Friday Apr 11, 2014

Friday Spotlight: Writing a Broker for Oracle Secure Global Desktop

We talked about the dynamic launch feature in Oracle Secure Global Desktop earlier and pointed out that the code providing the functionality is implemented in a broker.  Here, we'll look at the fundamentals of writing a broker before working through a scenario where a bespoke broker would simplify operations.

Broker Basics

The interfaces and classes you need to write a broker are in the com.tarantella.tta.webservices.vsbim package in the sgd-webservices.jar archive. 

IVirtualServerBroker is the key interface and all Secure Global Desktop brokers must implement it.  These are the methods where a broker writer would typically add logic.

void initialise(Map initParams) This method is called once when the broker is loaded by the Secure Global Desktop workspace.  It gives the broker a map of the key/value pairs configured on the dynamic application server object using the broker.  Typical parameters would be the name and port of a source of real or virtual application servers.
Map getCandidateServers(Map params) Secure Global Desktop calls this method to obtain a list of servers available to a particular user.  The broker receives a map of parameters, including the identity of the user, and the broker returns a list of candidate servers.  The broker writer is free to decide how to populate that list and whether to return one candidate or several.  For example, the broker could contact a database to reserve a single server.  Alternatively, it could use APIs or web services to contact a VM provider and get a list of available virtual machines.
ICandidateServer prepareCandidate(String type, ICandidateServer candidate) This method is called after getCandidateServers returns a single option or the user has selected one from several.  This is the place for any code needed to set-up the chosen server or virtual machine.
void destroy() This is where the broker would tidy-up, freeing any resources it had used, like sessions and connections.

A Sample Broker

Let's look at a scenario where writing a broker could simplify operations.  You are an administrator of a Secure Global Desktop deployment where users periodically need to access a key application.  Only a single instance of the application can run on any one server and you have a limited number of licenses.  When a user requires access to the application, they submit a service request to reserve one.  The traditional, broker-less approach in Secure Global Desktop would be to create an application object, configure it to run on the reserved application server and then assign it to the user who reserved it.  Time-consuming if you have to do this repeatedly and on a regular basis.

However, if we can access the reservation database, we can do it dynamically in a broker.  The operation now becomes:

  • Once only, the administrator assigns the application a dynamic application server configured with a custom broker


  • User submits a service request and reserves a server
  • User logs into Secure Global Desktop and clicks the link to launch the application
  • The broker queries the database, gets the server that the user has reserved and launches the application on it

For the administrator, there is no need to create, modify or destroy objects in the Secure Global Desktop datastore every time a user submits a service request.

Skipping many details, defensive coding and exception handling, the broker code would look something like this:

package com.mycompany.mypackage;

import com.tarantella.tta.webservices.vsbim.*;
import java.sql.*;
import java.util.*;

public class DbBroker implements IVirtualServerBroker {

    static private final String TYPE = "A Description";
    private Connection dbConn;

    public void initialise(Map<String, String> parameters)
            throws VirtualServerBrokerException {
        // Connect to reservation database.  End-point and credentials are
        // supplied in the parameters from the dynamic application server
        dbConn = DriverManager.getConnection(params.get("URL"), params.get("USER", params.get("PASS"));

    public Map<String, List<ICandidateServer>> getCandidateServers(
            Map<String, String> parameters)
            throws VirtualServerBrokerAuthException,
                   VirtualServerBrokerException {
        Map<String, List<ICandidateServer>> launchCandidates =
                new HashMap<String, List<ICandidateServer>>();

        // Get the user identity
        String identity = parameters.get(SGD_IDENTITY);

        // Lookup the application server for that user from the database
        Statement statement = dbConn.createStatement();
        String query = createQuery(identity);
        ResultSet results = statement.executeQuery(query);
        // Parse results;
        String appServerName = parseResults(results);

        if (appServerName != null) {
            // Create the assigned server.
            CandidateServer lc = new CandidateServer(appServerName);

            List<ICandidateServer> lcList = new ArrayList<ICandidateServer>();
            launchCandidates.put(TYPE, lcList);

        return launchCandidates;

    public ICandidateServer prepareCandidate(String type,
            ICandidateServer candidate)
            throws VirtualServerBrokerException {
        // Nothing to do
        return candidate;

    public void destroy() {
        // Close the connection to the database

    // And the other methods
    public boolean isAuthenticationRequired() {
        // No user authentication needed
        return false;

    public Scope getScope() {
        // Scope at the application level for all users.
        return Scope.APPLICATION;

In summary, dynamic launch and custom brokers can simplify an administrator's life when operating in a dynamic environment.  The broker can get its data from any source with a suitable interface: a database, a web server or VM providers with open APIs.  Next time, we'll illustrate that with a broker connecting to Virtual Box.


Get the latest scoop on products, strategy, events, news, and more, from Oracle's virtualization experts




« April 2014 »