Manuals / Nortel Networks / Computer Equipment / Network Router

Nortel Networks AS 5300 manual Using the Open Provisioning Interface, Security, Navigation

Models: AS 5300

1 54

Download 54 pages 16.04 Kb

Page 29

Using the Open Provisioning Interface

.

29

Using the Open Provisioning Interface

This chapter contains all of the information you need to use the Open Provisioning Interface.

Navigation

•"Security, authentication, and authorization" (page 29)

•"Third-party client development" (page 33)

Security, authentication, and authorization

The following sections describe the security, authentication, and authorization considerations for using the Open Provisioning Interface.

Navigation

•"Security" (page 29)

•"Authentication" (page 30)

•"Authorization" (page 32)

Security

OPI supports security through the use of:

•opicert.cer—Secure Socket Layer (SSL) certificate file

•opitruststore—key store file

These files are required when you connect to the Provisioning Server through HTTP Secure (HTTPS). You use the following command line parameters:

Djavax.net.ssl.trustStore=opitruststore

-Djavx.net.ssl.trustStorePassword=opitruststore

When you have a Certificate Authority (CA) Certificate, you must import it into the key store file (opitruststore). For instructions, see "Importing a CA Certificate into the BPT" (page 51).

Nortel AS 5300

Nortel Application Server 5300 Application Programming Interfaces Reference

NN42040-110 01.01 Standard

11 June 2008

Copyright © 2008 Nortel Networks

Image 29

Nortel Networks AS 5300 Using the Open Provisioning Interface, Security, authentication, and authorization, Navigation

Contents

Interfaces Reference Nortel Application Server Application ProgrammingNN42040-110 Nortel ASDocument release date 11 June Copyright 2008 Nortel Networks Nortel AS Release Publication NN42040-110 Document status StandardAll Rights Reserved Sourced in Canada LEGAL NOTICE All other trademarks are the property of their respective ownersUsing the Bulk Provisioning Tool ContentsUsing the Open Provisioning Interface New in this releaseStarting the Bulk Provisioning Tool Accessing the OPI Java docsCreating Open Provisioning Interface clients Importing a CA Certificate into the BPTOther changes New in this releaseRevision history Nortel ASNortel AS 6 New in this releaseNN42040-110 01.01 Standard 11 June Copyright 2008 Nortel NetworksUsing the Open Provisioning Interface page Using the Bulk Provisioning Tool pageAccessing the OPI Java docs page IntroductionNortel AS 8 IntroductionNN42040-110 01.01 Standard 11 June Copyright 2008 Nortel NetworksOpen Provisioning Interface fundamentals Application Programming Interface fundamentalsOpen Provisioning Interface fundamentals page Bulk Provisioning Tool fundamentals pageBulk Provisioning Tool fundamentals Why use the Bulk Provisioning ToolBulk Provisioning Tool requirements Nortel AS 12 Application Programming Interface fundamentalsNN42040-110 01.01 Standard 11 June Copyright 2008 Nortel NetworksInstall and launch the BPT Using the Bulk Provisioning ToolInstall and launch the BPT page BPT main menu page BPT main menuBPT main menu 14 Using the Bulk Provisioning ToolAccessing the Domain Operations submenu Command BPT main menu commandsmethod name using * into DescriptionBPT ﬁles and scripts BPT provisioning methodsNavigation FilesSuccess indication on remove methods page Unknown error messages page Create and manage provisioning roles using the BPT pageBPT conventions and examples ScriptsOptional syntax getRole using Role name file file name optional into file nameBrackets Angle bracketsgetRole using Role name file file name optional into file name Square bracketsAdmin,,English,Devices only,yourcompany.com newguy,mysecret,John,Edwards,Active,,,, ,,,,,DefaultComma separated strings Fully qualified user nameCreate and manage provisioning roles using the BPT Unknown error messagesDefine the new provisioning role Define the new provisioning role pagegetRole using AddExample addRole using file D\prov\addexample.txtAdd the new provisioning role View the new provisioning rolegetRole method invoked in the BPT Delete the new provisioning rolehelp addRole BPT Help optionBPT mapping to the Provisioning Client BPT limitationsBPT mapping to the Provisioning Client page Batch processing page Resource use page Provisioning data visibility pageBulk provisioning of users Batch processingResource use Provisioning data visibility Nortel AS 28 Using the Bulk Provisioning ToolNN42040-110 01.01 Standard 11 June Copyright 2008 Nortel NetworksSecurity, authentication, and authorization Using the Open Provisioning InterfaceSecurity, authentication, and authorization page Security page Authentication page Authorization pageHTTP Basic Authentication - Onboard Authentication AuthenticationHTTP Basic Authentication - Onboard Authentication page WS-Security UsernameTokenSample WS-Security header/SOAP message A special note for .NET authentication headersDomain-level authorization AuthorizationProvisioning-level authorization Domain-level authorization page Provisioning-level authorization pageAccess stubs from the third-party application page Implement interface accessing stubs pageThird-party client development Get the WSDLAccess stubs from the third-party application Implement interface accessing stubsStarting the Bulk Provisioning Tool Starting the Bulk Provisioning ToolDownloading the Bulk Provisioning Tool to a workstation Procedure StepsLaunching the BPT on a workstation Downloading the Bulk Provisioning Tool to a workstation pageThe BPT application launches 2 Enter your administrator username and passwordLaunching the BPT on a workstation Nortel ASNortel AS 38 Starting the Bulk Provisioning ToolNN42040-110 01.01 Standard 11 June Copyright 2008 Nortel NetworksCreating OPI clients Creating Open Provisioning Interface clientsPrerequisites for creating OPI clients Configuring the class path page Downloading the WSDL file page Downloading the Axis toolkit page Retrieving the error codes pageCompiling the client stubs page Writing a client to perform some specific OPI operations pageDownloading the Axis toolkit Retrieving the error codesConﬁguring the class path D\axis-14\webapps\axis\WEB-INF\libCompiling the client stubs Downloading the WSDL ﬁleD\opiclient loadname/wsdl/opiWriting a client to perform some speciﬁc OPI operations t\opi\serviceProcedure Steps Step ActionExample - Writing a client The client class can be compiled similarly to the compilation of the OPI Stubs, and executed. The OPI Stub classes and AXIS toolkit jars must be present in the classpath during execution, as demonstrated in the following figure Compiling the client class 46 Creating Open Provisioning Interface clientsNortel AS NN42040-110 01.01 Standard 11 JuneStep Action Accessing the OPI Java docsProcedure Steps OPIJavadocs file unzipped AdminAuthentication subfolder in the OPI Java Docs folderAccessing the javadocs for the AdminAuthentication OPI web service Nortel AS 50 Accessing the OPI Java docsNN42040-110 01.01 Standard 11 June Copyright 2008 Nortel NetworksThe tool prompts Trust this certificate? no Importing a CA Certiﬁcate into the BPTkeytool -list -v -keystore opitruststore Procedure StepsNortel AS 52 Importing a CA Certificate into the BPTNN42040-110 01.01 Standard 11 June Copyright 2008 Nortel NetworksPage Nortel AS