z Technical Summit Track 3 Session 4 Developing mobilefirst app for z
1. Developing an IBM MobileFirst platform application for
z Systems
Andy Armstrong
andy.armstrong@uk.ibm.com
Twitter: @BrightSituation
1
2. Agenda
2
• How can you ensure that mobile applications are written once for supporting multiple device types?
– Native Webapp Hybrid
– Mobile middleware tier and studio tier
• Which tools from the IBM Rational portfolio are most useful in creating mobile applications to access z
Systems services?
– Starting point bottom up
– RDz – generate web services
– Explorer
• This session focuses on developing a mobile application to access the mainframe with an emphasis on
the server run-time and development environment of the IBM MobileFirst Platform.
– Recap studio and server components, need for each
– RTC SCM and task management
– Use studio to generate application
– Run live
– Recap value of IBM Software
• Security and Mobile
• Value of embracing tooling – great products become brilliant with great tooling
We look at the development from a CICS application use-case perspective and demonstrate the steps to
connect to the CICS application from mobile devices.
4. Where we are in todays agenda
4
• Mobilizing the mainframe
• Modernizing mainframe applications for mobile and more
• Exposing mainframe applications and services to mobile
• Developing an IBM MobileFirst platform application for z Systems
• Optimizing applications and data for mobile workloads
• Client Use Cases and Getting Started with Mobile and z Systems
5. Native, Webapp, or Hybrid….
5
• Native – SDK for specific brand of device, specific tooling – Best end
user experience
• Webapp – Responsively designed websites let minimal investment
return basic mobile support as a staple entry point to the mobile
world
• Hybrid – A combination of Native and Webapp – Best of both worlds?
6. The need for a mobile middleware tier
6
• Regardless of your choice (native, webapp, hybrid) the IBM
MobileFirst Platform server is where consistent value is delivered
• This is where ‘magic’ happens to reach z System services
• The platform offers:
• An integration layer – keep client side code clean, light, simple
• A security layer – keep authenticity and app management for you
• Operational analytics – app crash logs, app->server comms
tracking
• Secure offline data store with synchronisation capabilities
• Consistent connectivity point for all calls to service providers, z
Systems, distributed systems, public systems
7. 7
CICS Application Overview
• CICS Catalog Manager Application
– COBOL based CICS application (EGUI)
– VSAM File
– Separate Presentation Logic and Business
Logic
– Callable Interface - Container
7
9. 9
z/OS
VSAM File (EXMPCAT)
CICS
EGUI Main
Inquiry itemBrowse
Place Order
9
RDZ and Debug Tool
Web Service enables and test existing app
CICS Web
Service
10. 10
10
Mobile Client
MobileFirst
Platform
Server
Shopping Cart
Enhanced Search and Shopping Cart
Features are added via Worklight.
Features do not currently exist in the CICS
application.
Enhanced
Search
MobileFirst enhances the Web Service Enabled App
z/OS
VSAM File (EXMPCAT)
CICS
EGUI Main
Inquiry itemBrowse
Place Order
CICS Web
Service
Adapters
11. Starting point – bottom up
11
• We need services for our app to connect to our Systems of record
• IBM MobileFirst platform can use standard web services (Soap,
JSON, SAP)
• How do we make these services?
– CICS -> DFHLS2WS, DFHLS2JS
– IMS -> IMS Gateway, IMS Mobile feature pack
– Spring? JAX-RS?
• What would these services look like?
13. RDz – generate web services easily
13
• Live(ish) demo – catalog manager web services creation
• https://www.youtube.com/watch?v=YCG_LtllrLk 4m 22 -> 8m 15
• Speak with William(Bill) on RDz dev team
• Make some services, install them using explorer integrated into RDz
• How do we source control any source changes? How do we track
the task of making the web service?
