Randolph Cabral’s Weblog

…beauty is just a dimmer switch away…

Archive for the ‘General’ Category

Business Objects Enterprise 11.5 Shared Secret…Shhhh!

Posted by Randolph Cabral on Thursday, May 29, 2008

I had to blog about this because I’m sure many of you who need to deal with the BOE XI .NET APIs will find this one useful.  Also because I know I’m going to need this info again at some point and I figure this is the best place to memorialize this knowledge.  In this post, I’ll specifically talk about my experience in enabling trusted authentication to the BOE server using ‘secEnterprise’ security with the BOXI .NET APIs.  A note for Java developers – I think most of the code samples should work with the exception of the use of concrete types.  Most of the types are replaced with interfaces in Java and the naming convention is such that you should be able to add an ‘I’ to the beginning of the type names.  Why they didn’t do this for .NET is a mystery to me.

The first thing we need to do is open the secEnterprise folder on both the client machine and on the server.  The path is as follows – [Drive:\Business Objects Installation Folder]\BusinessObjects Enterprise 11.5\win32_x86\plugins\auth\secEnterprise.  Here you should find a single file named secEnterprise.dll.  If you don’t see this file, or folder, you are going to need to install the BOE XI R2 SP2 client tools.  The one I installed is dated 3/6/2007.  Once installed, the above mentioned files and folders should be present.  Once located, it’s time to add a new text file and name it “TrustedPrincipal.conf”.  Using your favorite plain vanilla text editor (I use notepad) add a line that reads, “SecretPassword=[word or phrase without spaces using 0-9, A-Z, and a-z characters only]”.  Obviously, the word/phrase must match on the client and server installations. NOTE:  If the server already has this file and a password/phrase is already present, do not change it!  I recommend copying the server value to your client file.  But, if you’re feeling macho and absolutely need to change it, a reboot of the server may be required to flush the old value from cache.

Now, the following code sample will allow you to “impersonate” any user that has been granted access to the BOE server using the trusted principal method.

  SessionMgr sess = new SessionMgr();

  TrustedPrincipal tp = sess.CreateTrustedPrincipal(“John.Doe”, “YourBoxiServerName”);

  EnterpriseSession esess = sess.LogonTrustedPrincipal(tp);

With a little bit more code, we can use the current thread to detect the security principal and parse the user name so we can pass it in as a method argument.

  string identName = System.Threading.Thread.CurrentPrincipal.Identity.Name;

 

  if (string.IsNullOrEmpty(identName))

    throw new System.Security.SecurityException(“Not logged in!”);

 

  int startIdx = identName.IndexOf(‘\\’) + 1;

  string username = identName.Substring(startIdx, identName.Length – startIdx);

 

  SessionMgr sess = new SessionMgr();

  TrustedPrincipal tp = sess.CreateTrustedPrincipal(username, “YourBoxiServerName”);

  EnterpriseSession esess = sess.LogonTrustedPrincipal(tp);

One last thing to note is that I’m referencing a combination of version 11.5.3300.0 and 11.5.3700.0 of the CrystalDecisions assemblies.

Well, that’s it.  I hope someone out there finds this post helpful. 

Posted in BOXI .NET SDK, C#, General, Programming | Tagged: , , | 1 Comment »

You’re Not A “Real Programmer”

Posted by Randolph Cabral on Wednesday, April 30, 2008

I recently met up with a fellow programmer buddy of mine who has been working for a software development group that has gone through several managers recently.  Each manager, varying in both development and management experience, had varying ideas on how to approach the requirements for a specific project.  Frequent turn over in management continued to complicate things.  Eventually, they found a manager that was willing to stick it out.  Unfortunately, his management style doesn’t exactly create a creative environment where developers can thrive. 

The group has been charged with converting an existing windows forms client application for the web.  After exhaustive research into which web technology platform they wanted to develop on the manager decided to go against the tide and force the group to implement the new web application in C++.  Any developer in the group who expressed a difference in opinion was quickly shut down with the manager hinting at the notion that “real programmers” code in C++.

I have no problem with C++, but given that the requirements call for a web application, I’m going to have to respectfully disagree.  And what’s wrong with managed code anyway?  I guess only those who know how to manage resources manually are “real programmers”.  Many successful enterprise applications, both for the web and for windows, are written in Java or C#.  There are plenty of open source web development frameworks written for Java that increase productivity incredibly.  Similarly, ASP.NET with C# creates a powerful way to programatically access HTML controls. 

In other words, we have power tools now that help us with the construction process.  Don’t get me wrong, there’s still a valid and relevant use for the handsaw.  Building a house is not one of those uses.

Posted in C#, General, Object Oriented Programming, Programming, Software Architecture | Tagged: , , , | 1 Comment »

My First Blog Post

Posted by Randolph Cabral on Friday, March 28, 2008

Firstly, welcome to my home on the web!  My name is Randolph Cabral, and I’m a Software Developer working for AMB Property Corporation in San Francisco, California.

Well, I guess the time has come.  I’m starting my own personal blog.  I never imagined I would start one because I didn’t want to corrupt the world with my useless musings, and trust me, I have many.  I realize now that there is a compelling reason to maintain and write to a blog after all, and that reason is to share.

I’m not sure how or why this “sharing” concept had escaped me for so long.  I like to think that I’m a generous and charitable person.  But I guess that hasn’t been the case with certain aspects of my professional life.  So here I am at the dawn of my attempt to share as much as my peers are willing to bear.  But I’m not talking about sharing pointless politically charged opinions or to journal how my cat just learned to flush the toilet (no offense to those who blog about politics or their latest pet exploits).  I’m talking about sharing something that others will hopefully find useful.  I’m talking about sharing my technical endeavors as a computer software developer.

For years, I’ve frequented many technical blogs which have helped me on countless projects from a best practices stand point and also from an architectural standpoint.  I continue to learn a great deal from their code snips and reading about the nature of the requirements that lead to the solution.  It’s time that I give back and make my experiences public.  It is my hope that at the very least, one of my posts helps a fellow programmer.

Let me be clear that I am by no means an expert in the field of software development.  To make such a claim would be pompous and arrogant of me.  I can only claim that I have had positive experiences in writing and implementing software which continues to live on as successful productive enterprise applications.

I look forward to sharing my experiences with you all – good or bad.

Posted in General | Tagged: | 1 Comment »