Tuesday Mar 15, 2011

One Year Later

It's been a year since the merger of Sun into Oracle. I'm still focused on Identity Management ... with a twist. I'm a member of the Oracle Public Sector team. At Sun, I supported mostly commercial customers.

Monday Jan 05, 2009

Project OpenPTK 2.0.0 development has started

This past weekend, we Checked In the initial development code for Release 2.0.0 of Project OpenPTK. This code is a re-design of the Framework to support new features. The new code is available from the main SVN trunk ...

svn checkout https://openptk.dev.java.net/svn/openptk/trunk/openptk openptk --username guest

The latest stable build of release 1.1.0 is available from the release-1.1 SVN tag ...

svn checkout https://openptk.dev.java.net/svn/openptk/tags/release-1.1/openptk openptk-1.1 --username guest

As we work on this release, we'll update the documentation. The What's New page is updated as the features are completed.

Monday Aug 25, 2008

Secure SPML communications

Last week I got an email from a developer that is using Project OpenPTK. They want to use HTTPS/SSL to secure communications between the Sun Identity Manager and an OpenPTK-enabled application.

I was pretty sure this was "do-able" but I have not had a chance/need to configure OpenPTK using HTTPS/SSL. With that said, I did some research, contacted some co-workers, and set-up a little test lab. The process is relatively straight forward, I used two Glassfish domains (SPML-Server / SPML-Client) and self-signed certificates:

  1. Configure OpenPTK applications to use SSL/HTTPS
  2. Replace the default certificate on the SPML-Server (Sun Identity Manager)
  3. Add the certificate to the SPML-Client (OpenPTK-enabled Application)

The complete (detailed) process is documented in the Project OpenPTK Release 1.1 Installation Guide

Saturday Aug 23, 2008

Third Meeting: Chicago-Area Identity Management User Group

This past Thursday evening we had our third meeting. Sun hosted the meeting in their Itasca, IL office. The attendees included the local Sun Identity team, partners (Laurus Technologies) and users (United Airlines, Motorola, Kraft Foods, Northeastern Illinois University).

To "kick-off" the meeting, the Sun Identity team asked the User Group community for help ... Leveraging the wikis.sun.com site, they started a new collaboration site focused at sharing Identity Manager knowledge. http://wikis.sun.com/display/sunidmdev is a wiki site where registered users can share their workflows, forms, and other artifacts with the community.

Agenda:

6:00 - 6:30Greetings and Catered Dinner
6:30 - 6:45Introductions
6:45 - 7:30What's New with Identity Manager and Role Manager
7:30 - 7:45Break
7:45 - 8:30Integrating Identity Manager and Access Manager (OpenSSO)
8:30 - 9:00User Group business

The first presentation was given by the Identity folks at Sun. They gave an overview of Identity Manager 8.0 and Role Manager 4.0. They covered the new features, integration points and a roadmap. The second presentation was given by Laurus Technologies. They gave a presentation and demonstration related to how you can integrate Identity Manager with Access Manager (they actually used OpenSSO, very cool).

During the "business" part of the meeting, we talked about how to improve the User Group. Here is what the members asked for:

  • Want to hear customer stories
  • Have meetings during business hours
  • Allow remote attendance (webex)
We updated out list of future meeting topics. We had two customers offer to give a presentation on what they are doing with Identity Manager. The next meeting has been set for Thursday November 13th, 2008. It will be a breakfast meeting held at the Sun Itasca IL office, a webex session will be available those users that can't attend in-person. The current agenda (subject to change):
8:30 - 9:00Greetings and Breakfast
9:00 - 9:45Customer Story: Motorola
9:45 - 10:30Customer Story: To Be Confirmed
10:30 - 11:00User Group business

Sun Microsystems, Inc.
Two Pierce Place
15th Floor, Skyline Conference Room
Itasca, IL 60143

Future topics:

  1. Sun Role Manager SOD and Compliance
  2. Sun Identity Manager and and Access Manager integration
  3. Directory Server non-people use
  4. Federated Access Manger 8 feature update
  5. Sun JavaCaps 6 feature update
  6. Password Sync with Active Directory
  7. Identity Manager to enable business growth
  8. PKI integration
  9. Customer Stories
  10. Panel of Customers for Role Manager
  11. Identity as a software service (SaaS)
  12. ESSO
  13. External facing deployments
  14. Role Rationalizaton: best practices, customer deployments

If you wish to be imformed (sent emails) of User Group activities, please send an email to RequestChicagoIdmLUG at Sun dot COM and you will be added to the mailing list.

Friday Aug 01, 2008

wikis.sun.com a perfect fit

Looking for a wiki to collaborate information ... i've got just the one: wikis.sun.com

Project OpenPTK is about to release a new version (1.1). As with any software development project, the jobs not done until the documentation is done. Previous releases used PDF files to distribute documentation (source files were .odt). Emailing source files between the development team was not working. We decided to move our documentation to a wiki. Our requirements:

  • Fully accessible to anyone for reading
  • Easy to manage document / page structures
  • Ability to control create / update access to specific documents / pages
  • Easy to use syntax
  • Scalable / Available architecture

After researching a number of options, we decided to create a project on http://wikis.sun.com. Our wiki site can be directly found at http://wikis.sun.com/display/openptk or from the OpenPTK url http://wiki.openptk.org

The site is still under construction by the Project Team. The migration of documents to wiki pages has been going great. A couple of pages are done ... take a look at the Overview, Release Notes, and the Configuration Reference Guide.

If your looking for a public facing wiki site to host your collaboration project ... check it out.

Monday Jun 30, 2008

I did say Yellow fire trucks

I was at my Fire Station (where I volunteer) a few weeks ago when a local newspaper reporter stopped by to do a story on the color of fire trucks. They wanted to talk to Pingree Grove because our fire truck are Yellow. The Chief and I (Public Information Officer) told the story of why our fire trucks are not red. If you are curious, the on-line version of the print article is here

Friday May 23, 2008

Second Meeting: Chicago-Area Identity Management User Group

Last night was our second meeting. Sun hosted the meeting in their Itasca, IL office. We had two great presentations giving by Partners that are experts in Identity Management. It was great to see the users asking questions and sharing experiences. After the formal meeting ended, a number of the users and partners stayed late, told stories and discussed solutions. The community is growing.

This meeting is about bringing together a community of users, vendors and partners with common interests in identity management. The group focuses on provisioning, access control, and user repository technologies that support business processes related to the management of identity data. The following technologies were discussed during the meeting:

  • Identity Manager
  • Access Manager
  • Directory Server
  • Role Manager
  • Java CAPS

Meeting agenda:

6:30 - 7:00Greetings and Catered Dinner
7:00 - 7:15Introductions
7:15 - 8:00Upgrading Identity Manager, Laurus Technologies
8:00 - 8:45Doing more with Identity Manager, Deloitte
8:45 - 9:00User Group business

The attendees included the local Sun identity team, partners (Laurus Technologies, Deliotte) and users (United Airlines, Motorola, Hewitt, Northern Trust, Allstate). We compiled a list of topics for future meetings:

  1. Sun Identity Manager 8 feature update
  2. Sun Identity Manager and Sun Role Manager integration
  3. Sun Role Manager SOD and Compliance
  4. Sun Identity Manager and and Access Manager integration
  5. Directory Server non-people use
  6. Federated Access Manger 8 feature update
  7. Sun JavaCaps 6 feature update
  8. Password Sync with Active Directory
  9. Identity Manager to enable business growth
  10. PKI integration
  11. Customer Stories
  12. Panel of Customers for Role Manager
  13. Identity as a software service (SaaS)

The community voted and selected two topics the next meeting:

  • Identity Manager: Update, Role Manager integration, SOD/Compliance
    (Brian Taylor from Delottte is leading this topic)
  • Access Manager and Identity Manager Integration
    (Jeremy Miller from Larus Technologies is leading this topic)

The next meeting has been scheduled for Thursday, August 21st, 2008 @ 6:00pm. The meeting will be held at:

Sun Microsystems, Inc.
Two Pierce Place
15th Floor, Skyline Conference Room
Itasca, IL 60143

If you wish to be imformed (sent emails) of User Group activities, please send an email to RequestChicagoIdmLUG at Sun dot COM and you will be added to the mailing list.

