Now that's what I'm talking about! (was:Re: Is VMS losing the Financial Sector, also?)

Hi Ken,

If only there was some middleware out there that let you do this. . .

For someone who does serious programming like yourself, it
seems like less than an afternoon's worth of design and coding. :-)

Either my marketing attempts to date have been about as successful as
Digital's, or my legendary subtlety has somehow managed to obscure the
inherent sarcasm and facetiousness in my lament :-)

Yes, there definitely is "middleware out there that [will] let you do this"
and that middleware is called Tier3. I was rather hoping that you'd heard of
our Client/Server middleware offering, and that my post would once more
re-focus attention on exactly why Tier3 and its *connection-oriented*,
*context-rich*, execution environment is so good; but no matter.

And it would be very easy to write a program to do that on
VMS

Depends what you mean by "very easy" I suppose. Here's a couple of questions
you may wish to consider before setting off: -

1) Would you let just anyone connect to your server and query the last
login-times for User-X?
2) Would your error messages inform a dictionary attacker when it found a
"valid" username?

So now your duplicating the VMS login process to find out who the request is
coming from and only letting them see their information?

3) Do you incorporate Intrusion Detection?
4) Do you update the SYSUAF entries with login failures?
5) When access is successful, do you update SYSUAF with last
[non]interactive login time?

You suggested something like INETd

6) Are you happy for a new process to be created every time a query is made?
7) Do you believe the ratio of (1 VMS Process per user) to be optimal?
8) Happy cleaning up all those log files?

So you decide to go for an "easy" multi-threaded server and roll your own
TCP/IP and/or DECnet programming

9) Threads or ASTs?

So now you've completed the simple task of returning last-login-times to the
user; why not use the same mechanism as a full-blown Application Server

10) The units-of-work have grown, and stuff like Rdb doesn't work in threads
or ASTs anyway, so you need to farm off work to single-threaded processes
11) Would it be nice to have a TP Monitor capability will a pool of
pre-initialised worker process and then to be able to grow/shrink that pool
as client demand dictates? Also imagine what it'd be like to control
server-affinity during message exchange and obtain the true benefits of
parallelism between client and server?
12) How would the worker processes assume the persona of the client without
endowing the client's request with elevated privileges?

And when you've done all that make sure it's generic and re-usable enough
that the next Application can just slot-in seemlessly with a single
configuration record.

Like rollin' off a log really :-)

But you mentioned VMS running a web server? Ok, you go ahead and use that
connectionless, session-hijacking prone, protocol with its cookies and
session IDs and dodgy expiration times (God knows the engineer's comments in
the VMS source code itself has us scared stiff that VMS security has already
been dumbed-down for Java) and let me know how you got on. Then we can talk
about "code-path", seemingly endless redundant layers of software crud, and
finally, performance. But what about your non-browser-based clients are you
really gonna make them also talk SOAP, IDL, STDL, WSDL, XML, HTTP, PHP,
Axis, Tomcat, JSP, CGI and to re-perform the network-connection and
authorization handshake everytime you want a subroutine to add two numbers
together?

And if you still like that idea, here's something else that may appeal to
you, ODBC/JDBC and using a Database Stored Procedure as a poor-man's RPC! I
mean how "easy" is that?

Cheers Richard Maher

PS. I don't see your name on our Hobbyists License list (unless you're using
a hotmail account); how about we rectify that issue now and you can see
first-hand how easy fronting your rich herritage of VMS Applications and
Data with a full-function GUI was meant to be?

PPS. WRT Kerry's post, here is the code for the "Welcome" dialogue box that
appears once a user has successfully logged on, via the Web, to the Tier3
DEMO example program. (As I hope you will soon discover, the DEMO example
provides a simple VMS Queue lookup and management facility.) You can find
the rest of the Java, JavaScript, HTML and COBOL source files in your
t3$examples directory once you've installed Tier3 V3.1 on your system.
(Please let me stress once more that this code is just a suggestion! If
you'd rather use Swing instead of AWT, or bypass the browser and use a
native application instead then go crazy.)

