Docly

How to integrate VG in PowerBuilder?

Estimated reading: 5 minutes 311 views

To Integrate Visual Guard in your PowerBuilder application, you have to:

  • Add the library of Visual Guard in library list of your target.
  • Add the Dll of Visual Guard runtime in your directory project
  • Integrate Visual Guard in the code of your application.
  • Create a Visual Guard repository and declare your application by using the Visual Guard console. This repository will contain all security items (users, roles, permissions …) of your application.
  • Generate the Visual Guard configuration files by using the Visual Guard console. These configuration files will be needed to connect your application to the repository.
  • Grant read/write permissions to the repository.

Add Visual Guard pbl files in your application

  • Open the workspace of your project in PowerBuilder.
  • In the solution explorer, expand the workspace node.
  • Right-click the Target node for the workspace and select Properties from the shortcut menu.
  • In Library List tab, select the 2 libraries Novalys.visualguard.security.pbrt.pbl, Novalys.visualguard.security.pbrte.pbl .
  • Click the OK button
  • Novalys.VisualGuard.Security.pbrt.pbl conains the main Visual Guard classes. The content of this PBL should not be modified by developers.
  • Novalys.VisualGuard.Security.pbrte.pbl contains the classes needed to extend the functionality of Visual Guard.
  • Novalys.VisualGuard.Security.pbrt.dll contains the base classes and SSO manager.

Generate your configuration file for connection to Visual Guard Repository

  1. Using Visual Guard Identity Server
  2. Without Using Visual Guard Server (Using VGPBClient – Local system)

Using Visual Guard Identity Server

File configuration of PowerBuilder application

Variable NameDescriptionValue
VGServerUrl of VGServer or VGidentityServerUrl sample
http://127.0.0.1:29000|http://127.0.0.1:29001
VGPBClient to communicate with VGRuntime (.Net)
portPort of the service Default is 80 for http, you can set 443 for https
ClientidOnly for VGIdenityServer <GUID>
SecretOnly for VGIdentityServer, encoded to base64
mergeRolesNeed to merge the rolesY= for yes
N= for no
supportedAuthenticationModesWhat type of authentification is supportedVG equals VisualGuard
AD equals Active Directory
WC equals Windows by credentials
PL equals PasswordLess authentication
Db equals Database authentication
silentModeY= for yes
N= for no
traceY= for yes
N= for no

PowerBuilder file configuration for IdentityServer

[SECURITY] 
VGServer=http://127.0.0.1:29000|http://127.0.0.1:29001 
ClientId=<Guid>
secret=<Password encoded to base64>
mergeRoles=Y 
supportedAuthenticationModes=VG|AD|WBC 
dynamicBrowser=Y 
silentMode=Y 
trace=Y

Without Using Visual Guard Server (Using VGPBClient – Local system)

[SECURITY] 
VGServer=VGPBClient 
TraceServeur=Y (or N, to delete or no files exchange with VGPBClient for tracing execution).

The program VGPBClient.exe and it’s dependencies must be copied in the current directory of the secured
PowerBuilder application. (Or in a path accessible by it).  

  • Novalys.VisualGuard.Security.dll
  • Novalys.VisualGuard.Security.SQLServer.dll Or Novalys.VisualGuard.Security.Oracle.dll

The VisualGuardConfiguration.config file of this program (VGPBClient) should be made correctly:

Modify applicationId and connectionString with your values of application

  • applicationId=”7e6b1582-9229-451a-a615-22ec70933353″
  • connectionString=”server=YOURSERVERNAME\YOURSQLEXPRESS;initial catalog=visualguarddb;Trusted_Connection=True;”

The exchange files between PowerBuilder application and VGPBClient are generated, by default, in the directory: C:\ProgramData\Novalys\VisualGuard\FileTrsf


Integrate in your PowerBuilder Code

Declare the Security Manager

// Declare the security manager as global variable 
vge_n_cst_vgmanager guo_vgmanager

Create the Security Manager

// Create the security manager 
guo_vgmanager = CREATE vge_n_cst_vgmanager

Destroy the Security Manager

// Destroy the security manager 
if IsValid(guo_vgmanager) then 
Destroy (guo_vgmanager)

Declare the Configuration file (and Trace file if use) of application

// Declare configuration file with your parameters to connect at Visual Guard Server 
guo_vgmanager.of_setconfigfile ("myconfigfile.cfg")
// Declare the trace file if you use tracing action execution in your application 
guo_vgmanager.of_settracefile ("mytracefile.log")

Authenticate with Visual Guard

Authenticating a user with your own Visual Guard login

// Authenticate a Visual Guard User and load the security data 
if isvalid(guo_vgmanager) Then 
     if guo_vgmanager.of_VerifyUser(VGlogin, VGpassword) > 0 Then 
            Open(w_Main) 
    Else 
            Return 
    End if 
End if

Authenticating a user with your own login window using Signal Sign-On (SSO)

// Authenticate a Windows User and load the security data 
if isvalid(guo_vgmanager) Then 
    if guo_vgmanager.of_VerifyUser() > 0 Then 
        Open(w_Main) 
     Else 
        Return 
    End if 
End if

Authenticating a user with your own login window using credentials

// Authenticate a Windows By Credential User and load the security data 
if isvalid(guo_vgmanager) Then 
      if guo_vgmanager.of_VerifyUser(VGlogin, VGpassword, vg_n_authenticationmode.windowsbycredential) > 0 Then 
          Open(w_Main) 
     Else 
         Return 
     End if 
End if

How to get the bearer token?

To manually use the API provided by the VG Identity Server, you must use the bearer token provided by the VG Runtime after authentication.

guo_vgmanager.of_getbearertoken()

This API allows you to:

  • Check that the Visual Guard account, the Windows account, and the Windows By Credential account exist.
  • Check that the user password is valid (Visual Guard account only)
  • Check that the user has a valid profile for this application
  • Load the application security related to the account profile

Secure Application Components

  • CallingObject: The main object from which you apply the security, usually the window
  • CallingID: A string identifier to differentiate many calls from the same object
  • Parameters: A string containing one or more parameters to send to the security manager

In general, this function is called in the open event of the ancestor window:

// Trigger the security in the open Event of the ancestor window 
if isvalid(guo_vgmanager) Then 
     guo_vgmanager.of_SetSecurity( this, "open", "") 
End if

For the PFC, add the following code:

// In the event ?w_master.pfc_preopen? in ?pfemain.pbl?: 
if IsValid(guo_vgmanager) Then 
     guo_vgmanager.of_SetSecurity ( this, "open", "") 
End if
// In the event ?w_master.pfc_postopen? in ?pfemain.pbl?: 
if IsValid(guo_vgmanager) Then 
     guo_vgmanager.of_SetSecurity ( this, "postinit ", "") 
End if
// In the event ?u_dw.Constructor? in ?pfemain.pbl?: 
if IsValid(guo_vgmanager) Then 
    guo_vgmanager.of_SetSecurity ( this, "constructor ", "") 
End if

Leave a Comment

Share this Doc
CONTENTS