Wednesday May 14, 2008

Liferay 5.0 on existing Glassfish v2

I setup Liferay 5.0.1 on Glassfish v2 to test some JSR-168 Portlets as part of Project OpenPTK. Here are my notes on getting Liferay running. I installed this configuration on my Apple MacBook Pro with Leopard (10.5).

The liferay website does not have an install guide for release 5.0. I used the 4.4 Admin guide. This wiki site has some useful information for installing Liferay with Glassfish. These docs got me going but I had to perform a few extra / different steps to make things work.

Pre-condition:

Set some variables:

  • export GLASSFISH=/usr/local/glassfish_v2
  • export LIFERAY=/work/Software/Projects/liferay_v5.0
  • export MYSQL=/usr/local/mysql

Create a directory to store and extract the downloaded files: ${LIFERAY}

Download Software:

http://www.liferay.com/web/guest/downloads/additional.

  • Liferay Portal 5.0.1 WAR file for Servlet 2.4 to the directory: ${LIFERAY}
  • Liferay Portal 5.0.1 Dependencies file and unzip to the dependencies subdirectory: ${LIFERAY}/dependencies
  • Liferay Portal 5.0.1 SQL Scripts file and unzip to the sql subdirectory: ${LIFERAY}/sql
  • Files for Developers: Liferay Plugins SDK 5.0.1 file and unzip to the lib subdirectory: ${LIFERAY}

MySQL Database configuration:

Login as the administrator to the database of your choice. Select either the minimal installation (scripts in the sql/create-minimal subdirectory) or the full example installation script (scripts in the sql/create subdirectory) and run the script for your database server (e.g. create-mysql.sql). The default database created by the script is called lportal.

Recommended security: Create a separate Liferay database user and grant it SELECT, INSERT, UPDATE, DELETE permissions on all tables in the lportal database.

# mysql -uroot -ppassword < ${LIFERAY}/liferay-portal-sql-5.0.1/create-minimal/create-minimal-mysql.sql
# mysql -uroot -ppassword
mysql> grant all on lportal.\* to lportal identified by 'lportal';
mysql> grant all on lportal.\* to lportal@localhost identified by 'lportal';

Create a new Glasfish domain:

admin name:lportal
admin password:lportallportal
# ${GLASSFISH}/bin/asadmin create-domain --adminport 14848 --instanceport 18080 lportal
Please enter the admin user name>
Please enter the admin password>
Please enter the admin password again>
Please enter the master password [Enter to accept the default]:>
Please enter the master password again [Enter to accept the default]:>
Using port 14848 for Admin.
Using port 18080 for HTTP Instance.
Default port 7676 for JMS is in use. Using 50684
Default port 3700 for IIOP is in use. Using 50685
Default port 8181 for HTTP_SSL is in use. Using 50686
Default port 3820 for IIOP_SSL is in use. Using 50687
Default port 3920 for IIOP_MUTUALAUTH is in use. Using 50688
Default port 8686 for JMX_ADMIN is in use. Using 50689
Domain being created with profile:developer, as specified by variable AS_ADMIN_PROFILE in configuration file.
Security Store uses: JKS
Domain liferay created.

Stop Glassfish if it's running:

# ${GLASSFISH}/bin/asadmin stop-domain lportal

Copy some files:

Copy the Liferay dependencies to the Glassfish domains/lportal/lib subdirectory.

# cd ${LIFERAY}/liferay-portal-dependencies-5.0.1
# cp portal-kernel.jar portal-service.jar portlet.jar ${GLASSFISH}/domains/lportal/lib

Note: the docs for Liferay 4.4 mention copying the xercesImpl.jar file. Liferay failed to run and gave me errors about missing other classes. After adding a jar and restarting a few time ... I got it working by adding these other two jar.

Copy the xercesImpl.jar, xalan.jar and serializer.jar file from the Liferay lib subdirectory to the Glassfish domains/lportal/lib subdirectory.

# cp ${LIFERAY}/lib/xercesImpl.jar ${GLASSFISH}/domains/lportal/lib
# cp ${LIFERAY}/lib/xalan.jar ${GLASSFISH}/domains/lportal/lib
# cp ${LIFERAY}/lib/serializer.jar ${GLASSFISH}/domains/lportal/lib

Copy the JDBC driver for your database to the domains/lportal/lib directory.

# cp mysql-jdbc.jar  ${GLASSFISH}/domains/lportal/lib

Start Glassfish:

# ${GLASSFISH}/bin/asadmin start-domain lportal

Resources/JDBC/Connection Pools:

If you are using the Glassfish web-based admin console, go to Resources/JDBC/Connection Pools and create a connection pool to connect to the lportal database. Here is the asadmin command to perform the same function.

Usage: ${GLASSFISH}/bin/asadmin create-jdbc-connection-pool 
       --datasourceclassname classname 
       [--terse=false] 
       [--echo=false] 
       [--interactive=true] 
       [--host localhost] 
       [--port 4848|4849] 
       [--secure | -s] 
       [--user admin_user] 
       [--passwordfile file_name] 
       [--restype res_type] 
       [--steadypoolsize 8] 
       [--maxpoolsize 32] 
       [--maxwait 60000] 
       [--poolresize 2] 
       [--idletimeout 300] 
       [--isolationlevel isolation_level] 
       [--isisolationguaranteed] 
       [--isconnectvalidatereq=false] 
       [--validationmethod auto-commit] 
       [--validationtable tablename] 
       [--failconnection=false] 
       [--allownoncomponentcallers=false] 
       [--nontransactionalconnections=false] 
       [--description text] 
       [--property (name=value)[:name=value]\*] 
       jdbc_connection_pool_id

# ${GLASSFISH}/bin/asadmin create-jdbc-connection-pool \\
  --datasourceclassname com.mysql.jdbc.jdbc2.optional.MysqlDataSource \\
  --host localhost \\
  --port 14848 \\
  --user lportal \\ 
  --restype javax.sql.DataSource \\
  --description "MySQL Liferay Portal 5.0.1" \\
  --property ServerName=localhost:Password=lportal:DatabaseName=lportal:User=lportal:Port=3306:PortNumber=3306:LoginTimeout=0:ProfileSql=false \\
  MySQL_Liferay
Please enter the admin password>
Command create-jdbc-connection-pool executed successfully.

Resources/JDBC/JDBC Resources:

If you are using the Glassfish web-based admin console, go to Resources/JDBC/JDBC Resources, create a JDBC resource with the JNDI name jdbc/LiferayPool, and associate it with the connection pool created in the previous step. Here is the asadmin command to perform the same function.

Usage: ${GLASSFISH}/bin/asadmin create-jdbc-resource 
       --connectionpoolid id 
       [--terse=false] 
       [--echo=false] 
       [--interactive=true] 
       [--host localhost] 
       [--port 4848|4849] 
       [--secure | -s] 
       [--user admin_user] 
       [--passwordfile file_name] 
       [--enabled=true] 
       [--description text] 
       [--target target(Default server)] 
       [--property (name=value)[:name=value]\*] 
       jndi_name

# ${GLASSFISH}/bin/asadmin create-jdbc-resource \\
  --connectionpoolid MySQL_Liferay \\
  --host localhost \\
  --port 14848 \\
  --user lportal \\
  --enabled=true \\
  --description "Liferay Portal 5.0.1 Pool" \\
  jdbc/LiferayPool
Please enter the admin password>
Command create-jdbc-resource executed successfully.

