Archive for Mark

MD5 Hash Encryption in CA Plex

Occasionally you will need to perform a one way hash for passwords. This post shows how to do it using the MD5 algorithm in CA Plex with some java source code.

For background on this, check out this link.

First, create a source code object that looks like this:

MD4Hash

Here is the code to cut and paste:


{

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

String passwordToHash = &(1:).toString();
String generatedPassword = null;
try {
// Create MessageDigest instance for MD5
MessageDigest md = MessageDigest.getInstance(“MD5”);
//Add password bytes to digest
md.update(passwordToHash.getBytes());
//Get the hash’s bytes
byte[] bytes = md.digest();
//This bytes[] has bytes in decimal format;
//Convert it to hexadecimal format
StringBuilder sb = new StringBuilder();
for(int i=0; i< bytes.length ;i++)
{
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
}
//Get complete hashed password in hex format
generatedPassword = sb.toString();
}
catch (NoSuchAlgorithmException e)
{
e.printStackTrace();
}

&(2:).fromString(generatedPassword);

}

Make It Zero

Web Services are an essential part of modernizing many legacy systems. CA 2E developers are able to build their own Web Services inside the CA 2E model. Recently, I worked with a customer on exposing some important parts of their CA 2E application through Web Services. There are several lessons we learned while implementing Web Services.

One item continued to show up regularly. The issue is uninitialized numeric variables. It is very important when passing numeric values in Web Services that they contain a value, even if the value is 0.   The first thing that must be done when building a Web Service is to make sure the returning numeric values are set to 0. If you are returning an array of one or more values, all numeric values must be initialized. So if you are returning 50 elements in the array, all 50 need to be initialized. The best way to do this is to create a loop that reads each of the 50 elements and moves a zero value or blank value into each of the fields. This first step in the process can save you a lot of headache in the future.

Create Great CA 2E Code with A Few Simple Tricks

Good coding in CA 2E takes some effort. A key aspect of creating good code is to make the action diagram simple to read. It is always good to include comments in code so the next programmer can read your intent. It is also very helpful to divide your code into separate sections of related code. Then you can use the H key to hide that section of code. When you want to look at your code, use Z to zoom into the section or us an S to show the expanded section of code. These concepts are probably old news to the seasoned 2E professional.

One of the ways that I have often used to divide my code into sections is by using IS or ISF to Insert a Sequence. This works great and allows you to divide code into sections and add some comments to a section of code. When looking at the source code, you will see that in RPG or COBOL, a separate sub-routine is created for this code.

Sub-routines are not a problem, but sometimes it is easier during debugging to not have to go back and forth between sub-routines.  I found a great trick that helps you deal with this more smoothly – ‘insert a case statement.’ Insert a Case Statement then insert an’ otherwise in the case.’ Finally, delete the ‘New Condition’ statement of the Case Statement. It sounds sort of strange to have a Case Statement with no conditions but in effect, it is creating a section of code that will always be executed. Plus no sub-routine is generated in the source code.

 

Untitled

Untitled1

Untitled2

New Features in CA 2E r8.7

The most significant feature in CA 2E r8.7 is the ability to convert a DDS database file to SQL without having to recompile the functions associated with the file. This capability makes moving to a modern SQL database rather easy. In the past, communication between Java and web developers was hampered because CA 2E generated cryptic file names. Now, you can create meaningful names of up to 25 characters in length for both file and field names.

There are also some other nice upgrades that can become useful in a developer’s daily work. One of the upgrades that developers will find useful is the ability to filter out NLL parameters when looking at a list of file parameters. When on the Edit Action – Function Detail screen, toggle through the filters with the F15 key. The filters can make viewing parameters more convenient especially with the new NLL filter.

Currently, there is a filter for ‘All Parameters:’

New Features in 2E 1

 

And one for ‘Undefined Parameters:’

New Features in 2E 2

 

CA 2E r8.7 also adds the ability to filter out all parameters that have been set to NLL:

New Features in 2E 3

 

These new features should make development easier and represent a good case for considering an upgrade soon.

