Using the DirectConnect and BrokerNode
                    Fields....................................   2-11






















    iv

 












        _________________________________________________________________

                                                                  Preface



        About This Guide

              This guide explains how to set up and customize the
              ALL-IN-1[TM] Web Interface.

        Prerequisite Knowledge

              This guide assumes that you are familiar with the web
              server software at your site. If you plan to customize
              the default displays, you need experience of creating
              web pages. You must also be familiar with ALL-IN-1
              system management and have access to the ALL-IN-1 system
              management subsystem.

        Related Documents

              The  ALL-IN-1 Management Guide.

















                                                                        v

 










                                                                        1
        _________________________________________________________________

                                    Setting Up the ALL-IN-1 Web Interface


              This chapter describes the tasks that you must do to set
              up your ALL-IN-1 Web Interface (AWI) software after you
              have installed it. When you have completed the setup
              tasks, users will be able to use web browsers to access
              the documents that you make available from your ALL-IN-1
              File Cabinet.

              Table 1-1 lists the tasks that you must do.

              Table_1-1_AWI_Setup_Tasks__________________________________

              Task______________________________________See______________

              Configure the web server                  Section 1.1

              Install the Distributed Sharing Option    Section 1.2
              License

              Set up web access on your ALL-IN-1        Section 1.3
              system

              Set up the drawers that you want to make  Section 1.4
              available

              Test_the_default_setup____________________Section_1.5______

        1.1 Configuring the Web Server

              You must ensure that the web server can read and execute
              the files in the AWI subdirectory.

              Configure the web server on the machine where you have
              installed the AWI to:

              o  Run the AWI software as a Common Gateway Interface (CGI)
                 program

                                Setting Up the ALL-IN-1 Web Interface 1-1

 



    Setting Up the ALL-IN-1 Web Interface
    1.1 Configuring the Web Server


          o  Map a Universal Resource Locator (URL) to the AWI
             executable file (AWI.EXE) or to the directory containing
             the AWI executable file.

             Some web servers allow you to specify the file name, for
             example:

             http://webserver.abc.com/awi

             where webserver.abc.com is the address of the web server
             where you installed the AWI, and awi maps to the AWI
             executable file.

             For other types of web server, you may need to specify
             the name of the directory for the CGI files, for
             example:

             http://webserver.abc.com/cgi-bin/awi.exe

          The exact instructions depend on the platform and
          web server software that you are using. Refer to the
          documentation provided for your web server.

    1.2 Installing the Distributed Sharing Option (DSO) License

          You must install the Distributed Sharing Option (DSO)
          license, A1-DIST-SHR, on each node that you want to allow
          the AWI to access. The DSO license allows remote access to
          your ALL-IN-1 File Cabinet. Register the license using the
          OpenVMS[TM] License Management Facility (LMF).

             ________________________ Note ________________________

             After installing the DSO license, you must stop and
             then restart the File Cabinet Server.

             ______________________________________________________

    1.3 Setting up Web Access on Your ALL-IN-1 System

          The instructions for setting up AWI access depend on the
          version of ALL-IN-1 that is installed.

          ___________________________________________________________
          if..._____________________________________See...___________

          ALL-IN-1 Version 3.2 is installed         Section 1.3.1

    1-2 Setting Up the ALL-IN-1 Web Interface

 



                                    Setting Up the ALL-IN-1 Web Interface
                        1.3 Setting up Web Access on Your ALL-IN-1 System

              ___________________________________________________________
              if..._____________________________________See...___________

              ALL-IN-1 Version 3.1 and TeamLinks        Section 1.3.2
              Connection_Version_2.5_are_installed_______________________

              For the security implications of these setups, see
              Chapter 3.

        1.3.1 Setting Up AWI Access on ALL-IN-1 Version 3.2

              You must create an ALL-IN-1 account called WEB$ACCESS on
              your ALL-IN-1 system.