• Integrate changes made via RDz with existing solution
• Use RTC for SCM and Task Management (example to follow)
14. CICS Explorer
14
• Confirm programs, pipelines, web services are installed correctly
• Confirm TCPIP port and URIMaps for service URL
• Live demo of doing this
15. Make mobile application
15
• We have made our web service for the IBM MobileFirst Platform to
access our core business logic running on z system
• Now use MobileFirst Studio to build a mobile application to call the
service we have exposed
• Live demo of creating this mobile application calling a CICS
Service
16. RTC – SCM system and time management
16
• How do we track this work?
– Task management
• How do we track the source code changes?
– Task Management tie in to source control
• How do I integrate the code changes deployed to z Systems?
– RTC Builds
17. z Systems mobile security topologies
DataPower Gateway Appliance
CICS
COBOL, PL/I, C/C++, and Java
Services
CICS
COBOL, PL/I, C/C++, and Java
Services
z/OS Connect
IBM Statement of Direction: IBM intends to deliver IBM WebSphere Liberty z/OS Connect (z/OS Connect) as a common program component of WebSphere Application Server for z/OS, IMS
Enterprise Suite for z/OS, CICS Transaction Server for z/OS, and CICS Transaction Gateway. z/OS Connect is intended to provide a simplified, secure, and scalable gateway functionality to
route web, cloud, and mobile application traffic that accesses applications provided by the aforementioned z/OS products, as well as z/OS Batch and z/OS UNIX™ System Services
applications.
MobileFirst Platform Server
18. So how to chose the right mobile security solution?
• Type of user
– B2E
– B2C
• Type of mobile app
– Web
– Native
– Hybrid
– Worklight?
• Type of access
– Intranet/extranet
– Internet
• Number of users
– Small (10s to 100s)
– Medium (1000s)
– Large (or unknown?)
Security requirements
• Authentication
• Authorization
• Confidentiality
• Integrity
Sensitivity of data and transactions
• Financial?
• Personal?
• Will sensitive data be stored on the device?
Security standards
• Company
• Government or external body
Existing security architecture
• User registry
• Security products
19. CICS mobile security topologies
DataPower Gateway Appliance
CICS
COBOL, PL/I, C/C++, and Java
Services
CICS
COBOL, PL/I, C/C++, and Java
Services
z/OS Connect
JSON/http(s)
JSON/http(s)
JSON or XML / http(s)
JSON/http(s)
JSON/ http(s)
WOLA JCICS
MobileFirst Platform Server
21. e.g. REST (JSON/XML)
over HTTPS
MobileFirst
Platform, WAS ND
e.g. SOAP
over HTTP(S)
or messaging
CICS
IMS
DB2
Other servers, Web Apps, other
services
DataPower Gateway Appliance
DataPower Mobile Security Features
Available as a physical or virtual appliance
• Security, Control, Integration & Optimization of mobile workload
• Enforcement point for centralized security policies
• Authentication, Authorization, SAML, OAuth 2.0, Audit
• Threat protection for XML and JSON
• Message validation and filtering
• Centralized management and monitoring point
• Traffic control / Rate limiting
• Integration with MobileFirst Platform
22. DataPower JSON protection
Jumbo JSON Payload
• Label - Value Pairs
• Label String Length (characters)
• Value String Length (characters)
• Number Length (characters)
• Threat Protection
• Maximum nesting depth (levels)
• Maximum document size (bytes)
Label String
Nesting Depth of 3
Value String
Number
Document
Size
23. IBM MobileFirst Platform Server on z Systems
MobileFirstMobileFirst ServerServer
Authentication
JSON Translation
Server-side App Code -- WAS
Adapter Library
Application Center
Enterprise App Store
Worklight Console
Push Notifications
Analytics
Cast Iron
HTTP/REST
SOAP
WMB
SQL
SAP
z/OS
CICS
Linux on z
Device RuntimeDevice Runtime
• Security and Authentication
• Back-end Data Integration
• Caching and local data
Linux on z z/OS
MobileFirst
24. IBM MobileFirst
Security Features
Worklight ServerWorklight Server
Authentication
JSON Translation
Server-side
Application Code
Adapter Library
Client-side
App Resources
Direct Update
Mobile
Web Apps
Unified Push Notifications
StatsAggregation
