ENTERA DCE-CORBA BRIDGE


(来源:http://www.borland.com/)

Extending DCE and Entera Systems to CORBA and the Web
(continued)

The DCE-CORBA Bridge enables fast, seamless integration

The DCE-CORBA Bridge is the first commercially-available product to enable CORBA applications to use IIOP to seamlessly and securely access data and transactions from Entera and DCE applications. With this product, organizations can leverage their current investment in existing Entera/DCE applications while laying a solid foundation for expansion of these systems onto the Internet.

Using the DCE-CORBA Bridge, your organization can:

How the DCE-CORBA Bridge Works

The DCE-CORBA Bridge acts as a standard IIOP CORBA server when accessed by CORBA applications, and as a standard OSF-DCE client when talking to any DCE Server, as shown in Figure 1. In its role as a CORBA server, the gateway encapsulates Entera and DCE systems in an object wrapper that enables the object-oriented CORBA clients to access DCE data and transactions using object semantics. Such encapsulation means that your organization does not need to make any changes to your production servers; servers can even remain operational as the gateway is being installed. And CORBA application developers do not need to know about Entera or DCE details, such as the Naming Service, Security Service, and so on.

Borland DCE-CORBA Bridge
Figure 1: The DCE-CORBA Bridge acts as a standard IIOP CORBA server when accessed by CORBA clients, and as a standard OSF-DCE client when talking to any DCE server.

IIOP support Web-enables DCE and Entera Applications
Because the DCE-CORBA Bridge supports IIOP, which is the standard CORBA transport protocol for use over IP networks, you can use the gateway to extend existing Entera and DCE applications to the Internet, intranet, and extranets where they can be accessed through any browser. Products such as Borland's VisiBroker Gatekeeper provide tools to tunnel IIOP within HTTP, so that clients using IIOP can access the gateway through any HTTP-based Web server, such as an HTTP only firewall, as shown in Figure 2. HTTP-only browsers can also access DCE servers through the DCE-CORBA Bridge via the gateway's support for the Web Access Interface (WAI), which allows a Web server to interface with CORBA using Java scripts.

HTTP Tunneling
Figure 2: HTTP tunneling allows CORBA clients to access the DCE-CORBA Bridge through an HTTP-only Web server.

Open Protocol support means industry-standard interoperability
Support for the open CORBA and DCE standards means organizations can integrate products from a wide range of vendors.

Easy and flexible development and configuration speeds time to market and reduces total cost of ownership

The DCE-CORBA Bridge offers a number of features, including automatic IDL conversion and datatype mapping, an easy-to-use configuration file, dynamic configuration, and a choice of runtime naming and security services for the gateway, that dramatically reduce the time it takes for organizations to integrate their legacy Entera and DCE systems with their CORBA applications. In addition, by eliminating the need for developer training and minimizing configuration overhead, these features reduce the total cost of ownership for your system.

Automatic IDL conversions reduce training
Enabling CORBA clients to access DCE servers through the DCE-CORBA Bridge is quick and easy. The gateway automatically converts Entera/DCE IDL files for DCE servers into CORBA IDL files. As a result, Entera/DCE developers can continue to work with their familiar Entera/DCE IDL files; CORBA developers use familiar CORBA IDLs. Because the gateway performs all IDL translation work transparently, there is no need to generate code or recompile gateway applications.

Developers can then save the CORBA-formatted IDLs into a CORBA repository or with a file system directory and use standard CORBA development tools, such as JBuilder or C++ , to build client applications that use these CORBA IDLs to access DCE servers through the gateway.

Comprehensive datatype support means complete mapping
The DCE-CORBA Bridge translates virtually all DCE datatypes into CORBA datatypes by automating OMG mapping rules as shown in Figure 3. The process maps everything from primitive data types to arrays, nested structures, and unions greatly speeding an otherwise tedious manual process.

DCE CORBA
        Interface basicsrv
        {
          signed32 add(
           [in] signed32 x,
           [in] signed32 y);
        }
module basicsrv {
   interface BridgeObject{
        long add(
            in long x,
            in long y
           );
   };
};

Figure 3: The DCE-CORBA Bridge translates virtually all DCE datatypes into CORBA datatypes by automating OMG mapping rules.

Configuration file simplifies system configuration
It's easy to configure the attributes of the DCE-CORBA Bridge. Rather than manually programming attributes, you simply go to the distributed application profile (DAP) file, which contains a listing of system attributes such as security or naming, and set their values.

Dynamic gateway furnishes flexibility and scalability
With a static gateway, you must specify the servers the gateway will support before compiling your gateway application; to add a server, you must bring down the gateway, add the new IDL interface, then recompile. As a dynamic gateway, the DCE-CORBA Bridge furnishes a much greater degree of flexibility to accommodate changing organizational requirements. Simply add the IDL for the new server into your IDL repository ( the gateway automatically performs any required translations), restart the gateway, and you're ready to access the new server from your CORBA clients.

This dynamic capability makes it easy to scale your applications. Add a single server by placing its IDL interface into your IDL repository. Or scale from a simple prototype to a large-scale production quality application by adding the production IDL interfaces to the repository.