              To set up the WEB$ACCESS account, do the following:

              ___________________________________________________________
              Step_Action________________________________________________

              1    Create an account template by entering:

                   MGT DTC C

                   Set up the following attributes in the template:
                   ______________________________________________________
                   Attribute__________________Value______________________

                   privileges                 TMPMBX and NETMBX

                   Mail Destination           NO MAIL

                   X500_UPDATE________________N__________________________

              ___________________________________________________________

              2    Create an account called WEB$ACCESS. Enter:

                   MGT MUA C CU

                   The account name contains a $ character so ALL-IN-1
                   displays a message to say that the $ character is not
                   recommended in an account name.

                   Enter Y in response to the message and continue.

                   Enter the name of the template created in Step 1 in
                   the Account template: field.

              ___________________________________________________________

                                Setting Up the ALL-IN-1 Web Interface 1-3

 



    Setting Up the ALL-IN-1 Web Interface
    1.3 Setting up Web Access on Your ALL-IN-1 System

          ___________________________________________________________
          Step_Action________________________________________________

          3    Classify WEB$ACCESS as a utility account by doing the
               following:

               a. Choose the Classify User Accounts (CUA) option,
                  from the Manage ALL-IN-1 System (MGT MSY) menu.

               b. Enter WEB$ACCESS access in the Account name: field

               c. Check that the template has set up NO MAIL in the
                  Mail destination: field.

               d. Enter U in the Utility Account: field

          ___________________________________________________________

          4    Using the AUTHORIZE utility, you can provide
               additional security on the OpenVMS account by setting
               up the following:

               o  DISMAIL

               o  RESTRICTED

               o  GENPWD

               o  Login restrictions for when the account can be
                  accessed

               o  Any additional site-specific restrictions

               For example:

               $ RUN SYS$SYSTEM:AUTHORIZE
               UAF> MODIFY WEB$ACCESS/FLAGS=(DISMAIL,RESTRICTED,GENPWD)

               UAF> EXIT
          _____$_____________________________________________________

    1.3.2 Setting Up Web Access on a ALL-IN-1 Version 3.1 System

          TeamLinks[TM] Connection Version 2.5 must also be
          installed.

          Create an ALL-IN-1 profile entry called OA$ANONYMOUS using
          MGT MUA C UP.

          The profile name contains a $ character so ALL-IN-1
          displays a message to say that the $ character is not
          recommended in an account name.

    1-4 Setting Up the ALL-IN-1 Web Interface

 



                                    Setting Up the ALL-IN-1 Web Interface
                        1.3 Setting up Web Access on Your ALL-IN-1 System


              Enter Y in response to the message and continue to create
              the account.

              The AWI does not need an OpenVMS account and password on
              your system to connect to the File Cabinet Server. For the
              security implications, see Chapter 3.

        1.4 Setting up the Drawers You Want to Make Available

              For ALL-IN-1 Version 3.1 systems which use OA$ANONYMOUS,
              all world-readable drawers (with access by the *WORLD
              group) on your system will be accessible to web browsers.

              If you have a ALL-IN-1 Version 3.2 system, you have more
              control over the access to your drawers. You are not
              restricted to having all your world-readable drawers
              available to web browsers.

              On a ALL-IN-1 Version 3.2 system, you can use the options
              on the Drawer Management (DRM) menu to restrict access to
              the world-readable drawers that you do not want to make
              available on the web. To do this, you can add WEB$ACCESS
              to the list of users or groups that can access a particular
              drawer, and either leave the Read access field blank or set
              it to N.

                ________________________ Note ________________________

                If you are using a web server running on Windows NT,
                and your drawer or folder names contain a forward
                slash (/), you may find that requests from web clients
                fail. This is because some web servers change the URL
                before it reaches the AWI. It is recommended that you
                avoid the use of (/) in your drawer and folder names.