Device RuntimeDevice Runtime
• Cross Platform Technology
• Security and Authentication
• Back-end Data Integration
• Post-deployment control and Diagnostics
Enforcing security updates
Remote
disable
Remote
disable
Direct updateDirect update
Providing robust
authentication and
authorization
Authentication
integration
framework
Authentication
integration
framework
Data
protection
realms
Data
protection
realms
Coupling
device id with
user id
Coupling
device id with
user id
Streamlining Corporate security
processes
Mobile
platform as a
trust factor
Mobile
platform as a
trust factor
Application Security
Code
obfuscation
Code
obfuscation
SSL with server
identity
verification
SSL with server
identity
verification
Proven
platform
security
Proven
platform
security
Jailbreak and
malware
detection
Jailbreak and
malware
detection
App
authenticity
testing
App
authenticity
testing
Protecting data on the device
Encrypted
offline cache
Encrypted
offline cache
Offline authenticationOffline authentication
Secure challenge-
response on startup
Secure challenge-
response on startup
• Ensure that only specific applications on specific
devices can connect to enterprise systems
• Extensible framework for authentication of mobile
application users
• Encrypt data on the device
• Enforce security updates
• Propagate identity to enterprise systems
25. Rational Team Concert (RTC)
Rational Developer for System z (RDz)
Rational Development and Test Environment for Systems z (RD&T)
CICS Explorer
z/OS Debug Tool
IBM MobileFirst platform
DataPower
API Management
Products and Technologies – a recap
26. Break down silos by moving to an Agile team environment
• Manage all types of code from JavaScript
to COBOL – mobile to mainframe
• Instant-on, self-serve development
capabilities with JazzHub on SoftLayer
• Accelerate agile adoption on the
mainframe
• Integrate existing SCM and deployment
tools, e.g. CICS Configuration Manager
and CICS Deployment Assistant
• Enhanced Lifecycle integration adapters
for third-party tools
Maximize team productivity
26
Rational Team Concert
Rational Requirements Composer
Rational Quality Manager
DevOps Services (JazzHub) for IBM Cloud Platform
New
New
Open Lifecycle and Service Management
Integration Platform
Collaborative Development
Rational
Requirements
Composer
Rational
Quality
Manager
IBM JazzHub
Rational Team Concert
Developer
Architect
Quality
Professional
Deployment
Engineer
Engineer
Analyst
27. Adoption of RRC and RTC for CICS
• RRC (Rational Requirements Composer) used for
– Roadmaps and Features
– CICS Portfolio View
– External view of requirements and business value
• RTC (Rational Team Concert) used for
– EPICs and Stories
– Tasks and Defects
– SCM and build
– And much more
– “If it’s not in RTC, it’s not happening”
• RTC Dashboards can show
– Candidates for this and future iterations
– Planned items for iteration
– Tasks for the team
– Defects for developer to fix, for tester to verify
– Burndown charts
– Creating marketing collateral and events
28. What was the net outcome?
28
Stronger uptake of CICS TS V4 in comparison with CICS TS V3
APAR and PMR receipts of V4 lower than V3 in the first 18 months
Started Managed Beta V4 activities with customers 18 months prior to GA, in V3 and prior releases
the beta started 4 months to GA
Open Beta released 6 months prior to GA
Delivery of multiple Feature Packs during the development phases
Ability to respond to market, changing planned content based on business value and market
29. Thank you
29
@IBM_CICS /IBM_CICS/IBMCICS
More from me…
http://asmarterplanet.com/mobile-
enterprise/blog/2014/12/six-things-
ibm-mobilefirst-platform-server.html
- The need for a mobile middleware
tier
For more Mobile…
http://www-01.ibm.com/support/docview.wss?uid=swg24031760 -
GENAPP
http://www.redbooks.ibm.com/abstracts/sg248215.html?Open -
System z in a mobile world
http://www.redbooks.ibm.com/abstracts/sg248161.html?Open -
CICS JSON Web Services Redbook
Tweet me comments and questions
@BrightSituation
Notas do Editor
This is what we will service enable
SO – how do we make this service?