2E/Plex World Wide Developer Conference

It’s Time for the 2015 CA 2E/CA Plex 7th Developers Conference
Join the CA Community, Partners and Customers for this Premier Developer and Analyst Event in Austin, TX
Hello again to the Worldwide CA 2E/Plex Community,

Early Bird registration for only US$249 is now open for the 7th CA 2E/CA Plex Developers Conference, to be held at the AT&T Conference Center in Austin, Texas. June 1-4, 2015

Visit the conference site to complete your registration.

Create Export Files the Easy Way

One of the challenges in any data system is how to share data with other systems. There are many times you need to create a data file that can be exported into other systems. This can be anything like from an ACH file that goes to the back, a Skip Trace file or any other kind of data file.

The challenge in building these files is finding a way to convert all the required fields into text data for the flat file. CA 2E provides multiple ways you can do this. The first is to use the built-in function, *CVTVAR, to convert each numeric field type into a text field type then concatenating all the fields together. This works but it takes a while to code.

The process can be greatly simplified if you use an array. Here are the steps:

1. Create an array with all the fields you plan to export. The fields can be both numeric and text fields.

2e1

2. Create a CRTOBJ function for the array. The input parameters will be the fields for the array and the output parameter will be the text field for the new flat file you plan to build.

2e2

3. In the ‘Processing after Data’ update section of the Action diagram, add a CVTVAR. The input will be the ELM context. This sends in all the elements of the array. The output is the Flat File field that is the output parameter.

2e3

4. Now you are ready to build the export file. Build a retrieve that will read though the data that you want to export. In the example, we are reading the customer file. For each record in the customer file:

  1. Clear the array.
  2. Call the create object for the array which returns the Flat File Field.
  3. Create a record in the flat file.

2e4

That is all there is to it. There is no need to work with individual fields or concatenate a string of fields together to make a flat text record. The array does the grunt work for you with ease.

2E Rules of Thumb #2

2 Ways to Manage Blank Status Fields

 

Do you ever get tired of having to create a workaround so you can avoid showing the ‘blank’ condition description for your status fields? By default, you have to enter code to retrieve conditions for display on a screen and then, if it is a blank condition, you must handle that separately so the word ‘blank’ (or whatever you have called ‘blank’ in your model) doesn’t show on the screen. There are a few ways to take care of this issue. Here are a few I find useful.

tip2a

1. Create a derived field for the condition and manage the retrieval of conditions inside of the derived field. Any time the blank condition is retrieved, just replace the condition description with a blank. This works well if you do not mind having derived fields for most of your condition fields. The result will add the derived field to a screen; it will take care of the grunt work of displaying the correct condition description as well as not showing a description if the result is blank.

2. I ran across another nice way to handle this as well. First, when you create conditions, never create a ‘blank’ condition. Second, create a text field that is longer than any field you will come across and call it ‘blank.’ Now you can use this blank field for comparison with any of your condition fields and you do not have to worry about the word ‘blank’ showing on your screen because you do not have any actual condition called ‘blank.’

tip2b

In one of the last models I worked with, we used the ‘blank’ field as the primary way to manage blank conditions. In the beginning, I found it a bit strange to do this. I was used to having to create a blank condition for any fields I wanted to compare with ‘blank’. However, as I got used to it, the idea grew on me. I now think it is a pretty good method. Give it a try and let me know what you think. Feel free to share your preferred method of managing the blank field condition.

2E Rules of Thumb #1

Improving Your CA 2E Development Experience
with Some Useful ‘Rules of Thumb’

 

I’m going to show you some rules of thumb that, if used consistently, will improve your development experience.

