# System System manages system information of these types. These systems are published to the runtime and loaded into memory before being used for incoming transactions. * Database * (s)FTP * Http(s) * Socket * SMTP * IBM MQ
The systems created by a normal user of a group belongs to the group. And other users of different groups cannot see the systems. But the admin user can see all the systems. !\[Graphical user interface, text, application, email Description automatically generated]\() ## **Available operations** These operations are common for system, data structure, field group, field. ### **Publish (****)** System information is loaded from database, converted into an object, and saved into a memory cache. If the system is used by the running instances, the object is replaced with the new one.
When a system is published, if that system has sub items, all the sub items are published together. ### **Reference (****)** If a system is used by any flow, this system is displayed in green background. The hierarchies of the items are these. · Flow > system · Flow > data structure > field group > field !\[Graphical user interface Description automatically generated]\() ## **Database** Database manages these properties. | Property | Description | | -------------------- | --------------------------------------------------------------------- | | Database Type | Database type | | Host | Database host | | Port | Database port | | Database name | Database name | | User | Database user | | Password | User password | | Connection Pool Size | Connection pool size. Default size is 10 | | Driver class | If database type is not listed in ISM, custom driver class can be set | | Driver URL | Driver class url - file:///jdbc\_driver\_path/jdbc\_driver\_jar\_file | | Validation Query | Validation for the connection. Ex) select 1 | | Connection String | JDBC connection String. Refer to Help | · Connection String | Database | Connection String | | ---------- | ------------------------------------------------------------------------------------------------ | | mysql | jdbc:mysql://localhost:3306/database\_name | | oracle |

jdbc:oracle:thin:@localhost:1521/service\_name

jdbc:oracle:thin:@localhost:1521:SID

| | Sqlserver | jdbc:sqlserver://localhost:1433;databaseName=database\_name | | Postgresql | jdbc:postgresql://localhost:5432/database\_name | | DB2 | jdbc:db2://localhost:446/dbname | | DB2 AS 400 | jdbc:as400://hostname/default-schema | Click test button, then the connection information can be verified. !\[Graphical user interface, application Description automatically generated]\() ## **(s)FTP** (s)FTP manages these properties. | Database | Connection String | | ----------- | -------------------------------------------------------- | | Host | (s)FTP Host | | Port | (s)FTP Port | | FTP Type |

File transfer protocol

FTP, sFTP, SCP, FTPs

| | User | File user | | Password | User password | | Private key | Private key for sFTP or FTPS connection | | Passphrase | Passphrase to access private key | (s)FTP connection can be verified like database. · Creating a private key Run this command at the server. If you want a passphrase, enter passphrase otherwise press enter. $>ssh-keygen -f my-private.key !\[Diagram Description automatically generated with low confidence]\() Private and public key pair is generated as my-private.key and my-private.key.pub. Add public key to the authorized\_keys file. $>cat my-private.key.pub >> \~/.ssh/authorized\_keys Use my-private.key to login sFTP server. ## **Http(s)** Http manages these properties. !\[Graphical user interface, text, application Description automatically generated]\() | Property | Description | | -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | URL | Endpoint of the target Http(s) server | | Authenticaiton |
  • None - no authentication
  • Basic - basic authentication in HTTP header
  • Digest - Digest authentication
  • JWT - JWT Token
  • Custom - Custom authentication with custom class
| · Basic authentication !\[Background pattern Description automatically generated]\() | Property | Description | | -------- | ----------- | | User | User id | | Password | Password | Basic authentication adds Authorization header to HTTP header with base64 encoding. Authorization : Basic a2FpemVuOjEyMzQ1(usename:password) · Digest authentication Digest access authentication is one of the agreed-upon methods a [web server](https://en.wikipedia.org/wiki/Web_server) can use to negotiate credentials, such as username or password, with a user's [web browser](https://en.wikipedia.org/wiki/Web_browser). This can be used to confirm the identity of a user before sending sensitive information, such as online banking transaction history. It applies a [hash function](https://en.wikipedia.org/wiki/Hash_function) to the username and [password](https://en.wikipedia.org/wiki/Password) before sending them over the network. In contrast, [basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) uses the easily reversible [Base64](https://en.wikipedia.org/wiki/Base64) encoding instead of hashing, making it non-secure unless used in conjunction with [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security). Technically, digest authentication is an application of [MD5](https://en.wikipedia.org/wiki/MD5) [cryptographic hashing](https://en.wikipedia.org/wiki/Cryptographic_hash) with usage of [nonce](https://en.wikipedia.org/wiki/Cryptographic_nonce) values to prevent [replay attacks](https://en.wikipedia.org/wiki/Replay_attack). It uses the [HTTP](https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol) protocol. !\[Text Description automatically generated]\() · JWT Token |