There are multiple deployments of mobile in z, dependant on audience of the app – B2B, B2C, each requires different types of security
Mention CICS TG (in place of z/OS Connect)
Particularly useful for customers with CTG infrastructure today or want direct Restful interface to CICS applications running in older versions of CICS
Link: Look at each topology in turn, capabilities, deployment scenarios and benefits
Example for broad B2C
DataPower in DMZ
Payload protection
DDOS protection
Workload balancing
This use case is about connecting your mobile apps to your enterprise data. In this scenario, a business needs a Mobile Gateway for their Security & Integration needs. Its about doing critical functions such as validation, security checks like authentication and authorization, data transformation, protocol mediation, caching, and intelligent routing & load distribution.
-----------------
Key DataPowr capabilities:
SSL Offload
Threat Protection
Rate Limiting
Validation, Filtering
now with Native JSON Support**
Authentication
z/OS identity propagation
Authorization
OAuth 2.0
Security Token Translation (e.g SAML)
Transformation
Content-Based Routing
Intelligent Load Distribution
Response Caching Locally or to XC10 **
** Available in DataPower firmware version 6.0
Link: example of threat protect capabilities
<A> Add notes
Link: DP and CICS mobile security topology
1. Client Server again (but a way to fix issues)
1a. App Center
1b. Automaticate update
2. JSON translation built in
3. Adapters
4. Authentication (user,device, application)
5. Push notifications
6. Analytics
7. Console
Review list
Link: Worklight and CICS security topology
Misc notes
Protect the data on the device - Worklight provides two capabilities: encrypted on-device storage and offline authentication.
Encrypted on-device storage provides security for the data stored on the device by encrypting the data using the advanced encryption standard (AES) algorithm with 256-bit keys generated using the public-key cryptography standards #5 (PKCS5) algorithm based on a user supplied password and Worklight internal mechanisms.
Offline authentication is needed when the mobile application does not have network connectivity, but user verification is still needed to access the on-device data. In these scenarios, the encrypted storage itself can be used to authenticate the user, because the encrypted data can only be unlocked using the correct password supplied by the user. Therefore the encrypted storage can be utilized to achieve more secure offline authentication.
Some were used – all could be used to produce higher value, better sharing, more secure, more scalable implementations
IBM is recognized as a leader in Gartner, Inc.’s 2013 Magic Quadrant for Application Development Life cycle Management (ADLM) report (link)
New Announcement at Pulse 2014: DevOps Services (JazzHub) for IBM Cloud Platform
JazzHub (www.jazzhub.com) is IBM’s DevOps solution in the cloud.
The JazzHub capabilities allow you to develop and collaborate on software projects in the cloud and to deploy them on BlueMix (see description below) Fully hosted Web IDE, task tracking, agile planning, integrated source control (Git or Jazz SCM) or connection to GitHub repository and auto deployment to BlueMix provide everything you need to develop and deploy your next app, feature or product quickly and with high quality.
JazzHub is optimized for use with BlueMix (see description below) to provide a streamlined rapid development experience with built-in DevOps capabilities. JazzHub provides free public projects and fee-based Private projects (free during BlueMix Beta), and enables fully browser-based development through built-in Eclipse Orion technology, and directly supports the Eclipse and Visual Studio IDE's.
What is BlueMix (Open Beta, BlueMix is the code name for now)
BlueMix is a comprehensive, cloud-based application development and hosting platform. It provides developers of modern web and mobile applications with:
Tools to author their web and mobile apps, and tools to make them available on the cloud
A scalable, cloud-based infrastructure to deploy and administer their apps - based on a variety of different run-times (Java-based application servers, Ruby, JavaScript, etc.)
