Archive for the 'Tech' Category

Distracting Planets….

Published October 23, 2011 Tech Leave a Comment

Today I got a little distracted by a simple tweet… These planets look pretty cool, so I decided to try to create one. I jumped to Pixelmator which I bought a while ago. Uh. It doesn’t have a ‘Polar Coordinates’ filter. Oh well, I thought. How hard can it be to implement in Quartz Composer? Answer: Most of a day.

Was interesting to dig out basic trig knowledge, and I’m sure my solution isn’t optimal, but it was a fun way to spend an afternoon.

I got there in the end, but unfortunately a little late to actually spend the time to make a decent planet… maybe something for the train tomorrow.
Anyway, I’ve uploaded the .qtz file to downloads.illsley.org. Feel free to grab it and drop it in ~/Library/Compositions/ if you want to play with planets on the Mac.

I5y.li

Published December 12, 2010 Tech Comments

I shook up my whole web presence last weekend because of an impending hosting renewal bill. I moved all of my hosting from dreamhost.com to an ec2 micro instance. This gives me a bunch more flexibility for a reasonable price, and gives me a little more exposure to the ec2 platform.

One of the benefits is the ability to host tomcat, and hence use some java on the web. My first attempt is that of a (private) URL shortener, providing urls at i5y.li

Why i5y.li? i5y is a shortening of Illsley, and li was a cheap ccTLD with some at least relevant letters (.ly which is probably the most obvious option is much more expensive.)

OSGi, Java Security Manager, and keeping things simple…

Published November 29, 2010 java , Tech Leave a Comment

I’ve spent the last couple of hours trying to understand Java2 Security in an OSGi environment. There’s a presentation available at [link] which gave me lots of information and hints of what to search for and what to play with. I’ve also had a quick skim to the relevant section of the OSGi 4.2 spec. Here’s a quick summary of what I’ve discovered. It may not be 100% correct… do let me know if i’ve got the wrong end of the stick on something.

In an OSGi 4.2 environment, the Conditional Permission Service is king. Well… kindof. There are 3 sources of permission information to consider:
1. Java2 Security Policy
2. Dynamic(Programmatic) configuration of the Conditional Permission Service
3. Local Permissions. (Static, per bundle policy)

In a relatively static environment it appears that you could pretty much ignore the programmatic Conditional Permission Service and rely on the more static options 1 and 3.

In order to enable OSGi security, you start by enabling Java2 security with an ‘all permissions’ policy file. Yes, I did just say that. It seems counter intuitive, but in order to allow the OSGi Framework to do its thing, it needs full permissions. It seems to be plausible to give just the framework bundle(s) the All Permission in the policy, but this affects (removes) the implied permissions of the other bundles which breaks everything. More investigation required.

So, assuming you already have an OSGi application:

java -jar org.eclipse.osgi_3.6.0.v20100517.jar -Djava.security.manager -Djava.security.policy=all.policy

all.policy:

grant { permission java.security.AllPermission; };

And you’re in an identical situation to before. All code has all permissions. The up side is that it’s just a couple of steps to start restricting the priviledges of your bundles.

Add an empty file “OSGI-INF/permissions.perm” to a bundle, and apart from some implict permissions (e.g. to import packages, read/write the bundle configuration area), that bundle has had its permissions entirely removed. You can the start giving the bundle permissions e.g. by adding a line:

(java.io.FilePermission “/Users/*” “read”)

This provides a very simple way to enumerate the permissions a bundle requires and restrict it to them. It also provides a simple file to audit for each bundle. There are a couple of important things to note:

1. An empty file is not equivalent to no permissions.perm file. Make sure you have a permissions.perm file if you want restricted permissions.

2. The permissions.perm file specifies the maximum permissions the bundle requires. The framework/Conditional Permission Service in conjunction with the system security policy may result in lower available permissions.

This looks great for reducing the risks from exploits in bundles I develop, but clearly doesn’t help much with 3rd party bundles, which is where the Conditional Permission Service should come into its own. More on that once I’ve worked it through.

