10. May 2005 Technisches Seminar DESY in Zeuthen, R. Kammering The electronic Logbook @ the TTF VUV-FEL Making the next step R. Kammering -MVP- DESY in

10. May 2005 Technisches Seminar DESY in Zeuthen, R. Kammering

The electronic LogbookThe electronic Logbook@ the TTF VUV-FEL@ the TTF VUV-FEL

Making the next stepMaking the next step

R. Kammering

-MVP-

DESY in Hamburg


OverviewOverview

• Introduction

• The TTF e-logbook– The basic technology– How does it look like?– Changes since the first version

• E-logs @ XYZ

• Security: Authentication, authorization, …

• Conclusions / The next step


IntroductionIntroduction

The days before the electronic …The days before the electronic …

log [Encyclopædia Britannica] also called maritime log instrument for measuring the speed of a ship through water. The first practical log, developed about 1600, consisted of a pie-shaped log chip with a lead weight on its curved edge that caused it to float upright and resist towing. When the log was tossed overboard, it remained more or less stationary while an attached line (marked off with equally spaced knots) was let out behind…


?

IntroductionIntroductionThe 20'th century 2002 - The year of the XML hype

2003 - the elog got standard

Year 20XXToday


Classic client – server architecture:

User programclient

Web browserclient

e-logbookWeb server

Text+

images

HTML+

JPEGor

PDF

Combinedcontent

Print Upload,typing

Text+

images

The TTF e-logbookThe TTF e-logbook



UNIX pipe - script

User programclient

Web browserclient

e-logbook folder

XML

e.g.PS

PS JPEG

HTML PDF

XSLT / XSL FO

JAVA servlets

XSLXMLXMLXML

2. Store convert create

2. Read

3. Create4. Combine

content layout

1. Print 1. Request 5. Response

Web server

servlet engine

e-logbook server


Let’s have a look:

External:

https://ttfinfo.desy.de/TTFelog-secure

Internal:

http://ttfinfo.desy.de/TTFelog



Navigation

Status info.

Generate PDF

Edit entry

Create new entry

Main window

Automatic hyper linking

Powerfulsearch


Integrated shift summary


Set of (configurable) standard information

Mail to an expert

File upload

Spellchecker

Edit window



Complex tree structures possible

Many supported data formats

Short abstract(gets indexed)

The TTF e-logbookThe TTF e-logbookNatural integration of documentation


TTF VUV-FEL document tree:• > 600 entries• > 200 Mb (mostly) PDF documents• fully integrated into elog (fast access)• support for MS/Open Office formats

underway




Changes since the first version:

all HTML code ported to JSP (Java Server Pages)

to allow:

1. parameterization of e-logbook specific values

2. one central (XML) conf. file per e-logbook

3. access this values via JSTL (Java Server Pages Standard Tag Library) from within every JSP files


 <name>DAQ eLogBook</name>

…<new_shift>M</new_shift>

<lang_code>en</lang_code>

<date_fmt>dd.MM.yyyy</date_fmt>

<title_date>%B %Y</title_date>

<text_pos>beside</text_pos>

…<bgcolor>ffffff</bgcolor>

logbook name

shift period

language setting

date format

date title format

text layout

background color

Central e-logbook configuration file



per e-logbook conf. file allows modular XSL architecture:

XML XSL

HTML

elog.xsl conf.xml

keywords

spellchecker

ORACLE

work.xmlimports +

get datafrom conf.

include rules

includeoracle.xsl

oracle.xslinclude

parse

finalXSL

…



• Storing of shift data to ORACLE DB (JDBC Java Database Connectivity)

• Acquisition of machine statistics (ORACLE)


Further changes: Interoperability

Beam statistics

Down times


Bold to emphasize

Lists to order things

Tables are more readable

Lines to comment


Links

Further changes: Markup functionality (Wiki style)


E-log @ XYZE-log @ XYZ


the motherof all these elogs

Thanks: S. Karstensen, D. Sertore,P. Krejcik and J. Tsai for the snapshots

The TTF elog The TTF elog got popular …got popular …

E-log @ XYZ E-log @ XYZ


Some statistics:

TTF elog is in operation since: Oct. 2001

> 41000 entries have been made

~ 18Gb graphical data / ~25Mb ASCII

textToday >30 TTF like e-logbooks

are running on ~12 servers

…



0

200

400

600

800

1000

1200

Nov-02

Dec-02

Jan-03

Feb-03

Mar-03

Apr-03

May-03

Jun-03

Jul-03

Aug-03

Sep-03

Oct-03

Nov-03

Dec-03

Jan-04

Feb-04

Mar-04

Apr-04

May-04

Jun-04

Jul-04

Aug-04

Sep-04

Oct-04

Nov-04

Dec-04

Jan-05

Feb-05

Date

# o

f vi

sito

rs

shut

dow

n

shut

dow

n

rebu

ildin

g of

TT

F to

VU

V-F

EL

First SASE

Trend?

SecureaccessAll users


ttfinfo.desy.de - Number of unique visitors


Security: Authenti., authori.Security: Authenti., authori.

Stepwise integration of security:

0. No authentication (2002 version)

1. (multiple-) sign on (since 2005)

2. Single sign on (SSO)

3. Cross domain SSO (CDSSO)



Today's security architecture

DESY Intranet

Internet

Elogbookserver

LDAPserver

NISserver

WorkstationWorkstationWorkstation

WorkstationWorkstation

ext. elog user

SynchronizationNIS-LDAP

Authenticationon LDAP server

Firewall

User requestspage (https)



Login procedure

The DIT

(directory information tree)

Authentication

User

Login.jsp

LD

AP

e-logbook

Protectedapplication

1. https request

2. authenticate(via JNDI)

3. set session

4. redirect

c=de

o=desy

ou=ttf

ou=people

uid=rehlich uid=kammer uid=xyz

ou=group

ou=TomcatRole

cn=TTFbudget cn=TTFelog cn=XYZRole



SSO - possible architecture

DESY Intranet

Internet

Elogbookserver X

Identityserver

ext. elog user

Identity serverauthenticates on

LDAP server

User requeststwo secured pages

LDAPserver

PolicyAgent

Firewall

Policy agent redirectsto identity server

Elogbookserver Y

PolicyAgent


Conclusions

• Acceptance of e-logbook is overwhelming

• Ease for cloning was/is high priority

• World wide accessibility is very important

• e-logbook is a must for any kind of remote

operation

• Still much could be done (collaborations?)

ConclusionsConclusions


Security

• Implement SSO authorization schema

• Extend authorization to DOOCS …

The next step …The next step …

Elog-core

• Extend configurable parameters

• Harden automated elog installation

• …


Online resources:

The TTF e-logbook technology: http://tesla.desy.de/doocs/elogbook

e-logbook for testing: http://gan.desy.de/guestelog

the central TTF e-logbook server: https://ttfinfo.desy.de

Thanks for your attention!Thanks for your attention!

Documents

10. May 2005 Technisches Seminar DESY in Zeuthen, R. Kammering The electronic Logbook @ the TTF VUV-FEL Making the next step R. Kammering -MVP- DESY in