A wide variety of ready-to-use services (such as persistence, messaging, caching, analytics, etc.) exposed through APIs and transparently provisioned by the platform at run-time.
Developers can dramatically reduce time-to-value - organizations can dramatically reduce operational costs.
Read more about BlueMix FAQ here: https://releaseblueprints.ibm.com/display/CLOUDOE/Internal+FAQ
COLLABORATIVE DEVELOPMENT – FOCUS ON COLLABORATIVE LIFECYCLE MANAGEMENT (RTC, RRQ, RQM)
In multitier and heterogeneous IT environments, there are different cultural, organizational and process challenges to overcome. There needs to be coordination across all of the stakeholders involved. From the customer to the lines of business on through to development, testing, deployment and operations, when everyone is on the same page we know that quality and speed will improve.
This is an area where IBM has been strongly focused. IBM offers a collaborative software delivery platform for Power Systems* clients that allows IT staff in development and operations to work together effectively. Central to this is the capability to leverage skills, knowledge and processes across multiple development languages and operating systems, including Mainframe, Linux on Z, IBM i, AIX and Power Linux.
We built the Rational Collaborative Lifecycle Management (CLM) solution, which is our platform to support agile development for our Power customers, to address these requirements. From the business planners who identify the need for competitive mobile access channels, to the operations staff who are delivering the service-level agreements—all of those constituencies can now be brought together in the same environment to review plans, share data and provide feedback.
This is a solution that brings a single, integrated platform for any development need – whether it is mobile, cloud, agile, mainframe, midrange or traditional including z – these capabilities are built on the Jazz Platform and will unify across a diverse environment and frees up the team by automating time-consuming tasks. In fact we have clients like Itaú BBA, a Corporate Investment Bank of the Itaú Unibanco group and one of the world’s largest financial conglomerates, has reported “55% time saved on deployment” and TestPro, an IBM business partner focused on software quality and testing services, reported a “99% reduced time for testing” when they implemented CLM with Rational Functional Tester and Rational Performance Tester and leveraged the IBM SmartCloud Enterprise to make their testing solution available to their customers.
What’s New? CLM – RRC, RTC, RQM, RSA with DM
With CLM, we are excited to roll out a continuous delivery model for CLM capabilities – we are following our own DevOps approach and have built a continuous delivery pipeline that starts in June and will release quarterly. Having releases more often allows teams to streamline their adoption with new capabilities available more often.
Another way to get to market faster is to incorporate testing earlier and more often in the lifecycle – and leveraging service virtualization is a way to achieve “continuous testing” – we have simplified this ability with a new integration for Rational Test Workbench in CLM
You can extend CLM with Rational Software Architect and Design Manager
Improved design collaboration and traceability involving extended lifecycle workflows for actively managed designs
PRACTITIONERS time sheet data is made available for reporting and they can see Visual Studio in “my work view” – so less wasted less time
What’s New? RRC – [NOTE: Rational Team Concert and Rational Quality Manager also have enhancements and we will cover those as well later in the presentation]
Software delivery teams that can apply agile and iterative processes are going to win, especially in a fast-paced market. So getting the requirements right up front is critical and then managing them efficiently and effectively throughout the lifecycle can make the difference in time to market and quality compared to your competition. Enabling developers and business analysts with capabilities to make better decisions while improving their efficiency especially to collaborate with customers and stakeholders will vastly increase the teams ability to deliver faster and with a quality end result.
Improve visibility and downstream impact across the lifecycle because you can now simplify the connection to tests and plans to the requirements even if the test team is using HP Quality Center because there is now a Lifecycle Integration Adapter for HPQC
You can also connect models and elements to requirements with common OSLC standards for RRC and Rational Software Architect Design Management
Broaden collaboration because there is a new “artifact locking” your multi-user environment can stay organized with a “single version of the truth”
Make better decisions with deeper analysis because traceability now has even more detail and business analysts can now compare collections to a version of the same collections [Asked Vijay for a bit of clarity]
Teams can get started even faster by using new online document structures, or modules, for requirement organization and structure.
