Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

System Profile

System Full Name

Operator List Search

Business Administrator

Dean Ciaschini

Business Owner

Joel Morley

Director

Patrick Juneau

Subject Matter Expert

Division

Aviation Safety Policy and Intelligence

NTARS Code

Source Location

Source Code Location

Technology Assessment

Platform Type

Database Platform and Version

Development Language and Framework

Operating System and Version

Windows Server 2016

Additional Dependencies

Authentication

Environment Access Information

ENV

UNC

WWWFILES

URL

DB

TruePass

DEV

\\tcwebscripts\tpwwwroot\securedev\NORMS

https://etpdev.tc.gc.ca/NORMS/

PREACC

\\tcwebscripts\tpwwwroot\securedev\NORMS-PreAcc

https://etpdev.tc.gc.ca/NORMS-PreAcc/

ACC

\\tcwebscripts\tpwwwroot\secureacc

https://etpacc.tc.gc.ca/norms

PROD

https://etp.tc.gc.ca/norms

EIG

DEV

\\tcwebscripts\tpwwwroot\eigdev\norms

https://eigdev.tc.gc.ca/norms

System Overview

Developer installation

  1. Completely uninstall and reinstall oracle 12c. The installer can be found in \\TC4S0A\GROUPS\AARA\AARAD\Software Library\Developer Tools\Oracle. Regular installation, except there is no need for any VS dev tools and can be installed system-wide. (Note: Not having Visual Studio 2015 installed might prompt the following error. Downloading Visual Studio 2015 should fix that issue.)

  2. Unconfigure Oracle’s GAC with the attached bat file from \\Tc4s0a\groups\AARA\AARAD\NORMS.

  3. Install the latest ODT from Oracle’s website.

Note: Although installing Visual Studio 2015 is needed for step 1, the application is run on Visual Studio 2019.

How to get NORMS running locally if there are Oracle issues

How to Create a NORMS User for Development Purposes

Good To Know

Valid Occurrence Number Formats

How-To and Fixes

Production Error Log - Tracking all the production issues to notice trends as they can't be replicated in ACC

How to Change the TSB Coordinator in NORMS

Deployment Considerations:

NORMS has been changed to use Entrust Identity Guard instead of Entrust Truepass.
They have provided dev (eigdev) and acc (eigacc) environments for EIG applications. eigdev is running on a single server but eigacc is running in web farm.

Web Farm Deployment Considerations

If you deploy your application in a Web farm, you must ensure that the configuration files on each server share the same value for validationKey and decryptionKey, which are used for hashing and decryption respectively. This is required because you cannot guarantee which server will handle successive requests.

With manually generated key values, the <machineKey> settings should be similar to the following example.

codeCopy

<machineKey  
validationKey="21F090935F6E49C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D7
               AD972A119482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A281B"           
decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="AES"
/>

If you want to isolate your application from other applications on the same server, place the <machineKey> in the Web.config file for each application on each server in the farm. Ensure that you use separate key values for each application, but duplicate each application's keys across all servers in the farm.

Generate Cryptographically Random Keys

To generate cryptographically random keys:

  • Use the RNGCryptoServiceProvider class to generate a cryptographically strong random number.

  • Choose an appropriate key size. The recommended key lengths are as follows:

    • For SHA1, set the validationKey to 64 bytes (128 hexadecimal characters).

    • For AES, set the decryptionKey to 32 bytes (64 hexadecimal characters).

    • For 3DES, set the decryptionKey to 24 bytes (48 hexadecimal characters).

The following code shows how to generate random key values. Compile the code to create a console application, and then pass the required key size as a command line argument expressed as the desired number of hexadecimal characters. Each byte is represented by two hexadecimal characters; therefore, to request a 32-byte key, pass 64 as a command line argument. If you do not specify an argument, the code returns a 128 hexadecimal character (64-byte) key.

C# Example

codeCopy

using System;
using System.Text;
using System.Security;
using System.Security.Cryptography;

class App {
  static void Main(string[] argv) {
    int len = 128;
    if (argv.Length > 0)
      len = int.Parse(argv[0]);
    byte[] buff = new byte[len/2];
    RNGCryptoServiceProvider rng = new 
                            RNGCryptoServiceProvider();
    rng.GetBytes(buff);
    StringBuilder sb = new StringBuilder(len);
    for (int i=0; i<buff.Length; i++)
      sb.Append(string.Format("{0:X2}", buff[i]));
    Console.WriteLine(sb);
  }
}


Please refer to the following article from Microsoft for more details:

https://docs.microsoft.com/en-us/previous-versions/msp-n-p/ff649308(v=pandp.10)?redirectedfrom=MSDN#web-farm-deployment-considerations

 

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.