                ______________________________________________________

        1.5 Checking the Default Display

              To check that you have set everything up correctly, do the
              following:




                                Setting Up the ALL-IN-1 Web Interface 1-5

 



    Setting Up the ALL-IN-1 Web Interface
    1.5 Checking the Default Display

          ___________________________________________________________
          Step_Action________________________________________________

          1    Using a web browser, specify the URL that you have set
               up for the AWI executable file. See Section 1.1. What
               you have set up depends on your web server.

               For example:

               http://webserver.abc.com/awi

               or

               http://webserver.abc.com/cgi-bin/awi.exe

               where webserver.abc.com is the address of the web
               server where you installed the AWI.

          ___________________________________________________________

          2    Fill in the System:, Drawer owner: and Drawer: fields.
               Click on Show My Selection.

               Check that a bulleted list of folders in the selected
               drawer is displayed.

               Double-click on one of the folder names and check that
               a bulleted list of the documents in that folder is
               displayed.

               Note that the system name (node or cluster name) must
               be a full IP name. If you specify the name of a node
               or cluster that is not in your IP domain, you must
               specify a fully qualified IP name.

          ___________________________________________________________

          3    Try to access the drawer without supplying all of the
               required fields. Check that a message is displayed to
          _____inform_you_that_additional_information_is_required.___

          Now that the AWI is up and running, you may want to
          customize the way it works or the display that it provides.
          See Chapter 2.


    1-6 Setting Up the ALL-IN-1 Web Interface

 










                                                                        2
        _________________________________________________________________

                                   Customizing the ALL-IN-1 Web Interface


              This chapter explains the different ways that you can
              customize the AWI. You can customize the user request form,
              the way in which folders and documents are displayed and
              the document attributes that are displayed.

              In order to customize the AWI, you need to understand the
              way that the default configuration file is organized.

              ___________________________________________________________
                                                   For information,
              Topic________________________________see...________________

              Customizing the configuration file   Section 2.1
              settings

              Customizing the configuration file   Section 2.2
              boilerplates

              Using the AWI boilerplate            Section 2.3
              directives

              Using the AWI special directives     Section 2.4

              Customizing the MIME types mapping   Section 2.5
              file

              Setting up indirect connections to   Section 2.6
              other File Cabinets

              Hiding your system's node name       Section 2.7
              and restricting access to a single
              machine

              Creating URLs for File Cabinet       Section 2.8
              Objects____________________________________________________

                               Customizing the ALL-IN-1 Web Interface 2-1

 



    Customizing the ALL-IN-1 Web Interface
    2.1 Customizing the Configuration File Settings


    2.1 Customizing the Configuration File Settings

          The AWI configuration file is in the AWI subdirectory and
          is called CONFIG.AWI. It contains two sections:

          [settings]

          [boilerplates]

          If a section, or section options, are missing, defaults
          are used. The section names and section option names are
          case insensitive. A value of 1 means true, and a value of 0
          means false.

          Table 2-1 list the default settings that you may want to
          customize.

          Table_2-1_Settings_You_May_Want_to_Customize_______________

          Option______Default_Description____________________________

          DirectConnec1       Means the AWI always connects to the
                              node that the user specifies in the URL
                              or at the user request form. You may
                              want to change this if you want to set
                              up an indirect connection to other File
                              Cabinets, for example, those that do
                              not have TCP/IP connections.

                              See Section 2.6.

          BrokerNode  -       Use to specify a node for indirect
                              connections. Use in conjuction with
                              DirectConnect.

                              See Section 2.6.

          ShowNode    1       You can change this to 0 to suppress
                              the display of the nodename in the URL.

                              See Section 2.7.

          RequireFolde0       Defines whether the user has to specify
                              a folder on the request form. Change
                              this value to 1 if you want the user to
                              specify a folder name.

          A_value_of_1_means_true,_and_a_value_of_0_means_false._____

                                             (continued on next page)

    2-2 Customizing the ALL-IN-1 Web Interface

 



                                   Customizing the ALL-IN-1 Web Interface
                          2.1 Customizing the Configuration File Settings


              Table_2-1_(Cont.)_Settings_You_May_Want_to_Customize_______

              Option______Default_Description____________________________

              RequireDrawe1       Defines whether the user has to specify
                                  a drawer name on the request form.
                                  Change this to 0 if you do not want the
                                  user to supply the drawer name.