Resources/JavaMail Sessions:

If you are using the Glassfish web-based admin console, go to Resources/JavaMail Sessions and create a JavaMail resource with the JNDI name mail/MailSession. Here is the asadmin command to perform the same function.

Usage: ${GLASSFISH}/bin/asadmin create-javamail-resource 
       --mailhost hostname 
       --mailuser username 
       --fromaddress address 
       [--terse=false] 
       [--echo=false] 
       [--interactive=true] 
       [--host localhost] 
       [--port 4848|4849] 
       [--secure | -s] 
       [--user admin_user] 
       [--passwordfile file_name] 
       [--storeprotocol imap] 
       [--storeprotocolclass com.sun.mail.imap.IMAPStore] 
       [--transprotocol smtp] 
       [--transprotocolclass com.sun.mail.smtp.SMTPTransport] 
       [--debug=false] 
       [--enabled=true] 
       [--description text] 
       [--property (name=value)[:name=value]\*] 
       [--target target(Default server)] 
       jndi_name

# ${GLASSFISH}/bin/asadmin create-javamail-resource \\
  --mailhost localhost \\
  --mailuser root@localhost \\
  --fromaddress root@localhost \\
  --host localhost \\
  --port 14848 \\
  --user lportal \\
  --enabled=true \\
  --description "Liferay Portal Mail" \\
  mail/MailSession
Please enter the admin password>
Command create-javamail-resource executed successfully.

Restart Glassfish:

# ${GLASSFISH}/bin/asadmin stop-domain lportal
# ${GLASSFISH}/bin/asadmin start-domain lportal

Deploy Liferay:

Deploy the Liferay WAR file to the server with the context root /.

Usage: ${GLASSFISH}/bin/asadmin deploy 
       [--terse=false] 
       [--echo=false] 
       [--interactive=true] 
       [--host localhost] 
       [--port 4848|4849] 
       [--secure | -s] 
       [--user admin_user] 
       [--passwordfile file_name] 
       [--virtualservers virtual_servers] 
       [--contextroot context_root] 
       [--force=true] 
       [--precompilejsp=false] 
       [--verify=false] 
       [--name component_name] 
       [--upload=true] 
       [--retrieve local_dirpath] 
       [--dbvendorname dbvendorname] 
       [--createtables=true|false | --dropandcreatetables=true|false] 
       [--uniquetablenames=true|false] 
       [--deploymentplan deployment_plan] 
       [--enabled=true] 
       [--generatermistubs=false] 
       [--availabilityenabled=false] 
       [--libraries jar_file[(pathseparator)jar_file]\*] 
       [--target target(Default server)] 
       filepath 

# ${GLASSFISH}/bin/asadmin deploy \\
  --host localhost \\
  --port 14848 \\
  --user lportal \\
  --contextroot / \\
  --precompilejsp=false \\
  --verify=false \\
  --name "Liferay-Portal-5.0.1" \\
  --enabled=true \\
  ${LIFERAY}/liferay-portal-5.0.1.war

You can also deploy liferay by copying the ${LIFERAY}/liferay-portal-5.0.1.war file to the autodeploy sub-directory of the glassfish domain: ${GLASSFISH}/domains/lportal/autodeploy

# cp ${LIFERAY}/liferay-portal-5.0.1.war ${GLASSFISH}/domains/lportal/autodeploy

If the application server is running locally, set the upload option to false (if using the asadmin command-line tool) or use the Local packaged file or directory that is accessible from the Application Server option in the Admin Console. For faster application load times, precompile the JSPs (this will take several minutes).

Do not run the verifier, as the sun-web.xml file does not match its DTD and will cause a deployment failure.

The liferay portal is ready to run:

  1. Connect to the portal on http://localhost:18080.
  2. Login as the default administrator: test@liferay.com
  3. Password is test

Monday May 12, 2008

CommunityOne JavaOne Summary

I attended JavaOne (and CommunityOne) last week. I was basically "drinking from the fire hose". There were more sessions to attend then what I had time for. The Technical Sessions and Labs are on-line so I have no reason to not review the ones I missed ... except for time. I was focused on a few specific topics:

  • opensolaris
  • NetBeans
  • RESTful web services
  • AJAX enabled user interfaces

opensolaris:

The first opensolaris distribution (2008.05) was relased. The use of LiveCD for installation made things very simple and easy. There's a lots of new features, besides the new installer. The most obvious new features include a new user interface (gnome based), ZFS root filesystem and a new package management system. I downloaded the latest release (1.6) of Sun xVM VirtualBox for my Mac and installed the opensolaris distribution. very cool!

www.opensolaris.com

NetBeans:

Release 6.1 added more support for technologies that I've been researching: ajax frameworks and RESTful web services. I was't going to upgrade from 6.0 until I attended sessions during NetBeans Day (part of CommmunityOne). Check out the new features on the NetBeans site. During lunch I installed 6.1. It installed just fine. I had it use my 6.0 preferences. The only plug-in I had to manually add was "JAX-RPC" for a legacy web service project that I have.

NetBeans has come a long way from when I first used it three years ago. The performance, integration with App Servers (Glassfish), editor features, and collection of plugins has made this an awesome tool. I'm not the only one who must think so ... I've been seeing less-and-less of Eclipse on people's laptops and used within the Vendor booths.

NetBean 6.1 Download

RESTful web services:

One of the features on the roadmap for Project OpenPTK is a RESTful web service. My personal observation is that the RESTful tools are almost there. The spec JSR-311 JAX-RS: The JavaTM API for RESTful Web Services, is in review and Jersey is available for testing. I starting writing RESTful-type Servlets from scratch and it's a lot of work ... I'll let the RESTful tools make this easier.

AJAX enabled user interfaces:

There's lots of choices (maybe too many). I've not made a decision. But, since Java is my first language i'm leaning toward the options that don't require me to learn something new like Ruby, PHP, or JavaScript (I do know a little JavaScript). I liked what I saw from the jMaki client-server framework for building Ajax enabled applications. I also like Project Woodstock which is focused on developing the next generation of User Interface Components for the web, based on Java Server Faces and AJAX.

Other observations:

The most widely used OS by the presenters was MacOS X, second was Solaris/Linux and third was Windows (at least for the sessions I attended). I've noticed that the laptop of choice for JavaOne attendees (most likely developers) is shifting to Apple. I'll estimate that 50% of the people I noticed made Apple MacBook (Pro)'s. Last year that number was about 25%-30% and two years ago it was around 10%-15%.

Notes:

Here are my notes from each day:

Saturday May 10, 2008

JavaOne Day Four

After having breakfest with some Sun friends we headed for Moscone.

General Session

This was a full session of cool Java demos:

  • VisualVM
  • JavaScript features in NetBeans
  • NVidia APX 2500, Java 3D on a mobile device
  • Project Darkstar
  • Java Card 3.0 innovation, robots fighting
  • Pervasive Java
  • Livescribe, very cool device, i might have to get one of these. It's amazing what a key note talk will do for business. Before the CEO of Livescribe finished his demo ... people were leaving the session to buy one. People were lined up out the door of Moscone to buy one.
  • Java Real Time
  • License to Drive, Tommy Jr.
  • Java Rocks on Mars, Arizona State University
  • CERN
We had to leave after the last demo. Got on BART and headed for SFO ... until next year: June 2-5, 2009.

Thursday May 08, 2008

JavaOne Day Three

Day three ... here's my notes from todays sessions that I attended, more good stuff.

