Skip to content

Running your company on webapps

Here’s an interesting post on running your company on webapps.

Of course, the issues of security (who’s responsible for it? who do you call when an employee leaves?), data ownership (how can you export your precious data if you want to move to a different provider?), legality (using gmail for business is a violation of their terms of service–didn’t check the other services), and access (if your internet access is disabled, your business is too) are skipped over entirely.

On the plus side, hey, it’s easy to get started, and the ongoing maintenance is minimal! But consider the downsides outlined above before you jump in.

It is interesting to me that that broadband is enough of a utility now, if you can get it, that a business can think of putting something as crucial as their calendar on a remote website.

Technology and Society | moore |

Exchanging PostgreSQL for Oracle

I have a client who was building some commercial software on top of PostgreSQL. This plans to be a fairly high volume site, 1.8 million views/hour 500 hits a second. Most of the software seemed to work just fine, but they had some issues with Postgres. Specifically, the backup was failing and we couldn’t figure out why. Then, a few days ago, we saw this message:

ERROR: could not access status of transaction 1936028719
DETAIL: could not open file “/usr/local/postgres/data/pg_clog/0836”: No such file or directory

After a bit of searching, I saw two threads suggesting fixes, which ranged from deleting the offending row to recreating the entire database.

I suggested these to my client, and he thought about it for a couple of days and came up with a solution not suggested on these threads: move to Oracle. Oracle, whose licensing and pricing has been famously opaque, now has a pricing list available online, with prices for the Standard Edition One and Enterprise Edition versions of their database, as well as other software they sell. And my client decided that he could stomach paying for Oracle, given:

1. The prices aren’t too bad.
2. The amount of support and knowledgeable folks available for Oracle dwarfs the community of Postgres.
3. He just wants something to work. The value add of his company is in his service, not in the back end database (as long as it runs).

I can’t fault him for his decision. PostgreSQL is full featured, was probably responsible for Oracle becoming more transparent and reasonable in pricing, and I’ve used it in the past, but he’d had enough. It’s the same reason many folks have Macs or Windows when there is linux, which is a free tank that is “… invulnerable, and can drive across rocks and swamps at ninety miles an hour while getting a hundred miles to the gallon!”.

I’ll let you know how the migration goes.

Oracle Technology | moore |

Building a Full-Text Search Engine from Open Source Components

A friend and former colleague did a presentation a few months ago about “Building a Full-Text Search Engine from Open Source Components”. The slides are up. From the abstract:

In addition to the many useful open source applications that are available ready-to-run, there are quite a few open source APIs out there that are just crying out to be combined in new, useful, and interesting ways. By “just” writing a few lines of code to join them together it should be possible to build a new application that has a unique set of features.

Java | moore |

Calling one servlet from another

So, I’m building a RESTful web service for a client, which is going to accept a large (60 mbish) file and a set of parameters that are attributes of the file, using the multipart/form-data enctype. The idea is to have this service be available for external programs to post to, but to also provide a nice web interface. I built another servlet which generates the usable user interface (the UI servlet), and am now having trouble pushing the data over to the RESTful servlet. After the RESTful service is called, the UI servlet needs to ensure that any errors are understandable to the user.

It looks like there are a couple of options:

1. Use RequestDispatcher to hand the request entirely over to the service. This is easy, but it means that the service now needs to return a human readable response, or you need to insert a filter to provide one.

1a. Have the RESTful service take a parameter which indicates whether its caller is another program or a human being, and use the RequestDispatcher from the UI servlet.

1b. Have no UI servlet at all, but just have the RESTful servlet be able to generate a nice user interface (or redirect to a pleasant looking JSP) via a given parameter.

2. Use the URL and HttpURLConnection objects to have the UI servlet post to the RESTful servlet just as you’d post to any other remote resource on the internet with java. This seems to work ok (I think), but requires (I also think) an absolute URL and also requires a bit of I/O to push the stream of bytes from the UI servlet to the RESTful servlet.

I can’t think of any other ways to solve this problem, and the only other solution that searching turned up is a no-no in modern servlet engines.

