4.22 Trusted Applications

Trusted applications are third-party programs that can log into POAs and GWIAs in order to access GroupWise mailboxes without needing personal user passwords. Trusted applications might perform such services as message retention or synchronization with mobile devices.

The Trusted Application tool allows you to edit and delete trusted applications that are available in your GroupWise system.

For information about developing and installing trusted applications, search for GroupWise Trusted Application API at the Novell Developer Kit website. For security guidelines for managing trusted applications, see Section 97.7, Protecting Trusted Applications

4.22.1 Creating a Trusted Application and Key

A trusted application key allows a third-party program to authenticate to the POA or the GWIA and obtain GroupWise information that would otherwise be available only by logging in to GroupWise mailboxes. You can create a trusted application and its associated key in the GroupWise Admin console for use with both Linux and Windows trusted applications.

  1. In the GroupWise Admin console, click System > Trusted Applications, then click New.

    Create Trusted Application dialog box
  2. Fill in the following fields as needed for your trusted application:

    Name: Specify the name of the trusted application as you want it to be listed in the GroupWise Admin console.

    Description: Specify a description for the trusted application.

    TCP/IP Address: If you want to restrict the location from which the trusted application can run, specify the IP address of the server from which the application can run. To do so, click the Edit (pencil) button, then specify the IP address or DNS hostname of the trusted application’s server.

    If you want to allow the trusted application to be run from any server, do not specify an IP address or DNS hostname.

    IMPORTANT:If you are creating the trusted application for use with the GroupWise Mobility Service, do not specify an IP address or DNS hostname. For more information, see GroupWise Trusted Application in the GroupWise Mobility Service 2 Installation Guide.

    Requires SSL: Select this option to require a secure (SSL) connection between the trusted application and POAs and GWIAs.

    Provides Message Retention Service: Select this option if the purpose of the trusted application is to retain GroupWise user messages by copying them from GroupWise mailboxes into another storage medium.

    Turning on this option defines the trusted application as a Message Retention Service application. However, in order for GroupWise mailboxes to support message retention, you must also turn on the Enable Message Retention Service option in GroupWise Client Options (Tools > GroupWise Utilities > Client Options > Environment > Retention). You can enable individual mailboxes, all mailboxes in a post office, or all mailboxes in a domain by selecting the appropriate object (User, Post Office, or Domain) before selecting Client Options. For more information, see Section 69.0, Setting Defaults for the GroupWise Client Options.

    For information about the complete process required to use a trusted application for message retention, see Section 50.0, Retaining User Messages.

    Allow Access to Archive Service: Select this option if your message retention service interacts with an archive service. Different archive services provide differing storage alternatives (memory, disk, or tape, for example) and differing alternatives for speed and cost. You can configure multiple archive services for your GroupWise system.

    For more information about configuring GroupWise to work with an archive service, see Section 4.20.7, Archive Service Settings.

    Archive Service Address: If the trusted application for the message retention service uses the GroupWise Stubbing API, specify the IP address or DNS hostname of the server where the archive service is running. This allows the POA to interact directly with the archive service in support of the message retention service. The advantage to this configuration is that the archive service can be behind the firewall along with the POA. If retrieval is required, the POA accesses the archive service and provides the retrieved data to the GroupWise client.

    If the message retention trusted application does not use the GroupWise Stubbing API, do not specify an IP address or DNS hostname. Without the Stubbing API, the trusted application communicates with the POA to create stubs for archived messages. The stubs contain the URLs for the archived messages. When a GroupWise user clicks the stub for an archived message, the GroupWise client accesses the URL to retrieve the archived message.

    Archive Service Requires SSL: Select this option if you want to use a secure connection between the message retention service and the archive service.

    Location for Key File: Browse to and select the directory where you want to create the trusted application key file.

    Name of Key File: Specify the name of the trusted application key file to create. The third-party program must be designed to successfully access the trusted application key file where you create it.

  3. Click OK to save the trusted application configuration information.

For information about how the POA handles trusted application processing of message files, see Section 15.3.6, Configuring Trusted Application Support.

4.22.2 Editing a Trusted Application

You can edit a trusted application’s description, IP address, port, and SSL settings.

  1. In the GroupWise Admin console, click System > Trusted Applications to display the Trusted Applications dialog box.

    Configure Trusted Applications
  2. In the Trusted Applications list, select the application you want to edit, then click Edit.

  3. Modify the fields as needed for your trusted application, then click Close.

For information about how the POA handles trusted application processing of message files, see Section 15.3.6, Configuring Trusted Application Support.

4.22.3 Deleting a Trusted Application

  1. In the GroupWise Admin console, click System > Trusted Applications to display the Trusted Applications dialog box.

    Configure Trusted Applications
  2. In the Trusted Applications list, select the application you want to delete, click Delete, then click Yes to confirm the deletion.