              RequireOwner1       Defines whether the user has to specify
                                  a drawer owner on the request form.
                                  Change this to 0 if you do not want the
                                  user to supply the drawer owner.

              RequireSyste1       Defines whether the user has to specify
                                  a system name on the request form.
                                  Change this to 0 if you do not want the
                                  user to supply the system name.

                                  See Section 2.7.

              NLisCRLF    0       Controls the type of newline character
                                  that the AWI sends to the web server in
                                  the CGI header.

                                  You may need to set this value to 1
                                  if you get a web browser error about
                                  documents that do not contain data.
              A_value_of_1_means_true,_and_a_value_of_0_means_false._____

              ___________________________________________________________

              You do not need to change any of the other settings in the
              configuration file.

        2.2 Customizing the Configuration File Boilerplates

              The AWI configuration file boilerplate section lists all
              the elements that you can use to create web home pages. In
              the default configuration file, some of the elements use
              the default boilerplate files that are supplied with the
              AWI. You can create your own files to replace the defaults
              and create new files to provide the elements that do not
              have defaults.

              The boilerplates section of the AWI configuration file
              supports the elements shown in Table 2-2.

                               Customizing the ALL-IN-1 Web Interface 2-3

 



    Customizing the ALL-IN-1 Web Interface
    2.2 Customizing the Configuration File Boilerplates


          Table_2-2_Boilerplate_Elements_____________________________

          Element__________Default_____Description___________________

          DefaultHead      -           Used as the header if no other
                                       is specified. For example, you
                                       could use this to provide a
                                       corporate logo at the head of
                                       each page

          DefaultTail      -           Used as the footer if no other
                                       is specified. For example, you
                                       could use this to provide a
                                       Home page URL or a button bar
                                       for navigation.

          Folders          awifoldr.blpUsed when listing the folders
                                       in a drawer. The default
                                       boilerplate awifoldr.blp
                                       displays the folders as a
                                       bulleted list.

          FolderHead       -           Used as the header when
                                       listing folders.

          FolderTail       -           Used as the footer when
                                       listing folders.

                                             (continued on next page)
















    2-4 Customizing the ALL-IN-1 Web Interface

 



                                   Customizing the ALL-IN-1 Web Interface
                      2.2 Customizing the Configuration File Boilerplates


              Table_2-2_(Cont.)_Boilerplate_Elements_____________________

              Element__________Default_____Description___________________

              Documents        awidoc.blp  Used when listing the
                                           documents in a folder.

                                           The default file, awidoc.blp
                                           displays the documents as a
                                           bulleted list. The title of
                                           each document is used as the
                                           hyperlink to the document, so
                                           the user can click on the name
                                           of the document to display it.

                                           This boilerplate also shows
                                           the following information for
                                           each document:

                                           o  Author

                                           o  Size

                                           o  Modified date

                                           o  Format, as generated by the
                                              AWI

              DocumentHead     -           Used as the header when
                                           listing documents.

              DocumentTail     (no         Used as the footer when
                               default)    listing documents.

              Request          awiform.blp Used as the initial request
                                           form.

              Missing          awimissg.blpUsed when the user does not
                                           specify enough information
                                           on the request form. The
                                           default boilerplate displays
                                           the missing information as a
              _____________________________bulleted_list.________________


                               Customizing the ALL-IN-1 Web Interface 2-5

 



    Customizing the ALL-IN-1 Web Interface
    2.3 Using the AWI Boilerplate Directives


    2.3 Using the AWI Boilerplate Directives

          AWI boilerplate directives allow you to display ALL-IN-1
          document attributes, for example, the document author, on
          your forms. The AWI boilerplate directives are of the form
          <!variable>.

          Table 2-3 shows the directives that you can use in your
          customized boilerplate files.




