What’s New? Lifecycle Integration Adapters
Allow teams to connect various diverse tools to Rational capabilities to they can fill in gaps in their continuous delivery capabilities and unify across the tools.
Last Fall we announced the Standard Edition for connecting CLM and CQ to HP ALM, Atlassian JIRA, and open source Git:
allows teams to draw ALM data across tools by improving dashboard capabilities using open social gadgets that expose 3rd party and Rational data.
Reporting capabilities are also improved by providing impact analysis through suspect links.
We have worked with Tasktop (OEM agreement) to add another Edition for connecting Rational Team Concert to HP ALM and Quality Center, Atlassian JIRA, Microsoft Team Foundation Server and open source Bugzilla
Teams can preserve customizations of their current tools, including specialized reporting and workflows, as they integrate across various roles and their respective tools.
Uses additional integration methods that supplement OSLC to support alternative use cases and workflow environments in a way that minimizes the impact integration may have for customers in these situations.
This NEW release adds adapters for:
synchronizing requirements data across Rational Requirements Composer and HP Quality Center – which we mentioned on the last slide.
Connecting Rational Team Concert to CA Clarity that allows project and portfolio managers to better collaborate with developers
Environment/platform support has been updated for Microsoft Team Foundation Server
Target Market/Industries:
Size: Any size business and any size team.
Roles: Developers, Project and Product Managers, Test Teams, Agile Teams and Scrum Masters, IT Managers
What is New News?
JazzHub was Beta in the Spring and was not on SoftLayer.
This Fall it has moved to SoftLayer platform – secure, reliable and scalable AND is not longer Beta but an IDE on the Cloud.
Currently available at no charge as they add capabilities based on customer input and feedback. Starting in 2014, there most likely be a monthly charge for JazzHub.
Special promotion for free private projects in 2014 if you register for JazzHub by Dec 31, 2013. Public projects are free. We may introduce practical limits, such as on storage, as part of future JazzHub price plans.
Client Needs Addressed:
Need to reduce the time and operational costs for deploying and maintaining collaborative development capabilities
Allows traditional, mobile and cloud application development teams to collaborate and better manage projects so they get to market or deliver faster.
Value Proposition:
JazzHub.com provides an instant-on, self-serve, “one stop shop” for individuals and teams to collaboratively develop software in the cloud.
Key Benefits: (for Launch Theme)
Get projects started very quickly to support continuous delivery
Easily enable stakeholders and 3rd party vendors to breakdown silos and support a DevOps approach
Plan, track, version control, change management, link, test and deploy in the context of daily work so the entire team has visibility and can work together to deliver faster without losing quality
Support to easily fork projects from where teams may already be working like GitHub to unify across teams and tools
Free in 2013 – have teams evaluate collaborative development with a real project
Competitors & Differentiation:
Competitors:
GitHub and other opensource application development tools
Differentiators:
A comprehensive one-stop shop, offering integrated Agile Planning, Change Management, Version Control plus IDE and GITHub Integration support
Everything a development team needs to develop software collaboratively on the cloud.
Sparklers:
Register and start a project in less than a minute.
Use Case:
PointSource is a premier IBM business partner and a sponsor user for JazzHub.
Currently have 12 projects – private and public
Doing their own app dev using JazzHub as their collaboration tool – designers, developers, business analysts, execs, mgrs – all the stakeholders involved in a project.
Using with clients as well – JazzHub allows us to:
Get a project started very quickly.
Enable the stakeholders at the client site to get involved directly with them
Sometimes develop end-to-end the entire application. Sometimes work in a collaborative team where resources from PointSource work with resources from the client.
Working with them in private projects on JazzHub
We saw benefit – its not just hype – we adopted this suite of tooling to help build the world’s most capable powerful Transaction Processing Application Server – the worlds economy and business rests upon the shoulders of z, a lot of responsibility is built with Rational tooling.