Allow a User Web Portal to Automatically Sign a User into SBM

Recently, SBM has been used in conjunction with portal websites.  Once a user is logged into a custom web portal, it may be undesirable for the user to be required to also be forced to enter their password to login to SBM.  Why not just use the successful authentication to the portal site to authenticate the user to SBM?  This is now possible as of SBM 11.3.1 with the use of Single Sign On.

Continue reading
120 Hits

SBM MODSCRIPT, PART 15 - Singletons

As a common programming pattern, singletons are very helpful with data that needs to be read once and then reused throughout the program. This may not be required for simple scripts, but for long running, complicated scripts, this can help with keeping the script running with high performance. Since scripts often run as parts of transitions that users are clicking through, performance can affect user confidence and contentment.

To create a singleton in ModScript, follow the following pattern:

def GetConfiguration() {
  global g_appconfiguration;
  if ( g_appconfiguration.is_var_undef() ) {
    g_appconfiguration = Map();
    // read various configuration settings from DB or file system and inject into the map
  return g_appconfiguration;

Create a function. Inside the function, declare a global (but do not initialize it). Check if the global is undef, if so, initialize it and set it up. Finally, return the global. The global variable should have a very unique name, as it is global and we do not want it to interfere with other scoped variables. Since it is global, this means it will have the lifetime of the script, meaning the check for is_var_undef() will only be true the first time. As such, you can be confident that the time taken to read configuration data will only occur once, and can be accessed as often as needed throughout the script lifetime. 


SBM ModScript - Table of Contents

Continue reading
110 Hits

SBM MODSCRIPT, PART 14 - Checking the Type of a Variable

When interacting with a variable, it is sometimes useful to know what type it has been initialized as. This can be especially useful when working with the results of a from_json() call, where the scripting engine has parsed a blob of JSON and then you need to figure out how to interact with it. The following utility function can be invoked on any var.

  • type_name() -> string: returns a string value denoting the underlying type of the variable, such as "Vector", "Map", "int", "Variant", etc.
  • is_var_undef() -> bool: returns true if the variable has not yet been assigned a type (uninitialized).
  • is_var_null() -> bool: returns true if the variable was initialized by a null, which occurs when from_json() encounters a null.


def processJSONObj( r ) {
  if ( r.is_var_null() ) {
    Ext.WriteStream( "null\n" );
  switch ( r.type_name() ) {
    case( "Vector" ) {
      Ext.WriteStream( "[ " );
      for ( v : r ) {
        processJSONObj( v );
      Ext.WriteStream( " ]\n" );
    case( "Map" ) {
      Ext.WriteStream( "{ " );
      for ( prop : r ) {
        Ext.WriteStream( prop.first + ": " );
        processJSONObj( prop.second );
      Ext.WriteStream( " }\n" );
    case( "String" ) {
      Ext.WriteStream( "\"" + r + "\"\n" );
    default {
      Ext.WriteStream( r + "\n" );

var result = "{
    \"array\": [1,2,3,\"textData\",{ \"a\": 1, \"b\": 2 }],
    \"intData\": 5,
    \"doubleData\": 4.5,
    \"stringData\": \"Welcome to ModScript\"

processJSONObj( result );


SBM ModScript - Table of Contents

Continue reading
98 Hits

SBM ModScript, Part 13 - Base64Encode

Someone recently asked me if it is possible to base64 encode a string in ModScript... so I did.

def Base64Encode( string input ) {
  add_global_const("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", "CONST_BASE64TABLE");
  var sOut = "";
  var buf = [uint8_t(),uint8_t(), uint8_t()];
  var idx = -1;

  for ( c : input ) {
    buf[++idx] = c;
    if (idx == 2) {
      // Output the 4 encoded bytes
      sOut += CONST_BASE64TABLE[buf[0] >> 2];                              // first 6-bits of byte 0
      sOut += CONST_BASE64TABLE[(((buf[0] & 0x03) << 4)) | (buf[1] >> 4)]; // last 2-bits of byte 0 + first 4-bits of byte 1
      sOut += CONST_BASE64TABLE[(((buf[1] & 0x0f) << 2)) | (buf[2] >> 6)]; // last 4-bits of byte 1 + first 2-bits of byte 2
      sOut += CONST_BASE64TABLE[buf[2] & 0x3f];                            // last 6-bits of byte 2

      idx = -1;