    2-6 Customizing the ALL-IN-1 Web Interface

 



                                   Customizing the ALL-IN-1 Web Interface
                                 2.3 Using the AWI Boilerplate Directives


              Table_2-3_AWI_Boilerplate_Directives_______________________

              Directive________Description_______________________________

              <!MODIFIED>      The modified date of the document.

              <!CREATED>       The created date of the document.

              <!TITLE>         The title of the document.

              <!AUTHOR>        The author of the document.

              <!FORMAT>        The FORMAT of the document.

              <!DSAB>          The DSAB of the document.

              <!UNIQUENAME>    The name of the drawer or folder,
                               depending on the context.

              <!NUMBYTES>      The approximate size of the document in
                               bytes.

              <!EXTENSION>     The file extension of the document, for
                               example, TXT.

              <!EUID>          The EUID of the File Cabinet object in
                               HTML-friendly form.

              <!TYPE>          The structural type of the document. Used
                               by the AWI internally.

              <!MIMEID>        The MIME type of the document. This is
                               generated by the AWI if the document does
                               not have a mimeid.

              <!CUSTOMER0>     The document's DOCDB customer field.

              <!CUSTOMER1>     The document's DAF customer1 field.

              <!CUSTOMER2>     The document's DAF customer2 field.

              <!CUSTOMER3>     The document's DAF customer3 field.

              <!CUSTOMER4>     The document's DAF customer4 field.

              <!CUSTOMER5>     The document's DAF customer5 field.

              <!URL>           This is the URL of the File Cabinet object
                               and it is generated by the AWI. Use in
                               preference to the EUID.

              <!DOCTYPE>       AWI generated attribute - the format
                               /handling of the document, which is
              _________________derived_from_FORMAT_and_DSAB._____________

                               Customizing the ALL-IN-1 Web Interface 2-7

 



    Customizing the ALL-IN-1 Web Interface
    2.4 Using the AWI Special Directives


    2.4 Using the AWI Special Directives

          There are some additional special directives that you can
          use for:

          o  The Missing boilerplate form that is displayed when
             users do not supply all of the required information

          o  The Folders and Documents boilerplates that specify
             the type and format of information that is displayed in
             response to a user request

    2.4.1 Special Directives for the Missing Boilerplate

          The Missing boilerplate, awimsg.blp, uses the $SELECT
          directive to bracket HTML tags.

          For example:
          <TITLE>Missing details</TITLE>
          <UL>
          $SELECT
          <LI>System
          $SELECT
          <LI>Drawer owner
          $SELECT
          <LI>Drawer
          $SELECT
          <LI>Folder
          $SELECT
          </UL>

          The $SELECT directive must appear on a line of its
          own, without any whitespace. There must be five $SELECT
          directives, to separate the HTML tags for:

          o  System missing

          o  Owner missing

          o  Drawer missing

          o  Folder missing

          The tags must be in the order shown. The appropriate
          message is displayed if the user does not supply a value
          that is mandatory.

    2-8 Customizing the ALL-IN-1 Web Interface

 



                                   Customizing the ALL-IN-1 Web Interface
                                     2.4 Using the AWI Special Directives


        2.4.2 Special Directives for the Folders and Documents
              Boilerplates

              The Folders boilerplate, awifoldr.blp, and Documents
              boilerplate, awidoc.blp, use the special directives
              $BEGINLOOP and $ENDLOOP.

              The following notes apply to the use of these directives:

              o  The directives must appear on a line of their own,
                 without any whitespace.

              o  The directives bound the section of the boilerplate
                 that is to be repeated for every File Cabinet object the
                 boilerplate is showing.

              o  $BEGINLOOP must be present but $ENDLOOP is optional.

              o  If $ENDLOOP is missing, the end of the boilerplate is
                 taken to be $ENDLOOP.