GWT and jMaki: Expending the GWT Universe

  • Why use jMaki
    • Hide compexity of JS / CSS
    • portable library
    • standarized event / data model: JSON
    • easy integration of 3rd party tech
    • encourage re-usable JS tech
    • integrates with existing applications
  • jMaki widgets: component.htm, component.css, component.js
  • Hello World widget
  • jMaki events: pub /sub mechanism, declarative events, programmtic events
  • jMaki Application Recipe
  • Demo: (sumltron)
  • jMaki-store on java.net has all the demo code
  • What is GWT
    • Framework for building Ajax apps
    • open source (Apache 2.0)
    • targeted at Java Lang users
    • java src is compiled to browsers compliant JS code
  • Why use GWT
    • brower issues
    • integrated client - server debugging
    • tool of your choice
    • no need to learn another language
    • hides complexity of JS
  • GWT model
    • generate skelaton app
    • set layout
    • add container or components
  • Component configuration
  • Adding a widget
  • Demo: NetBeans with GWT plug-in
  • Marry the best of both worlds
  • jMaki Charting for GWT
  • jmaki.org
  • code.google.com/webtoolkit

Advanced Web Application Security

  • Speakers: Jeremiah Grossman, Whitehat Security; Joe Walker, Sitepen
  • Learn how to keep the bad guys out of your website
  • Web Hacking today
    • Past two years, web sites are lot less secure than we thought
    • over 90% of websites have serious security issues
  • The Attackers, being more organized, not just hacking for fun
    • Who is the target: you, company, others
    • Who is the attacker: troublemakers, theives
    • Who is the victim: data, users, partners
  • Cross Site Request Forgery
    • Cross-Domain Rules: browsers job to enforce cookie usage
    • How to abuse a cookie without reading it
    • evil.com sends request to bank.com
    • all you need is iframe src to bad url, or img or script
    • cant use XMLHttpRequest because cross-domain rules not allowed
    • are write-only
    • GET and POST can be forged
    • Reffer checking is not a complete fix
    • Not just cookies that get stolen
  • Demo: CSRF: bladder.sitepen.com
  • How to protect yourself
    • Force users to logout
    • check referrer headers
    • include authen toketn with every request, cookie is not enough
    • security tokens in GET requests are not a great idea
    • POST means forms with hidden fields: OWASP servlet filter www.owasp.org
    • Double-submit cookie pattern (Ajax requests only), read in JS and submit in the body
  • JavaScript hijacking
    • using "script" auto evals the returned script
    • might be able to setup the env to get information from the script
    • JS lets you redefine anything, Object, Getters and Setters, reading data from a script service
    • use JSON properly; wrap data with { ... } anr wrap keys in ''
    • use unpredictable URLs or other authen
    • deny GET requests
  • Cross Site Scripting
    • allow content that could contain scripts from someone untrusted into pages from your domain
    • 3 types:
      1. reflected script embedded in the request is 'relfected' in the response
      2. stored: input is stored and played back in alter page
      3. DOM: script injected into document
    • scenario: let the user enter their name
    • make user input safe
      • need to filter lots of things
      • could put scripts in css files
      • browsers try to understand anything
      • flash, svg, .htc XML
    • web developers get lazy ... browsers make it look good, they get lazier
  • Demo: XSS
  • How to fix XSS
    • filter input by white-listing input characters, "a-z, A-Z",etc
    • filter outputs for display environment
      • well formed HTML
      • validate as HTML and throw away
      • take extra care over attributes
    • use AntiSamy
    • hacking RSS Readers
    • RSS feeds -- aggregator generally change the domain -- browser
    • Hacking RSS and Atom Feed Implementations
    • www.cgisecurity.com/papers/HackingFeeds.pdf
    • restrict input as much as possible, whenever possible
    • ensure output encoding is correct
  • Combination attacks
    • small holes multiple
    • web worms
      • grow faster than email worms
      • XHR/Flash/Quicktime
      • www.whitehatsec.com/downloads/WHXSSThreats.pdf
      • users can attack their 'friends' with scripts
  • Demo: web worm

Using DTrace with Java apps: bridging the observability

  • How to use dtrace in java
  • Introduction to DTrace
    • available in Jan 2005
    • dynamic instrumentation of the whole software system - top to bottom
    • use in production; safe, zero disabled overhead, minimal enabled overhead
    • powerful interpreted language
    • Probes: place of interest in the system where we can make observations
    • Aggregations: patterns are more interesting than individual datum, look for trends
    • jstack() Action: prints mix mode stack trace
    • Demo: dtrace
  • DVM provider
    • java.net project to add DTrace support
    • solaris10-dtrace-vm-agents.dev.java.net
    • download shared libs
    • lots of new probes, alloc, methods, time spent
    • Demo:
  • hotspot provider
    • Dtrace in JDK 6 "out of the box"
    • implements all dvm probes plus extensions
    • JNI method probes: entry/return points
    • certain probes are expensive, some off by default
    • Demo: cokeandcoffee.com space invader game
  • Visualization and project DAVE
    • Dtrace Advanced Visualization Environment
    • uses D script and method probes
  • JSDT
    • Java Env Statically Defined Tracing
    • Java SE 7
    • com.sun.tracing.\*;
    • @ProviderName() @ProbeName()
    • public interace MyProvder implements Provider {}

JSF 2.0: Insight and Opinion

  • Where is JSF today:
    • latest 1.2 maint release 1
    • Glassfish v2
    • Apache MyFaces 1.2.2 / Tomcat 6.0
    • Component Libraries
    • JSF is everywhere
    • Every app server, except Geronimo, use Sun impl
    • What should be in Java EE 6 Web Profile ... JSF 2.0 and Web Beans (the web profile debate)
  • Where are we going:
    • JSF 1.0, 1.1 planted the seed; lots of opinions, tool support limited
    • JSF 1.2, mostly planting, some harvesting; fixed JSP, little easier, more opinions
    • How we listened; mostly harvesting, tool vendors are building on JSF
    • Keep current on web trends; Rails (focus on CRUD), Rich Internet Apps
    • JSF still lives in the "Desktop" space: ServerSide UI Framework
    • Top Five Goals
      • Components easier to deploy
      • Ajax support
      • Page Description Lang
      • Reduce config burden
      • Compat between component libs with vendors
    • Other Goals
      • state mgmt redo
      • bookmark urls (evetything is now a PORT)
      • zero deploy
      • tree traversal
      • scopes
      • better error reporting
  • What are we doing:
    • Easier to develop components: repackage as a single config, support locales, versions.
    • Facelets now core part of JSF
    • Template based Renderers and events from JSFTemplating
    • Should new components be added, maybe a component compat kit
    • Partial Tree Traversal
    • Partial PAge Update
  • Demo

Design Patterns Reconsidered

  • What is a Design Pattern: describe a problem that occurs over and over again. Don't do the same thing twice
  • Gang Of Four, Design Patterns
  • Creation, Structural, Behavioral
  • Patterns Backlash:
    • copy/paste, design by template, cookbook, stops people from thinking
    • Aren't patterns, workaround to lang missing features
    • Overuse; do a pattern just because it's there
  • Practical Patterns: a vocabulary, expose real issues, compare design choices
  • Singleton:
    • there can be only one
    • hard to know what they are really doing
    • hidden coupling
    • testing issues
    • Just one? it's a lie
    • possible memory leak
    • dependancy issues
    • Use interface and implementation
    • Control by configuration not by pattern
  • Template Method:
    • Pluggable Algorithm
    • usually abstracted methods
    • fighting over your inheritance
    • poorly documents intent to framework user
    • hard to maintain and evolve
    • use composition, context classes to expose state
    • Can closures help?
    • prefer composition to inheritance; easier to maintain, understand
  • Proxy
  • Vistor
    • operations over a composite heirarchy
    • tree / node example
    • one generic method which takes a "visitor"
    • define new visitors as needed
    • "The Expresion Problem"
      • add new cases to a data type
      • add new functions over data type
      • don't recompile when adding
      • don't lose static type safety
    • Where does navigation code live:
      • In node: limited to one navigaton strategy
      • In navigation node:
    • Common visitor types
      • Collector
      • Finder
      • Event:
      • Transform: modify the tree
      • Validation: verify structure
    • Problem: need to return a value, option: use Generics
    • Exception handling, store it in the visitor, generics
    • Can closures help
    • Learned: expression problem hard to solve. ngenerics add precision
  • Principles:
    • use interfaces and dependency injection
    • favor compostion over inheritance
    • leverage static typing and generics