  // Special case handling of last 1 or 2 characters
  if ( idx != -1 ) {
    sOut += CONST_BASE64TABLE[buf[0] >> 2];             // first 6-bits of byte 0
    if (idx == 0) {
      sOut += CONST_BASE64TABLE[((buf[0] & 0x03) << 4)];  // last 2-bits of byte 0
      sOut += '=';                                  // pad
    else if (idx == 1) {
      sOut += CONST_BASE64TABLE[(((buf[0] & 0x03) << 4)) | (buf[1] >> 4)]; // last 2-bits of byte 0 + first 4-bits of byte 1
      sOut += CONST_BASE64TABLE[((buf[1] & 0x0f) << 2)];                   // last 4-bits of byte 1
    sOut += '=';                                  // pad
  sOut; // return


The function above iterates the string contents and uses base64 to create an encoded output string. Notice that the "buf" variable is a Vector of 3 unsigned, 8 bit integers. As we are going to use bit shifting in order to encode the data, it is important to use unsigned byte data to ensure the expected bit-shift result. We then use the bit-shifted value to index into CONST_BASE64TABLE to find the data-representation we are looking for. The result is a base64 encoding of the string data. 

A likely use-case for this would be when adding custom headers to a RESTDataSource call-out.


SBM ModScript - Table of Contents

Continue reading
182 Hits

Reporting with Complex Systems

“A little conflict can create a lot of activity.” –Richie Norton

The conflict we’re addressing today is that more and more systems, especially modern SaaS systems, are moving to different authorization protocols.

  • Authorization Micro Services: “I need to generate a token automatically and pass that token into all of my subsequent RESTful web service calls. It’s not necessarily a proper protocol, but that’s how you work with our APIs.”
  • Data Abstraction: We use this in SBM as TS-IDS. The item identifier that might come back from a web service call may not actually be the human-readable identifier for an item ID. We have internal identifiers that come back, and the actual values are stored in a different table.
  • Lack of Data Consistency: Depending on the system that you’re querying, you might get back an all-lowercase new value, a camel-case new value, or all caps. Every system stores these items a little differently.

And there are several other conflicts or challenges that we have with external systems when we bring all of these together. So how do we handle these types of challenges?

We can do direct database reporting: Within SBM, we provide several different methods of reporting against systems:

  • With the Data Service, we can actually connect directly to a database and add a web services layer on top of these databases that may not actually have web services exposed.
  • We can do the same thing with Advanced Reporting—we actually pull these and you’re able to use our reporting engine to get back the actual data with a SQL query.
  • We can also use ModScript and RESTful Web Services. This is an interesting option, because most people don’t think about the ModScript engine in terms of being able to actually query other systems and use it to report all of that data coming back. How can we actually do that?

Let’s start by diving into what ModScript is. ModScript was first introduced in SBM 11.2 or 11.3. With every SBM release, we’ve been improving ModScript and adding more features and functionality.

ModScript is based on a scripting language called ChaiScript, which is based on ECMAScript, which is the basis of JavaScript. It executes on the server side, so when you think of client/server execution, it doesn’t take up any resources on the browser side—all of those requests are done from the server itself.

ModScript has contextual awareness, so it knows things like whether you’re trying to execute the script in the context of a transition, if you’re directly invoking the script, or if it’s being invoked by a URL. Since we can invoke these scripts via a URL , we can return back HTML, but we can also return back JSON—and JSON is the de facto standard for web service calls when you’re using the REST protocol.

There are several uses for Modscript:

  • We can do server-side integrations and processing data
  • We can utilize external DLLs
  • We can perform database-level integrations with SBM
  • We can execute external Command Line commands
  • We can also insert dynamic HTML and JavaScript as well as generate JSON

This works when we use ModScript as a proxy, so everything is as-a-service. As shown in the diagram below, ModScript can be invoked by an SBM URL. The script then executes, and that script is written so that we request the authorization token. The destination system would then send back our authorization token, and we would perform the RESTful web service call to retrieve the dataset with that token in place in the payload. The destination system would send back the dataset that we need, and our script would process that data. Finally, ModScript returns the data to the user.

When we say “The script processes the data,” this processing can happen a few different ways. If the service sends back everything exactly the way we need it and we just need to be able to handle that authorization – great! In some cases, we may want to format the data, or we have any of those data consistency issues that we mentioned above. For example, you might want to change a lowercase “low priority” field title to a camel case to match your other data. Or you may want to trim off some system value that’s appended to the end. In our demo, we go through how we would do that within the ModScript itself.

Check out our webinar recording for Reporting with Complex Systems here, which includes a great demo of ModScript used as a proxy integrated with Micro Focus Service Management Automation X (SMA-X). We’ll generate an authentication token and normalize some data being returned to what we would see out of SBM. We’ll also show you how we return JSON from an already existing report.

See our Discovering SBM page for all of our webinars covering a range of SBM features and functionality. And, as always, we want to hear from you! Tell us what you want to hear more about or anything you’d like to see addressed in an upcoming session.

Continue reading
730 Hits

Recent Tweets