Your SlideShare is downloading. ×
0
Kate Soglaeva
ADVANCED
ATG PROFILE
MANAGEMENT
 DAF Servlet Pipeline
 Tracking users
 Security status
 Access control
 Auto login
 Profile markers
 Password manag...
DAF SERVLET PIPELINE
 PageFilter starts the DAF servlet pipeline by calling
DynamoHandler
PAGEFILTER
startRequestServletName
TRACKING USERS
Users
anonymous registered
USERS
8
•Transient profile
•Transient order
Session
started
•Persistent profile
•Persistent order
Registration
USERS
9
1. Store anonymous users
# /atg/userprofiling/ProfileRequestServlet
persistAfterLogout=true
persistentAnonymousProfiles=tr...
Set up auto-login
CookieManager
 sendProfileCookies=true
ProfileRequestServlet
 verifyBasicAuthentication=false
TRACKI...
PROFILEREQUESTSERVLET
creates an instance of the atg/userprofiling/Profile
create a cookie containing the Profile ID of th...
14
SECURITY STATUS
Value Login method used
0 Anonymous
1 Auto Login by URL parameter
2 Auto Login by Cookie
3 Login by HTTP basic auth
4 Expl...
 Extract profile by DYN_USER_ID
PROFILEREQUEST
16
<dsp:droplet name="Compare">
<dsp:param bean="Profile.securityStatus" name="obj1"/>
<dsp:param bean="PropertyManager.secur...
 provides authentication using the Basic HTTP authentication
mechanism
AUTHENTICATIONSERVLET
19
ACCESS CONTROL
21
ACCESSCONTROLLER
22
<ruleset>
<accepts>
<rule op=eq>
<valueof target="Gender">
<valueof constant="female">
</rule>
</accepts>
</ruleset>
RULEA...
25
PASSWORD EXPIRATION
/atg/userprofiling/ExpiredPasswordService
enabled=true
passwordValidForNumDays=30
redirectPath=expirePassword.jsp
/atg/dyn...
PASSWORD EXPIRATION
Confidential 28
PASSWORD EXPIRATION
Confidential 29
INSERTING SERVLETS IN
THE PIPELINE
STEPS TO CREATE PIPELINE SERVLET
Add the servlet to /atg/dynamo/servlet/Initial.initialServices
Set the new servlet’s next...
PIPELINEBLESERVLET
INSERTABLESERVLET
1. Disable unnecessary servlets
2. Add new servlets if required
Ex. Reprice order functionality
HOW TO USE?
35Confidential
PROFILE MARKERS
USER PROFILE MARKERS
37Confidential
PASSWORD
Confidential 38
 ATG 10.0
/atg/userprofiling/PropertyManager/
 ATG 10.1 /atg/userprofiling/InternalPropertyManager/
PASSWORD HASHING
Con...
 SHA-256
algorithm with a random salt, and iteratively rehashes the
result.
ATG 10.1 OOTB PASSWORD HASHING
Confidential 40
 MD5
algorithm and then encodes the result using base 16 encoding
ATG 10.0 OOTB PASSWORD HASHING
Confidential 41
 passwords will be stored and compared in clear text
DISABLE PASSWORD HASHING
Confidential 42
PASSWORDRULECHECKER
Confidential 43
THANK YOU!
QUESTIONS?
ATG Advanced Profile Management
ATG Advanced Profile Management
ATG Advanced Profile Management
ATG Advanced Profile Management
Upcoming SlideShare
Loading in...5
×

ATG Advanced Profile Management

1,449

Published on

ATG Advanced Profile Management:
-DAF Servlet Pipeline
-Tracking users
-Security status
-Access control
-Auto login
-Profile markers
-Password management

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,449
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
93
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Transcript of "ATG Advanced Profile Management"

