Access control - authentication overview
There are many different ways for your application to perform authentication. Each method requires the implementation of an 'Authenticator'. The authenticators offered by the Genesis low-code platform are:
There are many different ways for your application to perform authentication. Each method requires the implementation of an 'Authenticator'. The authenticators offered by the Genesis low-code platform are:
Types of control
Authorisation
The Genesis low-code platform has a collection of access control mechanisms to ensure that:
This page describes the configuration options for authentication. Remember that if you want to override the default configuration of the auth-preferences.kts, you need to modify or create the following file: application-name-script-config/src/main/resources/scripts/auth-preferences.kts.
Automatic import
Apache Camel integrations are defined within your application's jvm/{app-name}-script-config/{app-name}-camel.kts file.
System definitions
Reading from an SFTP server
The Genesis low-code platform supports the use of Apache Camel in order to integrate with external systems, using its plethora of components.
To create integration tests for your Apache Camel routes, you need to create service tests by extending the AbstractGenesisTestSupport class and specifying the relevant application-name-camel.kts file as the scriptFileName.
The authorisation API consists of two main classes that enable you to add permission checks to your custom component.
Genesis supports some of the key annotations from javax.annotation and javax.inject, defined in Java Platform Enterprise Edition, using Google Guice as the internal dependency injection mechanism. In addition, Genesis provides some of its own annotations.
In most cases, you will create Event Handlers in a kts file using GPAL. This offers a method with succinct code and a good degree of flexibility.
Use these APIs to send and receive messages between micro-services.
Genesis is a low-code solution for financial markets. We try to provide as much of the platform via GPAL as possible, while allowing you to extend the platform with more powerful custom components and functionality.
In this page, we look at details of the functions that enable you to interact with the Genesis services that can be specified in the service-definition.xml file.
The system-definition file is the basis of all configurations. In this page, we describe the different functions available to get properties specified in the system-definition.kts file. Default methods have implementations to provide default values for each property.
Multiple groupBy statements
You define a Consolidator service in a consolidator.kts file. Within the file, you can define as many Consolidators as you like. Each one is specified in a Consolidator block of code.
For your Consolidator to run, it must be defined as a process and included as a service definition. Make sure you update the following files in your application:
Here is an example Consolidator file that defines two Consolidators:
A Consolidator exists to aggregate data or perform calculations whenever the underlying data is changed.
Integration testing
Before diving into the core concepts, let's start with how to set up the Genesis HTTP Client in your project.
Introduction
Request context
To create custom endpoints, you need to define a gpal file called web-handler.kts.
Gpal custom endpoints require no configuration beyond the web-handler.kts file. No modifications to the processes.xml file are required. Files will be picked up automatically by the Genesis Router from the /script folders.
The example below is a collection of custom endpoints supporting SAML authentication. The LoginPostEndPoint, LoginUrlRequestEndPoint, LogoutEndPoint, and MetadataEndPoint all extend this AbstractSamlEndPoint.
Integration testing
Enriching data from the Genesis database
Where to define
Configure processes.xml file
Here is a full example of ingesting trades:
Genesis Data Pipelines enable you to stream data into and out of your Genesis application. If you are looking to integrate your application with an external database or file system, this module should be your first consideration. If Data Pipeline does not offer you the solution you need, we suggest using Apache Camel to create the integration.
To test a data pipeline you need:
Client-enriched data
Let's make things really simple.
There are two important files in your application that contain configuration information:
Enriching a query
Data Servers monitor specific tables or views in the database. When a change in data occurs, the Data Server sends the updates to all its subscribers.
GenesisJunit is only available from version 8 of the Genesis Server Framework (GSF).
The generateSQLToRDB script
Configuration
GenesisToDb must be configured in your application-processes.xml file. The following is an example of how to do this:
Oracle Sample
The GenesisToDb module enables you to stream data from the Genesis low-code platform to classic RDBMS databases, such as Oracle or MSSQL.
You can not programmatically test integrations configured using the GenesisToDb module. However,
The Genesis HTTP Client offers many approaches to making HTTP requests, catering for different use cases and preferences. This section covers the three main approaches:
Dynamic rules
Enabling the Evaluator
Cron rules (static events)
It is often useful to run tasks periodically - for example to schedule the production of EOD reports, or to send a warning when a defined limit is reached. For such purposes, the Genesis low-code platform provides a feature called the Evaluator.
Introduction
Custom reply message type
Let's make things really simple.
There are two important files in your application that contain configuration information:
On this page, you can find useful examples of code for an Event Handler. We start with a very basic example, and then we provide further examples to cover key functions, such as exception handling and permissioning.
GenesisJunit is only available from version 8 of the Genesis Server Framework (GSF).
The following Excel functions are currently supported by ExcelToGenesis.
The Genesis low-code platform enables you to convert existing Excel spreadsheets into Genesis data models.
This page shows you how to create a Gateway to connect to a remote system using the FIX (Financial Information eXchange) protocol.
Streamer
While the standard architecture of the FIX gateway is more than sufficient for most use cases, it is not ideal for more demanding architectures.
The FIX Xlator is a plugin for the Streamer and Streamer client, which enables type-safe handling of FIX messages. It also gives access to a set of vital integration features, such as FIXIN, EXECUTIONREPORT and CUSTOM_FIX.
If your application needs to integrate with external systems through a gateway, you need to be able to interpret incoming messages in the format of the external system. Equally, you need to be able to reformat information from your Genesis application when you send messages out to that system.
This page shows you how to create a Streamer.
This page shows you how to create a Streamer Client. It also looks at the syntax of the two types of Streamer Client that are available:
The Genesis HTTP Client is designed to simplify integration with external REST services in the Genesis Platform. It provides an intuitive DSL for making HTTP requests, so that you can integrate Request Servers and Event Handlers with external applications.