              The following example shows the use of these special
              directives in the default document boilerplate, awidoc.blp:
              <TITLE>Documents </TITLE>
              Documents in <!UNIQUENAME> folder
              <UL>
              $BEGINLOOP
              <LI><A HREF="<!URL>"><!TITLE></A>
              <BR>(<!DOCTYPE> document, <!NUMBYTES> bytes, last modified
              <!MODIFIED>)
              <BR>Created <!CREATED>, Mimetype <!MIMEID>
              <BR>Customer0 = <!CUSTOMER0>
              <BR>Customer1 = <!CUSTOMER1>
              <BR>Customer2 = <!CUSTOMER2>
              <BR>Customer3 = <!CUSTOMER3>
              <BR>Customer4 = <!CUSTOMER4>
              <BR>Customer5 = <!CUSTOMER5>
              $ENDLOOP
              </UL>)






                               Customizing the ALL-IN-1 Web Interface 2-9

 



    Customizing the ALL-IN-1 Web Interface
    2.5 Customizing the MIME Types Mapping File


    2.5 Customizing the MIME Types Mapping File

          You may need to customize the MIME types mapping file if
          the MIME type generated by ALL-IN-1 is not what you want.

          The default MIME types mapping file, mimemap.awi, contains
          lines of MIME type and ALL-IN-1 format pairs. The MIME type
          is listed first. If none of the mappings match a file type,
          the last line must contain the special mapping:

          application/x-* *

          In the special mapping, * always matches, and the * in
          the MIME type is replaced by the lowercase version of the
          ALL-IN-1 type. This mapping is also built into the AWI, and
          is used if the MIME mapping file is missing.

    2.6 Setting Up Indirect (Brokered) Connections

          As the default, AWI always tries to connect directly to the
          File Cabinet Server on the node that the user specifies.
          For example, the user may specifiy the node directly as
          part of the URL or supply it in the System: field on the
          displayed request form.

          In the AWI configuration file, AWI.CONFIG, the settings
          that define this behaviour are DirectConnect 1 and no value
          for the BrokerNode field.

          You can customize the AWI to define a broker node which is
          used by the AWI to connect indirectly to File Cabinets
          on other nodes. This allows you to make File Cabinets
          available on nodes which do not have TCP/IP installed.
          To allow brokered connections, you must define BrokerNode
          in the AWI configuration file.

          Table 2-4 shows the types of connections that you can set
          up.







    2-10 Customizing the ALL-IN-1 Web Interface

 



                                   Customizing the ALL-IN-1 Web Interface
                           2.6 Setting Up Indirect (Brokered) Connections


              Table_2-4_Using_the_DirectConnect_and_BrokerNode_Fields____

              Field_______Value_____Meaning______________________________

              DirectConnec1         AWI always contacts the node
              and                   specified by the Web client

              BrokerNode  Not
                          defined

              ___________________________________________________________

              DirectConnec0         AWI always contacts the File Cabinet
              and                   Server on the node specified in the
                                    BrokerNode field

              BrokerNode  Defined

              ___________________________________________________________

              DirectConnec1

              and

              BrokerNode  Defined
                                    _____________________________________
                                    If the
                                    address...____Then_the_AWI...________

                                    contains a    always contacts the
                                    period (.),   File Cabinet Server on
                                    it is an IP   the specified node
                                    address

                                    does not      always contacts the
                                    contain a     File Cabinet Server on
                                    period (.),   the node defined as the
                                    it is not an  BrokerNode
                                    IP_address___________________________

              ___________________________________________________________

        2.7 Hiding Your System's Node Name

              This section applies to ALL-IN-1 Version 3.2 systems only.

              Follow the instructions in this section to create a
              customized version of the Request boilerplate and change
              the AWI configuration settings to do the following:

              o  Hide the node name for your system from web users

                              Customizing the ALL-IN-1 Web Interface 2-11

 



    Customizing the ALL-IN-1 Web Interface
    2.7 Hiding Your System's Node Name


          o  Restrict web access to the drawers on a single brokered
             node

          To set this up, follow the instructions in the next table.

