Unique Framework Enabling the Interoperability of FLEX and M-Files Vault
Customer
The Client is a Finnish company, 3D Render. They facilitate the decision-making process of actors in the construction industry through advanced visualization solutions and complete service packages built around them. Depending on a situation, visualization solutions might include pictures, animations or 3D real-time models.
Challenge
The Client had a FLEX application which operates with data stored in M-Files vault. M-Files is an object oriented database, which supports nesting, inheritance and some other kinds of relations between objects.
ScienceSoft task was to establish seamless application-database interconnectivity between FLEX and Vault data. The main requirements included:
Flexibility. Framework should be flexible, developer friendly and easy to understand. Complying with this requirement ensure minimal efforts for system support and modification.
Security. FLEX Client – Data transfer and all communications between the client and the vault should be secured by running the following conditions.
Content Encryption. Data leaks during message interception must be avoided.
Authentication. The application should clearly verify the validity of the response to ensure it is coming from the correct server. This would prevent message interception.
Data Integrity. Received data must be full and unchanged during message transmit.
Confidentiality. Information should be accessible only to the authorized users.
Groups and Roles security model. Users' rights management in the system should be clearly defined.
Performance. The system should support work of multiple users at the same time. Thus, performance, i.e. response time, memory usage, server side CPU usage etc. is very important for system to operate quickly and correctly.
Solution
After the analysis of the requirements, ScienceSoft team proposed the following solution:
FLEXVault interoperability is organized via WCF Service, which is connected to Vault and provides a set of methods required by FLEX Client.
WS Security is used to satisfy security requirements. It provides efficient flexibility to process all the Client’s requirements. X.509 certificates ensure that server is valid. UserName authentication is used to ensure client validity. It means that Username and Password have to be included in each request to Server.
A flexible ACL-Records model is implemented to manage user permissions to access the data. Groups and Roles security model simplifies access management.
During the implementation of items listed above, we encountered several issues. The most serious were the following:
- According to Flex issue tracking system, FLEX Builder cannot generate a proxy if WCF service uses certificates to authenticate itself. To tackle this issue ScienceSoft team generated proxy with certificates support.
- MFPAPI, a managed API for working with M-Files Vault, has some serious architectural faults that prevented implementation of some features demanded by the Client. As we discovered during the development process, there is no API for cache control. This means that cached data loaded once do not reload until the connection is closed. Reopening connection, in turn, is a time consuming operation. The approach without cache control was not applicable, because Vault could be edited from M-Files viewer provided with M-Files System and long object's lifetime could provide inconsistency between Data in Vault and data in MFPAPI cache. We investigated MFPAPI caching mechanism and proposed a new approach. We designed a new flexible API. Implementation of this API will be the next step of our collaboration with the Client.
Results
ScienceSoft has successfully implemented the required functionality and proposed next steps in collaboration. The Client received a framework, which provided interoperability of FLEX and M-Files Vault according all requested features.
Technologies and Tools
C#, WCF, M-Files, XML, FLEX, .NET.
