Tuesday, June 14, 2011

Longer Means Longer

No matter what your religion is and what methodology you practice, this sentence is true for ever “longer means more time than normal” :)
I would like to dedicate this particular phrase to “Oracle SOA Suite” installation process on two different OS platforms. It sounds sophisticated, but who cares, dedication is still dedication.

I heard about a new SOA Suite release of a version previously, and moreover, I had to check one issue with the Oracle Human Workflow engine (the SOA Suite component). So, the time for a new (renew) SOA installation has come :)

This time, as usual, I have started from making/copying the OS background. Here I don't have a full stop thinking process. The answer is rather standard: “VirtualBox+Ubuntu”.

There are many references “how to install particular SOA Suite on a particular platform”, so it is easy to find it on the Internet (BTW, it is a good practice to have the installation guide, or some white-paper called “step-by-step” that helps to avoid stupid mistakes).
Nevertheless, an interesting part of this story has begun at a place where I have never thought before it could, or more precisely, with installation of “Oracle XE DB Universe” (BTW, the recommended DB version for small deployment instances). It took me (as never before) an hour to make it stable. I will repeat that sentence: “the whole long hour”, and only after that I was able to move to the main SOA Suite installation steps (WebLogic, RCU, etc.) An interesting (thriller) story continues. After those SOA installation steps, my virtualbox has started to throw errors suddenly “Read-only file system”.

I have spent the next hour with this unstable virtualbox (it had the virtual disk error, etc.). Anyway, the result is that I have decided to give up and to switch to an old package of mine which is still worth trying to use when I get nervous: “Vmware Player and Windows 2003 Server”.

Oh yes, .... Windows :)

And then, based on Oracle recommended “Quick Start Guide for SOA Suite”, I took a very quick tour with SOA installation on Windows. It went without a single error, and it took me … not more that an hour.

Resume (2h>1h)
Longer means longer, no matter what your OS religion is :) When time is an issue, there is no time for religion :)

So, the very last recommendation:
When you have to install some proof of concept platform for just one test and you are not sure about the installation process, make use of Windows OS. It has more users so it should be tested widely. Shorter means shorter, popular solutions has more testers :)

And what about production environment?
Hmmm, the answer is simple: "it depends" or in other words: "make a new decision" ;)

Tuesday, June 7, 2011

Some Thoughts on IdM, SSO, SAML and CAS

We are having a hot summer time here, so sharing clever thoughts has become challenging for me. Nevertheless, I would like to write some words here, in short: "Identity Management".

Based on my last experience from diving into the world of unknown, or in other words: "the experience from hardening my knowledge base", I'm starting to redefine my learning principles. Earlier I had an opinion that the best, yet structured, way to learn something big and new is to find a new book (bible) and just to read it from cover to cover. And only after such a hard reading, with hands-on exercises, one could be able to form some conclusions and feel more comfortable in that new area.

I followed this path last time as well and I have read the whole book: "Identity Management: Concepts, Technologies, and Systems".

And ... I don't feel much more clever now :)

The fact is, the book offers an in-depth understanding of how to design, deploy and assess identity management solutions. It provides a comprehensive overview of current trends and future directions in identity management, including best practices, the standardization landscape, and the latest research finding.

But this book is to much theoretical and overly one-concept-oriented. Note that reading this book sooner or later you will punch the head against the wall called: "SAML" :)

I'm not saying that SAML is bad or even that it is not worth reading about, etc, I'm just saying that the book, the concept of IdM, has to narrow description (you could learn even more about SAML from wikipedia and its references).

I'm just asking myself silently, where are more chapters about SSO, IdM solutions, protocols, e.g.: CAS, JOSSO, Athens, OpenAM? ;)

After finishing this book I was still hungry for knowledge about the IdM (especially about the SSO solutions), so I went googling for more. I was more than happy about the results finally. I have found plenty of articles about CAS usage and what is more interesting, I have come across the "CAS and APEX integration" tutorial.

I have done the whole example and I must say that CAS integrates smoothly with APEX. Moreover the author gives more good advices for APEX, open web solutions, hardening, e.g. using ModSecurity.

Never stop searching :) and nevertheless the bad experience from the last book, next time I will try to
search for better "bible" ;)

P.S. If you can do something with APEX smoothly (in this case CAS integration) you will be able to do it with Java and so on.

Disclaimer: I did not get paid to review this book, and I do not stand to gain anything if you buy the book. I have no relationship with the publisher or the author.