          ___________________________________________________________
          Step_Action________________________________________________

          1    Edit the AWI configuration file as follows:
               ______________________________________________________
               Field_________________Value___________________________

               ShowNode              0

               BrokerNode            Define to your system name

               DirectConnect_________0_______________________________

          ___________________________________________________________

          2    Remove the System prompt from the boilerplate request
               form, awiform.blp.

               Remove the line:

               System: <INPUT TYPE="text" NAME="node">

               The System: prompt will no longer be displayed on your
          _____request_form._________________________________________

    2.8 Creating URLs for File Cabinet Objects

          You can customize your request form to display a list of
          available drawers or folders. In this case the user must
          double click on the drawer or folder name to display a list
          of folders or documents. To do this, you must specify the
          URL for each File Cabinet object that you want to create a
          link to.

          The easiest way to do this is to access the object by
          supplying the full information about the system, drawer
          and drawer owner. Cut and paste the displayed URL into your
          request form. The format of the URL is:

          <A HREF = "/awi/node/%22[system]drawer%22.%22folder%22">

          where:

          o  awi is the mapping to the AWI software that you have set
             up, see Section 1.1

    2-12 Customizing the ALL-IN-1 Web Interface

 



                                   Customizing the ALL-IN-1 Web Interface
                               2.8 Creating URLs for File Cabinet Objects


              o  node is the name of the node that you are connecting to

              o  %22[system]drawer%22.%22folder%22 is the specification
                 for the folder that you want to access









































                              Customizing the ALL-IN-1 Web Interface 2-13

 










                                                                        3
        _________________________________________________________________

                                                    Security Implications


              This chapter explains the different levels of security
              available for ALL-IN-1 Version 3.2 systems and ALL-IN-1
              Version 3.1 systems with TeamLinks Connection Version 2.5
              installed.

        3.1  ALL-IN-1 Version 3.1 Systems

              This section applies to ALL-IN-1 Version 3.1 systems with
              TeamLinks Connection Version 2.5 installed.

              For ALL-IN-1 Version 3.1 systems, the AWI provides
              anonymous connect capability using a profile entry called
              OA$ANONYMOUS. This means that the AWI can connect to a
              File Cabinet Server without an account and password on the
              system where the File Cabinet Server is running.

              All world readable drawers (accessible by group *WORLD) are
              available to the AWI. Drawers with access set to the *LOCAL
              group cannot be accessed.

        3.2  ALL-IN-1 Version 3.2 Systems

              In ALL-IN-1 Version 3.2, access to the AWI is through
              a special account called WEB$ACCESS. The File Cabinet
              Server performs authentication checks on the WEB$ACCESS
              OpenVMS account. This allows you to control access to this
              WEB$ACCESS account at the drawer level. You can control AWI
              access to world readable drawers by adding the WEB$ACCESS
              account to the list of users and setting leaving Read
              access blank or setting it to No.

              In addition to drawer-level control, you can temporarily
              disable all access by the AWI if required. You can disable
              access to the ALL-IN-1 account or the OpenVMS account.


                                                Security Implications 3-1

 



    Security Implications
    3.2 ALL-IN-1 Version 3.2 Systems


    3.2.1 Disabling Access to the ALL-IN-1 Account

          To stop all AWI access to the ALL-IN-1 account, rename the
          WEB$ACCESS ALL-IN-1 account to something else. For example,
          rename the account to WEB_ACCESS using MGT MUA RNA.

          To test that the account cannot be accessed, use a web
          browser to list the folders in drawer that you could access
          previously. The operation will fail. Rename the account
          back to WEB$ACCESS, and access is restored.

    3.2.2 Disabling Access to the OpenVMS Account

          To stop all AWI access to the OpenVMS account, use
          AUTHORIZE to disuser the OpenVMS account for WEB$ACCESS.

          To test this, use a Web browser to list the folders in
          drawer that you could access previously. The operation will
          fail. When you undisuser the account, access is restored.


























    3-2 Security Implications

 