  1. 1. Kate Soglaeva ADVANCED ATG PROFILE MANAGEMENT
  2. 2.  DAF Servlet Pipeline  Tracking users  Security status  Access control  Auto login  Profile markers  Password management AGENDA
  3. 3. DAF SERVLET PIPELINE
  4. 4.  PageFilter starts the DAF servlet pipeline by calling DynamoHandler PAGEFILTER
  5. 5. startRequestServletName
  6. 6. TRACKING USERS
  7. 7. Users anonymous registered USERS 8
  8. 8. •Transient profile •Transient order Session started •Persistent profile •Persistent order Registration USERS 9
  9. 9. 1. Store anonymous users # /atg/userprofiling/ProfileRequestServlet persistAfterLogout=true persistentAnonymousProfiles=true 2. Update required properties TRACKING ANONYMOUS USERS 10
  10. 10. Set up auto-login CookieManager  sendProfileCookies=true ProfileRequestServlet  verifyBasicAuthentication=false TRACKING REGISTERED USERS 11
  11. 11. PROFILEREQUESTSERVLET creates an instance of the atg/userprofiling/Profile create a cookie containing the Profile ID of the current guest user Auto-logs in maintain persistent information: persistentAnonymousProfiles=true
  12. 12. 14 SECURITY STATUS
  13. 13. Value Login method used 0 Anonymous 1 Auto Login by URL parameter 2 Auto Login by Cookie 3 Login by HTTP basic auth 4 Explicit login or registration by http 5 Explicit login or registration by https 6 Certificate provided Group Explanation 0 The user is unknown 1,2 Auto login. Personalization is fine by restricted access to sensitive pages. 4,5 Explicit login. Full access 3,6 Project specific SECURITY STATUS VALUES
  14. 14.  Extract profile by DYN_USER_ID PROFILEREQUEST 16
  15. 15. <dsp:droplet name="Compare"> <dsp:param bean="Profile.securityStatus" name="obj1"/> <dsp:param bean="PropertyManager.securityStatusLogin" name="obj2"/> <dsp:oparam name="lessthan"> <!-- send the user to the login form --> <dsp:include page="login_form.jsp"></dsp:include> </dsp:oparam> <dsp:oparam name="default"> <!-- allow the user to proceed to the protected content --> <dsp:include page="protected_content.jsp"></dsp:include> </dsp:oparam> </dsp:droplet> SECURITY STATUS USAGE 17
  16. 16.  provides authentication using the Basic HTTP authentication mechanism AUTHENTICATIONSERVLET
  17. 17. 19 ACCESS CONTROL
  18. 18. 21
  19. 19. ACCESSCONTROLLER 22
  20. 20. <ruleset> <accepts> <rule op=eq> <valueof target="Gender"> <valueof constant="female"> </rule> </accepts> </ruleset> RULEACCESSCONTROLLER. RULESETSERVICE 23
  21. 21. 25 PASSWORD EXPIRATION
  22. 22. /atg/userprofiling/ExpiredPasswordService enabled=true passwordValidForNumDays=30 redirectPath=expirePassword.jsp /atg/dynamo/servlet/pipeline/ExpiredPasswordServlet localUrlsToAllow=/style/css/style1.jsp PASSWORD EXPIRATION 27
  23. 23. PASSWORD EXPIRATION Confidential 28
  24. 24. PASSWORD EXPIRATION Confidential 29
  25. 25. INSERTING SERVLETS IN THE PIPELINE
  26. 26. STEPS TO CREATE PIPELINE SERVLET Add the servlet to /atg/dynamo/servlet/Initial.initialServices Set the new servlet’s nextServlet property Reset the previous servlet’s nextServlet property Define global scope component Extend atg.servlet.pipeline.PipelineableServletImpl
  27. 27. PIPELINEBLESERVLET
  28. 28. INSERTABLESERVLET
  29. 29. 1. Disable unnecessary servlets 2. Add new servlets if required Ex. Reprice order functionality HOW TO USE?
  30. 30. 35Confidential PROFILE MARKERS
  31. 31. USER PROFILE MARKERS
  32. 32. 37Confidential PASSWORD
  33. 33. Confidential 38
  34. 34.  ATG 10.0 /atg/userprofiling/PropertyManager/  ATG 10.1 /atg/userprofiling/InternalPropertyManager/ PASSWORD HASHING Confidential 39
  35. 35.  SHA-256 algorithm with a random salt, and iteratively rehashes the result. ATG 10.1 OOTB PASSWORD HASHING Confidential 40
  36. 36.  MD5 algorithm and then encodes the result using base 16 encoding ATG 10.0 OOTB PASSWORD HASHING Confidential 41
  37. 37.  passwords will be stored and compared in clear text DISABLE PASSWORD HASHING Confidential 42
  38. 38. PASSWORDRULECHECKER Confidential 43
  39. 39. THANK YOU! QUESTIONS?
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×