Wednesday May 07, 2008

JavaOne Day Two

Here's my notes from another long day at the Moscone Center ... more great sessions

Ten ways to destroy your community

  • How to open source a project or how not to
  • When working on a open source project, you contract a diese ... a community
    • kiss your marketing plan good bye
    • mess up your product plans, unexpected innovation
    • they're never satisfied by any amount of quality ... no satisfying them
    • re-define who's a customer / partner, relationships change
    • you have to communicate all the time, who has time for that
  • Is there a way to address the menace: 10 steps to make it fail:
    1. difficult tools
      • issue trackers
      • weird build tools
      • single platform
    2. poisonous people; trolls, damage they can do
      • argue with them at length
      • denounce them public
      • ban them
      • argue in other forums
      • then allow them back in
    3. no documentation
      • no code
      • build methods
      • submission process
      • release process
      • how to install it
    4. Closed-Door Meetings
      • on-line, short notice
      • telephone meetings
      • meet in person, in secure office
    5. Legalese, legalese, legalese
      • the longer more complex the better
      • contributor, website, non-disclosure, trademark
      • change these docs all the time
    6. Bad liaison
      • someone reclusive
      • someone with no time
      • someone with no authority
      • someone unfamiliar with the technology
      • don't assign one at all
    7. Governance obfuscation
      • follow United Natations model
      • decision / election should be complex and lengthy
      • unclear what powers community have
      • rules nearly impossible to change
    8. Screw around with licenses
      • License == Identity
      • Developers have attachment to licenses (emotional)
      • Changing it or threaten to change it
    9. No outside committers
      • only employees get to be committers
      • if they ask, be evasive about it
      • have no written rules about how someone becomes a committer, or criteria is impossible to fulfill
      • promtoe an employee who doesn't code to be a committer
    10. Be silent: this is the most powerful of all
      • don't do anything
      • this is the easiest one
  • Ten ways to be successful:
    1. familiar tools
    2. discourage poisonous people
    3. document everything
    4. accessible meetings
    5. minize legalese
    6. expert liason
    7. governance simplification
    8. treat licenses with respect
    9. promote outside commtters
    10. communicate

Growing Open Source Developer Communities

  • goal / expectations
    • what are you building
    • different projects attract different contributors
    • product or platform
    • products extend
    • platforms are core
    • great projects do both aspects well, rare
  • code is king
    • starts with code and documentation
    • source code basic unit of open source
    • collaboration
    • first barrier is getting the source
    • make accessible
  • buildability
    • ensure builds for others
    • avoid unfamiliar, complicated tools
    • use open source build tools
    • document dependencies
    • make build work or fail fast
    • first impression, is important
  • tell the world about it
    • announce widely
    • freshmeat, osnews, slashdot, digg, reddit
    • development blogs
    • use blog aggregator / planet
    • use hackergotchis - recognition factor at conferences
    • who's the public face for the project
  • sharing wisdom
    • blogs have shared narratives
    • communities form around stories
    • how you write about yourself is how the world will see you
    • remains searchable forever
    • don't market project by slagging your peers
  • multimedia
    • podcasts let people hear your voice
    • get ideas into the ears
    • developer interviews
    • showcase people behind the code
    • screencasts, see features in actions
    • archive conference presentations
    • associate faces to a project
  • ubiquity
    • available to play with
    • Live CD, VMware images
    • success attracts success
    • present at local conferences
    • talk to press and analysts
  • the first patch is the hardest
    • smaller barrier to entry
    • make code build well
    • learn contributor interests
    • first impression matters a lot
  • converting volunteers into contributors
    • sources: porters, software distros, integrtors
    • work in other env
    • likely to become power users, try to tie them into the project
    • development is based on social trust networks
    • trust is earned through ood contribution
    • delegate early and often
    • encourgage good contributions
    • grow the developer pool
  • a bit of communication theory
    • two-step flow theory
    • info moves in two stages
    • mass media transmits
    • leaders pick it up, break it down, recombine it and disseminate it further
    • word-of-mouth
    • trust
  • the distribution model
    • linux distro aggregates open source
  • packaging
    • power users and marketers
  • tearing down the fourth wall
    • need infrastructure for collaboration
    • remove the committer access barrier to entry
    • mailing lists ( developers, users, announce)
    • IRC
    • bugtracker
    • setting priorities right
    • review tools
    • share results with everyone
  • ambient findability
    • serarhc engines drive a lot
  • social engineering
    • people are different
    • different strokes for different folks
    • keep out trolls
    • recognize through their posting behavior
    • encourage developers to take over responsibilities
    • volunteers to self-organize
    • developer audience is largely self-selecting
    • responses need to matter, even to the rude
    • avoid belittlement, hosility
  • it's not all code
    • non-programmers may want to help
    • docs, web site, marketng
    • low barrier to contrib
    • real world meetings and conferences
  • Governance
    • first time, join a foundation FSF, ASF, Eclipse, etc.
    • provide framework, legal and admin issues
    • pick an initial model (dictator, cliques, voters)
    • everyone different
    • expect to change over time
  • don't
    • mastermind and control the project
    • they to make everyone happy
  • don't fear the fork
    • experimental (good) and hostile (bad)
    • maybe for marketing
    • trademark assurance of code pedigree
    • best discouragement is a well-run project
  • dealing with legalese
    • don't create own license
    • stick with what developers know
    • prepare to change it
    • copyright assignments lets you change your mind
    • trademarks
    • patents

JRuby on Rails: Web Development Evolved

  • Overview of Ruby features
  • Overview of JRuby
    • Started in 2001
    • Java impl of the Ruby language
    • Opensource
    • Commercail backing, Sun, Thoughtworks
  • Why JRuby over Ruby
    • performance, scalability, native threads
    • integrate with Java libraries
  • Easy to use Java
    • require 'java'
  • Use juby within a Java program
  • Ruby on Rails:
    • web dev framework
    • single threaded, shared-nothing design
    • convention over configuration, common case should be the easiest
    • don't repeat yourself (dry)
    • agile development
  • Demo: create a blog application
  • Why JRuby on Rails
    • Ruby
    • Java app server, Java EE platform
  • Real world
    • mix.oracle.com
    • mediacast.sun.com
    • mingle, first JRoR product
  • Future: Ruby
    • rework integration feature
    • public api
    • better performance
    • light weight objects?
  • JRuby on Rails
    • mutltithreaded rails
    • runtime info sharing, avoid memory hit

Ajax and JSF: Natural Synergy

  • How to support Ajax without javascript guru
  • JSF in action book
  • What is JSF, standard framework for web user interfaces
  • JSF is a specification, component and event model, basic ui components, application infrastructure
  • Extensive tool support, RAD style design
  • third party component market
  • on top of Servlet API
  • Compare JSF and Struts
  • IDE effect; different levels and styles, not required
  • JSF programming model: View, Event, Backing Bean, out come, navigation
  • Pluggable Extension points: Resolver, View, Navigation, Action, State, Render
  • Ajaxian Faces: components and renders can be seperated, PhaseListeners can be modified, transparent Ajax support
    • JavaScript bridge sends request
    • PhaseListener sends changes
    • JavaScript Bridge updates page
    • some components may not be compatible
    • no standard for bridging, resource resolution
  • Sprinkling on Ajax
    • JSF event listener executed async
    • Ajax4jsf (RichFaces), AjaxAnywhere, DynaFaces
    • Ajax4jsf: add ajax support to JSF component with javascript events
    • Demo: apache myfaces tomahawk
  • Ajax inside
    • ECruiser Ajax Suite for JSF
    • ICEfaces, innovative take on ajax browser/server integration, direct-to-DOM, supports Comet
    • Infragistics NetAdvantage for JSF, full ajax support
    • Sun Project Woodstock
    • Apache MyFaces
  • Ajax on the outside:
    • what about those cool pure widgets
    • jMaki, wrqppers popular widgets, easy to create
    • YUI4JSF
    • DojoFaces
    • Mojarra Scales
  • Which one to pick
    • pick a component suite
    • myfaces tomahawk has some ajax support
    • has good JSF support
    • how much ajax do i need
    • use jMaki for eye candy or Web 2.0 components
    • don't forget tool support
  • rolling your own, use toolkits to build components
  • JSF 1.2: improve ajax support
  • JSF 2.0: late 2008, Java EE 6, incorporate more features, bookmarkable