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.

Although JWTs can be encrypted to also provide secrecy between parties, we will focus on signed tokens. Signed tokens can verify the integrity of the claims contained within it, while encrypted tokens hide those claims from other parties. When tokens are signed using public/private key pairs, the signature also certifies that only the party holding the private key is the one that signed it.

| | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | (From ) JWT token is used to authorize a user after authenticated. JWT Token is generated at the server side with the authentication information sent from the client. If the authentication information is valid, a new JWT Token is generated and returned. This token should be included in all the requests afterwards. Typically, the server for authentication/authorization has different endpoint. The token is valid for a finite period. Once the token is expired, a new token should be acquired with the same authentication information. The token should be included in the HTTP header like this. | Authorization: Bearer \ | | ------------------------------ | This type of authentication requires these properties.
PropertyDescription
UserUser id
PasswordPassword
User FieldField name of the user field
Password FieldField name of the password field
Content Type

Content type of the authentication request

  • application/json
  • application/x-www-form-urlencoded
Authentication URLEndpoint for the authentication
· Custom authentication Custom authentication is used to add authentication header to the request. The authentication information can come from a database, a service, or others. Once the authentication information is acquired, that information is added into HTTP header. This type of authentication requires these properties.
PropertyDescription
UserUser id. Optional
PasswordPassword. Optional
Class NameThe java class which generates authentication information.
The class should have execute() method and that method should return NameValuePair list. ``` public List execute(HashMap map, String id, String password, String authUrl) throws Exception { ArrayList rtn = new ArrayList(); String tokenValue = getToken(id, password, authUrl); //Get authentication info from somewhere else rtn.add(new BasicNameValuePair(X-Auth-Token-, token); return rtn; } ``` ## **Socket** Socket manages these properties.
PropertyDescription
HostTarget host
PortListening port of the target server
Length Type

Length field type

· Short - 2 bytes length

· Integer - 4 bytes length

· Character - Stringified length

Short/Integer length is binary data and Character expresses length in character.

ex) 00001200 - Length of the data is 1200 bytes

Size of Length

Size of length field

  • Short - 2
  • Integer - 4
  • Character - Not fixed
Header Length

The length of header data.

Header data contains meta data of the message like followings:

· Length

· Message Type

· Transaction ID

Length Offset

The position of the length field.

Mostly the first few bytes are the length and offset is 0.

Is Total Length?

Does the value of the length field include length field?

· Yes - length field is part of the length.

· No - length field is not part of the length.

## **Email Server** SMTP system manages these properties.
PropertyDescription
SMTP ServerSMTP Host. Main and backup, if exists.
Port

SMTP Port. Mostly used ports are these:

25 - non-SSL port

465 - SSL port

Use SSL?If use ssl, SSL modules are used to connect SMTP server.
User ID

User id of the email server.

Mostly id is the email address of the sender.

PasswordPassword of the email sender.
## **IBM MQ** MQ system manages these properties.
PropertyDescription
HostMQ Queue manager host
PortMQ Listener port
Queue ManagerQueue Manager name
Queue NameRequest queue
Channel NameSVRCONN name
Reply Queue managerReply queue manager
Reply Queue NameReply queue name
Character SetCharacter encoding. Necessary when conversion is required. EBCDIC <-> UTF8
UserUser id of the host which MQ is running on
PasswordPassword