Java | moore |

Web calendars: jwebcalendar and FlatCalendarXP

Just a quick note. I just spent a few days looking at web calendars for a client. In particular, they wanted to show a 12 months view, rather than the more typical month at a time view. It’s in a java environment.

Stay away from jwebcalendar. Hasn’t been developed for a few years, and even though the feature set looks great and the screen shots look gorgeous, I wasn’t able able to get it to run (in tomcat 4 or tomcat 5). After putting in some log statements, and learning that you needed to specify the xsl and xml locations on the url line (like so: localhost:8080/jwebcalendar/calendar?LAYOUT=form.url&XSL=webcalendar.form.url.xsl&XSLbase=./data/webcalendar/xsl/&XML=webcalender.form.url.vm.xml&XMLbase=./data/webcalendar/xml/&XMLfilter=.xml&HTMLbase=&TITLE=PPres) I ended up seeing this error message:

Error org.apache.xmlbeans.XmlException: error: Element type “input” must be foll owed by either attribute specifications, “>” or “/>”. org.apache.xmlbeans.XmlException: error: Element type “input” must be followed b y either attribute specifications, “>” or “/>”. at org.apache.xmlbeans.impl.store.Root$SaxLoader.load…

Since I’d burned enough time, I didn’t follow the path any further. Major bummer, as it seemed like it would be a good fit.

After that, we looked at other calendar systems, and FlatCalendarXP seemed to fit the bill. It’s payware (for commercial software) but it has an elegant API and has worked well so far. Recommended.

Java | moore |

Breaking WEP: a Flash Presentation

About two years ago, I wrote about how to secure your wireless network by changing your router password, your SSID, and turning on WEP. Regarding WEP, I wrote:

This is a 128 bit encryption protocol. It’s not supposed to be very secure, but, as my friend said, it’s like locking your car–a thief can still get in, but it might make it hard enough to not be worth their while.

Now, some folks have created a flash movie showing just how easy it is to break WEP. Interesting to watch, and has a thumping soundtrack to boot.

Via Sex, Drugs, and Unix.

Technology | moore |

Blogging and Legal Issues

Any new technology needs to fit into existing societal infrastructures, whether it’s the printing press or the closed circuit TV system. Blogging is no different. I sometimes blog about what I get paid to work on, but always check with my employer first to make sure they’re comfortable with it. Since I’m a developer, it’s often general solutions to problems, and if need be, I omit any identifying information. Some folks take it farther..

Now, our good friends at the EFF have produced a legal guide for bloggers, which looks to be very useful, but is aimed only at those who live in the United States of America.

Technology | moore |

Search engine hits: a logfile analysis

I get most of my website hits on two posts: Yahoo Mail Problems and Using JAAS for Authentication and Authorization. It’s common knowledge that if your business “does not rank in the top 20 spots on the major search engines, you might as well be in the millionth ranking spot”, but that’s apparently not strictly true for content. I looked at my webserver logs over a 42 hours stretch, when I got 125 hits from search engines, and looked at the start parameter, which generally indicates what page the results were on (0 is typically the first 10 results, 10 is the second 10, etc).

Here’s the graph of my results:

I have to admit I’m suprised by the number of hits beyond the first 20 results (columns 0 and 1)… 71.2% were from the first two pages, but that measn that 28.8% were from deeper in the search engine results. And someone went all the way to page 20–looking for a “servlet free mock exam” if you must know.

Interesting, for sure. Not that I’m claiming this is a long tail.

Technology | moore |

Pay your meter via cellphone

A town in Florida has started to allow folks to use their cellphone to pay for parking meters. Full story here.

I think it’s pretty cool and definitely is more efficient than coins–I don’t have to pay for a minute more of a meter than I need. I signed up and didn’t find the process too onerous, though it has some of the harsh, but standard, “we have an option on your first born child” clauses in the Terms and Conditions. Here are some of the choicer terms:

They can change fees anytime they want:

Amendments to Fees. Mint may, in its sole discretion, amend the Mint Fees from time to time. The Customer shall be notified of any such amendments, via e-mail, no less than five (5) business days prior to the date such amendments become effective. Any amendments to Parking Fees are in the discretion of the operator of the Parking Facility and Mint disclaims any responsibility for notifying the Customer of any such amendments.