What's new in Ajax

  • not long ago the web was not a fun place
  • now really nice interfaces
  • creating compelling user experiences
  • four main frameworks
    • jQuery, high level components
    • ext JS, thin ajax layer
    • dijit, on top of dojo
    • script.aculo.us , it's all about the interface
  • browser, is a single threaded process
  • access to threads outside the browser, google gears; worker pools (message passing)
  • Fluid, Mozilla Prism, Adobe Air; access to the desktop
  • Fluid: demo with campfire
  • userscripts.org uses greasemonkey, lots of javascript
  • problem wih ajax, need javascript and another language
  • how to create a better developer experience
  • Atana Jaxer - javascript on the server
  • netscape livewire (javascript on the server)
  • deployment
    • the cloud services - amazon EC2
    • Google App Engine - build code, hit the deploy button
    • Aptana Cloud - make cloud computing easy
    • moving your apps to a web service
  • how do we choose
    • dojo / dijit
    • jquery / jQueryUI
    • google widgit toolkit
    • prototype / script.aculo.us
  • The New Java Plug-in, 1.6 update 10
    • plug-in now out-of-process
    • improved applet deployment
    • smaller JDK, micro-kernel
  • Look into the future
    • Safari: css animation, reflections and masks
    • Mozilla monkeys, javascript runtime compiling, javascript two plugin for explorer, iron monkey (python)
    • constrant to browsers

How to build RESTful Clients with the JavaScript, Ruby, and JavaFX Programming Languages

  • RESTful web services
    • services are stateless
    • have unitform interface
    • built from resources via URIs
    • exchange representations of the resources
  • Building the client
    1. create request data
    2. send request
    3. parse the reponse
      • code, header, body
      • formats: xml, json, kml, taml, rss, etc.
  • Debuging RESTful client
    • PUT and DELETE is idempotent
    • non-connected
    • PUT vs POST
    • use POST if URI length issue
    • async issues, use XHR
    • authen
    • caching,
    • overloaing POST
  • Demo: JavaFX with flickr
  • Demo: Javascript with Amazon S3

Tuesday May 06, 2008

JavaOne Day One

JavaOne day one

First day of JavaOne. I got my Starbucks "Non-Fat, No Whip, Grande Mocha" and headed for Mosconne ... here are my notes from the sessions I attended.

General Session: morning

  • introductions from John Gage
  • talked about the sensors used throughout the conference, enter / level room, ir beams on all the doors
  • using RFID to check access to the sessions
  • power is being measured at the conference. and there's CO2 sensors.
  • video ... who will you be today ...
  • Rich Green:
    • announcements today
    • are you told which search engine to use
    • consumers are making choices ... even in the enterprise ... hand held devices
    • lots of competition for consumers' eye balls, they now have choices
    • need intuitive / easy / simple compeling environment
    • Ian Freed, amazon.com kindle
      • device, content and services
      • change book into another book, newspaper, browser
      • uses 3G wireless
      • buy the book, sent to the device
    • Rikko Sakaguchi, Sony Ericsson
      • walkman phones
      • java core to the technology strategy and vision
    • the screen/desktop is less and less important ... it now just a view port into the networked services.
    • rich internet apps: great UI,
    • need collaboration: developers, designers, artists ... small teams working together
    • creating the experience can take "too long"
    • people building on the work of others.
    • demo:
      • connected life, integrated social network feeds. built using JavaFX, facebook, twitter and flickr. move from browser to desktop
      • JavaFX 2D and 3D demos with videos
    • mobile devices: 2.2 billion devices, one runtime, one interface.
  • JavaFX roadmap
    • Java 6 update 10 preview release
    • july: SDK early access
    • fall JavaFX Desktop 1.0
    • spring: JavaFX ____ and TV 1.0
  • Glassfish v3: modular design
    • new kernel 98K, loads in 1 second
    • modular components: http listener, sip, etc.
  • Sun largest provider of open source software
    • glassfish, strong growing community, rate is increasing
    • mysql, 65,000 downloads / day
    • netbeans, wasn't only about java (other languages) join the eco systems, 44% growth year/year
    • OpenJDK, latest ubuntu release 8.04, redhat / fedora
  • bring technologies together to create a services platform, Project Hydrazine
    • a platform to design, build, deploy, manage services
    • Find, Merge, Deploy, Share, Monetize
  • Project Insite
    • new advertizing models, actions of users
    • JavaFX will have instrumentation, access user data
  • Jonanthan Schwartz:
    • battle emerging for next platform ...
      • reach more devices on the planet
      • need to make it compeling
      • java platform, more insite into the content, how users operate, we are out-of-the-loop
      • this will all be free, travel where ever the market will go
    • Neil Young:
      • Rocking in the free world
      • java.com/neil_young
      • sound challenges years ago
      • BlueRay demo

JRuby: What, Why, How ... Do it Now

  • Ruby, simple, productive, and fun.
  • main language is writen in C
  • pure object oriented language, no primitives
  • dynamically typed, "duck typing". very loosely typed
  • classes and modules, single inheritence
  • blocks ... anonymous methods, pass around and invoke
  • quick tour: metaprogramming, open classes, special handlers
  • JRuby: it's just ruby on top of the Java platform, improvements: native threading, better performance
  • Interactive Ruby Demo:
  • What are people doing with JRuby?
    • Swing: framework tools / projects: cheri, monkeybars
    • Tooling: NetBeans is the most popular
    • Pretty Graphics: ruby-processing library
  • Intoducing Ruby on Rails:
    • full stack web framework (MVC)
    • written in ruby
    • convention over configuration
    • don't repeat yourself, how DRY is your code
    • agile development environment
  • Why JRuby on Rails
    • greatly simplified application development
    • create apps quicky
    • deploy to app server
    • easy integration with exiting java technology
    • better performance
  • Production JRuby on Rails
    • Oracle's Mix
    • Suns Mediacast
    • ThoughtWorks' Mingle
    • Sonar - code/project analysis tool

JAX-RS: The Java API for RESTful Web Services

  • REST Primer
  • www.inoq.com
  • Give everything an ID ... a URI, everything has to have one
  • Link things together, send receive data
  • use standard methods: GET, POST, PUT, DELETE
  • multiple representations:
    • formats: XML, JSON, XHTML
    • maximize reach
    • support content negotiation:
  • stateless communications, long lived identifiers, avoid sessions, all needed data is within the request
  • common patterns;
    • Container, Item example: Atom publishing protocol
    • Map, Key, Value: example: Amazon S3
  • Key benefits:
    • server side: scaling, straightforward failover, cacheable, reduced coupling
    • client side: bookmarkable, experiment in browser, broad language support, choice of data formats
  • Everything is an ID
    • Thing == resource class
    • ID provided by @Path annotation
  • Link Things together
    • UriInfo, info about deployment context
    • UriBuilder, construct URIs
  • Use std methods
    • @GET, @POST, @PUT, @DELETE, @HEAD
    • @HttpMethod
  • Mutiple repesentations:
    • @PRoduceMime, @ConsumeMime
  • Demo: expose java system properties
  • Need to get the firefox plugin called "poster", very cool
  • JavaSE RuntimeDelegate
  • Jersey supports Grizzly
  • In public review, july final draft, final release in september
  • BOF @ 8:30 BOF-5613 - Jersey: RESTful Web Services Made Easy