OpenJPA, Derby, and getting started fast….

Published May 15, 2010 apache , java , Tech Comments

The combination of Apache OpenJPA and Derby provides a fantastic and simple way to prototype database apps in Java. The only downside is that there are a couple of gotchas I keep on finding myself hitting each time I start a new project. Here’s the simplest app I can think of and all the associated files for my later use. If it’s useful to you as well, have fun!

File: src/main/java/test/Account.java

package test;

import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;

@Entity
public class Account {

private String name;

@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private long id;

public Account(String name) {
this.name = name;
}

public String getName() {
return name;
}

public long getId() {
return id;
}
}

File: src/main/java/META-INF/persistence.xml

<persistence version="1.0"
	xmlns="http://java.sun.com/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd">
	<persistence-unit name="account">
		<class>test.Account</class>
		<properties>
			<property name="openjpa.jdbc.SynchronizeMappings" value="buildSchema" />
			<property name="openjpa.ConnectionURL" value="jdbc:derby:testdb;create=true" />
			<property name="openjpa.ConnectionDriverName" value="org.apache.derby.jdbc.EmbeddedDriver" />
		</properties>
	</persistence-unit>
</persistence>

File: src/test/java/test/AccountTest.java

package test;

import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.EntityTransaction;
import javax.persistence.Persistence;

import junit.framework.TestCase;

public class AccountTest extends TestCase {

	public void testAccount() {
		EntityManagerFactory emf = Persistence.createEntityManagerFactory("account");
		EntityManager em = emf.createEntityManager();
		EntityTransaction et = em.getTransaction();
		et.begin();
		Account a = new Account("Bob");
		em.persist(a);
		et.commit();
		System.out.println("a"+a.getId());
	}
}

File: pom.xml

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<groupId>test</groupId>
	<artifactId>test</artifactId>
	<packaging>jar</packaging>
	<version>1.0-SNAPSHOT</version>
	<name>test</name>
	<dependencies>
		<dependency>
			<groupId>org.apache.openjpa</groupId>
			<artifactId>openjpa-all</artifactId>
			<version>2.0.0</version>
		</dependency>
		<dependency>
			<groupId>org.apache.derby</groupId>
			<artifactId>derby</artifactId>
			<version>10.5.3.0_1</version>
		</dependency>
		<dependency>
			<groupId>junit</groupId>
			<artifactId>junit</artifactId>
			<version>4.8.1</version>
			<type>jar</type>
			<scope>test</scope>
		</dependency>
	</dependencies>
	<build>
		<plugins>
			<plugin>
				<groupId>org.apache.maven.plugins</groupId>
				<artifactId>maven-compiler-plugin</artifactId>
				<version>2.0.2</version>
				<configuration>
					<source>1.5</source>
					<target>1.5</target>
				</configuration>
			</plugin>
			<plugin>
				<groupId>org.codehaus.mojo</groupId>
				<artifactId>openjpa-maven-plugin</artifactId>
				<version>1.0</version>
				<configuration>
					<includes>**/entities/*.class</includes>
					<excludes>**/entities/XML*.class</excludes>
					<addDefaultConstructor>true</addDefaultConstructor>
					<enforcePropertyRestrictions>true</enforcePropertyRestrictions>
				</configuration>
				<executions>
					<execution>
						<id>enhancer</id>
						<phase>process-classes</phase>
						<goals>
							<goal>enhance</goal>
						</goals>
					</execution>
				</executions>
				<dependencies>
					<dependency>
						<groupId>org.apache.openjpa</groupId>
						<artifactId>openjpa</artifactId>
						<version>2.0.0</version>
					</dependency>
				</dependencies>
			</plugin>
		</plugins>
	</build>
</project>

Adding a JavaScript host object with Rhino

Published March 13, 2010 java , javascript , Tech Comment
Tags:

I’ve been thinking a fair bit about server side JavaScript recently, but haven’t really dug in. One of the things I’ve been wondering is how easy it is to define a host object with Rhino. Turns out it’s trivial:

import org.mozilla.javascript.Context;
import org.mozilla.javascript.ScriptableObject;
public class Test {
public static class TestHost extends ScriptableObject {
  private String val = "";
  public String getClassName() {
    return "TestHost";
  }
  public String jsGet_val() {
    return val;
  }
  public void jsSet_val(String s) {
    val = s;
    System.out.println("from java: " + s);
  }
}

public static void main(String args[]) throws Exception {
  Context c = Context.enter();
  ScriptableObject so = c.initStandardObjects();
  ScriptableObject.defineClass(so, TestHost.class);
  System.out.println(c.evaluateString(so,
      "var t = new TestHost(); t.val='ee';'from script: '+t.val", "",
      1, null));
  }
}

Results in:

from java: ee
from script: ee

PastryKit – Why?

Published December 23, 2009 apple , javascript , Tech Leave a Comment

Recently, John Gruber publicised the PastryKit JavaScript framework which Apple uses to give a ‘Native’ iPhone experience in iPhone WebApps published by Apple (see the DF post for example videos). What I haven’t seen anywhere is an explanation of why Apple would take this route (a JavaScript framework) to provide this experience.

The alternative approach would be for Apple to build support for this functionality into the MobileSafari browser. This could be done with, for example, Vendor Specific CSS Properties. They could introduce -iphone-app, -iphone-header, -iphone-toolbar, and -iphone-momentumscroll. These could be applied to specific <div> elements, allowing the MobileSafari to suppress Safari chrome and place elements in the correct place. There would be a few advantages to this. Firstly, the performance would be far superior. The performance on the iPhone and iPhone 3G of PastryKit isn’t quite good enough. Implementing the functionality within the browser engine would have far superior performance. Even where PastryKit performs acceptably today, it’s still chewing unnecessary battery. Secondly, extending MobileSafari would allow the functionality to be easily used by developers outwith Apple, without having to include a lot of additional JavaScript in their appliation. Thirdly, it would be iPhone specific. As it stands, I assume that PastryKit webapps running on Firefox mobile (Fennec) will behave like an iPhone app, even running on other platforms. That seems like something that Apple wouldn’t want to encourage. There are more advantages to xtending MobileSafari, but those are the main ones.

So why might Apple have developed PastryKit, and what might they be planning? I can’t help but think that this is a skunkworks or R&D project that’s escaped, without any strategic thought on Apple’s part. In that case, use of it is probably a tactical move, which I think will over time by building the support into MobileSafari. How long that takes will, IMO,  depend on the AppStore, and the competition it and the iPhone receive from Android and Pre. I think it’s only when webapps become popular on those platforms that Apple will take the step to improve the iPhone web SDK.

Another possibility is that Apple want to provide the iPhone experience on non-iPhone hardware. I can’t quite get my head around this possibility. But Apple do have a knack for surprises.

iPhone 3G – 18 months down, 6 to go

Published December 16, 2009 apple , Tech Comments

I’ve had an iPhone 3G for 18 months, and so I have 6 months to go until 2 things happen. Firstly, that my existing contract with O2 expires, and secondly that Apple release another improved version of the iPhone. So now is an interesting time to look at what I’ve enjoyed about the iPhone, and what I might be looking for in a replacement.

What I’ve enjoyed:

  • Unlimited/everywhere internet access
  • Decent mobile web browser
  • Lots of Apps available at a couple of clicks
  • Decent media player

My short wishlist for a replacement:

  • Larger screen (but not a larger device overall)
  • Wireless Data Sync (I don’t want to have to plug my phone into my laptop just to get up-to-date podcasts)
  • Decent (video) camera
  • Longer battery life
  • More powerful web-technology apis (accelerometer, camera, etc)

The iTunes experience is a force likely to drive me in the direction of an Apple replacement unless an alternative appears. One thing that would attract me to an alternative would be a cloud centric rather than PC centric sync. I’m not sure if that’s likely from anyone in the next 6 months or not.

