Connecting to a Repository Adapter
JavaScript sample functions provide a starting point for implementing repository connections using Arbortext Publishing Engine. A sample JavaScript function in PE_HOME\e3\samples\javascript\e3samples.js shows how to establish a repository connection. The function name is specified in an f=javascript HTTP request to Arbortext Publishing Engine. You must update the list of AllowedFunctions in the e3config.xml configuration file to add the JavaScript function names you want to use. Place your modified JavaScript file in PE_HOME\custom\init. The functions in it are automatically loaded when the Sous-processus Arbortext PE starts.
|
If repository credentials or other sensitive information is stored in web.xml or e3config.xml, you should remove permission to access the ACL, JavaScript, VBScript and Java sample applications from the Allowed Functions list in the e3config.xml configuration file. These sample applications display the global parameters, which would be a security issue if the parameters contain confidential information.
|
You can give a specific Arbortext Publishing Engine user account exclusive permission to read a file containing user credentials. These sample functions show how to read such a file on the server and pass the credentials. The function can retrieve and pass a valid username and password to establish the repository connection.
The sample function repository_connect_windchill establishes a connection to Windchill PDMLink or Arbortext Content Manager with the Connexion au serveur PTC.
If you will be using these samples to initiate a permanent connection to the repository so that Arbortext Publishing Engine operations such as f=convert will have access to the repository's objects, the session.disconnect(); line in the script will need to be removed or commented out in the function.
By default, Arbortext Publishing Engine runs on Windows under a local account called SYSTEM. You can create a different user account for Arbortext Publishing Engine (see Installation Guide for Arbortext Publishing Engine for instructions). Access to files on a Windows server machine is controlled by NTFS security. You can give this specific Arbortext Publishing Engine user account exclusive permission to read from a particular file.
After configuring an Arbortext Publishing Engine user account, set the permissions on your credentials text file to give exclusive read access to the Arbortext Publishing Engine user account. All other accounts should have no access. To test the Arbortext Publishing Engine user account's access to the secure file, log in to Windows as the Arbortext Publishing Engine user ID and try to access the file. After you've excluded other users with accounts on your system, you can log in using one of those accounts and make certain the file is not accessible.
Using an ASCII text file for the password file prevents someone from trying to obtain access to the file using a HTTP request containing the f=convert function. An Arbortext Publishing Engine request to convert and return a text file will fail, even if the request specifies the correct path and file name for the credentials file.