General Session: afternoon

  • Project Hydrazine
  • Java EE 6
    • Theme ... rightsizing, flexibility, focus on segments of development community, simplify
    • Profiles: resource injection, security, naming
      • web profile
      • uses the JSR process
    • Pruning: certain technologies optional, depricated interfaces / features
    • Extensibility:
      • embrace open source libraries and frameworks
      • level playing field for extensions
      • scripting languages as first-class citizens
    • More ease of development: focusing on the web container
      • annotations across web apis
      • no editing of web.xml
      • self-registering third-party libraries
      • restful web services (jax-rs): example for activity log
      • scripting as an extension
  • Glassfish v3:
    • Modularity
    • extensible
    • OSGi-based
    • small foot-print, fast startup
    • multiple containers: ejb, web, scripting
    • mutliple language support: Jruby/rails, Jython/django, groovy/grails, javascript
  • Java SE 6:
    • web servces api
    • scripting languages
    • updated db apis
    • swing enhance
    • monitoring / management
    • compiler apis
    • pluggale interface
  • 2008:
    • over 7 million java developers, 700,000 jdk/month, 90.7% of PCs have java pre-installed
    • avg 48 million / month, JRE downloads
  • OpenJDK:
    • ubuntu core installed
    • apple has announced SE6 on leopard
  • Java SE roadmap:
    • performance release JRE 6u5p, setting new records
    • JRE 6u10
    • 7 next summer
  • SE 7:
    • modularity
      • support more code reuse, first-class modules
      • define a concrete file format, JAM
      • OSGi bundles
    • multiple langs
      • remove lang dependancies in the JVM
      • JRuby is first customer
      • bytecode for dynamic invocation
      • DaVinci Project
    • rich client support
    • Applets are back: new runtime: 6u10, shrink inital download size, quickstart
  • JavaFX Applets: take applets from the web page to the desktop (demoed on windows)
  • Wanting a media codec within the JDK, on2 technology into the javafx technology, any video anywhere
  • Demo: Parleys.com
  • Demo: Live Connect
  • Demo: Blending Worlds: bridging developers and designers

Secure Mashups and OpenAJAX

  • Origin, today 200 toolkits
  • Initiatives to drive interop; between components and browers

BOF: Jersey: RESTful Web Services made easy

  • JSR-311
  • in NetBeans 6.1, Glassfish v2/v3 update center
  • release 1.0 in September
  • join users@jersey.dev.java.net
  • Features:
    • WADL
    • JSON with JaxB Beans
    • Good support with jMaki
    • Containers:
    • IoC
    • MVC
    • client: great for testing
    • Reload
    • Comet
  • Demos
    • Secure PUT & POST
    • SunSPOT
    • smatch.com

BOF: REST vs. SOA - can we all just get along

Monday May 05, 2008

installing liferay on glassfish

I setup Liferay on Glassfish to support some JSR-168 Portlets that I'm working on. Here are my notes on getting Liferay running. I installed this configuration on my Apple MacBook Pro with Tiger (10.4).

pre-condition:

  • glassfish v2 installed
  • mysql 5.0.41 insatlled
  • apache log4j jar file
  • mysql jdbc driver jar file

variables:

  • export GLASS_HOME=/usr/local/glassfish_v2
  • export LIFERAY_HOME=/work/Software/Projects/liferay
  • export MYSQL_HOME=/usr/local/mysql

download software:

  • Create a directory into which to store and extract the download files ${LIFERAY_HOME}
  • http://www.liferay.com/web/guest/downloads/additional.
  • Download the Liferay Portal 4.X.Y WAR file for Servlet 2.4 to the directory: ${LIFERAY_HOME}
  • Download the Liferay Portal 4.X.Y Dependencies file and unzip to the dependencies subdirectory: ${LIFERAY_HOME}/dependencies
  • Download the Liferay Portal 4.X.Y SQL Scripts file and unzip to the sql subdirectory: ${LIFERAY_HOME}/sql
  • Download the Liferay Plugins SDK 4.X.Y file and unzip to the sdk subdirectory: ${LIFERAY_HOME}
  • Download the Liferay Portal 4.X.Y Web Services Client and unzip to the ws-client subdirectory: ${LIFERAY_HOME}/ws-client
  • Download the Liferay Portal 4.X.Y JavaDocs and unzip to the doc subdirectory: ${LIFERAY_HOME}/doc
  • Download Apache Log4j store in /work/Software/Library/Log4j, http://logging.apache.org/log4j/1.2/download.html

configuration:

MySQL Database configuration:

Login as the administrator to the database of your choice. Select either the minimal installation (scripts in the sql/create-minimal subdirectory) or the full example installation (scripts in the sql/create subdirectory) and run the script for your database server (e.g. create-mysql.sql). The default database created by the script is called lportal. Recommended security: Create a separate Liferay database user and grant it SELECT, INSERT, UPDATE, and DELETE permissions on all tables in the lportal database.

# mysql -uroot -ppassword < ${LIFERAY_HOME}/sql/create-minimal/create-minimal-mysql.sql
# mysql -uroot -ppassword
mysql> grant all on lportal.\* to lportal identified by 'lportal';
mysql> grant all on lportal.\* to lportal@localhost identified by 'lportal';
Create a new Glasfish domain:
admin name:lportal
admin password:lportallportal
/usr/local/glassfish_v2/bin/asadmin create-domain --adminport 14848 --instanceport 18080 lportal
Please enter the admin user name>
Please enter the admin password>
Please enter the admin password again>
Please enter the master password [Enter to accept the default]:>
Please enter the master password again [Enter to accept the default]:>
Using port 14848 for Admin.
Using port 18080 for HTTP Instance.
Default port 7676 for JMS is in use. Using 50684
Default port 3700 for IIOP is in use. Using 50685
Default port 8181 for HTTP_SSL is in use. Using 50686
Default port 3820 for IIOP_SSL is in use. Using 50687
Default port 3920 for IIOP_MUTUALAUTH is in use. Using 50688
Default port 8686 for JMX_ADMIN is in use. Using 50689
Domain being created with profile:developer, as specified by variable AS_ADMIN_PROFILE in configuration file.
Security Store uses: JKS
Domain liferay created.

Stop Glassfish if it is running.

asadmin stop-domain lportal

Copy the Liferay dependencies to the Glassfish domains/lportal/lib subdirectory.

cp portal-kernel.jar portal-service.jar portlet.jar /usr/local/glassfish_v2/domains/liferay/lib

Copy the xercesImpl.jar file from the Liferay sdk/lib subdirectory to the Glassfish domains/lportal/lib subdirectory.

cp xercesImpl.jar /usr/local/glassfish_v2/domains/liferay/lib

Copy any required bridges (e.g. jsf-portlet.jar) to the Glassfish domains/lportal/lib subdirectory.