CORBA or URL naming means easier access via the Internet
The DCE-CORBA Bridge supports two options for allowing CORBA clients to access the gateway during runtime.

The CORBA naming service is a standard that permits objects to find each other by name. But there may be times when it is not feasible to use this naming service. For example, you may wish to allow clients to access the DCE-CORBA Bridge through a firewall that does not support IIOP. The DCE-CORBA Bridge therefore provides a second naming option-URL naming. This option allows clients to find the gateway using a standard URL, thereby making it easy for you to make your DCE servers available to the Internet.

Robust, End-to-End Security

CORBA uses the secure socket layer (SSL) protocol to provide encryption and authentication for secure communications between clients and servers. SSL is the standard security protocol developed by Netscape in 1994. DCE, however, has long offered a highly granular access control to the server, in addition to encryption and authentication.

The DCE-CORBA Bridge allows CORBA clients to take advantage of this superior DCE security. CORBA Clients log onto the DCE-CORBA Bridge using SSL, which authenticates the CORBA client and the gateway to each other using an X.509 certificate and encrypts messages traveling between the two systems. Once SSL has established this secure communications channel, users securely enter their password to access the DCE server, as shown in Figure 4.

Authentication
Figure 4: CORBA clients gain the advantage of both SSL security and DCE access control.
CORBA clients log into the gateway using SSL to create a secure communications channel.
DCE controls server access.

In addition to supporting DCE security, the gateway also supports the vendor neutral generic security services (GSS) API. By using the GSS API, you can develop applications without tying your security to a specific security vendor. For example, CyberSafe supports this API, allowing customers to use its digital certificates with the DCE-CORBA Bridge.

In the default configuration, the gateway provides each CORBA client with its own login name and password. In addition, you have the option to extend or modify the security features to meet your unique requirements by writing or customizing Java classes.

Multithreading maximizes performance

The DCE-CORBA Bridge takes advantage of today's powerful, multiple CPU server systems through its multithreaded architecture, which maximizes gateway performance by allowing multiple client sessions to run in parallel. Each client process receives its own thread, eliminating the need for any client to wait for the completion of any other client operations. Thread pooling ensures that server resources are used efficiently since the gateway parcels out resource consuming threads only when users need them. If the number of clients online exceeds the number of threads, the gateway dynamically creates new threads for them.

Comprehensive Systems Management

The DCE-CORBA Bridge offers a number of features that ensure that your gateway is easily managed. These include the following:

AppCenter provides central gateway and server control
The DCE-CORBA Bridge supports the Borland AppCenter?enterprise application management suite of products. Using AppCenter, administrators can seamlessly manage all of your DCE-CORBA Bridges and Entera/ DCE servers from a simple console. The AppCenter management console provides many benefits, including 24 x 7 process monitoring, graphical runtime statistics, automatic fail-over, dynamic load balancing, and event notification.

Multiple server support improves system manageability
Each DCE-CORBA Bridge can support multiple DCE servers by mapping each DCE interface to a CORBA object, called a Bridge Object, as shown in Figure 5. Grouping multiple servers on the same gateway improves manageability for your entire system by eliminating the need for a separate gateway process for each DCE server.

Multiple DCE Servers
Figure 5: The DCE-CORBA Bridge supports multiple DCE servers by mapping each DCE interface to a CORBA Bridge Object.

Built-in application tracing and auditing assists troubleshooting efforts
The DCE-CORBA Bridge's configuration file gives you the option of generating runtime trace and audit files with your choice of detail level. Such information allows you to track and troubleshoot the inner workings of your system.

Built-in fault-tolerance and failover protect mission-critical operations
It is extremely important for organizations deploying mission-critical applications to have backup servers that can take over should the master production server go down. The DCE-CORBA Bridge furnishes capabilities that allow the gateway to seamlessly fail over to a replicated server should the primary system fail. To activate this feature, you use standard DCE or Entera attribute configurable files (ACFs) to specify failover configuration details. You store the ACFs in the same repository or directory as your IDL interfaces.

Cross Platform Support

The DCE-CORBA Bridge is currently available on the NT, Solaris, and AIX platforms. Support is planned for additional platforms.

Entera/DCE supports common databases such as Oracle, DB2, Sybase, Informix, Microsoft SQL Server, and the ODBC standard to provide database independence and eliminate software "lock-in." It provides native language support for C/C++, COBOL, C++ Builder, Visual Basic, PowerBuilder, Java, and Delphi to leverage investments in technology, developer skills, and existing code in your organization. It also supports existing MVS platforms so you can leverage your legacy hardware.

Conclusion: CORBA/DCE Interoperability with a fast time to market, a high level of security, and a low total cost of ownership

With the DCE-CORBA Bridge, your organization can take advantage of the best of all worlds. You can continue to use your existing Entera/DCE systems. You can take advantage of modern object-oriented distributed infrastructures to develop distributed Web applications. You can allow the two systems to interoperate, allowing your Web applications to access production applications and to take advantage of robust DCE security. And you can accomplish all this quickly, easily, using your developers' existing skillsets, and with a low total cost of ownership.