The Genesis Platform Abstraction Language (GPAL) is a set of custom Kotlin script definitions that enable you to quickly stand up Genesis services at speed. The scripts also provide a consistent functionality set with the same look and feel throughout.
Event Handlers can be written in Java using Event Handler APIs. On this page, we look at Event Handlers written using the Rx3 Event handlers
This page gives details of the configuration requirements common to adaptors for all vendors.
Installation
GenesisSet is a generic message format used to send data between Genesis processes. The information in the messages must be stored as key-value pairs. A GenesisSet can store integers, booleans, text, etc. Importantly, it can also contain other GenesisSets.
In this area, we'll look at the network messages that are used for front-end and inter-process communications.
The following annotations are found in the package global.genesis.message.core.annotation and can be applied when defining Kotlin data classes to be used as input I message types.
The Genesis low-code platform uses type-safe messages to perform message serialisation and deserialisation. In addition, it automatically extracts relevant metadata to expose this to the front end in the form of a Json Schema definition that is compliant with the 2019-09 specification. These messages will be validated automatically in the back end, based on their definition.
Email routes
The Genesis platform provides a mechanism for creating pop-up toast notifications on screen in the app. Any notifications sent to the Genesis Screen Gateway will be sent as a toast pop-up notification.
This guide assumes you have not used GenX to add the Notifications component. You should only add components manually if your project is on an older framework version that does not support GenX Add.
Microsoft Teams provides a mechanism for exposing its channels to a remote system via webhooks.
Symphony is a secure instant messaging service focused on financial companies.
Open API support was introduced in version 7.0 of the Genesis platform.
DbMon is the Genesis database client. It provides a set of commands that enable you to view and change the database as necessary. DbMon hides the details of the specific database technology, so this does not affect your usage.
Remap is a schema-migration tool that applies the current schema (defined in the deployed field and table GPAL dictionaries) to the underlying database layer.
Genesis has numerous built-in commands that have their own individual functions.
This section demonstrates practical examples of using the Genesis HTTP Client in various Genesis components and common use cases.
Build
The application has three files that contain vital configuration information:
Audit tables
Let's make things really simple.
There are two important files in your application that contain configuration information:
You define your application's Request Server in a kotlin script file called application-name-reqrep.kts.
Request Servers (otherwise known as request/replies and often shortened to reqrep) provide snapshot data from a table or view in response to a request from the front end. Once the response is received, the transaction is over (unlike a Data Server, which stays connected to the client and pushes updates).
GenesisJunit is only available from version 8 of the Genesis Server Framework (GSF).
Authentication
Authentication
There are two important files in your application that contain configuration information:
The Genesis low-code platform automatically exposes all the resources you have configured as REST endpoints via the Genesis Router. Unless configured otherwise, all requests require a valid SESSIONAUTHTOKEN HTTP header. A SESSIONAUTHTOKEN is retrieved after successful user authentication.
The REST Endpoints created by the Genesis low-code platform reflect your application's business logic. These endpoints can be configured through the Genesis Router.
Auth module
Database caching on local microservices is supported out of the box. You can configure a caching layer for any Genesis module. The cache can reduce the database workload for tables that contain static data.
The Genesis low-code platform supports the following database technology:
Genesis Router is responsible for all communication between the front end and back end.
Some files are essential to the development and running of your application. You need to know what they are for and how to configure them. The pages in this section provide the details.
Your application must have a -processes.xml file. This contains the configuration of each module in the application (Data Server, Request Server, Event Handler, etc). It is created automatically when you start a new Genesis project using GenX CLI tool, but you might well want to update it - and you certainly want to take a good look at it.
Every application must have a -service-definitions.xml file. This is where you specify the ports of the various processes. These are used to communicate internally between processes.
The system-definition file genesis-system-definition.kts is the main configuration file for your application.
This document describes the recommended uses of config management with Genesis frameworks. Readers must have some Linux system administration experience.
This section describes installing an application built on the Genesis low-code platform. Readers need to have some experience of Linux system administration.
This section is for users with experience of Linux system administration. Here we describe preparing a host to run applications built with the Genesis low-code platform.
The following code snippets can be imported into IntelliJ to speed up repetitive development tasks, mainly around the declaration of Genesis scripts and configuration.
The Genesis Intellij Plugin enables you to run the full stack of a Genesis application locally within IntelliJ, so you can check and test your development work as you progress.
Site-specific is an area of the run directory where you can override the standard definitions found elsewhere in your application. By default, its location is:
In the front end of your application, there are two files that need to be checked and amended to ensure that the SSO workflow works correctly.
SSO is a mechanism that enables a user to be authenticated against a single system, and use that authenticated id across multiple applications - including those built on the Genesis low-code platform. This has the advantage that a user is required to log in only once, rather than once per system.
SSO is a mechanism that enables a user to be authenticated against a single system, and use that authenticated id across multiple applications - including those built on the Genesis low-code platform. This has the advantage that a user is required to log in only once, rather than once per system. OpenID Connect (OIDC) is a simple identity layer on top of the OAuth 2.0 protocol. It enables applications to:
SSO is a mechanism that enables a user to be authenticated against a single system, and use that authenticated id across multiple applications - including those built on the Genesis low-code platform. This has the advantage that a user is required to log in only once, rather than once per system.
The State Machine can be injected to the Event Handler script or API.
You define your State Machine as a specific type of Event Handler.
State Machines are defined as Event Handlers in your application's eventhandler.kts file. Ensure that your Event Handler is correctly configured for runtime.
The following example of a State Machine defines five events that control the transition of trades from one state to another.
One of the key things you need to define in your data model is the various states that your financial entities (such as orders or trades) can go through - for example, new, amended, completed or cancelled.
Integration testing
Integration testing