Copy the JDBC driver for your database to the domains/lportal/lib directory.

cp mysql-jdbc.jar  /usr/local/glassfish_v2/domains/liferay/lib

Copy the Log4j jar to the domains/lportal/lib directory.

cp log4j-1.2.15.jar /usr/local/glassfish_v2/domains/liferay/lib

Start Glassfish and login to the Admin Console.

asadmin start-domain lportal

Go to Resources/JDBC/Connection Pools and create a connection pool to connect to the lportal database.

asadmin create-jdbc-connection-pool

Usage: create-jdbc-connection-pool --datasourceclassname classname [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848|4849] [--secure | -s] [--user admin_user] [--passwordfile file_name] [--restype res_type] [--steadypoolsize 8] [--maxpoolsize 32] [--maxwait 60000] [--poolresize 2] [--idletimeout 300] [--isolationlevel isolation_level] [--isisolationguaranteed] [--isconnectvalidatereq=false] [--validationmethod auto-commit] [--validationtable tablename] [--failconnection=false] [--allownoncomponentcallers=false] [--nontransactionalconnections=false] [--description text] [--property (name=value)[:name=value]\*] jdbc_connection_pool_id

asadmin create-jdbc-connection-pool --datasourceclassname com.mysql.jdbc.jdbc2.optional.MysqlDataSource  --host localhost --port 14848 --user lportal --restype javax.sql.DataSource --description "MySQL Liferay Portal 4.4.2" --property ServerName=localhost:Password=lportal:DatabaseName=lportal:User=lportal:Port=3306:PortNumber=3306:LoginTimeout=0:ProfileSql=false MySQL_Liferay
Please enter the admin password>
Command create-jdbc-connection-pool executed successfully.

Go to Resources/JDBC/JDBC Resources, create a JDBC resource with the JNDI name jdbc/LiferayPool, and associate it with the connection pool created in the previous step.

asadmin create-jdbc-resource

Usage: create-jdbc-resource --connectionpoolid id [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848|4849] [--secure | -s] [--user admin_user] [--passwordfile file_name] [--enabled=true] [--description text] [--target target(Default server)] [--property (name=value)[:name=value]\*] jndi_name

asadmin create-jdbc-resource --connectionpoolid MySQL_Liferay --host localhost --port 14848 --user lportal --enabled=true --description "Liferay Portal 4.4.2 Pool" jdbc/LiferayPool
Please enter the admin password>
Command create-jdbc-resource executed successfully.

Go to Resources/JavaMail Sessions and create a JavaMail resource with the JNDI name mail/MailSession.

asadmin create-javamail-resource

Usage: create-javamail-resource --mailhost hostname --mailuser username --fromaddress address [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848|4849] [--secure | -s] [--user admin_user] [--passwordfile file_name] [--storeprotocol imap] [--storeprotocolclass com.sun.mail.imap.IMAPStore] [--transprotocol smtp] [--transprotocolclass com.sun.mail.smtp.SMTPTransport] [--debug=false] [--enabled=true] [--description text] [--property (name=value)[:name=value]\*] [--target target(Default server)] jndi_name

asadmin create-javamail-resource --mailhost localhost --mailuser root@localhost --fromaddress root@localhost --host localhost --port 14848 --user lportal --enabled=true --description "Liferay Portal Mail" mail/MailSession
Please enter the admin password>
Command create-javamail-resource executed successfully.

Deploy the Liferay WAR file to the server with the context root /.

./asadmin deploy
Usage: deploy [--terse=false] [--echo=false] [--interactive=true] [--host localhost] [--port 4848|4849] [--secure | -s] [--user admin_user] [--passwordfile file_name] [--virtualservers virtual_servers] [--contextroot context_root] [--force=true] [--precompilejsp=false] [--verify=false] [--name component_name] [--upload=true] [--retrieve local_dirpath] [--dbvendorname dbvendorname] [--createtables=true|false | --dropandcreatetables=true|false] [--uniquetablenames=true|false] [--deploymentplan deployment_plan] [--enabled=true] [--generatermistubs=false] [--availabilityenabled=false] [--libraries jar_file[(pathseparator)jar_file]\*] [--target target(Default server)] filepath 

asadmin deploy --host localhost --port 14848 --user lportal --contextroot / --precompilejsp=false --verify=false --name "Liferay-Portal-4.4.2" --enabled=true /work/Software/Projects/liferay/liferay-portal-4.4.2.war

If the application server is running locally, set the upload option to false (if using the asadmin command-line tool) or use the Local packaged file or directory that is accessible from the Application Server option in the Admin Console. For faster application load times, precompile the JSPs (this will take several minutes).
Do not run the verifier, as the sun-web.xml file does not match its DTD and will cause a deployment failure.

The liferay portal is ready to run

notes from community one

Community One:

Got up early in San Francisco, stopped one of the many Starbucks on the way to Mosconne Center and registered for CommunityOne and JavaOne. Here's my notes from a full day of sessions that I attended.

General Session:

  • Open source is at the core of Sun's business
  • Sun is about open standards, formats, and systems
  • Innovation happens everywhere, not in one place
  • The number of communities has tripled since last year
  • Things are increasingly interconnected.
  • What is community ... it's about people, people are passionate about things they do.
  • Move from monolithic to modular (hardware / software) ... solutions assembled from commodity components.
  • Customers demand choice, reduce lock-in to a vendor ... increases competition.
  • Market place still wants solutions (not pieces) based on these compenents.
  • Simplify the community and technology adoption.
  • panel discussion
  • opensolars release ... source code open a couple of years ago. How to involve the community. All activity is done in the open. How do people now consume the innovation. First fully supported release of opensolaris, a distribution ... new logo.
  • Various Solaris demos: install, zfs, D-Light

NetBeans Day

  • Demos being done on OpenSolaris, very cool
  • Release v6.1
  • JasperSoft, iReport ... opensource business analysis tools front-end to jasper reports, netbeans plugin, #1 download demo of the tool
  • early access to PHP plugin
  • GSF ... language editing infrastructure
  • NB 6.5 adding PHP and Groovy, also ading other languages.
  • PHP/GSF demo, today small plugin for PHP
  • NetBeans ALM Integration, Intland software bring collabrative features to the developer

jMaki: The Power of Ajax Made Easy

  • jMaki Framework:
  • Demo, NetBeans 6.1, GlassFish v3 ... built an app with two maps and geocoder
  • Miso/jMaki Demo: search and indexing services exposes RESTful web services. The demo shows ways to search mail files looking for documents, images, etc.
  • Demo: Travelmuse Inc.

The NetBeans 6.1 IDE, Faster Than Ever

  • Flower shop demo using RESTful web servces
  • RESTful leverages EJB interfaces
  • use strikeiron webservice
  • Jonathan Schwartz: comments about NetBeans community. Sun listened and responded.
  • soapUI testing tool ... integrated into NetBeans 6.1 focus is to make testing fast and fun. create a new testing project. realy nice integration! Pluggin creates a test suite. load test generation with this functional tests.
  • Spring ramework support, selectable as an option to new Web Project
  • Hibernate suport, bundle 3.2.5
  • Axis2 Web Services stack, create fro pojo or wsdl
  • JSF CRUD editor/generator

NetBeans, developing Ajax applications

  • Javascript editor, variable highlighting, code completion, knows about browser supported features
  • Javascript debugger ( technology review ) on top of NB 6.1 debugs with firefox browser / firebug
  • jMaki demonstration, charting library.
  • Woostock ... component / widget library http://woodstock.dev.java.net components on the NB Visual web pack, built-in ajax support
  • External AJAX Libraries
  • RichFacesL AJAX Extensions to JSF, open source from RH
  • Wicket: AJAX Library for Java Developers

Asynchronous AJAX for Revolutiontary Web Applications

  • ICEfaces / Glassfish
  • Push AJAX / Comet
  • Web2.0 ... out of information age ... to the participation age. Users are creating the applications (ebay; users submit actions). treat the user as an http client.
  • AJAX is a state of mind ... want the server to send a message into the browser, not initiated by the user
  • Called "Ajax push", "Comet", or "Reverse Ajax" full async to the web. (jMail, yahoo mail)
  • responsive low-latency interaction for the web, event driven browser applications
  • no polling overhead
  • NIO non-blocking threads.
  • traditional servers are blocking
  • Servlet 3.0, spec to support true async

About

Scott Fehrman

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today
News

No bookmarks in folder

Projects

No bookmarks in folder

Ref. Material

No bookmarks in folder