The parameters screen can be very useful if you take care with it. When I first learned to use Synon, I would have a mixture of Input, Output, Both and Neither parameters listed in an unorganized way. However, if you spend a few minutes organizing things, it becomes easier to spot issues down the road.
When you look at the screen below, it is hard to tell the usage for each field.

parms1

 

parms2

In the screen below, I have organized the fields so I can quickly differentiate between keys and various types of parameters. I use a sequence number of 1 – 10 for my keys. For input parameters, I use a sequence number of 10 – 99, then I use sequence numbers 100 – 199 for output parameters. I use sequence numbers 200- 299 for both parameters and a sequence number of 900-999 for neither parameters. There are several factors that will make it hard to follow this rule all the time but use it as often as you can and then this screen will begin to have more meaning for you.

parms3

 

Web Option Security Issue

CA20140218-01: Security Notice for CA 2E Web Option

CA Technologies Support is alerting customers to a potential risk in CA 2E Web Option (C2WEB). A vulnerability exists that can allow an attacker to exploit an authentication weakness and execute a session prediction attack. The vulnerability, CVE-2014-1219, is due to a predictable session token. An unauthenticated attacker can manipulate a session token to gain privileged access to a valid session. CA Technologies has issued fixes to address the vulnerability.

Visit the CA Posting for more information 

Using IBMi APIs Part 3

This post will be the final post in a series on IBM APIs.  Since you have had a chance to run though some basic APIs we are going to go through a more complex example that gives you a chance to tie everything together.

In this example we are going to create a list of users that are signed on to an IBMi.  The list will be dynamically created at the time the API is called.  These examples are RPGIV based

Create a Structure file called API Functions. This structure file will be the place to put all the API definitions.  Create two User Source functions.  One is to CVT BIN to DEC and the second is to CVT Dec to BIN. E into each function if found and add the source code below for the respective function.

Convert Binary to Decimal source code.

Binary to Decimal

Convert Decimal to Binary source code.

DecToBin

Create an API Call Wrappers for each of the three APIs that will be used.

In the API Functions file add the needed functions. The source name for each of these should be the IBMi native program name.

1. API:List Signed on Users

LstSIUser

2. API: Create User Space

CrtUsrSpace

3. API: Delete User Space

DltUsrSpace

 

Create three Arrays for managing parameters.

1. P:API Error Structure

APIErrorStruc

2. P:API List Entry Value

LstEntryVal

3. P:API List LoggedIn Users

ParLogInUsr

Now, create the internal functions that will be called in the 2E programs.

These Internal Functions will contain the steps necessary to call the API programs. You will need functions to do the following actions.
1. Create User Space

CodeCrtUsrSpace

2. Delete User Space

CodeDltUsrSpace
3. Retrieve User Space Header

CodeRtvUsrSpcHdr

4. Retrieve User Space Details

CodeRTVUsrSpcEntry

5. List Active Users

CodeInitLstActUsrs

Assemble the Functions and Create Display

Now all the functions are created that need to be assembled a way to display the contents of the User Space. We are going to use a temporary file that only contains a sequence number. We will write sequence numbers to this file in QTEMP and then use the file to display the actual contents of the user space written for the List Active Users API. In our demonstration, we will do the following:

1. Create External function that will put the results file in QTEMP. The function needs to copy the DSR Display Results file into QTEMP. Call our Display File to display the List of Active Users and then delete the User Space and DSR Display Results file from QTEMP.

CodeRunLstActUsr

2. Create a Display File over DSR Display Results with a screen display similar to this.

ScrnListActUsrs

3. Add the following actions in the Initialize.

Call the List Active Users API.
Call the RTV User Space header API.
Set the LCL DSR Sequence to Zero.
Perform a loop to and create records in the DSR Display Results file. The LCL DSR Sequence will indicate the number of users to list.

DsfInitLstUsr
4. In the initializes sub file user point, do the following:

a. Retrieve the User Space Entry.
Check to see if there is a value in field Userspace Entry 1-250. If there is a value we have a good record so we must substring the values.

DsfInitSfrLstUsr

b. Substring the Display station

SbsDspStation

 c. Substring the User ID

SbsUsrId

 d. Substring the User Job

SbsUJob

e. Substring the Activity

SbsUAct

 

5. Compile the programs and test. The first time the API runs, it can take a bit of time. You should get a display of all the active users on the IBMi at the time you run the program.

 DSPFileUserList

This was a quick walk through of using IBM APIs with 2E.  It can give you a basic framework to use in developing applications that use APIs.  Once you integrate the API to 2E any developer can now use what you have created and be up and coding.

 
 
© 2013 CM First Group - All rights reserved