They can lock you out at any time:

…Mint reserves the right to: amend, suspend or discontinue any aspect of the Service at any time; impose limits on certain features and aspects of the Service; and restrict the Customer’s access to parts or all of the Service without notice.

They can verify your credit:

The Customer hereby authorizes Mint to make such credit, employment and investigative inquiries as deemed appropriate by Mint in connection with the use of the Services and the Credit Card Account.

There’s some ‘Fee Schedule’ referenced to determine how much you’ll pay for the service, but I couldn’t find that. I did find the list of supported parking lots, which hasn’t been updated to include Florida yet. They also have posted their privacy policy, which doesn’t appear too draconian, except for the ubiquitous “we can change this whenever we want, and you have to visit our website periodically to know” clause:

If Mint decides to change this Privacy Policy, changes will be posted on the Website, so that you will always be aware of what personal information is collected, how it is used, and under what circumstances it may be disclosed.

I do think it’s cool that North America is headed in this direction. (Japan has a wider variety of services payable via cell phone, see this flagrant marketing flash presentation for more.) Cell phones are an easy alternative to credit cards, which charger merchants a percentage of the cost as well as a fixed fee (though the card companies still get their pound of flesh from Mint, don’t you worry).

Mobile Technology | moore |

BJUG last night: breaking it down

OK, here’s a grabbag of links and info regarding my talk last night (links and powerpoint available here). I was interested to know how many folks had actually worked on an internationalized application. (I18n is one of those APIs that you ignore until you need it, and then you absolutely have to have it.) Here are some rough numbers, based on a quick survey of hands. Out of a crowd of 25, about 5 people had used i18n. Of those, 3 had used it with web applications, and one with a J2SE application (I think the last person had used i18n with C). 3 of them had supported European languages and three had supported Asian languages.

I was emphasizing how important it was to pull out all the strings to be displayed to properties files, so they could be localized. A few folks in the audience mentioned that eclipse has support for this–out of the box for java classes, and with a plugin for jsps. (If you are reading this and know the name of the plugin, please comment; I did some googling and couldn’t find any jsp plugins that claimed an ‘Extract Strings’ capability.)

One person asked if we encountered issues with translating plurals, like house/houses. I hadn’t seen that problem with the application I worked upon, but was pretty sure that the java class libraries supported a solution. That solution is ChoiceFormat.

When I mentioned that we used Excel spreadsheets as our transfer format for slinging around translated strings, one of the other folks, who spent five years supporting a java application that was internationalized (he had some war stories), mentioned the XLIFF, an XML variant that is used in several translation editors. If you’re planning to do a lot of translation, you might want to take a look.

The talk after mine was an interesting discussion of SOA by Glen Coward. It was a rather discombobulating mix of an extremely high level look at the SOA landscape, complete with TLAs galore, and an extremely low level example of a rich client in Flex talking to two web services, one built with Axis on JBoss, and the other built with MS.NET deployed on Mono. The demo went poorly, as demos tend to do, but it was enough to whet my appetite to look a bit more closely at SOA.

In addition, as you’d expect from an employee of Novell, he was interested in delineating the differences between open source software and commercial software in a corporate environment, and where each made sense. His point was that in quickly changing areas, corporate software made sense, because of productivity gains that commercial IDE support makes available. In addition, deep integration (read, anything to do with backend legacy systems) is probably going to require commercial software. He didn’t specify why, but I’d guess that specialized backend integration is primarily going to continue to be commercial software for a number of reasons: it’s not sexy, it requires the backend system to test (not often available for the average hacker), and there are intellectual property issues. What Glen didn’t make explicit, but I will, is where that leaves open source–smack dab in the middle, gluing together all the applications. You know, like Apache and JBoss and Tomcat (among many others) already do.

As usual, I learned something at BJUG. And you can’t beat free pizza.

BJUG Java | moore |