Tuesday 23 December 2008

1% more productive than 2007

In a slightly odd fashion, this is my 101st post for 2008, exactly 1 more post than the total for 2007. That makes me exactly 1% more productive than last year.  Whoo-boy, it's been hard work ;-)

In 2008 the top 5 pages from my blog:
The 1st post hit just under 4800 unique page views in 2008.

What's overly disturbing is only 1 post out of 5 was written in 2008, the rest 2007. So 1% more productive, but 100 posts of pure dribble.  Oh well, it could be obviously worse by 1.

The top 5 posts for 2008 (excluding 2007 content):
The OID post hit 1700 unique page views, written in January.

Of the above list the stand out post is the JAX-WS page, it has leaped up the ranks with just over 1000 unique page views, and I only wrote it in November.

I'd like to say I'm busy writing 2009 content, but in reality, I'm sitting here with a beer and other somewhat Christmas priorities on my mind.

I'd like to wish all readers and your family and friends a safe and happy Christmas and New Years, and I look forward to doing, um, something with the blog, in 2009!

Thursday 18 December 2008

Configuring WLS With MS Active Directory

Following are my notes on configuring Oracle's WebLogic Server 10.3 to use an Microsoft Active Directory server for authentication. Usual disclaimer: your mileage may vary.

For a good starting point as comparison of what options to configure, see the following blogs that consider configuration of WLS for OID or openLDAP:

Frank Nimphius's How-to configure OID for authentication in WebLogic Server
Edwin Biemond's Using OpenLDAP as security provider in WebLogic

Steps

In the WLS console select Security Realms under the Domain Structure, then myrealm, followed by the Providers tab, then Authentication tab.

Select New. In the Create a New Authentication Provider page, enter a name and select ActiveDirectoryAuthenticator from the drop down, then Ok.

Select your new Authenticator, then the Configuration tab -> Provider Specific tab.

Enter the following values:
  • [default] Keep Alive Enabled: disabled
  • User Name Attribute: sAMAccountName
  • Principal: distinguished Name (DN) of the Active Directory LDAP user ie. DN=LdapAdmin,OU=Users,DC=sagecomputing,DC=com,DC=au
  • Host: your hostname
  • [default] All Users Filter: null
  • [default] Users Search Scope: subtree
  • [default] All Groups Filter: null
  • [default] Static Member DN Attribute: member
  • [default] Group From Name Filter: (&(cn=%g)(objectclass=group))
  • [default] Bind Anonymously on Referrals: disabled
  • [default] Static Group DNs from Member DN Filter: (&(member=%M)(objectclass=group))
  • [default] Results Time Limit: 0
  • Credential: ldap user password (as per that of the principal above)
  • Confirm Credential: ldap user password (as per that of the principal above)
  • [default] Group Search Scope: subtree
  • [default] Cache Size: 32
  • User From Name Filter: (&(sAMAccountName=%u)(objectclass=user))
  • [default] Dynamic Member URL Attribute: null
  • [default] Connection Retry Limit: 1
  • [default] Connect Timeout: 0
  • [default] User Dynamic Group DN Attribute: null
  • [default] Static Group Name Attribute: cn
  • User Base DN: OU=Users,DC=sagecomputing,DC=com,DC=au
  • [default] Use Token Groups For Group Membership Lookup: disabled
  • [default] Port: 389
  • [default] Follow Referrals: enabled
  • [default] Propagate Cause For Login Exception: disabled
  • [default] User Object Class: user
  • [default] Cache TTL: 60
  • Use Retrieved User Name as Principal: enabled
  • [default] Dynamic Group Object Class: null
  • [default] SSL Enabled: disabled
  • Group Base DN: OU=Groups,DC=sagecomputing,DC=com,DC=au
  • [default] Cache Enabled: enabled
  • [default] Parallel Connect Delay: 0
  • [default] Ignore Duplicate Membership: 0
  • [default] Static Group Object Class: group
  • [default] Group Membership Searching: unlimited
  • [default] Max Group Membership Search Level: 0
You'll need to change the non-default values to suit your environment.

Ensure to restart WLS.

If you reselect the myrealm with the WLS console, under the Users & Groups tab, Users you should see a list of users derived from the Active Directory server, and under the Gorups tab a set of groups derived from the Active Directory server.

Finally return to the WLS console and select the new authenticator provider, and on Configuration tab and Common tab change the Control Flag poplist to Sufficient.

Tuesday 16 December 2008

JDev 11g new feature: search managed libraries

Ever wanted to know which JDeveloper managed library a particular class is available in?

JDeveloper 11g's Manage Libraries dialog (available from Tools submenu->Manage Libraries) now includes a search dialog to allow you to do just this:


By clicking on the binoculars list, you can also change the search option to search for Jar names, Library name as well as the default Class name.

Friday 12 December 2008

ADF Development Essentials by John Stegeman

In the past it could be said that JDeveloper and ADF hadn't any market penetration because all the available online articles and posts just talked about building applications, with no real consideration of best practices or production deployment considerations.

Over the last year I've noted that this generalisation is no longer true, with a series of excellent articles and posts coming out, such as Simon Haslam's I mentioned in a previous post, and now a new series by John Stegeman.

John Stegeman's ADF Development Essentials series is available from OTN. John's series of articles currently includes practical examples of working with Subversion version control software within JDeveloper, but more importantly how to effectively use it in a team environment and gotchas teams should watch out for. In addition the upcoming parts of the same series will include information on Ant scripting, Unit Testing and Continuous Integration Builds.

The articles are well worth the read for anybody serious about working with ADF applications in a production environment and understand what's involved in serious ADF development. As I've said on the ADF Methodology group before, adopting ADF is just not about building ADF applications, but changing your technical and business environment to improve your software delivery process.

Thursday 11 December 2008

Practical ADF Deployment for Fusion Middleware Admins

Simon Haslam at Veriton has kindly referred me to his UKOUG presentation and ODTUG paper on "Practical ADF Application Deployment for Fusion Middleware Administrators".

Both are well worth the read for anybody looking to finally deploy their JDeveloper ADF application and wants an understanding of best practices and architecture:

ODTUG paper:
http://www.veriton.co.uk/download/Practical_ADF_Application_Deployment.pdf
UKOUG presentation: http://www.veriton.co.uk/download/UKOUG2008_ADF_Admin.pdf