NB: *ALL* of this code is re-usable for any number of client/server
applications! Use the same Java Applet as many times as you like; just
change the parameters.

import java.awt.*;
import java.awt.event.*;
import java.lang.*;
import java.util.*;
import java.text.*;

public class Tier3Welcome extends Dialog
implements ActionListener
{
Button okay = new Button("OK");
Label label1 = new Label();
Label label2 = new Label();
Label label3 = new Label();
Label label4 = new Label();
Font labelSmall = new Font("Helvetica", Font.BOLD, 12);
Font labelBig = new Font("Helvetica", Font.BOLD, 14);

String outLine;
int logFails;

public class DateVMS
{
int year;
int month;
int day;
int hour;
int minute;
int second;
int hsecs;

DateVMS (String inDate)
{
this.year = Integer.parseInt(inDate.substring( 0, 4));
this.month = Integer.parseInt(inDate.substring( 4, 6));
this.month--;
this.day = Integer.parseInt(inDate.substring( 6, 8));
this.hour = Integer.parseInt(inDate.substring( 8, 10));
this.minute = Integer.parseInt(inDate.substring(10, 12));
this.second = Integer.parseInt(inDate.substring(12, 14));
this.hsecs = Integer.parseInt(inDate.substring(14, 16));
}
public int getYear()
{
return year;
}
public int getMonth()
{
return month;
}
public int getDay()
{
return day;
}
public int getHour()
{
return hour;
}
public int getMinute()
{
return minute;
}
public int getsecond()
{
return second;
}
public int getHsecs()
{
return hsecs;
}
}

public Tier3Welcome(Frame wframe, String AppName, byte[] t3IdBuf)
{
super(wframe,true);
setUndecorated(true);

DateFormat fullDate =
DateFormat.getDateTimeInstance(DateFormat.FULL, DateFormat.LONG);
Calendar lastLogin = Calendar.getInstance();

outLine = "Welcome to the " + AppName + " application via TIER3 V" +
Byte.toString(t3IdBuf[3]) + "." +
Byte.toString(t3IdBuf[4]) +
" on node " + new String(t3IdBuf, 5, 6);

label1.setAlignment(Label.LEFT);
label1.setText(outLine);
label1.setFont(labelBig);

DateVMS lastInt = new DateVMS(new String(t3IdBuf, 16, 16));
lastLogin.clear();
lastLogin.set(lastInt.year, lastInt.month, lastInt.day,
lastInt.hour, lastInt.minute, lastInt.second);

outLine = " Last interactive login on " +
fullDate.format(lastLogin.getTime());
label2.setAlignment(Label.LEFT);
label2.setText(outLine);
label2.setFont(labelSmall);

DateVMS lastNonInt = new DateVMS(new String(t3IdBuf, 32, 16));
lastLogin.clear();
lastLogin.set(lastNonInt.year, lastNonInt.month, lastNonInt.day,
lastNonInt.hour, lastNonInt.minute,
lastNonInt.second);

outLine = " Last non-interactive login on " +
fullDate.format(lastLogin.getTime());
label3.setAlignment(Label.LEFT);
label3.setText(outLine);
label3.setFont(labelSmall);

logFails = Integer.parseInt(new String(t3IdBuf, 11, 5));
if (logFails == 0)
{
outLine = "";
}
else
{
if (logFails == 1)
{
outLine = " 1 failure since last successful login";
}
else
{
outLine = " " + Integer.toString(logFails) + " failures
since last successful login";
}
}

label4.setAlignment(Label.LEFT);
label4.setForeground(Color.RED);
label4.setText(outLine);
label4.setFont(labelSmall);

Panel top = new Panel();
top.setLayout(new GridLayout(4, 1));
top.add(label1);
top.add(label2);
top.add(label3);
top.add(label4);
add("North", top);

Panel bot = new Panel();
okay.addActionListener(this);
bot.add(okay);
add("South", bot);

setBounds(280, 320, 300, 300);
pack();
setResizable(false);
setVisible(true);
}

public void actionPerformed(ActionEvent ae)
{
if (ae.getSource() == okay)
setVisible(false);
}
}

"Ken Fairfield" <Ken@xxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5fnoibF3dsgb1U1@xxxxxxxxxxxxxxxxxxxxx
Richard Maher wrote:
Hi Kerry,

One thing I have always liked about OpenVMS is that on logon,
it states when you last logged on - both interactively and via
[non-inter].
At least that is one way which can be used to flag the user that
someone else may have access their account.

Now imagine that after clicking on a web page and enetering your VMS
credentials you could be presented with that very same information
(including login failures since last successful login) - Now that'd be
bloody useful! *Well wouldn't it?*

And it would be very easy to write a program to do that on
VMS (I'm not offering! ) to query the SYSUAF and return that
information. You could implement it via whatever hook your
VMS middleware requires, like a service under TCPIP/IP (or a
DECnet object) if you want, or you if the VMS system is running
a web server, it could run under that.

If only there was some middleware out there that let you do this. . .

For someone who does serious programming like yourself, it
seems like less than an afternoon's worth of design and coding. :-)

-Ken
--
Ken & Ann Fairfield
What: Ken dot And dot Ann
Where: Gmail dot Com


.

Relevant Pages