EIS-SIE

Environment Information System - Système d'Information d'Environnement

This system is tightly coupled with NEATS and CSMD.

Documentation

• http://mytc/rdims/14536673 - "EIS Fixes/Enhancements - Fall 2018"
• http://mytc/rdims/14178722 - "EIS Technical Debt Documentation (2018)"
• http://mytc/rdims/10506672 - "EIS Quick Reference Guide" http://mytc/rdims/11096070 (french)
• http://mytc/rdims/13943290 "EIS - Technical Current State (2018)"
• http://mytc/rdims/2458206 "EIS Glossary of Terms"

Reset the GeoServer

Occasionally the GeoServer instance will lockup due to being several versions out of date. To reset the GeoServer:

• Login to the machine EIS (DL OTT SC TFS Programs Apps Administrators group has access)
• Open the Services Panel
• Find GeoServerService and open it's Properties.
• Click Stop Service, wait for it to complete.
• Click Start Service, wait up to 30 minutes for the server to restart.
• Navigate to http://eis/ and select maps - if the Icons load correctly the server instance has been reset successfully.

You must uninstall the NuGet Package SlowCheetah in order for the application to compile.

Paths

EIS

GeoServer

Server 2016 Paths

History

• Initial Release : 2009
• Original code name was "Rose" or "Crimson".
• 3 Contracts over the course of 7-10 years, all awarded to "Esper Consulting" (now defunct)
• AMS was not responsible for EIS until around 2014~.

How Authentication Works

The way the EIS works with User Authentication is as follows:

1. The Server demands Windows Authentication (either NTLM or Kerberos v5 – I’m not bothering with that low level of security implementation to identify which of the two it is.)
2. The user responds with the info needed to prove the user is part of the TC Network.
3. The EIS then checks the username is the correct size.
4.  The EIS then checks if an IMPERSONATE flag is set.
5. The EIS then connects to the Oracle DB using a “proxy user” piggybacking off the “EISWeb” user. If it can retrieve the Build Number, it considers connection a success. Otherwise an error occurs.
6. The users roles are then read by the EIS via the AC005_USER_ROLE table, and a dictionary of grants is created from the XML files realproperty.roles.xml, tank.system.roles.xml, environmental.protection.roles.xml, contaminatied.site.roles.xml, and application.roles.xml. Off of the following “role” types defined in the Oracle DB
1. EIS_ADMIN, CONTACT_ADMIN, IMAGE_ADMIN, EDOC_ADMIN, NOTE_ADMIN, USER_ADMIN.
2. CS_VIEWER
3. EP_ADMIN, EP_UPDATER, EP_VIEWER, RP_ADMIN, RP_ADMIN_LL, RP_VIEWER
4. TK_ADMIN, TK_UPDATER, TK_UPLINKER, TK_VIEWER
7. The EIS then defines page access off these defined roles in the XML files based on each page (and some individual elements on the page) checking “PageLoadPermissions” a variable (that’s really more of a constant) on each page.