The IBM TDI 7.1 Server API provides a set of programming calls that can be used to develop solutions and interact with the IBM TDI (TDI) Server locally and remotely. It also includes a management layer that exposes the Server API calls through the Java Management Extensions (JMX) interface.
The Server API includes calls that allow you to:
All calls can be invoked locally from the TDI Server JVM, and remotely from another JVM (on the local or a remote network machine), through RMI:
A management layer of the Server API exposes the Server API calls through JMX. This provides for Server manageability and enables you to plug TDI into a managing infrastructure that speaks JMX. The JMX interface is accessible:
The notifications issued by the Server API internal engine are also available as JMX notifications.
Remote access to the Server API (including the JMX Remote API) is secured by using SSL with client and server authentication.
The different methods that can be used to access the TDI Server API are depicted on the diagram below:
In this sample scenario, a client (a stand-alone Java application, for example) needs to start an AssemblyLine on TDI Server. The client could use the Server API and access it remotely through the RMI interface, using the Server API RMI client library.
In accordance with the security model described in Security, the client will first create a session to the remote TDI Server using its own certificate or custom authentication. The Server will successfully authenticate the client if it has the client certificate in its trust store or custom authentication succeeds. If the authentication is successful the client will be provided with an object that represents an entry point for calling Server API methods. Using that object the client will invoke the call for starting an AssemblyLine passing parameters that specify which AssemblyLine needs to be started.
Before actually executing the method the Server API will check whether the client is authorized to execute that method - the identity of the client is determined through the client certificate used to establish the SSL channel or with provided credentials for the custom authentication. If the client is allowed to start this AssemblyLine the method will be executed and the AssemblyLine will be started; otherwise, the method will not be executed and an error (exception) will be sent back to the client indicating that it is not authorized to perform this operation.