Web Services Make Connection – what it actually means

Published October 28, 2008 standards , Tech , webservices , work Leave a Comment

I had a conversation yesterday that reminded me how confusing I found WS Make Connection the first time I saw it in action. It’s a really simple specification designed to do something really simple, but the names used in the messages can cause no end of confusion.

Though Make Connection can be used standalone, it’s currently primarily used to provide retransmission capability for WS-Reliable Messaging 1.1, so I’ll focus on that scenario.

When providing reliability in an environment where the service provider cannot open a connection to the client (e.g. because it’s behind a NAT device), the service provider still needs a way to send messages to that client.

An example would be retransmitting a response message to a client because the original transmission of it failed.

In this case the client needs to connect to the service provider to provide a connection for the service provider to use to send the response. That’s what Make Connection is. It’s a specification which defines a single one-way message which a client can send to a server, which allows a server to send a message to the client using the HTTP response channel.

i.e MakeConnection message=’Hi, I’m client xxx, and here’s an HTTP connection you can use to send me a message if you want to’.

The confusion: People used to session oriented technologes (including WS-RM of all things) see a ‘MakeConnection’ message and assume it’s setting up a long running connection that will be used later on. This is not the case. A MakeConnection message only has meaning for the length of the HTTP request/response interaction it is sent in. For subsequent messages from the server, additional MakeConnection messages must be sent by the client.

Nearing the end….

Published October 9, 2008 IBM , standards , Tech , webservices , websphere , websphereesb , wspolicy Leave a Comment

Last week’s announcement letter means that my current project at work is coming to an end.

I’ve been working for that last 6 months on the WebSphere ESB 6.2 release with a particular focus on web services and policy. So the bullet points most relevant to me are:

  • New policy-driven ESB mediation, including integration with WebSphere Service Registry and Repository
  • Support for the WebSphere Application Server Web Services Feature Pack and SOAP 2.1 (sic)

The policy driven mediation is one answer to Katy’s recent question “What’s so great about WS-Policy?”. WS-Policy provides a standard format to describe requirements, and with the policy driven mediation we exploit this standard to describe requirements on a mediation flow (or more precisely the primitivies within one). Using WS-Policy means we can use the existing support for WS-Policy in WSRR to author an attach policies, and allows users to use their existing WS-Policy expertise (or more likely for the moment – develop expertise which they can use later in other areas).

The policy driven mediation support is also an example of componentisation in action. We’ve spent a chunk of the last few months extracting the WS-Policy engine from WAS 7 to use it in WESB 6.2. WESB uses it in a very different manner than WAS, so we’ve made some changes on the way, but I think what we’ve ended up with will be useful in both products (and more) for a long time.

I’ve been less involved in the Web Services Feature Pack support. I’ve mainly been helping colleagues understand all the great new technologies, how to use them, and how we can best exploit them in WESB and WPS. It’s always eye-opening talking about something you’re so familiar with because so much that’s just background knowledge to you is advanced and complex to people with a focus elsewhere. I’m looking forward to seeing this second (or is it third because of WAS 7?) phase of customers working with JAX-WS, WS-RM and more.

With development for this release winding down I’ll be spending a bit of time out of the office talking to customers about what they can do with the current and coming releases – I look forward to hearing a bit about what they’re up to.

iHave

Published July 22, 2008 apple , Tech Comment

I have an iPhone 3G which I’m using to write this post using the wordpress application from the AppStore. A detailed review is probably best left for a real keyboard, but the interim verdict is… 5 stars

Next Page »

About

I’m David Illsley, I’m a Software Engineer, currently working for Morgan Stanley in London. In the past I worked for IBM developing products in the WebSphere family, and before that I studied at Edinburgh University. I'm also a PMC member @TheASF, and outside the realms of technology, enjoy skulking around the dark corners of theatre...

Archives

c

Disclaimer

The postings on this site solely reflect the personal views of the author and do not necessarily represent the views, positions, strategies or opinions of my employer.

Twitter Updates

Follow

Get every new post delivered to your Inbox.